Location: PHPKode > projects > Esvon Personals > esvon-personals/inc/pages/login.php
<?php

// --------------------------------------------------------------------------
//
// Esvon Classifieds v.4.0
// Copyright(C), Esvon LTD, 2001-2010, All Rights Reserved.
// E-mail: hide@address.com
//
// All forms of reproduction, including, but not limited to, internet posting, 
// printing, e-mailing, faxing and recording are strictly prohibited.
// One license required per site running Esvon Classifieds. 
// To obtain a license for using Esvon Classifieds, please register at
// http://www.esvon.com/pg/products/p_classifieds/
//
// --------------------------------------------------------------------------

if(!defined('SITE_PATH')) die('Access Denied');

DoNotCache();

if($_POST['act']=='login') ProcessFormLogin();
elseif($_POST['act']=='forgot') ProcessFormLostPwd();
elseif($_GET['relogin']) UserRelogin();
elseif($_GET['logout']){

  $ses_uid = (int)hwSessionGetVar('userid');
  if($ses_uid){

    $ref_url = InputUrl2Html($_REQUEST['ref_url']);
    if(!$ref_url) $ref_url = 'index.php?page=login';
    
    /*$args = array(
      'REF_URL' => urlencode($ref_url),
      'rows' => '',
      'a_url' => '',
      'mod_num' => 0,
      'frames' => '',
      'action' => 'out',
      'userid' => $ses_uid,
    );

    hwModEvent('onUserLogout',$args);*/

    hwSessionSetVar('userid', 0);
    //hwSessionSetVar('is_logout', 1);

    $db->query('DELETE FROM '.TBL_USER_ON.' WHERE id='.$ses_uid);
    setcookie(COOKIE_LOG, '', 1);

    JSRedirect($ref_url);
    //EvalAdvTpl(ADM_TPL_PATH.'u_login_ok.htm',$args,1);
    exit;
  
  }

}

 TryExtraLogin();
 ShowFormLogin();

//  functions     

function ShowFormLogin() {

  $tpl_v = array();
  $tpl_v['t_login'] = EN_LOGIN_EM ? hwLng('email') : hwLng('username');
  $tpl_v['t_login_uf'] = ucfirst($tpl_v['t_login']);

  $tpl_v['ses_rnd'] = mt_rand();
  hwSessionSetVar('ses_rnd',$tpl_v['ses_rnd']);

  $a_glob = array('err_msg','login_fg','err_msg_fg');
  foreach($a_glob as $k) $tpl_v[$k] = $GLOBALS[$k];
  
  $tpl_v['login'] = html_esc($_POST['login']);
  
  /*$tpl_v['is_logout'] = (int)hwSessionGetVar('is_logout');
  if($tpl_v['is_logout']) hwSessionSetVar('is_logout', 0);*/

  EvalAdvTpl(TPL_PATH.'login.htm', $tpl_v, 1);

}

function ProcessFormLogin() {

  global $err_msg;
  
  $login = trim($_POST['login']);
  $pwd = $_POST['pwd_md5'] ? $_POST['pwd_md5'] : $_POST['pwd'];
  $ref_url = InputUrl2Html($_REQUEST['ref_url']);

  if(!$login) $err_msg = hwLng('err_login');
  else{

     include_once SITE_PATH.'inc/auth.inc.php';

     $err_msg = '';
     $auth = UserAuthenticate($login,$pwd,$_POST['cook']);
     
     if(!$err_msg){
       if(is_null($auth)) $err_msg = hwLng('err_ac_disabled');
       elseif(!$auth) $err_msg = hwLng('err_login');
     }

     if(!$err_msg){
/*  
       if(!$ref_url){
         $amt = $db->one_data('SELECT count(*) FROM '.TBL_AD.' WHERE userid='.(int)hwSessionGetVar('userid'));
         if(!$amt) $ref_url = preg_replace('/index\.php.*?$/i','index.php?page=add',$_SERVER['REQUEST_URI']);
       }
*/
       if(strpos($ref_url,'page=login')!==false) $ref_url = '';

       if(!$ref_url) $ref_url = 'index.php?page=account';
       JSRedirect($ref_url);
       exit;

