Commit | Line | Data |
---|---|---|
a6dacd8b | 1 | <?PHP |
ef87ad00 | 2 | include_once('/var/www/secure.php'); |
e2c38caf PM |
3 | include_once('../slack.php'); |
4 | ||
a6dacd8b PM |
5 | function check_user($email,$pass){ |
6 | global $petition; | |
7 | $res = $petition->query("SELECT * FROM users WHERE email = '$email'"); | |
8 | $user = mysqli_fetch_array($res,MYSQLI_ASSOC); | |
9 | if ($user['email'] != ''){ | |
10 | $encrypted = $user['pass']; | |
11 | $explode = explode(':',$encrypted); | |
12 | $hash = $explode[0]; | |
13 | $salt = $explode[1]; | |
14 | $test = md5($pass.$salt); | |
00020249 | 15 | if( $test == $hash ){ |
3282e2fe | 16 | setcookie("id", $user['id']); |
a6dacd8b PM |
17 | setcookie("name", $user['name']); |
18 | setcookie("email", $user['email']); | |
3282e2fe PM |
19 | setcookie("level", $user['sec_level']); |
20 | setcookie("group_id", $user['group_id']); | |
49e23872 | 21 | setcookie("petition_id", $user['petition_id']); |
3282e2fe | 22 | header('Location: index.php'); |
00020249 | 23 | }else{ |
e2c38caf | 24 | slack_general('ADMIN: Wrong Password','md-petition'); |
a6dacd8b PM |
25 | return "Wrong Password."; |
26 | } | |
27 | }else{ | |
e2c38caf | 28 | slack_general('ADMIN: E-Mail Address Not Found','md-petition'); |
a6dacd8b PM |
29 | return "E-Mail Address Not Found."; |
30 | } | |
31 | } | |
32 | ||
33 | if (isset($_POST['email']) && isset($_POST['password'])){ | |
34 | $message = check_user($_POST['email'],$_POST['password']); | |
e2c38caf PM |
35 | }else{ |
36 | slack_general('ADMIN: Login Page Loaded','md-petition'); | |
a6dacd8b PM |
37 | } |
38 | ||
39 | ?> | |
40 | ||
41 | <div class="slate"> | |
42 | <form method="post" accept-charset="utf-8"> | |
43 | <table> | |
44 | <?PHP if (isset($message)){ ?> | |
45 | <tr> | |
46 | <td>Message</td> | |
47 | <td><?PHP echo $message;?></td> | |
48 | </tr> | |
49 | <?PHP } ?> | |
50 | <tr> | |
51 | <td>E-Mail Address</td> | |
52 | <td><input type="text" name="email" value="" /></td> | |
53 | </tr> | |
54 | <tr> | |
55 | <td>Password</td> | |
56 | <td><input type="password" name="password" value="" /></td> | |
57 | </tr> | |
58 | <tr> | |
59 | <td> </td> | |
ca268b44 | 60 | <td><input type="submit" name="loginGo" value="Log In" /> or <a href='reset.php'>Reset Password</a></td> |
a6dacd8b PM |
61 | </tr> |
62 | </table> | |
63 | </form> | |
64 | </div> |