function check_login() { global $C, $I, $U, $db; $ga = (int) get_setting('guestaccess'); if (isset($_POST['session'])) { $stmt = $db->prepare("SELECT * FROM {$C['prefix']}sessions WHERE session=?;"); $stmt->execute(array($_POST['session'])); if ($U = $stmt->fetch(PDO::FETCH_ASSOC)) { if ($U['status'] == 0) { setcookie($C['cookiename'], false); send_error("{$I['kicked']}<br>{$U['kickmessage']}"); } else { setcookie($C['cookiename'], $U['session']); } } else { setcookie($C['cookiename'], false); send_error($I['expire']); } } elseif (get_setting('englobalpass') == 1 && (!isset($_POST['globalpass']) || $_POST['globalpass'] != get_setting('globalpass'))) { send_error($I['wrongglobalpass']); } elseif (!isset($_REQUEST['nick']) || !isset($_REQUEST['pass'])) { send_login(); } else { create_session(false); } if ($U['status'] == 1) { if ($ga === 2 || $ga === 3) { $stmt = $db->prepare("UPDATE {$C['prefix']}sessions SET entry=0 WHERE session=?;"); $stmt->execute(array($U['session'])); send_waiting_room(); } } }
$password = $_POST['password']; // At the moment we only we basic authentication $real_username = check_login($username, $password); if ($real_username === false) { /// Throw out an error first echo '<div class="alert alert-error row-fluid" style="margin-left: 35%; width: 30%; text-align: center;">The username or password you have entered is incorrect.</div>'; /// Resend the login form send_login(); } else { echo '<div class="alert alert-success row-fluid" style="margin-left: 35%; width: 30%; text-align: center;">You have now been logged in. If you are not automatically redirected, click <a href="/admin/">here</a></div> <meta http-equiv="refresh" content="2; /admin/" /> '; $_SESSION['loggedin'] = 1; $_SESSION['username'] = $real_username; } } else { send_login(); } admin_footer(); function send_login() { echo ' <div id="loginbox"> <form id="loginform" class="form-vertical" action="" method="post"> <p>Enter username and password to continue.</p> <div class="control-group"> <div class="controls"> <div class="input-prepend"> <span class="add-on"><i class="icon-user"></i></span><input type="text" name="username" placeholder="Username" /> </div> </div> </div>