Commit | Line | Data |
---|---|---|
a6dacd8b | 1 | <?PHP |
ef87ad00 | 2 | include_once('/var/www/secure.php'); |
a6dacd8b PM |
3 | function check_user($email,$pass){ |
4 | global $petition; | |
5 | $res = $petition->query("SELECT * FROM users WHERE email = '$email'"); | |
6 | $user = mysqli_fetch_array($res,MYSQLI_ASSOC); | |
7 | if ($user['email'] != ''){ | |
8 | $encrypted = $user['pass']; | |
9 | $explode = explode(':',$encrypted); | |
10 | $hash = $explode[0]; | |
11 | $salt = $explode[1]; | |
12 | $test = md5($pass.$salt); | |
00020249 | 13 | if( $test == $hash ){ |
3282e2fe | 14 | setcookie("id", $user['id']); |
a6dacd8b PM |
15 | setcookie("name", $user['name']); |
16 | setcookie("email", $user['email']); | |
3282e2fe PM |
17 | setcookie("level", $user['sec_level']); |
18 | setcookie("group_id", $user['group_id']); | |
19 | header('Location: index.php'); | |
00020249 | 20 | }else{ |
a6dacd8b PM |
21 | return "Wrong Password."; |
22 | } | |
23 | }else{ | |
24 | return "E-Mail Address Not Found."; | |
25 | } | |
26 | } | |
27 | ||
28 | if (isset($_POST['email']) && isset($_POST['password'])){ | |
29 | $message = check_user($_POST['email'],$_POST['password']); | |
30 | } | |
31 | ||
32 | ?> | |
33 | ||
34 | <div class="slate"> | |
35 | <form method="post" accept-charset="utf-8"> | |
36 | <table> | |
37 | <?PHP if (isset($message)){ ?> | |
38 | <tr> | |
39 | <td>Message</td> | |
40 | <td><?PHP echo $message;?></td> | |
41 | </tr> | |
42 | <?PHP } ?> | |
43 | <tr> | |
44 | <td>E-Mail Address</td> | |
45 | <td><input type="text" name="email" value="" /></td> | |
46 | </tr> | |
47 | <tr> | |
48 | <td>Password</td> | |
49 | <td><input type="password" name="password" value="" /></td> | |
50 | </tr> | |
51 | <tr> | |
52 | <td> </td> | |
ca268b44 | 53 | <td><input type="submit" name="loginGo" value="Log In" /> or <a href='reset.php'>Reset Password</a></td> |
a6dacd8b PM |
54 | </tr> |
55 | </table> | |
56 | </form> | |
57 | </div> |