function Register($username, $regkey, $userpassword)
{
$success = false;
$dbh = SqlConnect();
if (Login($username, $regkey)) {
$stmt = $dbh->prepare("UPDATE users SET password = :userpassword WHERE username = :username");
$stmt->bindParam(':userpassword', md5($userpassword));
$stmt->bindParam(':username', $username);
if ($stmt->execute()) {
$success = true;
}
}
return $success;
}
$parentComment = -1;
}
$parentPost = $params['parentPost'];
if ($parentPost == null) {
$parentPost = -1;
}
echo DBSaveComment(-1, $parentPost, $parentComment, $params['content'], $_SESSION['UserID'], 0);
} else {
if ($request == 'editComment') {
echo DBSaveComment($params['cId'], $params['parentPost'], $params['parentComment'], $params['content'], $_SESSION['UserID'], 0);
} else {
if ($request == 'deleteComment') {
DBDeleteComment($params['cId'], $_SESSION['UserID']);
} else {
if ($request == 'login') {
echo Login($params['email'], $params['password']);
} else {
if ($request == 'logout') {
Logout();
} else {
if ($request == 'signUp') {
echo SignUp($params['userName'], $params['emailAddress'], $params['password']);
} else {
if ($request == 'updateName') {
SaveUserName($_SESSION['UserID'], $params['userName']);
} else {
if ($request == 'updatePassword') {
echo SaveUserPassword($_SESSION['UserID'], $params['newPassword'], $params['oldPassword']);
}
}
}
function Logout()
{
// Делаем cookies устаревшими (единственный способ их удаления).
setcookie('username', '', time() - 1);
// Сброс сессии.
unset($_SESSION['username']);
}
// ТОЧКА ВХОДА.
//
session_start();
$enter_site = false;
// Попадая на страницу login.php, авторизация сбрасывается.
Logout();
// Если массив POST не пуст, значит, обрабатываем отправку формы.
if (count($_POST) > 0) {
$enter_site = Login($_POST['username'], $_POST['remember'] == 'on');
}
// Если авторизация пройдена, переадресуем пользователя
// на одну из страниц сайта.
if ($enter_site) {
header("Location: a.php");
exit;
}
?>
<html>
<head>
<title>Вход на сайт</title>
</head>
<body>
}
$_SESSION["username"] = $username;
if (!$remember) {
setcookie("username", $username, time() + 3600 * 24 * 7);
return true;
}
}
function Logout()
{
setcookie("username", '', time() - 1);
unset($_SESSION["username"]);
}
$enter_site = false;
Logout();
if (count($_POST) > 0) {
$enter_site = Login($_POST["username"], $_POST["remember"] == "on");
}
if ($enter_site) {
header("Location: index.php");
exit;
}
?>
<html>
<body>
<h1>Вход на сайт</h1>
<form action="index.php" method="post">
Введите имя:
<br/>
<input type="text" name="username" />
<br/>
{
$host = "http://" . $_SERVER['HTTP_HOST'] . $_SERVER["SCRIPT_NAME"];
$pos = strrpos($host, "/game/reg/login2.php");
return substr($host, 0, $pos + 1);
}
function to_utf8($string)
{
// From http://w3.org/International/questions/qa-forms-utf-8.html
if (preg_match('%^(?:
[\\x09\\x0A\\x0D\\x20-\\x7E] # ASCII
| [\\xC2-\\xDF][\\x80-\\xBF] # non-overlong 2-byte
| \\xE0[\\xA0-\\xBF][\\x80-\\xBF] # excluding overlongs
| [\\xE1-\\xEC\\xEE\\xEF][\\x80-\\xBF]{2} # straight 3-byte
| \\xED[\\x80-\\x9F][\\x80-\\xBF] # excluding surrogates
| \\xF0[\\x90-\\xBF][\\x80-\\xBF]{2} # planes 1-3
| [\\xF1-\\xF3][\\x80-\\xBF]{3} # planes 4-15
| \\xF4[\\x80-\\x8F][\\x80-\\xBF]{2} # plane 16
)*$%xs', $string)) {
return $string;
} else {
return iconv('CP1252', 'UTF-8', $string);
}
}
if ($_SERVER['REQUEST_METHOD'] === "POST") {
Login($_POST['login'], $_POST['pass']);
} else {
if ($_SERVER['REQUEST_METHOD'] === "GET") {
Login(to_utf8($_GET['login']), to_utf8($_GET['pass']));
}
}
echo "<html><head><meta http-equiv='refresh' content='0;url={$StartPage}' /></head><body></body></html>";
function HaveAuthority($pos)
{
if ($pos == "./group.php") {
return Login() && Admin();
}
if ($pos == "./admin.php") {
return Login() && Admin();
}
if ($pos == "./action/action_apply.php") {
return Login() && Apply();
}
if ($pos == "./action/action_alterkey.php") {
return Login();
}
if ($pos == "./page/group/action/*") {
return Login() && Admin();
}
if ($pos == "./page/admin/action/*") {
return Login() && Admin();
}
return true;
}
<?php
/**
* Created by umar.
