if (isset($_COOKIE['username'])) {
unset($_COOKIE['username']);
setcookie('username', null, -1, '/');
}
header('Location: login.php');
}
if ($_POST) {
if (preg_match('%^[A-Za-z\\.\' \\-]{2,15}$%', stripslashes(trim($_POST['username'])))) {
$un = escape_data($_POST['username'], $gb->getConn());
} else {
$un = FALSE;
$info = '<p class="alert alert-danger"><font size="+1">Der eingegebene Benutzername oder das Passwort sind ungültig!</font><br>';
}
if (preg_match('%^[A-Za-z0-9]{6,20}$%', stripslashes(trim($_POST['password'])))) {
$pw = escape_data($_POST['password'], $gb->getConn());
$p = sha1($pw + $gb->getSalt());
} else {
$p = FALSE;
$info = '<p class="alert alert-danger"><font size="+1">Der eingegebene Benutzername oder das Passwort sind ungültig!</font><br>';
}
$user = $gb->getUserSettings();
if ($un == $user['user'] and $p == $user['password']) {
$_SESSION['username'] = $un;
if (isset($_POST['cookie'])) {
setcookie("username", session_id(), time() + 86400 * 10, "/");
// = 10 Days
}
$info = '<p class="alert alert-success">' . $l['login_successful'] . '<br><b><a href="../">' . $l['to_gb'] . '</a><b></p>';
$info .= '<center><a class="btn btn-success" href="index.php">' . $l['admin_area'] . '</a> <a class="btn btn-danger" href="login.php?logout=1">' . $l['logout'] . '</a></center>';
} else {
$info .= $l['login_failed'] . '<br><b>' . $l['please_try_again'] . '</b></p>';
