do {
$result = $mysqli->store_result();
if ($result) {
$result->close();
}
} while ($mysqli->next_result());
}
}
}
//execute if login button pressed
if (isset($_POST['submit'])) {
//check if ip address is blocked
$blocked = ConfirmIpAddress(GetIpAddress());
if ($blocked != 1) {
//if username and password match
if (ConfirmUser($_POST['username'], MD5($_POST['password']))) {
$_SESSION['user_logged'] = $_POST['username'];
$_SESSION['user_password'] = MD5($_POST['password']);
//select all athletes at start
$_SESSION['select_all'] = 1;
//ClearLoginAttempts(GetIpAddress());
redirect("./logged_user.php", 301);
} else {
AddLoginAttempt(GetIpAddress());
?>
<p>
Invalid Username and/or Password<br /> Not registered?
</p>
<p>
<a href="register.php">Click here</a> to register.
</p>
<?php
/* File Name: confirm_user.php
* Description: This file contains a script to confirm a new user
* Dependencies: easy_auth_library.php, easy_auth_toolbox.php, connect.php
* Additional Notes: none
*/
require_once "easy_auth_library.php";
require_once "connect.php";
// instantiates $database
if (ConfirmUser($database, $_GET['id']) === TRUE) {
header('Location: ../confirmed.html');
} else {
header('Location: ../confirm_error.html');
}
function CheckLogin(){
/* Return Status:
* true - Потребителя е потвърден
* false - Потребителя НЕ Е потвърден
*/
if (isset($_SESSION['username']) && isset($_SESSION['password'])){
if (ConfirmUser($_SESSION['username'], $_SESSION['password']) != 0){
unset($_SESSION['username']);
unset($_SESSION['password']);
return false;
}
return true;
} else{
return false;
}
}
}
}
####################################
if (isset($_POST['login_x'])){
if(is_numeric($_POST['screen_w']) and is_numeric($_POST['screen_h'])){
$_SESSION['SCREEN_H']=$_POST['screen_h'];
$_SESSION['SCREEN_W']=$_POST['screen_w'];
}
if (!$_POST['username'] || !$_POST['password']){
$js_alert.=js_alert('Полетата \\\'Потребител\\\' и \\\'Парола\\\' са задължителни за попълване!');
}
else {
$username=trim($_POST['username']);
$result = ConfirmUser($username, md5($_POST['password']));
if($result == 1) {
logit("bad user name: $username");
$js_alert.=js_alert('Потребителят не съществува в базата!');
} elseif($result == 2) {
logit("unactive user: $username");
$js_alert.=js_alert('Потребителят е с неактивно състояние.\\n Обърнете се към системния администратор!');
} elseif($result == 3) {
logit("bad password! username=$username");
$js_alert.=js_alert('Невалидна парола!');
}
$_SESSION['username'] = $username;
$user_id=mysql_fetch_assoc(sql_q("select id, placement from users where username='******'"));
$_SESSION['user_id'] = $user_id['id'];
$_SESSION['placement'] = $user_id['placement'];
$_SESSION['password'] = md5($_POST['password']);
