function attemptLogin() { global $conn_id; global $ftpHost; global $ftpPort; global $ftpMode; global $ftpSSL; global $ftpDir; global $lang_missing_fields; global $lang_ip_conflict; global $sessionLockIP; $is_login_form = isset($_POST["login"]) && $_POST["login"] == 1; if (!$is_login_form && connectFTP(0) == 1) { // Check for hijacked session if ($_SESSION["ip_check"] == 1) { if ($_SERVER['REMOTE_ADDR'] == $_SESSION["user_ip"]) { $_SESSION["loggedin"] = 1; } else { $_SESSION["errors"] = $lang_ip_conflict; sessionExpired($lang_ip_conflict); logOut(); } } else { $_SESSION["loggedin"] = 1; } } else { if ($is_login_form) { // Check for login errors if (checkLoginErrors() == 1) { $_SESSION["login_error"] = $lang_missing_fields; displayLoginForm(1); } else { // Set POST vars to SESSION if ($ftpHost == "") { $_SESSION["ftp_host"] = trim($_POST["ftp_host"]); $_SESSION["ftp_port"] = trim($_POST["ftp_port"]); $_SESSION["ftp_pasv"] = empty($_POST["ftp_pasv"]) ? 0 : 1; $_SESSION["ftp_ssl"] = empty($_POST["ftp_ssl"]) ? 0 : 1; } else { $_SESSION["ftp_host"] = $ftpHost; $_SESSION["ftp_port"] = $ftpPort; $_SESSION["ftp_pasv"] = $ftpMode; $_SESSION["ftp_ssl"] = $ftpSSL; } $_SESSION["ftp_user"] = trim($_POST["ftp_user"]); $_SESSION["ftp_pass"] = trim($_POST["ftp_pass"]); $_SESSION["interface"] = empty($_POST["interface"]) ? "" : "adv"; $_SESSION["skin"] = empty($_POST["skin"]) ? "" : $_POST["skin"]; $_SESSION["lang"] = $_POST["lang"]; if ($sessionLockIP == "") { $_SESSION["ip_check"] = empty($_POST["ip_check"]) ? 0 : 1; } else { $_SESSION["ip_check"] = $sessionLockIP; } $_SESSION["filesCharSet"] = $_POST["filesCharSet"]; if (connectFTP(1) == 1) { $_SESSION["loggedin"] = 1; // Save user's IP address $_SESSION["user_ip"] = $_SERVER['REMOTE_ADDR']; // Set platform getPlatform(); // Change dir if one set if ($ftpDir != "") { if (@ftp_chdir($conn_id, $ftpDir)) { $_SESSION["dir_current"] = $ftpDir; } else { if (@ftp_chdir($conn_id, "~" . $ftpDir)) { $_SESSION["dir_current"] = "~" . $ftpDir; } } } header("Location: index.php"); $_SESSION["filesCharSet"] = $_POST["filesCharSet"]; exit; } else { displayLoginForm(1); } } } else { displayLoginForm(0); } } }
function attemptLogin() { global $lang_missing_fields; global $lang_ip_conflict; if (connectFTP(0) == 1 && isset($_POST["login"]) && $_POST["login"] != 1) { // Check for hijacked session if (isset($_SESSION["ip_check"]) && $_SESSION["ip_check"] == 1) { if (isset($_SESSION["REMOTE_ADDR"]) && isset($_SESSION["user_ip"]) && $_SERVER['REMOTE_ADDR'] == $_SESSION["user_ip"]) { $_SESSION["loggedin"] = 1; } else { $_SESSION["errors"] = $lang_ip_conflict; sessionExpired($lang_ip_conflict); logOut(); } } else { $_SESSION["loggedin"] = 1; } } else { if (isset($_POST["login"]) && $_POST["login"] == 1) { // Check for login errors if (checkLoginErrors() == 1) { $_SESSION["login_error"] = $lang_missing_fields; displayLoginForm(1); } else { // Set POST vars to SESSION $_SESSION["ftp_ssl"] = $_POST["ftp_ssl"]; $_SESSION["ftp_host"] = trim($_POST["ftp_host"]); $_SESSION["ftp_user"] = trim($_POST["ftp_user"]); $_SESSION["ftp_pass"] = trim($_POST["ftp_pass"]); $_SESSION["ftp_port"] = trim($_POST["ftp_port"]); $_SESSION["ftp_pasv"] = $_POST["ftp_pasv"]; $_SESSION["interface"] = $_POST["interface"]; $_SESSION["skin"] = $_POST["skin"]; $_SESSION["lang"] = $_POST["lang"]; $_SESSION["ip_check"] = $_POST["ip_check"]; if (connectFTP(1) == 1) { $_SESSION["loggedin"] = 1; // Save user's IP address $_SESSION["user_ip"] = $_SERVER['REMOTE_ADDR']; // Set platform getPlatform(); } else { displayLoginForm(1); } } } else { displayLoginForm(0); } } }