199 lines
6.2 KiB
PHP
199 lines
6.2 KiB
PHP
<?php
|
|
require("function.php");
|
|
require("layout.php");
|
|
$users=mysqli_query($con,"SELECT id,password,name FROM users");
|
|
$tccellha="<td bgcolor=$tableheadbg";
|
|
$tccellhb="><center>$fonthead";
|
|
// print $header;
|
|
if (!$_GET[action] && !$_POST[action]) {
|
|
if($loguserid){
|
|
print "$header<br>";
|
|
print "
|
|
<table border=0 bgcolor=$tableborder width=$tablewidth align=center cellpadding=0 cellspacing=0>
|
|
<td>
|
|
<table border=0 cellpadding=2 cellspacing=1 width=100% bgcolor=$tableborder>
|
|
";
|
|
|
|
print "$tccell1"."You are already logged in!";
|
|
print "<br>Click <a href=index.php>here</a> to return to the board.";
|
|
die();
|
|
}
|
|
|
|
print "$header<br>";
|
|
print "
|
|
<table border=0 bgcolor=$tableborder width=$tablewidth align=center cellpadding=0 cellspacing=0>
|
|
<td>
|
|
|
|
<table border=0 cellpadding=2 cellspacing=1 width=100% bgcolor=$tableborder>
|
|
<FORM ACTION=\"login.php\" NAME=\"REPLIER\" METHOD=\"POST\">
|
|
";
|
|
$replytable="$tccellha width=150$tccellhb"." </font></td>";
|
|
$replytable.="$tccellh"." </td><tr>";
|
|
$replytable.="$tccell1"."<b>User name:</td>";
|
|
$replytable.="$tccell2"."</center><INPUT TYPE=TEXT NAME=\"username\" VALUE=\"\" SIZE=25 MAXLENGTH=25></td><tr>";
|
|
$replytable.="$tccell1"."<b>Password:</td>";
|
|
$replytable.="$tccell2"."</center><INPUT TYPE=PASSWORD NAME=\"password\" VALUE=\"\" SIZE=13 MAXLENGTH=13></td><tr>";
|
|
$replytable.="$tccell1"." </td>";
|
|
$replytable.="$tccell2"."</center>
|
|
<INPUT TYPE=HIDDEN NAME=\"action\" VALUE=\"login\">
|
|
<INPUT TYPE=Submit NAME=\"submit\" VALUE=\"Login\"></td></FORM>";
|
|
print "$replytable
|
|
</table>
|
|
</td>
|
|
</table>
|
|
";
|
|
print "
|
|
</td>
|
|
</table>
|
|
|
|
|
|
";
|
|
}
|
|
if ($_POST[action]=="login") {
|
|
if($loguserid){
|
|
print "$header<br>";
|
|
print "
|
|
<table border=0 bgcolor=$tableborder width=$tablewidth align=center cellpadding=0 cellspacing=0>
|
|
<td>
|
|
<table border=0 cellpadding=2 cellspacing=1 width=100% bgcolor=$tableborder><br>
|
|
";
|
|
|
|
print "$tccell1"."You are already logged in!";
|
|
print "<br>Click <a href=index.php>here</a> to return to the board.";
|
|
die();
|
|
}
|
|
|
|
|
|
|
|
|
|
$u=0;
|
|
$userid=-1;
|
|
while($users1=mysqli_fetch_array($users)){
|
|
if ($users1[2]==$_POST[username] and password_verify($_POST[password],$users1[1])) {
|
|
$userid = $users1[0];
|
|
}
|
|
}
|
|
|
|
|
|
if ($userid!=-1) {
|
|
print "$userid";
|
|
$getuserpass=mysqli_fetch_array(mysqli_query($con,"SELECT id,password FROM users WHERE id = $userid"));
|
|
$pass = password_hash($getuserpass[1] . $_SERVER[REMOTE_ADDR],PASSWORD_BCRYPT);
|
|
setcookie('loguserid',$userid);
|
|
setcookie('logpassword',$pass);
|
|
$replytable="$tccell1"."You are now logged as $_POST[username]".".";
|
|
// $replytable.="<br>Click <a href=index.php>here</a> to return to the board, or wait to get redirected.
|
|
// <META HTTP-EQUIV=\"REFRESH\" CONTENT=\"0; URL=index.php\">";
|
|
} else {
|
|
$replytable="$tccell1"."Couldn't login. Either you didn't enter an $password".