* User: microsoftLT
* Date: 4/9/14
* Time: 7:44 AM
* To change this template use File | Settings | File Templates.
*/
include "header.php";
include "dbconnect.php";
if (isset($_POST['username']) && isset($_POST['password'])) {
echo "entered";
if (Login($_POST['username'], $_POST['password'])) {
echo "Login Successful";
header("Location: homepage.php ");
} else {
echo "Login unsuccessful";
}
} else {
if (isset($_SESSION['username'])) {
unset($_SESSION['username']);
session_destroy();
}
}
echo '
<div id="contentWrapper">
<div id="contentBackground">
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
function CookieLogin($user, $pass)
{
global $cookie, $domain, $referer, $hash, $maxdays, $secretkey, $pauth;
$filename = 'putlocker_ul.php';
$maxdays = 7;
// Max days to keep cookies saved
if (!defined('DOWNLOAD_DIR')) {
global $options;
if (substr($options['download_dir'], -1) != '/') {
$options['download_dir'] .= '/';
}
define('DOWNLOAD_DIR', substr($options['download_dir'], 0, 6) == 'ftp://' ? '' : $options['download_dir']);
}
$filename = DOWNLOAD_DIR . basename($filename);
if (!file_exists($filename)) {
return Login($user, $pass);
}
$file = file($filename);
$savedcookies = unserialize($file[1]);
unset($file);
$hash = hash('crc32b', $user . ':' . $pass);
if (array_key_exists($hash, $savedcookies)) {
if (time() - $savedcookies[$hash]['time'] >= $maxdays * 24 * 60 * 60) {
return Login($user, $pass);
}
// Ignore old cookies
$_secretkey = $secretkey;
$secretkey = sha1($user . ':' . $pass);
$cookie = decrypt(urldecode($savedcookies[$hash]['enc'])) == 'OK' ? IWillNameItLater($savedcookies[$hash]['cookie']) : '';
$secretkey = $_secretkey;
if (is_array($cookie) && count($cookie) < 1 || empty($cookie)) {
return Login($user, $pass);
}
$page = geturl($domain, 80, '/', $referer, $cookie, 0, 0, $_GET['proxy'], $pauth);
is_page($page);
if (stripos($page, '>Sign Out</a>') === false) {
return Login($user, $pass);
}
$cookie = GetCookiesArr($page, $cookie);
// Update cookies
SaveCookies($user, $pass);
// Update cookies file
return true;
}
return Login($user, $pass);
}
function CookieLogin($user, $pass)
{
global $domain, $referer, $secretkey, $pauth;
if (empty($user) || empty($pass)) {
html_error('Login Failed: User or Password is empty.');
}
$user = strtolower($user);
$filename = 'letitbit_ul.php';
if (!defined('DOWNLOAD_DIR')) {
if (substr($GLOBALS['options']['download_dir'], -1) != '/') {
$GLOBALS['options']['download_dir'] .= '/';
}
define('DOWNLOAD_DIR', substr($GLOBALS['options']['download_dir'], 0, 6) == 'ftp://' ? '' : $GLOBALS['options']['download_dir']);
}
$filename = DOWNLOAD_DIR . basename($filename);
if (!file_exists($filename)) {
return Login($user, $pass);
}
$file = file($filename);
$savedcookies = unserialize($file[1]);
unset($file);
$hash = hash('crc32b', $user . ':' . $pass);
if (is_array($savedcookies) && array_key_exists($hash, $savedcookies)) {
$_secretkey = $secretkey;
$secretkey = hash('crc32b', $pass) . sha1($user . ':' . $pass) . hash('crc32b', $user);
// A 56 char key should be safer. :D
$testCookie = decrypt(urldecode($savedcookies[$hash]['enc'])) == 'OK' ? IWillNameItLater($savedcookies[$hash]['cookie']) : false;
$secretkey = $_secretkey;
if (empty($testCookie) || is_array($testCookie) && count($testCookie) < 1) {
return Login($user, $pass);
}
$page = geturl($domain, 80, '/', $referer, $testCookie, 0, 0, $_GET['proxy'], $pauth);
