function checkLoginCount() { $check = 0; if (!empty($_SESSION["wcs_user"])) { $sql = "SELECT COUNT(*) FROM " . DB_PREPEND . "phpwcms_userlog WHERE logged_user="******"wcs_user"]) . " AND logged_in=1"; if (!empty($phpwcms['Login_IPcheck'])) { $sql .= " AND logged_ip=" . _dbEscape(getRemoteIP()); } $check = _dbCount($sql); if ($check) { $sql = "UPDATE " . DB_PREPEND . "phpwcms_userlog SET logged_change=" . time() . " WHERE "; $sql .= "logged_user="******"wcs_user"]) . " AND logged_in=1"; _dbQuery($sql, 'UPDATE'); } else { destroyBackendSessionData(); } } return $check; }
$_SESSION["wcs_user_lang_custom"] = 0; } if (!empty($_SESSION["wcs_user_lang_custom"])) { //use custom lang if available -> was set in login.php $BL['merge_lang_array'][0] = $BL['be_admin_optgroup_label']; $BL['merge_lang_array'][1] = $BL['be_cnt_field']; include_once PHPWCMS_ROOT . '/include/inc_lang/backend/' . $_SESSION["wcs_user_lang"] . '/lang.inc.php'; $BL['be_admin_optgroup_label'] = array_merge($BL['merge_lang_array'][0], $BL['be_admin_optgroup_label']); $BL['be_cnt_field'] = array_merge($BL['merge_lang_array'][1], $BL['be_cnt_field']); } //WYSIWYG EDITOR: //0 = no wysiwyg editor (default) //1 = CKEditor $phpwcms["wysiwyg_editor"] = empty($phpwcms["wysiwyg_editor"]) ? 0 : 1; $_SESSION["WYSIWYG_EDITOR"] = $phpwcms["wysiwyg_editor"]; destroyBackendSessionData(); if (isset($_POST['form_aktion']) && $_POST['form_aktion'] == 'login' && isset($_POST['json']) && $_POST['json'] == '1') { $login_passed = 0; $wysiwyg_template = ''; $wcs_user = slweg($_POST['form_loginname']); $wcs_pass = slweg($_POST['md5pass']); $sql_query = "SELECT * FROM " . DB_PREPEND . "phpwcms_user WHERE usr_login='******' AND usr_pass='******' AND usr_aktiv=1 AND (usr_fe=1 OR usr_fe=2)"; if (!$csrf_error && ($result = mysql_query($sql_query))) { if ($row = mysql_fetch_assoc($result)) { $_SESSION["wcs_user"] = $wcs_user; $_SESSION["wcs_user_name"] = $row["usr_name"] ? $row["usr_name"] : $wcs_user; $_SESSION["wcs_user_id"] = $row["usr_id"]; $_SESSION["wcs_user_aktiv"] = $row["usr_aktiv"]; $_SESSION["wcs_user_rechte"] = $row["usr_rechte"]; $_SESSION["wcs_user_email"] = $row["usr_email"]; $_SESSION["wcs_user_avatar"] = $row["usr_avatar"];