$submit = isset($_POST['submit']);
$ip = @$_GET['ip'];
$ip = htmlentities($ip);
$errors = array();
$success = false;
if ($submit) {
$username = $_POST['username'];
$password = $_POST['password'];
if (empty($ip) || $ip == "localhost" || $ip == "127.0.0.1") {
$error = Account::login($db, $username, $password, $user);
$success = $error == AccountError::NO_ERROR;
if ($success) {
$token = $user->loginToken;
setcookie("token", $token);
} else {
$errors[] = AccountError::str($error, $lang);
}
} else {
// log in remotely using botlogin.php
$req = "http://" . $ip . "/botlogin.php?username="******"&password="******"Could not log in remotely, login script not found on remote server!";
} else {
$response = json_decode($response);
$success = $response->success;
if (!$success) {
$errors[] = $response->error;
} else {
$token = $response->token;
setcookie("token", $token);
<?php
header('Cache-Control: no-cache, must-revalidate');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Content-Type: application/json; charset=utf-8');
require_once 'includes/import_me.php';
$submit = isset($_REQUEST['username']) && isset($_REQUEST['password']);
$response = (object) [];
$response->success = false;
$errors = array();
if ($submit) {
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
$error = Account::login($db, $username, $password, $user);
$response->success = $error == AccountError::NO_ERROR;
if ($response->success) {
$response->token = $user->loginToken;
} else {
$response->error = AccountError::str($error, $lang);
}
} else {
$response->error = $lang['no_data_submitted'];
}
echo json_encode($response);
