} if ($_POST) { if (preg_match('%^[A-Za-z\\.\' \\-]{2,15}$%', stripslashes(trim($_POST['username'])))) { $un = escape_data($_POST['username'], $gb->getConn()); } else { $un = FALSE; $info = '<p class="alert alert-danger"><font size="+1">Der eingegebene Benutzername oder das Passwort sind ungültig!</font><br>'; } if (preg_match('%^[A-Za-z0-9]{6,20}$%', stripslashes(trim($_POST['password'])))) { $pw = escape_data($_POST['password'], $gb->getConn()); $p = sha1($pw + $gb->getSalt()); } else { $p = FALSE; $info = '<p class="alert alert-danger"><font size="+1">Der eingegebene Benutzername oder das Passwort sind ungültig!</font><br>'; } $user = $gb->getUserSettings(); if ($un == $user['user'] and $p == $user['password']) { $_SESSION['username'] = $un; if (isset($_POST['cookie'])) { setcookie("username", session_id(), time() + 86400 * 10, "/"); // = 10 Days } $info = '<p class="alert alert-success">' . $l['login_successful'] . '<br><b><a href="../">' . $l['to_gb'] . '</a><b></p>'; $info .= '<center><a class="btn btn-success" href="index.php">' . $l['admin_area'] . '</a> <a class="btn btn-danger" href="login.php?logout=1">' . $l['logout'] . '</a></center>'; } else { $info .= $l['login_failed'] . '<br><b>' . $l['please_try_again'] . '</b></p>'; } } ?> <!DOCTYPE html> <html>
<?php session_start(); if (!isset($_SESSION['username'])) { header('Location: login.php'); } require 'gb.php'; $gb = new GB(); $db = $gb->getDB(); $l = $gb->getLanguage($gb->getUserSettings()['user_language']); $gbs = $gb->getGbSettings(); $user = $gb->getUserSettings(); $unpublic_count = $db->getCountOfUnpablicPosts(); ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title><?php echo $l['gb']; ?> : <?php echo $gbs['gb_title']; ?> </title> <!-- Font-Awesome CSS --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css"> <!-- Bootstrap Core CSS --> <link href="conf/css/bootstrap.min.css" rel="stylesheet"> <!-- Custom CSS -->