if (!(strpos($lowerdata, 'table') === FALSE)) { return false; } return $data; } if (!session_is_registered('pr_login') || !session_is_registered('pr_password') || !session_is_registered('rights') || isset($_POST["done"]) && $_POST["done"] == "submit_log") { if ($FG_DEBUG == 1) { echo "<br>0. HERE WE ARE"; } if ($_POST["done"] == "submit_log") { $DBHandle = DbConnect(); if ($FG_DEBUG == 1) { echo "<br>1. " . $_POST["pr_login"] . $_POST["pr_password"]; } $_POST["pr_login"] = access_sanitize_data($_POST["pr_login"]); $_POST["pr_password"] = access_sanitize_data($_POST["pr_password"]); $return = login($_POST["pr_login"], $_POST["pr_password"]); if ($FG_DEBUG == 1) { print_r($return); } if ($FG_DEBUG == 1) { echo "==>" . $return[1]; } if (!is_array($return) || $return[1] == 0) { header("HTTP/1.0 401 Unauthorized"); Header("Location: index__vt.php?error=1"); die; } // if groupID egal 1, this user is a root if ($return[3] == 0) { $admin_id = $return[0];
if ($FG_DEBUG == 0) { header("HTTP/1.0 401 Unauthorized"); } else { echo "Unauthorized! no ssl!\n\n"; } die; } if (!isset($unsafe_base)) { $unsafe_base = "."; } if (!session_is_registered('pr_login') || !session_is_registered('pr_password') || !session_is_registered('cus_rights') || isset($_POST["done"]) && $_POST["done"] == "submit_log") { if ($FG_DEBUG > 1) { echo "Login attempt:<br>"; } if ($_POST["done"] == "submit_log") { $return = login(access_sanitize_data($_POST["pr_login"]), access_sanitize_data($_POST["pr_password"])); if ($FG_DEBUG >= 1) { echo "Return from login(): " . print_r($return, true) . "<br>\n"; } if (!is_array($return)) { sleep(2); header("HTTP/1.0 401 Unauthorized"); if ($FG_DEBUG) { die; } //early, leave messages on page. $err = 4; if (is_int($return)) { $err = $return; } Header("Location: {$unsafe_base}/index.php?error={$err}");