is_page($page);
if (stripos($page, 'title="Logout">Logout</a>') === false) {
return Login($user, $pass);
}
$GLOBALS['cookie'] = GetCookiesArr($page, $testCookie);
// Update cookies
SaveCookies($user, $pass);
// Update cookies file
return true;
}
return Login($user, $pass);
}
<?php
include 'inc/auth.php';
include 'inc/api.php';
include 'inc/aes.php';
ini_set('display_errors', '1');
if ($auth) {
header("location: wallet.php");
} else {
if (Login($_POST['addr'], $_POST['key'])) {
$_SESSION['addr'] = $_POST['addr'];
$key = $_POST['key'];
// new encryption key
$key = fnEncrypt($key, "39ebb8b644e3de68e4801eaf9ba");
$_SESSION['key'] = $key;
header("location: wallet.php");
} else {
header("location: index.php?error=login");
}
}
$RegError = 101;
} else {
if (!isValidEmail($_POST['email'])) {
$RegError = 104;
} else {
if (IsEmailExist($_POST['email'])) {
$RegError = 102;
} else {
$RegError = 0;
}
}
}
}
}
}
if (!key_exists('ogamelang', $_COOKIE)) {
$lang = "ru";
} else {
$lang = $_COOKIE['ogamelang'];
}
// Если все параметры верные - создать нового пользователя и войти в игру.
if ($RegError == 0 && $AGB) {
CreateUser($_POST['character'], $_POST['password'], $_POST['email'], $lang);
Login($_POST['character'], $_POST['password']);
exit;
}
echo "<html><head><meta http-equiv='refresh' content='0;url={$StartPage}/register.php?errorCode={$RegError}&agb={$AGB}&character=" . $_POST['character'] . "&email=" . $_POST['email'] . "&universe=" . $_POST['universe'] . "' /></head><body></body></html>";
exit;
}
// Открыть new.php
echo "<html><head><meta http-equiv='refresh' content='0;url=new.php' /></head><body></body></html>";
function CookieLogin($user, $pass)
{
global $domain, $referer, $secretkey, $pauth;
if (empty($user) || empty($pass)) {
html_error('Login Failed: User or Password is empty.');
}
$user = strtolower($user);
$filename = 'keep2share_ul.php';
if (!defined('DOWNLOAD_DIR')) {
if (substr($GLOBALS['options']['download_dir'], -1) != '/') {
$GLOBALS['options']['download_dir'] .= '/';
}
define('DOWNLOAD_DIR', substr($GLOBALS['options']['download_dir'], 0, 6) == 'ftp://' ? '' : $GLOBALS['options']['download_dir']);
}
$filename = DOWNLOAD_DIR . basename($filename);
if (!file_exists($filename)) {
return Login($user, $pass);
}
$file = file($filename);
$savedcookies = unserialize($file[1]);
unset($file);
$hash = hash('crc32b', $user . ':' . $pass);
if (is_array($savedcookies) && array_key_exists($hash, $savedcookies)) {
$_secretkey = $secretkey;
$secretkey = hash('crc32b', $pass) . sha1($user . ':' . $pass) . hash('crc32b', $user);
// A 56 char key should be safer. :D
$testCookie = decrypt(urldecode($savedcookies[$hash]['enc'])) == 'OK' ? IWillNameItLater($savedcookies[$hash]['cookie']) : false;
$secretkey = $_secretkey;
if (empty($testCookie) || is_array($testCookie) && count($testCookie) < 1) {
return Login($user, $pass);
}
$test = k2s_apireq('test', array('auth_token' => urldecode($testCookie['sessid'])));
if ($test['code'] != 403) {
k2s_checkErrors($test, 'Login error');
} else {
// If session is expired, try to get a updated one from the site with the cookies
$page = geturl($domain, 80, '/', $referer . 'login.html', $cookie, 0, 0, $_GET['proxy'], $pauth);
is_page($page);
$testCookie = GetCookiesArr($page, $testCookie);
if (stripos($page, '/auth/logout.html">Logout') === false || empty($testCookie['sessid'])) {
return Login($user, $pass);
}
