Context Navigation

source: minimanager/login.php@ 307

Last change on this file since 307 was 307, checked in by george, 17 years ago
Aktualizace na minimanager 0.1.6g.
File size: 7.2 KB

Line
1	<?php
2	/*
3	* Project Name: MiniManager for Mangos Server
4	* Date: 17.10.2006 inital version (0.0.1a)
5	* Author: Q.SA
6	* Copyright: Q.SA
7	* Email: *****
8	* License: GNU General Public License v2(GPL)
9	*/
10
11	require_once("header.php");
12
13	//#################################################################################################
14	// Login
15	//#################################################################################################
16	function dologin(){
17	global $lang_global, $realm_db;
18
19	if ( empty($_POST['user']) \|\| empty($_POST['pass']) ) redirect("login.php?error=2");
20
21	$sql = new SQL;
22	$link = $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
23
24	$user_name = $sql->quote_smart($_POST['user']);
25	$user_pass = $sql->quote_smart($_POST['pass']);
26
27	if (strlen($user_name) > 255 \|\| strlen($user_pass) > 255) redirect("login.php?error=1");
28
29	$result = $sql->query("SELECT id,gmlevel,username FROM account WHERE username='$user_name' AND sha_pass_hash='$user_pass' ");
30
31	if ($sql->num_rows($result) == 1) {
32	$id = $sql->result($result, 0, 'id');
33	$result1 = $sql->query("SELECT count(*) FROM account_banned WHERE id ='$id'");
34	if ($sql->result($result1, 0)) {
35	$sql->close();
36	redirect("login.php?error=3");
37	} else {
38	$_SESSION['user_id'] = $id;
39	$_SESSION['uname'] = $sql->result($result, 0, 'username');
40	$_SESSION['user_lvl'] = $sql->result($result, 0, 'gmlevel');
41	$_SESSION['realm_id'] = $sql->quote_smart($_POST['realm']);
42	$_SESSION['client_ip'] = ( !empty($_SERVER['REMOTE_ADDR']) ) ? $_SERVER['REMOTE_ADDR'] : getenv('REMOTE_ADDR');
43
44	if (isset($_POST['remember'])&&$_POST['remember'] != ''){
45	setcookie("uname", $_SESSION['uname'], time()+606024*7);
46	setcookie("realm_id", $_SESSION['realm_id'], time()+606024*7);
47	setcookie("p_hash", $user_pass, time()+606024*7);
48	}
49	$sql->close();
50	redirect("index.php");
51	}
52	} else {
53	$sql->close();
54	redirect("login.php?error=1");
55	}
56	}
57
58	//#################################################################################################
59	// Print login form
60	//#################################################################################################
61	function login(){
62	global $lang_global, $lang_login, $output, $realm_db;
63
64	$output .= "<center>
65	<script type=\"text/javascript\" src=\"js/sha1.js\"></script>
66	<script type=\"text/javascript\">
67	function dologin () {
68	document.form.pass.value = hex_sha1(document.form.user.value.toUpperCase()+':'+document.form.login_pass.value.toUpperCase());
69	document.form.login_pass.value = '0';
70	do_submit();
71	}
72	</script>
73	<fieldset class=\"half_frame\">
74	<legend>{$lang_login['login']}</legend>
75	<form method=\"post\" action=\"login.php?action=dologin\" name=\"form\" onsubmit=\"return dologin()\">
76	<input type=\"hidden\" name=\"pass\" value=\"\" maxlength=\"256\" />
77	<table class=\"hidden\">
78	<tr align=\"left\">
79	<td colspan=\"2\">{$lang_login['username']}:</td>
80	</tr>
81	<tr align=\"left\">
82	<td colspan=\"2\"><input type=\"text\" name=\"user\" size=\"40\" maxlength=\"16\" /></td>
83	</tr>
84	<tr align=\"left\">
85	<td colspan=\"2\">{$lang_login['password']}:</td>
86	</tr>
87	<tr align=\"left\">
88	<td><input type=\"password\" name=\"login_pass\" size=\"24\" maxlength=\"40\" /></td>
89	<td><input type=\"submit\" value=\"\" style=\"display:none\">";
90	makebutton($lang_login['login'], "javascript:dologin()",100);
91	$output .= "</td>
92	</tr>";
93
94	$sql = new SQL;
95	$link = $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
96	$result = $sql->query("SELECT id,name FROM `realmlist` LIMIT 10");
97
98	if ($sql->num_rows($result)>1){
99	$output .= "<tr align=\"left\">
