public function Log($value) { $value = sqlesc($value); $query = sprintf('INSERT INTO `SQL_PREFIX_Log` (`DATE`,`log`,`IP`) VALUES(NOW(),\'cron: %s (%1.4fsec.)\',\'%s\')', $value, microtime(true) - START, Get_IP()); DataEngine::sql_spool($query); }
// Vérification de session, si existante et si elle viens pas d'être validé ;) if ($validsession === false && isset($_SESSION['_login']) && $_SESSION['_login'] != "") { $login = $_SESSION['_login']; $mdp = $_SESSION['_pass']; $query = 'SELECT LOWER(u.`Login`) as `Login`, u.`Permission`, m.`carte_prefs` from `SQL_PREFIX_Users` u, `SQL_PREFIX_Membres` m WHERE LOWER(u.`Login`)=LOWER(\'' . $login . '\') AND u.`Password`=\'' . $mdp . '\' AND (m.`Joueur`=LOWER(\'' . $login . '\'))'; $mysql_result = DataEngine::sql($query); // or mysql_die($query,__file__,__line__); $ligne = mysql_fetch_array($mysql_result); if ($ligne['Login'] == $login && $_SESSION['_IP'] == Get_IP()) { $validsession = true; $_SESSION['_Perm'] = $ligne['Permission']; // Maj les permission en cas de changement $_SESSION['carte_prefs'] = $ligne['carte_prefs']; } else { $validsession = -1; $query = 'INSERT INTO `SQL_PREFIX_Log` (`DATE`,`log`,`IP`) VALUES(NOW(),"login,inv:' . $login . '/' . $_SESSION['_Perm'] . '/' . $_SESSION['_IP'] . '",\'' . Get_IP() . '\')'; $_SESSION['_login'] = $_SESSION['_pass'] = $_SESSION['_Perm'] = $_SESSION['_IP'] = ''; // déconnexion... DataEngine::sql($query); } } // Message d'erreur par défaut... if ($login_msg == '' && $validsession == -1) { $login_msg = $lng['session_lost']; } if ($validsession !== true && USE_AJAX) { header('Content-Type: text/xml;charset=utf-8'); header('Cache-Control: no-cache, must-revalidate'); // HTTP/1.1 header('Expires: Mon, 16 Jul 2008 04:21:44 GMT'); // HTTP/1.0 Date dans le passé
if (isset($_POST['login']) && $_POST['login'] != '' && $_POST['mdp'] != '') { $login = gpc_esc($_POST['login']); $qlogin = sqlesc($_POST['login']); $pass = md5($_POST['mdp']); $query = 'SELECT LOWER(`Login`) as `Login` from `SQL_PREFIX_Users` WHERE LOWER(`Login`)=LOWER(\'' . $qlogin . '\')'; $mysql_result = DataEngine::sql($query); $ligne = mysql_fetch_array($mysql_result); if ($ligne['Login'] == $login) { // joueur existe déjà... $erreur = $lng['user_exists']; } else { if (DE_DEMO) { $axx = AXX_MEMBER; $_SESSION['_login'] = $login; $_SESSION['_pass'] = $pass; $_SESSION['_Perm'] = $axx; $_SESSION['_IP'] = Get_IP(); } else { $axx = AXX_VALIDATING; // TODO: Mail admin on event ? } Members::NewUser($login, $pass, $axx, 0, DataEngine::config_key('config', 'DefaultGrade')); $query = 'INSERT INTO `SQL_PREFIX_Log` (`DATE`,`log`,`IP`) VALUES(NOW(),\'login,new:' . $qlogin . '\',\'' . $_SESSION['_IP'] . '\')'; DataEngine::sql($query); output::boink('./', sprintf($lng['user_created'], $login)); } } require_once TEMPLATE_PATH . 'login.tpl.php'; $tpl = tpl_login::getinstance(); $tpl->page_title = $lng['signin_page_title']; $tpl->DoOutput($erreur, true);