include "autoloader.php";
if (isset($_SESSION['robo'])) {
header('Location: dashboard.php');
}
global $result;
// global definition of result
if (isset($_POST['login'])) {
if (isset($_POST['pwd'])) {
if (isset($_POST['username'])) {
$password = $_POST['pwd'];
$username = $_POST['username'];
$login = new login();
global $result;
// allows $results to be used later in script
$result = $login->checkLogin($username, $password);
if (!is_string($result)) {
$_SESSION['robo'] = "{$username}";
if (!is_null($_GET['id'])) {
$id = $_GET['id'];
header("Location: mentorvieworder.php?id=" . $id);
exit;
}
header('Location: dashboard.php');
exit;
}
}
}
}
echo '<!doctype html>';
echo '<head>';
$REX_UPSW = '';
}
$REX_LOGIN = new login();
$REX_LOGIN->setSqlDb(1);
$REX_LOGIN->setSysID($REX['INSTNAME']);
// fuer redaxo
$REX_LOGIN->setSessiontime(3000);
// 3600 sekunden = 60 min
$REX_LOGIN->setLogin($REX_ULOGIN, $REX_UPSW);
if (isset($FORM['logout']) and $FORM['logout'] == 1) {
$REX_LOGIN->setLogout(true);
}
$REX_LOGIN->setUserID("rex_user.user_id");
$REX_LOGIN->setUserquery("SELECT * FROM rex_user WHERE user_id = 'USR_UID'");
$REX_LOGIN->setLoginquery("SELECT * FROM rex_user WHERE login = '******' and psw = 'USR_PSW'");
if (!$REX_LOGIN->checkLogin()) {
header("Location: login.php?FORM[loginmessage]=" . urlencode($REX_LOGIN->message));
$LOGIN = FALSE;
exit;
} else {
$LOGIN = TRUE;
$REX_USER = $REX_LOGIN->USER;
}
// ----------------- CREATE LANG OBJ
/*
if ($REX_USER->isValueOf("rights","be_lang[de_de]")) $REX[LANG] = "de_de";
else if ($REX_USER->isValueOf("rights","be_lang[en_gb]")) $REX[LANG] = "en_gb";
*/
$I18N = rex_create_lang($REX['LANG']);
setlocale(LC_ALL, trim($I18N->msg("setlocale")));
header('Content-Type: text/html; charset=' . $I18N->msg("htmlcharset"));
<?php
require_once '../config/dbconf.php';
require_once '../model/LoginSql.php';
session_start();
$errormessage = '';
$isFormGood = true;
if (isset($_SESSION['login'])) {
header("location: ../public/index.php");
exit;
} else {
if (isset($_POST['login'])) {
$test = new login();
$result = $test->checkLogin($pdo);
if ($result === false) {
$errormessage = "Wrong username";
$isFormGood = false;
} elseif (empty($_POST["password"])) {
$errormessage = "No password";
$isFormGood = false;
} elseif (sha1($_POST["password"]) != $result["password"]) {
$errormessage = "Wrong password";
$isFormGood = false;
} else {
session_start();
$_SESSION['firstname'] = $result['firstname'];
$_SESSION['lastname'] = $result['lastname'];
$_SESSION['gender'] = $result['gender'];
$_SESSION['birthdate'] = $result['birthdate'];
$_SESSION['email'] = $result['email'];
$_SESSION['login'] = $result['login'];
<?php
$model = $_REQUEST['model'];
$action = $_REQUEST['action'];
include_once MODELS . "/" . $model . "_model.php";
switch (strtoupper($action)) {
case 'LOGIN':
$objLogin = new login();
$objLogin->checkLogin();
break;
case 'LOGOUT':
$objLogin = new login();
$objLogin->logout();
break;
default:
#$objLogin = new login();
break;
}