} else {
$md5_password = md5($password);
$password = preg_replace("/^(.{" . round(strlen($password) / 4) . "})(.+?)(.{" . round(strlen($password) / 6) . "})\$/s", "\\1***\\3", $password);
}
if (preg_match("%^[A-Za-z][A-Za-z0-9]*_?[A-Za-z0-9]*\$%i", $email)) {
$where = "m.username = '******'";
} else {
$where = "m.email = '{$email}'";
}
$query = $db->query("SELECT m.uid AS nw_uid, m.username AS nw_user, m.nickname AS nw_nick,m.password AS nw_pw,\r\n\t\t\t\t\tm.adminid, m.groupid, m.lastvisit\r\n\t\t\t\t\tFROM {$tablepre}members m\r\n\t\t\t\t\tWHERE {$where}");
$member = $db->fetch_array($query);
if ($member['nw_uid'] && $member['nw_pw'] == $md5_password) {
extract($member);
$nw_userss = $nw_user;
$nw_user = addslashes($nw_user);
$nw_nick = addslashes($nw_nick);
$styleid = 1;
$cookietime = intval(isset($_POST['cookietime']) ? $_POST['cookietime'] : ($_DCOOKIE['cookietime'] ? $_DCOOKIE['cookietime'] : 0));
GlobalCore::chobits_setcookie('cookietime', $cookietime, 31536000);
GlobalCore::chobits_setcookie('auth', GlobalCore::authcode("{$nw_pw}\t{$nw_uid}", 'ENCODE'), $cookietime);
$sessionexists = 0;
GlobalCore::showmessage('login_succeed', NWDIR, 'DONE');
}
$errorlog = GlobalCore::nwHtmlspecialchars($timestamp . "\t" . ($member['nw_user'] ? $member['nw_user'] : stripslashes($username)) . "\t" . $password . "\t" . $onlineip);
GlobalCore::writelog('illegallog', $errorlog);
GlobalCore::loginfailed($loginperm);
GlobalCore::showmessage('login_invalid', NWDIR . '/login', 'HALTED');
}
} else {
GlobalCore::showmessage('undefined_action');
}