100	<td colspan=\"2\">{$lang_login['select_realm']} :
101	<select name=\"realm\">";
102
103	while ($realm = $sql->fetch_row($result))
104	$output .= "<option value=\"$realm[0]\">$realm[1]</option>";
105
106	$output .= "</select></td></tr>";
107	} else {
108	$output .= "<input type=\"hidden\" name=\"realm\" value=\"".$sql->result($result, 0, 'id')."\" />";
109	}
110	$sql->close();
111
112	$output .= "<tr align=\"left\">
113	<td colspan=\"2\"><input type=\"checkbox\" name=\"remember\" value=\"1\" checked=\"checked\" /> - {$lang_login['remember_me']}</td>
114	</tr>
115	<tr><td colspan=\"2\"><hr /></td></tr>
116	<tr align=\"left\">
117	<td><a href=\"register.php\">{$lang_login['not_registrated']}</a></td>
118	<td><a href=\"register.php?action=pass_recovery\">{$lang_login['pass_recovery']}</a></td>
119	</tr>
120	</table>
121	<script language=\"JavaScript\">
122	<!--
123	document.form.user.focus();
124	//-->
125	</script>
126	</form><br /></fieldset><br /><br />
127	</center>";
128	}
129
130
131	//#################################################################################################
132	// Login via set cookie
133	//#################################################################################################
134	function do_cookie_login(){
135	global $lang_global, $realm_db;
136
137	if ( empty($_COOKIE['uname']) \|\| empty($_COOKIE['p_hash']) \|\| empty($_COOKIE['realm_id'])) redirect("login.php?error=2");
138
139	$sql = new SQL;
140	$link = $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
141	$user_name = $sql->quote_smart($_COOKIE['uname']);
142	$user_pass = $sql->quote_smart($_COOKIE['p_hash']);
143
144	$result = $sql->query("SELECT username,gmlevel,id FROM account WHERE username='$user_name' AND sha_pass_hash='$user_pass'");
145
146	if ($sql->num_rows($result)) {
147	$id = $sql->result($result, 0, 'id');
148	$result1 = $sql->query("SELECT count(*) FROM account_banned WHERE id ='$id'");
149	if ($sql->result($result1, 0)) {
150	$sql->close();
151	redirect("login.php?error=3");
152	} else {
153	$_SESSION['user_id'] = $id;
154	$_SESSION['uname'] = $sql->result($result, 0, 'username');
155	$_SESSION['user_lvl'] = $sql->result($result, 0, 'gmlevel');
156	$_SESSION['realm_id'] = $sql->quote_smart($_COOKIE['realm_id']);
157	$_SESSION['client_ip'] = ( !empty($_SERVER['REMOTE_ADDR']) ) ? $_SERVER['REMOTE_ADDR'] : getenv('REMOTE_ADDR');
158
159	$sql->close();
160	redirect("index.php");
161	}
162	} else {
163	$sql->close();
164	setcookie ("uname", "", time() - 3600);
165	setcookie ("realm_id", "", time() - 3600);
166	setcookie ("p_hash", "", time() - 3600);
167	redirect("login.php?error=1");
168	}
169	}
170
171
172	//#################################################################################################
173	// MAIN
174	//#################################################################################################
175	if (isset($_COOKIE["uname"]) && isset($_COOKIE["p_hash"]) && isset($_COOKIE["realm_id"]) && !isset($_GET['error'])) {
176	do_cookie_login();
177	}
178
179	$err = (isset($_GET['error'])) ? $_GET['error'] : NULL;
180
181	$output .= "<div class=\"top\">";
182	switch ($err) {
183	case 1:
184	$output .= "<h1><font class=\"error\">{$lang_login['bad_pass_user']}</font></h1>";
185	break;
186	case 2:
187	$output .= "<h1><font class=\"error\">{$lang_login['missing_pass_user']}</font></h1>";
188	break;
189	case 3:
190	$output .= "<h1><font class=\"error\">{$lang_login['banned_acc']}</font></h1>";
191	break;
192	case 5:
193	$output .= "<h1><font class=\"error\">{$lang_login['no_permision']}</font></h1>";
194	break;
195	default: //no error
196	$output .= "<h1>{$lang_login['enter_valid_logon']}</h1>";
197	}
198	$output .= "</div>";
199
200	$action = (isset($_GET['action'])) ? $_GET['action'] : NULL;
201
202	switch ($action){
203	case "dologin":
204	dologin();
205	break;
206	default:
207	login();
208	}
209
210	require_once("footer.php");
211	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: