<?php
session_start();
if (empty($_SESSION['account_id']) && !empty($_COOKIE['remember'])) {
list($selector, $authenticator) = explode(':', $_COOKIE['remember']);
require_once '../config.php';
require_once '../CMySql.php';
$cmysql = new CMySql($host, $user, $pass);
$cmysql->delete($db_web, "auth_tokens", " expires < '" . date('Y-m-d\\TH:i:s', time()) . "'");
$row = $cmysql->selectRow($db_web, "auth_tokens", '*', "selector = '" . $selector . "'");
$cmysql->disconnect();
if ($row['token'] == hash('sha256', base64_decode($authenticator))) {
$_SESSION['account_id'] = $row['account_id'];
// Then regenerate login token as above
}
}
if (!empty($_SESSION['account_id'])) {
header("location: main.php");
}
?>
<!doctype html>
<html lang='en'>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Member Login</title>
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="../css/bootstrap.min.css">
<!-- Optional theme >
<link rel="stylesheet" href="css/bootstrap-theme.min.css"-->
<?php
require_once '../config.php';
require_once '../CMySql.php';
require_once '../function.php';
//$_POST = $_GET;
if (@$_POST['m_id']) {
} else {
$limit = $_POST['limit'];
$page = $_POST['page'];
$search_str = @$_POST['str'];
if (@strlen($_POST['str'])) {
$search_str = "`kName` like '" . $_POST['str'] . "%'";
}
$cmysql = new CMySql($host, $user, $pass);
$res = $cmysql->select($db_game, "mob_db", "`id`, `kName`, `LV`", $search_str);
$num_row = $cmysql->num_rows();
$t_data["all_rows"] = $num_row;
$t_data["max_page"] = ceil($num_row / $limit);
if ($num_row) {
$row = $cmysql->select($db_game, "mob_db", "`id`, `kName`, `LV`", $search_str, null, ($page - 1) * $limit . ", " . $limit);
$t_data["msg"] = "";
//while($row=mysql_fetch_array($res))
$c = count($row);
for ($i = 0; $i < $c; $i++) {
$t_data["msg"] .= '<tr><td class="text-center"><img src="images/mob/' . $row[$i]['id'] . '.gif"><br>' . $row[$i]['id'] . '</td><td class="text-center vert-align"><a href="?mob_id=' . $row[$i]['id'] . '">' . $row[$i]['kName'] . '</a> (' . $row[$i]['LV'] . ')</td></tr>';
}
$t_data["msg"] = '<table class="table table-bordered table-hover"><thead><tr><th class="text-center">Pic</th><th class="text-center">Name (Level)</th></tr></thead><tbody>' . $t_data["msg"] . "</tbody></table>";
} else {
$t_data["msg"] = '<table class="table table-bordered table-hover"><thead><tr>
<th class="text-center">Pic</th><th class="text-center">Name (Level)</th></tr></thead>
<?php
session_start();
require_once '../../config.php';
require_once '../../CMySql.php';
$cmysql = new CMySql($host, $user, $pass);
$row = $cmysql->selectRow($db_game, 'login', '`account_id`', "`userid` = '" . $cmysql->escape_string($_POST['user']) . "' AND `user_pass` = '" . $cmysql->escape_string($_POST['pass']) . "'");
$login_success = false;
if ($cmysql->num_rows() == 1) {
$login->userId = $row['account_id'];
$login_success = true;
$login->rememberMe = $_POST['rememberMe'];
if ($login_success && $_POST['rememberMe']) {
// However you implement it
$selector = base64_encode(openssl_random_pseudo_bytes(9));
$authenticator = openssl_random_pseudo_bytes(33);
setcookie('remember', $selector . ':' . base64_encode($authenticator), time() + 864000, '/ro_db/member/login.php');
/*,
'localhost',
false, // TLS-only
false // http-only
);*/
$cmysql->insert($db_web, "auth_tokens", array($selector, hash('sha256', $authenticator), $login->userId, date('Y-m-d\\TH:i:s', time() + 864000)), "selector, token, account_id, expires");
}
$res_data[0] = 1;
$res_data[1] = '<div class="alert alert-success" role="alert"><strong>Success!</strong> เข้าสู่ระบบเรียบร้อย กรุณารอสักครู่...</div>';
} else {
$res_data[0] = 0;
$res_data[1] = '<div class="alert alert-danger" role="alert"><strong>Warning!</strong> ไอดี หรือ รหัสผ่านไม่ถูกต้อง</div>';
}
$cmysql->disconnect();