// Test possibly updated session
$test2 = k2s_apireq('test', array('auth_token' => urldecode($testCookie['sessid'])));
if ($test2['code'] == 403) {
return Login($user, $pass);
}
k2s_checkErrors($test2, 'Login error');
}
$GLOBALS['cookie'] = $testCookie;
// Update cookies
SaveCookies($user, $pass);
// Update cookies file
return true;
}
return Login($user, $pass);
}
<?php
require "ClassDB.php";
require "functions.php";
HttpsAssert();
session_name("s220318_session");
session_start();
if (isset($_SESSION['s220318_user'])) {
$loggato = CheckConnTimeout();
} elseif (isset($_POST['action']) && $_POST['action'] == 'login') {
$loggato = Login();
if (!$loggato) {
$successo = 0;
}
} else {
$loggato = 0;
}
if (isset($_REQUEST['action'])) {
if (!$loggato) {
switch ($_REQUEST['action']) {
case 'registrazione':
$in_registrazione = true;
break;
case 'registra':
if (($successo = registraUtente()) == 1) {
$GLOBALS['message'] = "Utente registrato con successo";
}
break;
default:
break;
}
} else {
$login = $not_done = false;
$domain = 'mediafire.com';
$referer = "https://{$domain}/";
$app = array('id' => '44595', 'api_version' => '1.4');
// Application ID for MediaFire's API @ https://www.mediafire.com/#settings/applications
// Login
echo "<table style='width:600px;margin:auto;'>\n<tr><td align='center'>\n<div id='info' width='100%' align='center'>Login to {$domain}</div>\n";
$cookie = array();
if (!empty($_REQUEST['up_login']) && !empty($_REQUEST['up_pass'])) {
if (!empty($_REQUEST['A_encrypted'])) {
$_REQUEST['up_login'] = decrypt(urldecode($_REQUEST['up_login']));
$_REQUEST['up_pass'] = decrypt(urldecode($_REQUEST['up_pass']));
unset($_REQUEST['A_encrypted']);
}
Login($_REQUEST['up_login'], $_REQUEST['up_pass']);
$login = true;
} else {
html_error('Login failed: User/Password empty.');
}
// Hashing File
echo "<script type='text/javascript'>document.getElementById('info').innerHTML = 'Hashing File';</script>\n";
$fileHash = in_array('sha256', hash_algos()) ? hash_file('sha256', $lfile, false) : '';
// sha256 is needed for Instant upload and extra checks.
// Preparing Upload
echo "<script type='text/javascript'>document.getElementById('info').innerHTML = 'Preparing Upload';</script>\n";
$uploadCheck = array_map('strtolower', mf_apireq('upload/check', array('size' => $fsize, 'hash' => $fileHash, 'filename' => $lname)));
mf_checkErrors($uploadCheck, 'Pre-Upload Check Error');
if ($uploadCheck['storage_limit_exceeded'] == 'yes') {
html_error('User storage limit exceeded.');
}
<?php
require_once 'config.php';
require 'autenticazione.php';
rememberMe();
$error = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$error = Login($error);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="author" content="Bachechi Andrea">
<meta name="description" content="applicazione per la gestione di un magazzino">
<link rel="stylesheet" type="text/css" href="ElemStyle.css">
<link rel="stylesheet" type="text/css" href="logStyle.css">
<title>Magazzino</title>
</head>
<body>
<div class="loginBox">
<h2>Login</h2>
<form id="autenticazione" action="<?php
echo htmlspecialchars($_SERVER['PHP_SELF']);
?>
" method="post">
<label for="usr">Username:</label>
<input type="text" name="usr" id="usr" required >
<label for="pwd">Password:</label>
$fid = $arr_items[count($arr_items) - 5];
$id = $arr_items[count($arr_items) - 7];
echo $id . " " . $fid . " " . $Des . " " . $Rat;
Commend($id, $fid, $Des, $Rat);
