<?php if (isset($_POST["action"]) && $_POST["action"] == "login_local") { $db = new SQL(0); if (MyUser::isloggedin()) { $row = $db->cmdrow(0, 'SELECT * FROM user_login WHERE user = {0} AND provider = "local" LIMIT 0,1', array(MyUser::id())); if ($row["pwd"] . "" != "" and $row["pwd"] != md5($_POST["password1"])) { PageEngine::AddErrorMessage("login", "Falsches bisheriges Passwort"); } elseif ($_POST["password2"] != $_POST["password3"]) { PageEngine::AddErrorMessage("login", "Passwort und Wiederholung sind unterschiedlich"); } else { MyUser::changePassword($_POST["password2"]); PageEngine::AddSuccessMessage("login", "Passwort geändert"); } } else { $row = $db->cmdrow(0, 'SELECT T1.id, T2.pwd FROM user_list as T1 LEFT JOIN user_login as T2 ON T1.id=T2.user WHERE (LOWER(T1.username) = "{0}" OR email_standard = "{0}") AND provider="local" LIMIT 0,1', array(strtolower($_POST["username"]))); if (!isset($row["id"])) { PageEngine::AddErrorMessage("login", "Ungültiger Benutzername oder Passwort"); } elseif ($row["pwd"] != md5($_POST["password"])) { PageEngine::AddErrorMessage("login", "Ungültiger Benutzername oder Passwort (2)"); } else { MyUser::loginload($row["id"]); header("Location: " . get_path("/?t=" . time())); exit(1); } } } $fb = new LoginFacebook(array("appId" => SiteConfig::val("facebook/appid"), "secret" => SiteConfig::val("facebook/secret"), "cookie" => true)); if (isset($_GET["action"]) && $_GET["action"] == "login_facebook") { if ($fb->getUser() == 0) { @header("Location: " . $fb->getLoginUrl());