       /*$args = array(
         'USERNAME' => $GLOBALS['username'],
         'EMAIL' => $GLOBALS['email'],
         'LOGIN' => html_esc($login),
         'PWD' => $GLOBALS['pwd'], // set as plain text in auth.inc.php
         'REF_URL' => urlencode($ref_url),
         'rows' => '',
         'a_url' => '',
         'mod_num' => 0,
         'frames' => '',
         'action' => 'in',
       );

       hwModEvent('onUserLoginRedirect',$args);

       EvalAdvTpl(ADM_TPL_PATH.'u_login_ok.htm',$args,1);
       exit;*/
     }

  }

}

function UserRelogin(){
  
  $userid = (int)hwSessionGetVar('userid');
  $ref_url = '';

  if(!$userid){
  	if($_GET['relogin'] == 'paid') $ref_url = urlencode($_SERVER['REQUEST_URI']);
    header('Location: index.php?page=login&ref_url='.$ref_url);
    exit;
  }

  hwLoginByUserID($userid);

  if ($_GET['relogin']=='paid') {
    global $db;
    $pay_id = $db->one_data('SELECT id FROM '.TBL_PAY_LOG.' WHERE userid="'.$userid.'" ORDER BY id DESC LIMIT 1');
    if($pay_id){
      JSRedirect('index.php?page=order_ipn&uid='.$userid.'&pay_id='.$pay_id);
      exit;
    }
  }
  
  JSRedirect('index.php?page=account');
  exit;

}

function TryExtraLogin() {
  
  $pg = $_GET['pg'];
  if (!$pg || ($pg!='msg' && $pg!='timer')) return;

  if($pg=='msg') {
    if (!$_GET['r_url'] || ($_GET['act']!='in' && $_GET['act']!='out')) return;
    $v['REF_URL'] = InputUrl2Html($_GET['r_url']);
    EvalAdvTpl(TPL_PATH.'log'.$_GET['act'].'_msg.htm',$v,1);
    exit;
  }
  elseif ($pg=='timer') {
    // Get active URL's
    $v['mod_num'] = 0;
    $v['a_url'] = '';
    $a_url = InputUrl2Html($_GET['a_url']);
    if($a_url) {
      $a_url = substr($a_url,0,strlen($a_url)-1);
      $a_url = explode('|',$a_url);
      
      foreach ($a_url AS $key => $value) {
        $v['a_url'].="a_url[".($key+1)."]='$value';\n";
        $v['mod_num']++;
      }
    }
    
    $v['redirect_url'] = InputUrl2Html($_GET['r_url']);

    EvalAdvTpl(ADM_TPL_PATH.'u_login_timer.htm',$v,1);
    exit;
  }
}

function ProcessFormLostPwd() {
  global $db,$err_msg_fg;

  $col = EN_LOGIN_EM ? 'email' : 'username';
  $login_fg = trim($_POST['login_fg']);

  if(!$_POST['login_fg']){
    $col2 = EN_LOGIN_EM ? 'username' : 'email';
    if($_POST[$col2]){
      $col = $col2;
      $login_fg = trim($_POST[$col]);
    }
  }

  $err_msg_fg = '';
  if(!$login_fg) $err_msg_fg = hwErrMsgRequired($col);
  else {
    list($uid,$pwd,$email,$login) = $db->one_row("SELECT id,pwd,email,$col FROM ".TBL_USER." WHERE $col=".$db->esc($login_fg));
    if(!$uid){
      if($col=='email'){
        $code = $db->one_data("SELECT code FROM ".TBL_REG_CONFIRM." WHERE email=".$db->esc($login_fg));
        if(!$code) $err_msg_fg = sprintf(hwLng('err_no_match'),$col);
        else $email = $login_fg;
      }
      else $err_msg_fg = sprintf(hwLng('err_no_match'),$col);
    } 
  }

  if(!$err_msg_fg) {

     $err_msg_fg = sprintf(hwLng('err_lostpwd_sent'),$email);

     $tpl_v = compact('login','pwd');
     $tpl_v['login_url'] = SITE_URL.'index.php?page='.($code ? "reg&code=$code" : "login");
     $email_body = EvalAdvTpl(TPL_PATH.'lostpwd.mail',$tpl_v);

     hwSendMail($email,ADMIN_EMAIL,'',$email_body);

  }

}

function InputUrl2Html($url){
  if(!$url) return '';
  $url = html_esc($url);
  return str_replace('&amp;', '&', $url);
}

?>
Return current item: Esvon Personals