});
$app->get('/Comment/id/:mid', function ($mid) {
//echo $mid;
getComment($mid);
});
$app->get('/Login/id/:mid/pw/:pw', function () {
$uri = $_SERVER['REQUEST_URI'];
$arr_items = split('/', $uri);
$pw = $arr_items[count($arr_items) - 1];
$id = $arr_items[count($arr_items) - 3];
//echo $id." ".$pw;
Login($id, $pw);
});
$app->get('/Check/id/:mid', function () {
$uri = $_SERVER['REQUEST_URI'];
$arr_items = split('/', $uri);
$id = $arr_items[count($arr_items) - 1];
//$id = $arr_items[count($arr_items) - 3];
//echo $id;
CheckName($id);
});
// POST route
$app->post('/post', function () {
echo 'This is a POST route';
});
// PUT route
$app->put('/put', function () {
<?php
if (isset($_GET['logout'])) {
unset($_SESSION['user']);
header("location: ?");
}
if (isset($_POST['username'])) {
lib("users");
if (is_string($res = Login($_POST['username'], $_POST['password']))) {
echo "<div class='error'>{$res}</div>" . PHP_EOL;
}
}
?>
<html>
<head>
<link rel='stylesheet' href='style.css'></link>
</head>
<body>
<h2>Kiwi Forum</h2>
<?php
if (!isset($_SESSION['user'])) {
?>
<form method='post'>
<input type='text' name='username' placeholder='username' value=''/>
<br/>
<input type='password' name='password' />
<br/>
<input type='submit' value='Login'/>
<a href='signup'>Sign Up</a>
</form>
<?php
<?php
if (!defined('IN_WEBADMIN')) {
exit;
}
$username = hmailGetVar("username", "");
$password = hmailGetVar("password", "");
if (Login($username, $password)) {
header("refresh: 0; url=" . $hmail_config['rooturl']);
exit;
} else {
// Login failed.
LoginError();
}
function Login($username, $password)
{
global $obBaseApp;
if ($username == "" || $password == "") {
LoginError();
}
$obAccount = $obBaseApp->Authenticate($username, $password);
if (!isset($obAccount)) {
LoginError();
}
$_SESSION['session_loggedin'] = 1;
$_SESSION['session_adminlevel'] = $obAccount->AdminLevel();
$_SESSION['session_username'] = $obAccount->Address;
$_SESSION['session_password'] = $password;
$_SESSION['session_domainid'] = $obAccount->DomainID();
$_SESSION['session_accountid'] = $obAccount->ID();
return true;
//For pagination if no page number selected set page number to 1
isset($_REQUEST['page']) ? $page = $_REQUEST['page'] : ($page = 1);
//Row to start table from on each page
$start_from = ($page - 1) * 30;
//Order jobs by due back date as default
isset($_REQUEST['order_by']) ? $order_by = $_REQUEST['order_by'] : ($order_by = 'due_back_date');
//Start content
$content = '';
if ($cmd == '[LOGOUT]') {
$php_self = basename(__FILE__);
unset($_SESSION['login']);
header("Location:{$php_self}");
die;
}
if ($cmd == '[LOGIN]') {
Login();
}
if (isset($_SESSION['login'])) {
//User info variables
list($user_id, $user_name, , , $first_name, , , , $can_edit, , $language, $company, , ) = unserialize($_SESSION['login']);
$_SESSION['company'] = $company;
include 'inc/top-menu.php';
include 'inc/ssc.php';
} else {
//Display login box if not logged in
$file = 'inc/login-box.htm';
if (!file_exists($file)) {
$content = 'Login box is missing';
} else {
$content = file_get_contents($file);
}
function ValidateUser($code)
{
global $db_prefix;
$query = "SELECT * FROM " . $db_prefix . "users WHERE validatemd = '" . $code . "'";
$result = dbquery($query);
if (dbrows($result) == 0) {
RedirectHome();
return;
}
$user = dbarray($result);
if (!$user['validated']) {
// Заменить постоянный адрес временным после активации.
