}
if ($_POST) {
if (preg_match('%^[A-Za-z\\.\' \\-]{2,15}$%', stripslashes(trim($_POST['username'])))) {
$un = escape_data($_POST['username'], $gb->getConn());
} else {
$un = FALSE;
$info = '<p class="alert alert-danger"><font size="+1">Der eingegebene Benutzername oder das Passwort sind ungültig!</font><br>';
}
if (preg_match('%^[A-Za-z0-9]{6,20}$%', stripslashes(trim($_POST['password'])))) {
$pw = escape_data($_POST['password'], $gb->getConn());
$p = sha1($pw + $gb->getSalt());
} else {
$p = FALSE;
$info = '<p class="alert alert-danger"><font size="+1">Der eingegebene Benutzername oder das Passwort sind ungültig!</font><br>';
}
$user = $gb->getUserSettings();
if ($un == $user['user'] and $p == $user['password']) {
$_SESSION['username'] = $un;
if (isset($_POST['cookie'])) {
setcookie("username", session_id(), time() + 86400 * 10, "/");
// = 10 Days
}
$info = '<p class="alert alert-success">' . $l['login_successful'] . '<br><b><a href="../">' . $l['to_gb'] . '</a><b></p>';
$info .= '<center><a class="btn btn-success" href="index.php">' . $l['admin_area'] . '</a> <a class="btn btn-danger" href="login.php?logout=1">' . $l['logout'] . '</a></center>';
} else {
$info .= $l['login_failed'] . '<br><b>' . $l['please_try_again'] . '</b></p>';
}
}
?>
<!DOCTYPE html>
<html>
<?php
session_start();
if (!isset($_SESSION['username'])) {
header('Location: login.php');
}
require 'gb.php';
$gb = new GB();
$db = $gb->getDB();
$l = $gb->getLanguage($gb->getUserSettings()['user_language']);
$gbs = $gb->getGbSettings();
$user = $gb->getUserSettings();
$unpublic_count = $db->getCountOfUnpablicPosts();
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title><?php
echo $l['gb'];
?>
: <?php
echo $gbs['gb_title'];
?>
</title>
<!-- Font-Awesome CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
<!-- Bootstrap Core CSS -->
<link href="conf/css/bootstrap.min.css" rel="stylesheet">
<!-- Custom CSS -->
