/login.php

https://github.com/pascalvahlberg/icecrewcms · PHP · 56 lines · 54 code · 2 blank · 0 comment · 10 complexity · 3247e00df383a8a209d5da5ea723d3ff MD5 · raw file 

    

  1. <body>

    2. 

  2. <?php

    3. 

  3. include "includes/header.php";

    4. 

  4. if($getid == "error")  

    5. 

  5. {  

    6. 

  6.   echo "<div id='Index'><p>Die Zugangsdaten waren ungültig.</p></div>";  

    7. 

  7. }

    8. 

  8. echo "<title>Login - $sitename</title>";

    9. 

  9. echo '<div id="Index"><p><form action="" method="post">  

    10. 

  10. Benutzername:<br><input type="text" name="id" size="20"><br>

    11. 

  11. Passwort:<br><input type="password" name="pwd" size="20"><br>

    12. 

  12. <select name="cookietime">

    13. 

  13. <option value="1">1 Tag</option>

    14. 

  14. <option value="7">1 Woche</option>

    15. 

  15. <option value="30">1 Monat</option>

    16. 

  16. <option value="365">1 Jahr</option>

    17. 

  17. </select><br>

    18. 

  18. <input type="submit" value="Login" name="postlogin">  

    19. 

  19. </form></p></div>'; 

    20. 

  20. if(isset($_POST['postlogin'])) {

    21. 

  21. 

    22. 

  22. $mysql->query("SELECT id, username, password FROM accounts WHERE username = '".$_POST['id']."' AND password = '".sha1($_POST['pwd'])."' AND active = '1'");  

    23. 

  23. 

    24. 

  24. if (mysql_num_rows($mysql->result) > 0)  

    25. 

  25. {

    26. 

  26. $data = mysql_fetch_array ($mysql->result);  

    27. 

  27. $mysql->query("Select admin from accounts WHERE username = '".$_POST['id']."' AND admin = '1'");

    28. 

  28. $rows = mysql_num_rows($mysql->result);

    29. 

  29. if($rows == 1) { 

    30. 

  30.   setcookie($cp."_admin_id", $data['id'], time()+60*60*24*$_POST['cookietime'], $path, $domain);

    31. 

  31.   setcookie($cp."_admin_name", $data['username'], time()+60*60*24*$_POST['cookietime'], $path, $domain);

    32. 

  32.   setcookie($cp."_user_id", $data['id'], time()+60*60*24*$_POST['cookietime'], $path, $domain);

    33. 

  33.   setcookie($cp."_user_name", $data['username'], time()+60*60*24*$_POST['cookietime'], $path, $domain);

    34. 

  34.   $mysql->query("UPDATE accounts SET remote_addr = '".$_SERVER['REMOTE_ADDR']."' WHERE username = '".$data['username']."'");

    35. 

  35. echo '<meta http-equiv="refresh" content="0; url=admin.php">';

    36. 

  36. }

    37. 

  37. elseif($rows == 0) {

    38. 

  38.   setcookie($cp."_user_id", $data['id'], time()+60*60*24*$_POST['cookietime'], $path, $domain);

    39. 

  39.   setcookie($cp."_user_name", $data['username'], time()+60*60*24*$_POST['cookietime'], $path, $domain);

    40. 

  40.   $mysql->query("UPDATE accounts SET remote_addr = '".$_SERVER['REMOTE_ADDR']."' WHERE username = '".$data['username']."'");

    41. 

  41. echo '<meta http-equiv="refresh" content="0; url=index.php">';

    42. 

  42. }

    43. 

  43. }

    44. 

  44. else {

    45. 

  45. echo '<meta http-equiv="refresh" content="0; url=login.php?ID=error">';

    46. 

  46. }

    47. 

  47. }

    48. 

  48. if($getid == "logout") { 

    49. 

  49.   setcookie($cp."_admin_id", "", time()-60*60*24*365, $path, $domain);

    50. 

  50.   setcookie($cp."_admin_name", "", time()-60*60*24*365, $path, $domain);

    51. 

  51.   setcookie($cp."_user_id", "", time()-60*60*24*365, $path, $domain);

    52. 

  52.   setcookie($cp."_user_name", "", time()-60*60*24*365, $path, $domain);

    53. 

  53. echo '<meta http-equiv="refresh" content="0; url=index.php">';

    54. 

  54. }

    55. 

  55. ?>

    56. 

  56. </body>
    57.