$query = "UPDATE " . $db_prefix . "users SET pemail = '" . $user['email'] . "' WHERE player_id = " . $user['player_id'];
dbquery($query);
}
$query = "UPDATE " . $db_prefix . "users SET validatemd = '', validated = 1 WHERE player_id = " . $user['player_id'];
dbquery($query);
Login($user['oname'], "", $user['password'], 1);
}
$name = 'Thuy Nho';
$birthday = '12/30/1985';
$reg = Register($username, $name, $pass, $birthday);
$code = $codes[array_rand($codes)];
Login($username, $pass);
$change = ChangeNumber($code);
//$out = array_values($change);
echo @json_encode($change);
LogOut();
break;
case "5":
ini_set('max_execution_time', 300);
//300 seconds = 5 minutes
//hideChatGroup
try {
Login($username, $pass);
$msgs = GetMessages();
foreach ($msgs['conversations']['conversation'] as $msg) {
$cid = $msg['@attributes']['cid'];
HideChatGroup($cid);
}
echo $done;
//LogOut();
} catch (Exception $e) {
echo $err;
}
break;
default:
echo $err;
break;
}
<?php /** * Created by PhpStorm. * User: 1253250 * Date: 22/10/2015 * Time: 15:33 */ include "BD.php"; //PhpExcel(); Login($_POST['email'], $_POST['password']);
}
?>
<div class="row sideMenu">
<div class="col-lg-12">
<?php
require 'connection.php';
$user = $_POST['username'];
$passwd = $_POST['password'];
$salt = '834qu@J*';
$token = md5($salt . $passwd);
function Login($user, $token)
{
if (!empty($_POST['username'])) {
$query = mysql_query("SELECT * FROM Customers WHERE User_Name='{$user}' AND Password='******'") or die(mysql_error());
$row = mysql_fetch_array($query);
if (!empty($row['User_Name'])) {
$_SESSION['eid'] = $user;
$_SESSION['loggedin'] = true;
$_SESSION['name'] = $row['First_Name'];
echo "<h2 class=regResult>Glad to have you back " . $row['First_Name'] . "! Enjoy your stay!</h2>";
} else {
echo "<h2 class=regResult>Oops! Your username/password was entered incorrectly! Try again</h2><br><br>";
echo "<h2 class=regResult>Not a member? <a href='Register.php' style='text-decoration: none';>Sign up</a> now!</h2>";
}
}
}
if (isset($_POST['signin'])) {
Login($user, $token);
}
mysql_close($conn);
<?php
// let's bootstrap our application.
include_once 'includes/bootstrap.inc.php';
header('Content-Type: application/json');
// array_key_lower_case(
switch (strtolower($_REQUEST['action'])) {
case "login":
//-----------------
// get other parameters
$car = $_REQUEST['car'];
$password = $_REQUEST['password'];
$d = Login($car, $password);
echo json_encode($d);
break;
case "gettrips":
//-----------------
// get other parameters
$car = strtolower($_REQUEST['car']);
$d = GetTrips($car);
echo json_encode($d);
break;
case "gettrip":
//-------------------------------------
// get other parameters
$tripId = strtolower($_REQUEST['tripid']);
// retrieve the data
$d = GetTripDetail($tripId);
echo json_encode($d);
break;
case "savearrival":
{
global $lang;
return '<div class="alert alert-danger"><a href="#" class="close" data-dismiss="alert" aria-label="close">×</a><strong>' . $lang[33] . '!</strong> ' . $str . '</div>';
}
function AJAX_request()
{
if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
return true;
} else {
return false;
}
}
if (!Login() && $LoginDialog && (isset($_GET['uploadfile']) || isset($_GET['listFolderFiles']) || isset($_GET['copy']) || isset($_GET['unzip']) || isset($_GET['table']) || isset($_GET['rename']) || isset($_GET['Remove']) || isset($_GET['read']) || isset($_GET['newfolder']))) {
die(print_array(array('table' => '<div class="container_01"><center>' . $lang[31] . '</center></div>', 'total' => 1, 'page' => 1, 'dir' => '', 'dirHtml' => '', 'alert' => alert($lang[22]))));
}
if (!Login() && $LoginDialog) {
if ($login_user == '') {
$html_input_user = '******';
} else {
$html_input_user = '******' . $lang[24] . '">
</div>';
}
echo '<!DOCTYPE html>
<html>
<head>
<title>' . $lang[22] . '</title>
<meta charset="' . $charset . '">
<link href="' . $icon[12] . '" rel="icon" type="image/x-icon" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
if ($mysqli->connect_errno) {
echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}
function Login($mysqli)
{
if (!empty($_POST['username'])) {
$query = $mysqli->query("SELECT * FROM texaskitchen.users WHERE email = '{$_POST['username']}' AND password = '******'password']}'");
if (!($row = $query->fetch_array(MYSQLI_BOTH))) {
header('Location: userauth_failure.html');
exit;
} else {
$_SESSION["userid"] = $row["id"];
$_SESSION["name"] = $row["name"];
if ($row[10] == 2) {
header('Location: userhome.php');
exit;
} else {
if ($row[10] == 1) {
header('Location: admin_order.html');
exit;
} else {
header('Location: userauth_failure.html');
exit;
}
}
}
}
}
Login($mysqli);
MakeNewSession();
}
} else {
/* TODO:TEST: Need to test transporting cookies to another workstation
to see if this works */
if ($session->GetIPAddress() != $_SERVER['REMOTE_ADDR']) {
$user =& $session->User();
$session->SessionIPChanged('User', $user->ID(), $session->GetIPAddress() . ' -> ' . $_SERVER['REMOTE_ADDR']);
$user->Logout();
}
}
}
if ($post) {
switch ($postType) {
case 'LOGIN':
$ret = Login($_POST['txtUsername'], $_POST['txtPassword']);
switch ($ret) {
case LOGIN_AUTH:
break;
case LOGIN_ACCOUNT_DISABLED:
$banner = GetCap('capAccountDisabled');
break;
case LOGIN_USER_NOT_FOUND:
case LOGIN_FAILED_AUTH:
$banner = GetCap('capInvalidUsernameOrPassword');
break;
}
}
}
$editable = false;
if (!$session->IsAnonymous()) {
function SkipLoginC($user, $pass)
{
global $cookie, $domain, $referer, $options, $pauth, $secretkey;
if (!defined('DOWNLOAD_DIR')) {
global $options;
if (substr($options['download_dir'], -1) != '/') {
$options['download_dir'] .= '/';
}
define('DOWNLOAD_DIR', substr($options['download_dir'], 0, 6) == 'ftp://' ? '' : $options['download_dir']);
}
$filename = DOWNLOAD_DIR . basename('depositfiles_ul.php');
if (!file_exists($filename)) {
return Login($user, $pass);
}
$file = file($filename);
$savedcookies = unserialize($file[1]);
unset($file);
$hash = hash('crc32b', $user . ':' . $pass);
if (array_key_exists($hash, $savedcookies)) {
$_secretkey = $secretkey;
$secretkey = sha1($user . ':' . $pass);
$cookie = decrypt(urldecode($savedcookies[$hash]['enc'])) == 'OK' ? IWillNameItLater($savedcookies[$hash]['cookie']) : '';
$secretkey = $_secretkey;
if (is_array($cookie) && count($cookie) < 1 || empty($cookie)) {
return Login($user, $pass);
}
$page = geturl($domain, 80, '/', $referer, $cookie, 0, 0, $_GET['proxy'], $pauth);
is_page($page);
if (stripos($page, '/logout.php">Logout</a>') === false) {
return Login($user, $pass);
}
SaveCookies($user, $pass);
// Update cookies file
return true;
}
return Login($user, $pass);
}
function GetRedirectToken($user, $pass, $loginas)
{
$token = '';
if (Login($user, $pass, $loginas)) {
$token_file = AS_TMP_DIR . 'astoken.php';
if (file_exists($token_file)) {
include $token_file;
}
if (!isset($redirect_tokes) || !is_array($redirect_tokes)) {
$redirect_tokes = array();
}
$now = time();
$str = '<?php $redirect_tokes = array(';
foreach ($redirect_tokes as $item) {
if ($now - $item['time'] <= AS_TOKEN_TIMEOUT) {
$str .= "\r\narray('token'=>'{$item['token']}','user'=>'{$item['user']}','time'=>{$item['time']}),";
}
}
$token = md5($user . $pass . time());
$str .= "\r\narray('token'=>'" . $token . "','user'=>'{$user}','time'=>" . time() . ")\r\n); ?>";
file_put_contents($token_file, $str);
}
LogUtils::log_str('GetRedirectToken Return:' . $token);
return $token;
}
function PCRE($account, $password)
{
if (preg_match('/^[0-9a-zA-Z]{8,16}$/', $password)) {
Login($account, $password);
} else {
}
}
