Location: PHPKode > projects > Ads Exchange Server > estigi_0.1.1_RC2/login.php
<?php

/***************************************************************************
 *                             login.php
 *                            -------------------
 *   begin                : dom, Abril 2, 2007
 *   copyright            : (C)
 *   email                : hide@address.com
 *   Desc                 : Login page
 *
 *
 ***************************************************************************/

/***************************************************************************
 *                             Cookie
 *
 *   user_Name:-:id_User:-:email:-:Permissions(See session.inc.php to see their order)
 *
 ***************************************************************************/

define('IN_ADSERVER', true);

include_once("./inc/common.inc.php");

//If someone is already loged in, it will go again to the index page.
if(isset($session['userId']) && $session['userId'] != "" && !isset($_GET['logout'])){
	refrescar($web_address, 0, 1);
}

//Recover password
if(isset($_POST['recover']) && $_POST['user_Name'] != "") {

	$s_Pwd = "";

	//Generate random password
	$a_Abc = array("a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z"
						,"0","1","2","3","4","5","6","7","8","9"
						,"A","B","C","D","E","F","G","H","I","J","K","L","M","N","O","P","Q","R","S","T","U","V","W","X","Y","Z"
						);

	for($i = 0; $i < 8; $i++){
		$s_Pwd .= $a_Abc[rand(0, count($a_Abc))];
	}

	$q = "
		UPDATE ".$db_Pre."users
		SET pwd = '".md5($s_Pwd)."'
		WHERE user_Name = '".$_POST['user_Name']."'
	";

	$q_Recover = mysql_query($q) or die("Unable to get user: " . mysql_error());

	if(mysql_affected_rows() > 0){

		$q = "
			SELECT email 
			FROM ".$db_Pre."users
			WHERE user_Name = '".$_POST['user_Name']."'
			";

		$q_Get_Email = mysql_query($q) or die("Unable to get user: " . mysql_error());

		$row = mysql_fetch_array($q_Get_Email, MYSQL_ASSOC);

		$to      = $row['email'];
		$subject = $main_title . $_lang['login_Mail_Title'];
		$message = sprintf($_lang['login_Mail_Msg'], $_POST['user_Name'], $s_Pwd);
		$headers = sprintf($_lang['login_Mail_Headers'] ,$main_Email, $main_Email, phpversion());

		mail($to, $subject, $message, $headers);

	}

	$s_Warning = $_lang['login_Msg_New_Passw'];
}

//Login
if(isset($_POST['logeeme'])) {

	//Delete session variables, just in case
	unset($session);

	//Check if user exists
	$q = "
		SELECT user_Name, id_User, email
		FROM ".$db_Pre."users
		WHERE user_Name = '" . $_POST['user_Name'] . "'
		AND pwd = '" . md5($_POST['password']). "'
		AND active = 1
		";

	$q_User = mysql_query($q) or die("Unable to get user: " . mysql_error());

	//If someone is found, log him in
	if(mysql_num_rows($q_User) > 0){

		//User variables
		$row = mysql_fetch_array($q_User, MYSQL_ASSOC);

			//Cookie data
			$galleta  = $row['user_Name'];
			$galleta .= $divisor . $row['id_User'];
			$galleta .= $divisor . $row['email'];

			//Get the permissions
			//$galleta .= $divisor . implode($divisor_per, array_values(get_Permissions($row['id_User'], $db_Pre)));
			//$galleta .= $divisor . get_Permissions($row['id_User'], $db_Pre);
			setGalleta($galleta);

		echo $_lang['login_Login_Succ'];
		refrescar($web_address, 0, 1);
		exit;
	}

	else{
		$s_Warning = $_lang['login_Msg_Problem'];
	}
}

//Proceso de deslogeo
if(isset($_POST['logout']) || isset($_GET['logout'])) {
	unset($session);
	quitarGalleta();
	echo $_lang['login_Msg_Logoff'];
	refrescar("login.php", 0, 1);
};


/* Template Generation */

include_once("./header.inc.php");

$login_Tpl = new tpl($s_path_Tpl . "/login.tpl");

/* Main array */
$a_Login = array(
	"{LOGIN_LOGIN}" => $_lang['login_Login'],
	"{LOGIN_USER_NAME}" => $_lang['login_User_Name'],
	"{LOGIN_PASSWORD}" => $_lang['login_Password'],
	"{LOGIN_SUBMIT}" => $_lang['login_Login_Submit'],
	"{LOGIN_REC_PASSWORD}" => $_lang['login_Rec_Password'],
	"{LOGIN_REC_USER_NAME}" => $_lang['login_User_Name'],
	"{LOGIN_REC_SUBMIT}" => $_lang['login_Recover_Submit']
);

// Replace main TPL
$login_Tpl->rBlock($a_Login, "");
$login_Tpl->print_Tpl();

include_once("./footer.inc.php");

?>
Return current item: Ads Exchange Server