forked from mkg20001/website-cms
/
login.php
40 lines (35 loc) · 1.24 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
<?php
$login=false;
if (isset($_COOKIE["LWHOAMI"]) and isset($_COOKIE["LAUTHDATABASE"])) {
$token=$_COOKIE["LAUTHDATABASE"];
$token=base64_decode($token);
$user=$_COOKIE["LWHOAMI"];
$user=base64_decode($user);
$device=$_COOKIE["LAUTHPEOPLE"];
$device=base64_decode($device);
$row=domy("SELECT * FROM users WHERE username LIKE '$user'")[0];
$sessions=unserialize($row[5]);
$devices=serialize($row[6]);
if (!is_null($devices[$device]) and $devices[$device]=$token and !is_null($sessions[$token]) and $sessions[$token]=$_SERVER['HTTP_USER_AGENT']) {
echo "logged in";
}
}
function loginUser($name,$pw) {
$user=$name;
$row=domy("SELECT * FROM users WHERE username LIKE '$user'")[0];
$sessions=unserialize($row[5]);
$devices=unserialize($row[6]);
$device=$_COOKIE["LAUTHPEOPLE"];
$device=base64_decode($device);
$token=uniqid().uniqid();
if (base64_encode($pw)==$row[3]) {
$devices[$device]=$token;
$sessions[$token]=$_SERVER['HTTP_USER_AGENT'];
$devices=serialize($devices);
$sessions=serialize($sessions);
setCookie("LWHOAMI",base64_encode($user),time()+2592000,"/");
setCookie("LAUTHDATABASE",base64_encode($token),time()+2592000,"/");
domy("UPDATE `websiteCMS`.`users` SET `sessions` = '$sessions', `devices` = '$devices' WHERE `users`.`username` = '$user'");
}
}
?>