if (!(strpos($lowerdata, 'table') === FALSE)) {
return false;
}
return $data;
}
if (!session_is_registered('pr_login') || !session_is_registered('pr_password') || !session_is_registered('rights') || isset($_POST["done"]) && $_POST["done"] == "submit_log") {
if ($FG_DEBUG == 1) {
echo "<br>0. HERE WE ARE";
}
if ($_POST["done"] == "submit_log") {
$DBHandle = DbConnect();
if ($FG_DEBUG == 1) {
echo "<br>1. " . $_POST["pr_login"] . $_POST["pr_password"];
}
$_POST["pr_login"] = access_sanitize_data($_POST["pr_login"]);
$_POST["pr_password"] = access_sanitize_data($_POST["pr_password"]);
$return = login($_POST["pr_login"], $_POST["pr_password"]);
if ($FG_DEBUG == 1) {
print_r($return);
}
if ($FG_DEBUG == 1) {
echo "==>" . $return[1];
}
if (!is_array($return) || $return[1] == 0) {
header("HTTP/1.0 401 Unauthorized");
Header("Location: index__vt.php?error=1");
die;
}
// if groupID egal 1, this user is a root
if ($return[3] == 0) {
$admin_id = $return[0];
if ($FG_DEBUG == 0) {
header("HTTP/1.0 401 Unauthorized");
} else {
echo "Unauthorized! no ssl!\n\n";
}
die;
}
if (!isset($unsafe_base)) {
$unsafe_base = ".";
}
if (!session_is_registered('pr_login') || !session_is_registered('pr_password') || !session_is_registered('cus_rights') || isset($_POST["done"]) && $_POST["done"] == "submit_log") {
if ($FG_DEBUG > 1) {
echo "Login attempt:<br>";
}
if ($_POST["done"] == "submit_log") {
$return = login(access_sanitize_data($_POST["pr_login"]), access_sanitize_data($_POST["pr_password"]));
if ($FG_DEBUG >= 1) {
echo "Return from login(): " . print_r($return, true) . "<br>\n";
}
if (!is_array($return)) {
sleep(2);
header("HTTP/1.0 401 Unauthorized");
if ($FG_DEBUG) {
die;
}
//early, leave messages on page.
$err = 4;
if (is_int($return)) {
$err = $return;
}
Header("Location: {$unsafe_base}/index.php?error={$err}");
