if (isset($_POST['rememberme'])) {
$remember_key = md5(time());
$query = "INSERT INTO " . $DBPrefix . "rememberme VALUES (" . $user_data['id'] . ", '" . $remember_key . "')";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
setcookie('WEBID_RM_ID', $remember_key, time() + 3600 * 24 * 365);
}
$query = "SELECT id FROM " . $DBPrefix . "usersips WHERE USER = "******" AND ip = '" . $_SERVER['REMOTE_ADDR'] . "'";
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
if (mysql_num_rows($res) == 0) {
$query = "INSERT INTO " . $DBPrefix . "usersips VALUES\n\t\t\t\t\t\t(NULL, '" . $user_data['id'] . "', '" . $_SERVER['REMOTE_ADDR'] . "', 'after','accept')";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
}
// delete your old session
if (isset($_COOKIE['WEBID_ONLINE'])) {
$query = "DELETE from " . $DBPrefix . "online WHERE SESSION = '" . strip_non_an_chars($_COOKIE['WEBID_ONLINE']) . "'";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
}
if (in_array($user_data['suspended'], array(5, 6, 7))) {
header('location: message.php');
exit;
}
if (isset($_SESSION['REDIRECT_AFTER_LOGIN'])) {
$URL = str_replace('\\r', '', str_replace('\\n', '', $_SESSION['REDIRECT_AFTER_LOGIN']));
unset($_SESSION['REDIRECT_AFTER_LOGIN']);
} else {
$URL = 'user_menu.php';
}
header('location: ' . $URL);
exit;
}
function load_counters()
{
global $system, $DBPrefix, $MSG, $_COOKIE, $user;
$query = "SELECT * FROM " . $DBPrefix . "counters";
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
$counter_data = mysql_fetch_assoc($res);
$counters = '';
if ($system->SETTINGS['counter_auctions'] == 'y') {
$counters .= '<b>' . $counter_data['auctions'] . '</b> ' . strtoupper($MSG['232']) . '| ';
}
if ($system->SETTINGS['counter_users'] == 'y') {
$counters .= '<b>' . $counter_data['users'] . '</b> ' . strtoupper($MSG['231']) . ' | ';
}
if ($system->SETTINGS['counter_online'] == 'y') {
if (!$user->logged_in) {
if (!isset($_COOKIE['WEBID_ONLINE'])) {
$s = md5(rand(0, 99) . session_id());
setcookie('WEBID_ONLINE', $s, time() + 900);
} else {
$s = strip_non_an_chars($_COOKIE['WEBID_ONLINE']);
setcookie('WEBID_ONLINE', $s, time() + 900);
}
} else {
$s = 'uId-' . $user->user_data['id'];
}
$uxtime = time();
$query = "SELECT id FROM " . $DBPrefix . "online WHERE SESSION = '{$s}'";
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
if (mysql_num_rows($res) == 0) {
$query = "INSERT INTO " . $DBPrefix . "online (SESSION, time) VALUES ('{$s}', " . $uxtime . ")";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
} else {
$oID = mysql_result($res, 0, 'ID');
$query = "UPDATE " . $DBPrefix . "online SET time = " . $uxtime . " WHERE ID = '{$oID}'";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
}
$deltime = $uxtime - 900;
$query = "DELETE from " . $DBPrefix . "online WHERE time < " . $deltime;
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
$query = "SELECT * FROM " . $DBPrefix . "online";
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
$count15min = mysql_num_rows($res);
$counters .= '<b>' . $count15min . '</b> ' . $MSG['2__0064'] . ' | ';
}
// Display current Date/Time
$mth = 'MON_0' . gmdate('m', $system->ctime);
$date = $MSG[$mth] . gmdate(' j, Y', $system->ctime);
$counters .= $date . ' <span id="servertime">' . gmdate('H:i:s', $system->ctime) . '</span>';
return $counters;
}
<?php
/***************************************************************************
* copyright : (C) 2008 - 2013 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
include 'common.php';
$query = "DELETE from " . $DBPrefix . "online WHERE SESSION = 'uId-" . $_SESSION['WEBID_LOGGED_IN'] . "'";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
unset($_SESSION['WEBID_LOGGED_IN'], $_SESSION['WEBID_LOGGED_NUMBER'], $_SESSION['WEBID_LOGGED_PASS']);
if (isset($_COOKIE['WEBID_RM_ID'])) {
$query = "DELETE FROM " . $DBPrefix . "rememberme WHERE hashkey = '" . strip_non_an_chars($_COOKIE['WEBID_RM_ID']) . "'";
$system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);
setcookie('WEBID_RM_ID', '', time() - 3600);
}
header('location: index.php');
exit;
