<?php
if (isset($_POST["action"]) && $_POST["action"] == "login_local") {
$db = new SQL(0);
if (MyUser::isloggedin()) {
$row = $db->cmdrow(0, 'SELECT * FROM user_login WHERE user = {0} AND provider = "local" LIMIT 0,1', array(MyUser::id()));
if ($row["pwd"] . "" != "" and $row["pwd"] != md5($_POST["password1"])) {
PageEngine::AddErrorMessage("login", "Falsches bisheriges Passwort");
} elseif ($_POST["password2"] != $_POST["password3"]) {
PageEngine::AddErrorMessage("login", "Passwort und Wiederholung sind unterschiedlich");
} else {
MyUser::changePassword($_POST["password2"]);
PageEngine::AddSuccessMessage("login", "Passwort geändert");
}
} else {
$row = $db->cmdrow(0, 'SELECT T1.id, T2.pwd FROM user_list as T1 LEFT JOIN user_login as T2 ON T1.id=T2.user WHERE (LOWER(T1.username) = "{0}" OR email_standard = "{0}") AND provider="local" LIMIT 0,1', array(strtolower($_POST["username"])));
if (!isset($row["id"])) {
PageEngine::AddErrorMessage("login", "Ungültiger Benutzername oder Passwort");
} elseif ($row["pwd"] != md5($_POST["password"])) {
PageEngine::AddErrorMessage("login", "Ungültiger Benutzername oder Passwort (2)");
} else {
MyUser::loginload($row["id"]);
header("Location: " . get_path("/?t=" . time()));
exit(1);
}
}
}
$fb = new LoginFacebook(array("appId" => SiteConfig::val("facebook/appid"), "secret" => SiteConfig::val("facebook/secret"), "cookie" => true));
if (isset($_GET["action"]) && $_GET["action"] == "login_facebook") {
if ($fb->getUser() == 0) {
@header("Location: " . $fb->getLoginUrl());
