<?php use blargon\display\News; use blargon\lang\Language; use blargon\factory\ConfigFactory; use blargon\factory\DblFactory; require_once dirname(__FILE__) . '/config.php'; $db = DblFactory::getConn(); ConfigFactory::setDb($db); $config = ConfigFactory::getConfig(); $lang = new Language('login'); if (isset($_POST['submit']) && $_POST['submit']) { $result = $db->query('SELECT id, pass FROM ' . $config->get('prefix') . '_user WHERE user=\'' . $_POST['user'] . '\'')->fetchObject(); if ($db->query('select * from ' . $config->get('prefix') . '_attempts where userId=\'' . $result->id . '\'')->rowCount() >= 5) { header('Location: login.php?error=' . $lang->message('general', 'locked') . '.'); die; } if (md5($_POST['pass']) == $result->pass) { $id = $db->query('SELECT id FROM ' . $config->get('prefix') . '_user WHERE user=\'' . $_POST['user'] . '\'')->fetchObject(); $db->query('delete from ' . $config->get('prefix') . '_attempts where userId=\'' . $id->id . '\'') or die(mysql_error()); $level = $db->query('SELECT userLevel FROM ' . $config->get('prefix') . '_user WHERE user=\'' . $_POST['user'] . '\'')->fetchObject(); if (isset($_POST['stayLogged']) && $_POST['stayLogged']) { setcookie('pass', $_POST['pass'], time() + 29030400); setcookie('uName', $_POST['user'], time() + 29030400); setcookie('uLevel', $level->userLevel, time() + 29030400); } else { setcookie('pass', $_POST['pass']); setcookie('uName', $_POST['user']); setcookie('uLevel', $level->userLevel); } header('Location: index.php');
<?php require_once '../config.php'; use blargon\lang\Language; $lang = new Language('install'); $page = <<<END <html>\t \t<head> \t\t<title>websheets installation</title> \t\t<link rel="stylesheet" type="text/css" href="style.css"/> \t</head> \t<body> \t\t\t<img src="../include/view/images/logo.jpg" alt="websheets" align="center"/> \t\t<p/> \t\t<table align="center"> \t\t\t<tr> \t\t\t\t<td> END; if (isset($_POST['submit']) && strtolower($_POST['submit']) == strtolower($lang->message('general', 'previous'))) { $p = $_GET['page'] - 1; } else { $p = isset($_GET['page']) ? $_GET['page'] : 0; } $num = !isset($_GET['page']) ? 1 : $p + 1; $page .= "<form action=\"?page={$num}\" method=\"post\">"; echo $p; $page .= $lang->message('step' . $p, 'introduction') . '<p/>'; @(include_once 'step' . $p . '.php'); if (function_exists('doAction')) { @(list($content, $noNext, $noPrev) = doAction()); $page .= $content;