Location: PHPKode > projects > eqEpic > eqEpic0.7.8/login.php
<?php 
/******************************************************************************
* login.php                                                                   *
* Login Page File                                                             *
* See readme.txt for additional information                                   *
*******************************************************************************
* eqEpic - The Epic Raid Manager                                              *
* Open-Source Project By Ryan Christenson                                     *
* =========================================================================== *
* Software Version:           eqEpic 0.7.8                                    *
* Software by:                The RSWR Network (http://www.rswr.net)          *
* Copyright 2006-2007 by:     Ryan Christenson (http://www.rswr.net)          *
* Support, News, Updates at:  http://forum.rswr.net/                          *
*******************************************************************************
* This program is free software; you can redistribute it and/or modify        *
* it under the terms of the GNU General Public License as published by        *
* the Free Software Foundation; either version 2 of the License, or           *
* (at your option) any later version.                                         *
*                                                                             *
* This program is distributed in the hope that it will be useful,             *
* but WITHOUT ANY WARRANTY; without even the implied warranty of              *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               *
* GNU General Public License for more details.                                *
*                                                                             *
* You should have received a copy of the GNU General Public License           *
* along with DownloadCounter; if not, write to the Free Software              *
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA   *
******************************************************************************/
session_start();
ob_start();
?>
<?php
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // Always modified
header("Cache-Control: private, no-store, no-cache, must-revalidate"); // HTTP/1.1 
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache"); // HTTP/1.0
?>
<?php include ("ewconfig.php") ?>
<?php include ("db.php") ?>
<?php include ("secinfo.php") ?>
<?php include ("advsecu.php") ?>
<?php include ("phpmkrfn.php") ?>
<?php
LoadUserLevel(); // Load user level
if (@$_POST["submit"] <> "") {
	$bValidPwd = false;

	// Setup variables
	$sUsername = @$_POST["username"];
	$sPassword = @$_POST["password"];
	if (ValidateUser($sUsername, $sPassword)) {

		// Write cookies
		$sLoginType = strtolower($_POST["rememberme"]);
		$expirytime = time() + 365*24*60*60; // change cookie expiry time here
		if ($sLoginType == "a") {
			setCookie(ewCookieAutoLogin, "autologin", $expirytime);
			setCookie(ewCookieUserName, $sUsername, $expirytime);
			setCookie(ewCookiePassword, TEAencrypt($sPassword, EW_RANDOM_KEY), $expirytime);
		} elseif ($sLoginType == "u") {
			setCookie(ewCookieAutoLogin, "rememberusername", $expirytime);
			setCookie(ewCookieUserName, $sUsername, $expirytime);
		} else {
			setCookie(ewCookieAutoLogin, "", $expirytime);
		}
		$_SESSION[ewSessionStatus] = "login";
		ob_end_clean();
		header("Location: index.php");
		exit();
	} else {
		$_SESSION[ewSessionMessage] = "Incorrect Username or Password";
	}
} else {
	if (IsLoggedIn()) {
		if ($_SESSION[ewSessionMessage] == "") {
			ob_end_clean();
			header("Location: index.php");
			exit();
		}
	} else { // Check auto login
		if (@$_COOKIE[ewCookieAutoLogin] == "autologin") {
			$sUsername = @$_COOKIE[ewCookieUserName] ;
			$sPassword = TEAdecrypt(@$_COOKIE[ewCookiePassword] , EW_RANDOM_KEY);
			if (ValidateUser($sUsername, $sPassword)) {
				ob_end_clean();
				header("Location: index.php");
				exit();
			}
		}
	}
}
?>
<?php include ("sources/header.php") ?>
<script type="text/javascript" src="ewp.js"></script>
<script type="text/javascript">
<!--
function EW_checkMyForm(EW_this) {
	if (!EW_hasValue(EW_this.username, "TEXT" )) {
		if  (!EW_onError(EW_this, EW_this.username, "TEXT", "Please Enter Your User Name"))
			return false;
	}
	if (!EW_hasValue(EW_this.password, "PASSWORD" )) {
		if (!EW_onError(EW_this, EW_this.password, "PASSWORD", "Please Enter Your Password"))
			return false;
	}
	return true;
}

