<?php
require 'config.php';
$action = isset($_GET['act']) ? $_GET['act'] : "login";
switch ($action) {
case 'logout':
$_SESSION['login'] = array('logined' => false);
print 'SUCCESS';
break;
case 'login_do':
if (!isset($_POST['username']) || $_POST['username'] == '' || !isset($_POST['password']) || $_POST['password'] == '') {
print 'EMPTY';
} else {
if (!check_password_db($_POST['username'], $_POST['password'])) {
print 'WRONG';
} else {
$_SESSION['login'] = array('logined' => true, 'username' => $_POST['username'], 'nickname' => get_user_nickname($_POST['username']), 'admin' => check_op($_POST['username']));
print 'SUCCESS';
}
}
break;
case 'login':
default:
?>
<div class="navbar-inner" style="border-radius: 0;">
<h3 style="color: #FFF;">登入雪服帳號管理系統</h3>
</div>
<div class="main">
<h4>請使用您在遊戲中的帳號密碼登入</h4>
<div class="alert" id="message"></div>
<form class="form-horizontal" action="login.php?act=login_do" method="post" id="login_form">
if (strcmp($np1, $np2) == 0) {
$act = change_password($login['username'], $np1);
$act ? $return = "SUCCESS" : ($return = "ERROR");
} else {
$return = "MISMATCH";
}
}
}
} else {
$return = "WRONG";
}
echo $return;
}
if ($_POST['action'] == 'edit') {
$password = $_POST['pass'];
$is_correct = check_password_db($login['username'], $password);
if ($is_correct) {
if (!empty($_POST['pass']) && !empty($_POST['nick']) && !empty($_POST['bbs']) && !empty($_POST['ref']) && !empty($_POST['intro'])) {
$edt = edit_info(mysql_real_escape_string($login['username']), htmlspecialchars($_POST['nick'], ENT_QUOTES, "UTF-8"), htmlspecialchars($_POST['bbs'], ENT_QUOTES, "UTF-8"), htmlspecialchars($_POST['ref'], ENT_QUOTES, "UTF-8"), htmlspecialchars($_POST['intro'], ENT_QUOTES, "UTF-8"));
if ($edt) {
$_SESSION['login']['nickname'] = $_POST['nick'];
$return = "SUCCESS";
} else {
$return = "ERROR";
}
} else {
$return = "EMPTY";
}
} else {
$return = "WRONG";
}
