function OnLogin2($filephp) { global $CFG, $userid, $gameid; $username = $_POST['username']; echo GetHeader(''); $username = $_POST['username']; $password = $_POST['password']; $query = "SELECT * FROM {$CFG->prefix}users WHERE username='******'"; $result = mysql_query($query); $row = mysql_fetch_array($result); if ($row == false) { ShowFormLogin($filephp, '<b>Λάθος όνομα χρήστη</b>'); die; } if ($row['password'] != '') { if (md5($password) != $row['password']) { ShowFormLogin($filephp, '<b>Λάθος κωδικός</b>'); die; } } $ip = GetMyIP(); $hostname = gethostname(); $userid = $row['id']; $gameid = $row['gameid']; $query = "INSERT INTO {$CFG->prefix}logins(userid,hostname,ip) SELECT {$userid}, '{$hostname}','{$ip}'"; mysql_query($query); $query = "UPDATE {$CFG->prefix}users SET lastip='{$ip}' WHERE id={$userid}"; mysql_query($query); $_SESSION['userid'] = $userid; $_SESSION['gameid'] = $gameid; }
function ProcessFormLogin() { global $tpl, $user, $error_list; $username = stripslashes($_REQUEST['username']); $password = stripslashes($_REQUEST['password']); $remember = $_REQUEST['remember']; $b = $_REQUEST['b']; $i = 0; if ($username == "" || $password == "") { if ($username == "") { $error_list[$i] = _("Username is required"); $i++; } if ($password == "") { $error_list[$i] = _("Password is required"); $i++; } } elseif (!$user->CheckUserLogin($username)) { $error_list[$i] = _("User doesnt exist"); $i++; } elseif (!$user->CheckPasswordLogin($username, $password)) { $error_list[$i] = _("Invalid password"); $i++; } if (!is_array($error_list)) { if ($remember) { $expire = time() + 3600 * 24 * 1000; } else { $expire = 0; } $login = $user->Login($username, $password, $expire); if ($login == 0) { if (!$b) { header("Location: index.php"); } else { header("Location: " . $b); } } elseif ($login == 1) { if (!$b) { header("Location: admin/index.php"); } else { header("Location: " . $b); } } else { ShowFormLogin(); } } else { ShowFormLogin(); } }