static function login($email, $pw)
{
$vs = D()->row("SELECT * FROM usr WHERE email = " . D()->quote(trim($email)));
$Usr = Usr($vs);
if (!$Usr->active) {
return 0;
}
if ($Usr->pw === md5($pw)) {
qgAuth::login($Usr);
return 1;
}
return 0;
}
static function init()
{
self::$maxlifetime && ini_set('session.gc_maxlifetime', self::$maxlifetime);
!isset($_SESSION) && session_start();
if (self::$maxpause && isset($_SESSION['qgLastAccessTime']) && $_SESSION['qgLastAccessTime'] && $_SESSION['qgLastAccessTime'] + self::$maxpause < time()) {
$_SESSION = array();
}
$_SESSION['qgLastAccessTime'] = time();
liveClient::init();
qgAuth::listen();
if (!isset($_SESSION['liveSess']['id'])) {
$_SESSION['liveSess']['id'] = D()->sess->insert(array('ip' => $_SERVER['REMOTE_ADDR'], 'usr_id' => Usr(), 'client_id' => liveClient::$id, 'time' => time()));
}
self::$id = $_SESSION['liveSess']['id'];
}
<?php
if (isset($_GET['id'])) {
include 'detail.php';
} else {
?>
<div style="display:flex; flex-wrap:wrap" class="cmsBeFlex">
<div style="flex-grow:0.1; width:auto">
<?php
if (isset($_GET['delete'])) {
D()->usr->delete($_GET['delete']);
}
if (isset($_GET['loginAs']) && Usr()->superuser) {
qgAuth::login($_GET['loginAs']);
}
if (isset($_POST['add'])) {
D()->usr->insert(array('log_id' => liveLog::$id, 'active' => 1, 'email' => $_POST['email'], 'pw' => md5($_POST['pw']), 'firstname' => $_POST['firstname'], 'lastname' => $_POST['lastname']));
}
?>
<h1>Benutzer hinzufügen</h1>
<div class="be_contentTextBox">
<form method=post>
<input hidden name=fake1>
<input hidden name=fake2 type=password>
<table class="c1-style">
<tr>
<td> Email:
<td> <input type=text name=email>
<tr>
<td> Passwort:
<td> <input type=password name=pw>