Commit | Line | Data |
---|---|---|
bc13d5d6 H |
1 | <?php |
2 | ||
3 | $status=login_eventz::login(); | |
4 | if ($status) { | |
5 | Header("Location:".SCRIPT); | |
6 | } | |
7 | ||
8 | ||
9 | class login_eventz { | |
10 | ||
11 | function login(){ | |
12 | global $kyberia; | |
13 | global $error; | |
14 | $login=addslashes($_POST['login']); | |
15 | $password=$_POST['password']; | |
16 | $oldpassword=$password; | |
17 | $hash=md5($oldpassword); | |
18 | if (empty($_COOKIE['kybersession'])) { | |
19 | $error='asi nemas zapnute cookies alebo co'; | |
20 | return false; | |
21 | } | |
22 | else $kybersession=$_COOKIE['kybersession']; | |
23 | ||
24 | if (strlen($login) != strlen($_POST['login'])) { | |
25 | $kyberia->ubikMail(252, "sql injekcia $login z $_SERVER[REMOTE_ADDR]"); | |
26 | $kyberia->ubikMail(231, "sql injekcia $login z $_SERVER[REMOTE_ADDR]"); | |
27 | $error = "Bohuzial, nemozes sa prihlasit, uz vyprsala tato nasa bonusova sluzba, prosim, sleduj nadalej kyberiu a cakaj na ine nase vychytavky."; | |
28 | return false; | |
29 | } | |
30 | ||
31 | $q="select * from user where login='$login' "; | |
32 | $set=$kyberia->query($q); | |
33 | $set->next(); | |
34 | if ($set->getString('password')!=$hash) { | |
35 | $error="Zadal si nespravne uzivatelske meno alebo heslo. Rob so sebou nieco"; | |
36 | if ($set->getString('id')) { | |
37 | $kyberia->ubikMail($set->getString('id'),"Niekto sa skusal dostat do tvojho konta z adresy ".$_SERVER['REMOTE_ADDR']." a zadal heslo <select><option></option><option>$oldpassword</option></select>"); | |
38 | } | |
39 | ||
40 | return false; | |
41 | } | |
42 | ||
43 | elseif ($set->getString('user_active')!='yes') { | |
44 | $error="Tvoja buducnost je este stale v rukach KKpBB"; | |
45 | return false; | |
46 | } | |
47 | ||
48 | else { | |
49 | $user_id=$set->getString("id"); | |
50 | ||
51 | // updatuje friends_serial | |
52 | $q2="select friend_id from friends where user_id='$user_id'"; | |
53 | $set2=$kyberia->query($q2); | |
54 | $friends_serial=""; | |
55 | while ($set2->next()){ | |
56 | $friends_serial.=($set2->getString('friend_id')).";"; | |
57 | } | |
58 | $kyberia->query("update user set friends_serial='$friends_serial' where id='$user_id'"); | |
59 | ||
60 | $kyberia->query("delete from session where user_id='$user_id'"); | |
61 | $kyberia->query("INSERT into session set user_id='$user_id',session='$kybersession',user_name='".$set->getString('login')."',user_amount='".$set->getString('user_amount')."',admin='".$set->getString('admin')."'"); | |
62 | $kyberia->query("insert into user_ip set ip='".$_SERVER['HTTP_X_FORWARDED_HOST']."::".$_SERVER['REMOTE_ADDR']."',user_id='$user_id'"); | |
63 | } | |
64 | ||
65 | return true; | |
66 | ||
67 | } | |
68 | ||
69 | } | |
70 | ||
71 | ?> |