2007-04-03 14:10:23 +00:00
|
|
|
<?php
|
|
|
|
|
|
2009-04-02 11:07:54 +00:00
|
|
|
@ini_set("session.gc_maxlifetime","10000");
|
2009-03-17 20:26:29 +00:00
|
|
|
session_start();
|
2008-11-26 12:55:55 +00:00
|
|
|
|
2007-04-03 14:10:23 +00:00
|
|
|
if($_GET['logout']) {
|
2008-11-26 12:55:55 +00:00
|
|
|
$olduser = $_SESSION['username'];
|
2007-04-03 14:10:23 +00:00
|
|
|
session_destroy();
|
|
|
|
|
header('Location: /');
|
|
|
|
|
setcookie ("username", "", time() - 3600);
|
|
|
|
|
setcookie ("encrypted", "", time() - 3600);
|
2008-11-26 12:55:55 +00:00
|
|
|
mysql_query("INSERT INTO authlog (`user`,`address`,`result`) VALUES ('$olduser', '".$_SERVER["REMOTE_ADDR"]."', 'logged out')");
|
|
|
|
|
$auth_message = "Logged Out";
|
2007-04-03 14:10:23 +00:00
|
|
|
} else {
|
2008-11-26 12:55:55 +00:00
|
|
|
if($_POST['username'] && $_POST['password']){
|
|
|
|
|
$username = mres($_POST['username']);
|
|
|
|
|
$password = mres($_POST['password']);
|
2009-03-17 20:26:29 +00:00
|
|
|
$encrypted = md5($password);
|
|
|
|
|
$sql = "SELECT * FROM `users` WHERE `username`='$username' AND `password`='$encrypted'";
|
|
|
|
|
$query = mysql_query($sql);
|
|
|
|
|
$row = @mysql_fetch_array($query);
|
|
|
|
|
if($row['level']) {
|
|
|
|
|
$_SESSION['userlevel'] = $row['level'];
|
|
|
|
|
$_SESSION['user_id'] = $row['user_id'];
|
2008-11-26 12:55:55 +00:00
|
|
|
$_SESSION['authenticated'] = true;
|
2008-11-26 14:01:09 +00:00
|
|
|
$_SESSION['username'] = $username;
|
2008-11-26 12:55:55 +00:00
|
|
|
mysql_query("INSERT INTO authlog (`user`,`address`,`result`) VALUES ('$username', '".$_SERVER["REMOTE_ADDR"]."', 'logged in')");
|
2008-11-26 14:01:09 +00:00
|
|
|
header("Location: ".$_SERVER['REQUEST_URI']);
|
2008-11-26 12:55:55 +00:00
|
|
|
} else {
|
|
|
|
|
$auth_message = "Authentication Failed";
|
|
|
|
|
mysql_query("INSERT INTO authlog (`user`,`address`,`result`) VALUES ('$username', '".$_SERVER["REMOTE_ADDR"]."', 'authentication failure')");
|
|
|
|
|
}
|
2007-04-03 14:10:23 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
?>
|