|
|
"existing username, or you haven't entered the right password for the username.".
|
|
"<br>Click <a href=index.php>here</a> to return to the board.";
|
|
// print "<br>Click <a href=index.php>here</a> to return to the board, or wait to get redirected.
|
|
// <META HTTP-EQUIV=\"REFRESH\" CONTENT=\"0; URL=index.php\">";
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
$loginusername=mysqli_real_escape_string($con,$_POST[username]);
|
|
$log1=mysqli_fetch_array(mysqli_query($con,"SELECT id,name,password FROM users WHERE name = '$loginusername'"));
|
|
$log2=mysqli_query($con,"SELECT id,name,password FROM users WHERE name = '$loginusername'");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// If result matched $myusername and $mypassword, table row must be 1 row
|
|
|
|
if(mysqli_num_rows($log2)==1 && password_verify("$_POST[password]", $log1[password])) {
|
|
$replytable="$tccell1"."You are now logged as $_POST[username]".".";
|
|
$_SESSION['logusername'] = $loginusername;
|
|
$_SESSION['loguserid'] = $log1[id];
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}else {
|
|
$replytable="$tccell1"."Couldn't login. Either you didn't enter an $password".
|
|
"existing username, or you haven't entered the right password for the username.".
|
|
"<br>Click <a href=index.php>here</a> to return to the board.";
|
|
}
|
|
|
|
*/
|
|
|
|
/*
|
|
$u=0;
|
|
$userid=-1;
|
|
while($users1=mysqli_fetch_array($users)){
|
|
if ($users1[2]==$_POST[username] and $users1[1]==md5($_POST[password])) {
|
|
$userid = $users1[0];
|
|
}
|
|
}
|
|
|
|
|
|
if ($userid!=-1) {
|
|
setcookie('loguserid',$userid);
|
|
setcookie('logpassword',$_POST[password]);
|
|
$replytable="$tccell1"."You are now logged as $_POST[username]".".";
|
|
// $replytable.="<br>Click <a href=index.php>here</a> to return to the board, or wait to get redirected.
|
|
<META HTTP-EQUIV=\"REFRESH\" CONTENT=\"0; URL=index.php\">";
|
|
} else {
|
|
$replytable="$tccell1"."Couldn't login. Either you didn't enter an $password".
|
|
"existing username, or you haven't entered the right password for the username.".
|
|
"<br>Click <a href=index.php>here</a> to return to the board.";
|
|
// print "<br>Click <a href=index.php>here</a> to return to the board, or wait to get redirected.
|
|
<META HTTP-EQUIV=\"REFRESH\" CONTENT=\"0; URL=index.php\">";
|
|
}
|
|
|
|
|
|
*/
|
|
print $header;
|
|
print "
|
|
<table border=0 bgcolor=$tableborder width=$tablewidth align=center cellpadding=0 cellspacing=0>
|
|
<td>
|
|
<table border=0 cellpadding=2 cellspacing=1 width=100% bgcolor=$tableborder>
|
|
";
|
|
print "$replytable
|
|
</td>
|
|
</table>
|
|
|
|
";
|
|
print "
|
|
</td>
|
|
</table>
|
|
|
|
";
|
|
}
|
|
if ($_GET[action]=="logout") {
|
|
mysqli_query($con,"UPDATE users SET lastforum = 0 WHERE id = $loguserid");
|
|
setcookie ("loguserid",0);
|
|
setcookie ("logpassword","");
|
|
|
|
|
|
$logoutmsg="$tccell1"."You are now logged out.";
|
|
$logoutmsg.="<br>Click <a href=index.php>here</a> to return to the board, or wait to get redirected.
|
|
<META HTTP-EQUIV=\"REFRESH\" CONTENT=\"0; URL=index.php\">";
|
|
print $header;
|
|
print "
|
|
<table border=0 bgcolor=$tableborder width=$tablewidth align=center cellpadding=0 cellspacing=0>
|
|
<td>
|
|
<table border=0 cellpadding=2 cellspacing=1 width=100% bgcolor=000000>
|
|
";
|
|
print "$logoutmsg
|
|
</td>
|
|
</table>
|
|
";
|
|
print "
|
|
</td>
|
|
</table>
|
|
|
|
";
|
|
}
|
|
print $footer;
|
|
?>
|