do { $result = $mysqli->store_result(); if ($result) { $result->close(); } } while ($mysqli->next_result()); } } } //execute if login button pressed if (isset($_POST['submit'])) { //check if ip address is blocked $blocked = ConfirmIpAddress(GetIpAddress()); if ($blocked != 1) { //if username and password match if (ConfirmUser($_POST['username'], MD5($_POST['password']))) { $_SESSION['user_logged'] = $_POST['username']; $_SESSION['user_password'] = MD5($_POST['password']); //select all athletes at start $_SESSION['select_all'] = 1; //ClearLoginAttempts(GetIpAddress()); redirect("./logged_user.php", 301); } else { AddLoginAttempt(GetIpAddress()); ?> <p> Invalid Username and/or Password<br /> Not registered? </p> <p> <a href="register.php">Click here</a> to register. </p>
<?php /* File Name: confirm_user.php * Description: This file contains a script to confirm a new user * Dependencies: easy_auth_library.php, easy_auth_toolbox.php, connect.php * Additional Notes: none */ require_once "easy_auth_library.php"; require_once "connect.php"; // instantiates $database if (ConfirmUser($database, $_GET['id']) === TRUE) { header('Location: ../confirmed.html'); } else { header('Location: ../confirm_error.html'); }
function CheckLogin(){ /* Return Status: * true - Потребителя е потвърден * false - Потребителя НЕ Е потвърден */ if (isset($_SESSION['username']) && isset($_SESSION['password'])){ if (ConfirmUser($_SESSION['username'], $_SESSION['password']) != 0){ unset($_SESSION['username']); unset($_SESSION['password']); return false; } return true; } else{ return false; } }
} } #################################### if (isset($_POST['login_x'])){ if(is_numeric($_POST['screen_w']) and is_numeric($_POST['screen_h'])){ $_SESSION['SCREEN_H']=$_POST['screen_h']; $_SESSION['SCREEN_W']=$_POST['screen_w']; } if (!$_POST['username'] || !$_POST['password']){ $js_alert.=js_alert('Полетата \\\'Потребител\\\' и \\\'Парола\\\' са задължителни за попълване!'); } else { $username=trim($_POST['username']); $result = ConfirmUser($username, md5($_POST['password'])); if($result == 1) { logit("bad user name: $username"); $js_alert.=js_alert('Потребителят не съществува в базата!'); } elseif($result == 2) { logit("unactive user: $username"); $js_alert.=js_alert('Потребителят е с неактивно състояние.\\n Обърнете се към системния администратор!'); } elseif($result == 3) { logit("bad password! username=$username"); $js_alert.=js_alert('Невалидна парола!'); } $_SESSION['username'] = $username; $user_id=mysql_fetch_assoc(sql_q("select id, placement from users where username='******'")); $_SESSION['user_id'] = $user_id['id']; $_SESSION['placement'] = $user_id['placement']; $_SESSION['password'] = md5($_POST['password']);