//-->
</script>
<?php
if (@$_SESSION[ewSessionMessage] <> "") {
?>
<p><div class="ewmsg"><?php echo $_SESSION[ewSessionMessage]; ?></div></p>
<?php
	$_SESSION[ewSessionMessage] = ""; // Clear message
}
?>
<form action="login.php" method="post" onsubmit="return EW_checkMyForm(this);">
<table align="center" class="table_other">
	<tr>
		<td>Username</td>
		<td><input type="text" name="username" size="20" value="<?php echo @$_COOKIE[ewCookieUserName]; ?>" class="text" /></td>
	</tr>
	<tr>
		<td>Password</td>
		<td><input type="password" name="password" size="20" class="text" /></td>
	</tr>
	<tr>
		<td>&nbsp;</td>
		<td>
		<?php if (@$_COOKIE[ewCookieAutoLogin] == "autologin") { ?>
		<input type="radio" name="rememberme" value="a" checked />Auto login until I logout explicitly<br /><input type="radio" name="rememberme" value="u" />Save my user name<br /><input type="radio" name="rememberme" value="n" />Always ask for my user name and password
		<?php } elseif (@$_COOKIE[ewCookieAutoLogin] == "rememberusername") { ?>
		<input type="radio" name="rememberme" value="a" />Auto login until I logout explicitly<br /><input type="radio" name="rememberme" value="u" checked />Save my user name<br /><input type="radio" name="rememberme" value="n" />Always ask for my user name and password
		<?php } else { ?>
		<input type="radio" name="rememberme" value="a" />Auto login until I logout explicitly<br /><input type="radio" name="rememberme" value="u" />Save my user name<br /><input type="radio" name="rememberme" value="n" checked />Always ask for my user name and password
		<?php } ?>
		</td>
	</tr>
	<tr>
		<td colspan="2" align="center"><input type="submit" name="submit" value="Login" class="button" /></td>
	</tr>
</table>
</form>
<br />
<center>
			<div class="rollover forgot" >
			<a href="forgetpwd.php"><img src="images/but_forgot.gif" alt="Players List" border="0"/></a>
			</div>
			<div class="rollover reg">
			<a href="register.php"><img src="images/but_reg.gif" alt="Players List" border="0"/></a>
			</div>
</center>
<?php

// Function to validate user
function ValidateUser($Username,$Password)
{
	$ValidateUser = false;
	$CaseSensitive = false; // Modify case sensitivity here

	// Check other users
	if (!$ValidateUser)	{
	$conn = phpmkr_db_connect(HOST, USER, PASS, DB, PORT);
	$Username = (!get_magic_quotes_gpc()) ? addslashes($Username) : $Username;
	$sFilter = "(`user` = '" . AdjustSql($Username) . "')";
	$sSql = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, $sFilter, "");
	$query = phpmkr_query($sSql,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br />SQL: ' . $sSql);
	if (phpmkr_num_rows($query) > 0) {
		$rs = phpmkr_fetch_array($query);
		if ($CaseSensitive) {
			$ValidateUser=($rs["pass"] == $Password);
		} else {
			$ValidateUser=(strtolower($rs["pass"]) == strtolower($Password));
		}
    if ($ValidateUser) {
			$_SESSION[ewSessionStatus] = "login";
			$_SESSION[ewSessionUserName] = $rs["user"];
			$_SESSION[ewSessionSysAdmin] = 0; // Non system admin
			$_SESSION[ewSessionUserID] = $rs["user"]; // User ID
			$_SESSION[ewSessionUserLevel] = $rs["UserLevel"]; // User Level
			if ($_SESSION[ewSessionUserLevel] == -1) { // System admin
				$_SESSION[ewSessionUserID] = -1;
			}
		SetUpUserLevel();
    }
	}
	phpmkr_free_result($query);
	phpmkr_db_close($conn);
	}
	return $ValidateUser;
}
?>
<?php include ("footer.php") ?>
Return current item: eqEpic