Changeset 54

Timestamp:

Aug 21, 2007, 3:45:42 PM (17 years ago)

Author:

george

Message:

Oprava chyb v administraci.

Files:

• administrace/SubFiles/LoginMaster.php (modified) (1 diff)
• administrace/master.php (modified) (1 diff)
• config.sample.php (modified) (1 diff)
• error.php (modified) (1 diff)

administrace/SubFiles/LoginMaster.php

@@ -1 +1 @@
 <?php
 
-require_once('../../config.php');
+$User = addslashes($_POST['user']);
+$Pass = addslashes($_POST['pass']);
 
-  $User = $_POST['user'];
-  $Pass = $_POST['pass'];
-
-    include 'SubFiles/DatabaseConection.php';
-    $Database = new Database($DatabaseHost, $DatabaseUser, $DatabasePassword);
-    $Database->SelectDatabase('wow');
-    
-    $Line = mysql_fetch_array($Database->SQLCommand("SELECT * FROM user WHERE user = '$User' AND Ban = 0"));
-    if (!$Line) {
-      die('Uživatel s touto pøezdívkou neexistuje<br />');
-    } else {
-      If ($Line['Pass'] == $Pass) {
-        // pøihlá‘ení
-        $_SESSION['Licence'] = 1;
-        $_SESSION['User'] = $User;
+$Database->select_db('wow');
+$DbResult = $Database->query('SELECT * FROM user WHERE user = "'.$User.'" AND Ban = 0');
+if($DbResult->num_rows == 0) 
+{
+  die('Uživatel s touto pøezdívkou neexistuje<br />');
+} else 
+{
+  $Line = $DbResult->fetch_array();
+  If ($Line['Pass'] == $Pass) 
+  {
+    // pøihlá‘ení
+    $_SESSION['Licence'] = 1;
+    $_SESSION['User'] = $User;
     //    echo 'Pøihlá‘ení se povedlo pokraèovat mùžete <A href="../master.php">Zde</a>';
         
         // zapsání poslení použité IP
-        $Addres = $_SERVER['REMOTE_ADDR'];    
-        $Database->SQLCommand("UPDATE user SET LastLogin = now(), LastIP = '$Addres' WHERE user = '$User'");
+    $Addres = $_SERVER['REMOTE_ADDR'];    
+    $Database->query("UPDATE user SET LastLogin = now(), LastIP = '$Addres' WHERE user = '$User'");
 
-      } else {
-        $_SESSION['Licence'] = 0;
-        die('Špatné heslo');
-        }
-    }
-    $Database->Disconnect();
+  } else 
+  {
+    $_SESSION['Licence'] = 0;
+    die('Špatné heslo');
+  }
+}
+
 ?>

administrace/master.php

@@ -2 +2 @@
 include('../global.php');
 
-if (@$_SESSION['Licence'] == 1) 
+if(array_key_exists('Licence', $_SESSION))
 {
-} else {
-  include 'SubFiles/LoginMaster.php';
-}
+  if($_SESSION['Licence'] == 1);
+  else include('SubFiles/LoginMaster.php'); 
+} else include('SubFiles/LoginMaster.php'); 
 ?>
+
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 <html>

config.sample.php

@@ -26 +26 @@
     'Admin' => 'Chronos',
     'AdminEmail' => 'wow@zdechov.net',
+    'ShowError' => 0,
   ),
 );

error.php

@@ -3 +3 @@
 // Obsluha chyb v1.1.1 //
 
-$Error_Email = 'robie@centrum.cz';                                              // Adresa, kam budou chyby odesílány
-$Error_Subject = 'WoW Heroes of Fantasy - Chybové hlá¹ení';             // Název zpráv o chybách
-$Error_ShowDetails = 1;                                                                 // Zobrazit detajly o chyby
+$Error_Email = $Config['Web']['AdminEmail'];                                            // Adresa, kam budou chyby odesílány
+$Error_Subject = $Config['Web']['Title'].' - Chybové hlá¹ení';          // Název zpráv o chybách
+$Error_ShowDetails = $Config['Web']['ShowError'];                                                                       // Zobrazit detajly o chyby
 $ErrorLogFile = 'php_script_error.log';