function OnLogin2($filephp)
{
global $CFG, $userid, $gameid;
$username = $_POST['username'];
echo GetHeader('');
$username = $_POST['username'];
$password = $_POST['password'];
$query = "SELECT * FROM {$CFG->prefix}users WHERE username='******'";
$result = mysql_query($query);
$row = mysql_fetch_array($result);
if ($row == false) {
ShowFormLogin($filephp, '<b>Λάθος όνομα χρήστη</b>');
die;
}
if ($row['password'] != '') {
if (md5($password) != $row['password']) {
ShowFormLogin($filephp, '<b>Λάθος κωδικός</b>');
die;
}
}
$ip = GetMyIP();
$hostname = gethostname();
$userid = $row['id'];
$gameid = $row['gameid'];
$query = "INSERT INTO {$CFG->prefix}logins(userid,hostname,ip) SELECT {$userid}, '{$hostname}','{$ip}'";
mysql_query($query);
$query = "UPDATE {$CFG->prefix}users SET lastip='{$ip}' WHERE id={$userid}";
mysql_query($query);
$_SESSION['userid'] = $userid;
$_SESSION['gameid'] = $gameid;
}
function ProcessFormLogin()
{
global $tpl, $user, $error_list;
$username = stripslashes($_REQUEST['username']);
$password = stripslashes($_REQUEST['password']);
$remember = $_REQUEST['remember'];
$b = $_REQUEST['b'];
$i = 0;
if ($username == "" || $password == "") {
if ($username == "") {
$error_list[$i] = _("Username is required");
$i++;
}
if ($password == "") {
$error_list[$i] = _("Password is required");
$i++;
}
} elseif (!$user->CheckUserLogin($username)) {
$error_list[$i] = _("User doesnt exist");
$i++;
} elseif (!$user->CheckPasswordLogin($username, $password)) {
$error_list[$i] = _("Invalid password");
$i++;
}
if (!is_array($error_list)) {
if ($remember) {
$expire = time() + 3600 * 24 * 1000;
} else {
$expire = 0;
}
$login = $user->Login($username, $password, $expire);
if ($login == 0) {
if (!$b) {
header("Location: index.php");
} else {
header("Location: " . $b);
}
} elseif ($login == 1) {
if (!$b) {
header("Location: admin/index.php");
} else {
header("Location: " . $b);
}
} else {
ShowFormLogin();
}
} else {
ShowFormLogin();
}
}
