} } break; case "DS": if ($u && $p) { if (validatelogin($u, $p)) { if ($slid) { $ret = webservices_ds_slid($u, $slid); } else { $ret = webservices_ds_count($u, $c, $last); } } else { $ret = "ERR 100"; } } break; case "CR": if ($u && $p) { if (validatelogin($u, $p)) { $ret = webservices_cr($u); } else { $ret = "ERR 100"; } } break; default: // output do not require valid login $ret = webservices_output($ta, $_REQUEST); } } echo $ret;
/** * Process login * */ function auth_login() { global $core_config; $username = trim($_REQUEST['username']); $password = trim($_REQUEST['password']); if ($username && $password) { if ($ticket = validatelogin($username, $password)) { $db_query = "UPDATE " . _DB_PREF_ . "_tblUser SET c_timestamp='" . mktime() . "',ticket='{$ticket}' WHERE username='******'"; if (@dba_affected_rows($db_query)) { setcookie("vc1", "{$ticket}"); setcookie("vc2", "{$username}"); if ($core_config['multilogin']) { $multilogin_id = md5($username . $password); setcookie("vc3", "{$multilogin_id}"); } logger_print("u:" . $username . " t:" . $ticket . " ip:" . $_SERVER['REMOTE_ADDR'], 3, "login"); } else { $error_string = _('Unable to update login session'); } } else { $error_string = _('Invalid username or password'); } } if (isset($error_string)) { $errid = logger_set_error_string($error_string); header("Location: " . $core_config['http_path']['base'] . "/?errid=" . $errid); } else { header("Location: " . $core_config['http_path']['base']); } exit; }
<?php include "init.php"; include "{$apps_path['libs']}/function.php"; $username = trim($_POST[username]); $password = trim($_POST[password]); if ($_POST[username] && $_POST[password]) { if ($ticket = validatelogin($username, $password)) { $db_query = "UPDATE playsms_tblUser SET ticket='{$ticket}' WHERE username='******'"; if (@dba_affected_rows($db_query)) { setcookie("vc1", "{$ticket}"); setcookie("vc2", "{$username}"); if ($apps_config['multilogin']) { $multilogin_id = md5($username . $password); setcookie("vc3", "{$multilogin_id}"); } header("Location: user.php"); die; } } } header("Location: index.php?err=" . urlencode("Your username or password is not valid!"));