if (empty($username)) {
$errors[] = "Please input your username";
}
if (checkUser($username) === false) {
$errors[] = "That username does not exist in our database.";
}
$passCheck = checkPassword($username, $password);
if ($passCheck === false) {
$errors[] = "Your password is incorrect. Please try again.";
}
}
if (!empty($errors)) {
foreach ($errors as $error) {
$return['error'] = true;
$return['msg'] = $error;
}
} else {
$ua = getBrowser();
$browser = $ua['name'] . ' ' . $ua['version'];
$os = $ua['platform'];
loginCheck($username);
loginLog($passCheck, $browser, $os);
$random = rand(1000000000, 9999999999.0);
$sec = sha1(base64_encode($random));
$_SESSION['securedid'] = $sec;
$_SESSION['uid'] = $passCheck;
$url = "index.php";
$return['error'] = false;
$return['msg'] = $url;
}
echo json_encode($return);
if (isset($_POST['user']) && $_POST['user'] != '' && isset($_POST['pass']) && $_POST['pass'] != '') {
if (!checkLog()) {
if ($_POST['user'] == RAZOR_SADMIN_USER and createHash($_POST['pass'], substr(RAZOR_SADMIN_PASS, 0, strlen(RAZOR_SADMIN_PASS) / 2), 'sha1') == RAZOR_SADMIN_PASS) {
$_SESSION['loginTimeStamp'] = $ts = time();
$_SESSION['adminLogIn'] = sha1($_SERVER['REMOTE_ADDR'] . RAZOR_SADMIN_USER . $ts . $_SERVER['HTTP_USER_AGENT']);
$_SESSION['adminType'] = 'sadmin';
} elseif ($_POST['user'] == RAZOR_ADMIN_USER and createHash($_POST['pass'], substr(RAZOR_ADMIN_PASS, 0, strlen(RAZOR_ADMIN_PASS) / 2), 'sha1') == RAZOR_ADMIN_PASS) {
$_SESSION['loginTimeStamp'] = $ts = time();
$_SESSION['adminLogIn'] = sha1($_SERVER['REMOTE_ADDR'] . RAZOR_ADMIN_USER . $ts . $_SERVER['HTTP_USER_AGENT']);
$_SESSION['adminType'] = 'admin';
} elseif ($_POST['user'] == RAZOR_USER_USER and createHash($_POST['pass'], substr(RAZOR_USER_PASS, 0, strlen(RAZOR_USER_PASS) / 2), 'sha1') == RAZOR_USER_PASS) {
$_SESSION['loginTimeStamp'] = $ts = time();
$_SESSION['adminLogIn'] = sha1($_SERVER['REMOTE_ADDR'] . RAZOR_USER_USER . $ts . $_SERVER['HTTP_USER_AGENT']);
$_SESSION['adminType'] = 'user';
} else {
loginLog();
}
} else {
MsgBox(lt('You have exceeded the max amount of login attempts in') . ' ' . RAZOR_LOGAT_TIME / 60 . ' ' . lt('minutes'), 'redbox');
}
}
} else {
if ($_SESSION['adminLogIn'] == sha1($_SERVER['REMOTE_ADDR'] . RAZOR_SADMIN_USER . $_SESSION['loginTimeStamp'] . $_SERVER['HTTP_USER_AGENT'])) {
$_SESSION['loginTimeStamp'] = $ts = time();
$_SESSION['adminLogIn'] = sha1($_SERVER['REMOTE_ADDR'] . RAZOR_SADMIN_USER . $ts . $_SERVER['HTTP_USER_AGENT']);
$_SESSION['adminType'] = 'sadmin';
} elseif ($_SESSION['adminLogIn'] == sha1($_SERVER['REMOTE_ADDR'] . RAZOR_ADMIN_USER . $_SESSION['loginTimeStamp'] . $_SERVER['HTTP_USER_AGENT'])) {
$_SESSION['loginTimeStamp'] = $ts = time();
$_SESSION['adminLogIn'] = sha1($_SERVER['REMOTE_ADDR'] . RAZOR_ADMIN_USER . $ts . $_SERVER['HTTP_USER_AGENT']);
$_SESSION['adminType'] = 'admin';
} elseif ($_SESSION['adminLogIn'] == sha1($_SERVER['REMOTE_ADDR'] . RAZOR_USER_USER . $_SESSION['loginTimeStamp'] . $_SERVER['HTTP_USER_AGENT'])) {
