<?php
include_once '../functions.php';
$conn = opendb();
$query = "SELECT * FROM users";
$result = mysql_query($query) or die(mysql_error());
while ($row = mysql_fetch_assoc($result)) {
dorepeats($row['UserID']);
}
$msg = 'Your email or password were incorrect or your account is not yet validated';
$query = "SELECT * FROM users WHERE Email='{$email}' AND Validated='1'";
$result = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($result) == 1) {
$row = mysql_fetch_assoc($result);
$salted = sha1($pass . $row['Salt']);
if ($salted == $row['Password']) {
$user = $row['UserID'];
//Login
$sesskey = sha1(mt_rand());
$query = "SELECT * FROM sessions WHERE SessionKey='{$sesskey}'";
$result = mysql_query($query) or die(mysql_error());
while (mysql_num_rows($result) > 1) {
$sesskey = sha1(mt_rand());
$query = "SELECT * FROM sessions WHERE SessionKey='{$sesskey}'";
$result = mysql_query($query) or die(mysql_error());
}
$time = time() + 86400;
$ip = $_SERVER['REMOTE_ADDR'];
$query = "INSERT INTO sessions (SessionKey, UserID, SessionTimeout, IP) VALUES ('{$sesskey}', '{$user}', '{$time}', '{$ip}')";
mysql_query($query) or die(mysql_error());
setcookie("userid", $user, $time);
setcookie("sessionkey", $sesskey, $time);
setcookie("userid", $user, $time, "/xmlhttp/");
setcookie("sessionkey", $sesskey, $time, "/xmlhttp/");
$loggedin = 1;
$msg = NULL;
dorepeats($user);
}
}
include 'index.php';
