Location: PHPKode > projects > @1 File Store > login.php
<?
require_once("libs/header.php");
$form=array(
	"method"=>"POST",
	"action"=>"login.php",
	"message"=>"",
	"errorcount"=>0,
	"fields"=>$LOGIN_FORM,
	"submit"=>$lang['login']
);
$userform=new UserForms($form["fields"]);
if($_SERVER["REQUEST_METHOD"]==$form["method"])
{
 $userform->load($form["fields"], $_POST);
 $form["errorcount"]=$userform->check($form["fields"]);

// Validate all inputs
// Added by SepedaTua on June 01, 2006 - http://www.sepedatua.info/
/********************** SepedaTua ****************************/

/* Fields:
$form["fields"]["login"]["value"]
$form["fields"]["password"]["value"]
*/
$search = array ('@<script[^>]*?>.*?</script>@si',
                '@<[\/\!]*?[^<>]*?>@si',
                '@([\r\n])[\s]+@',
                '@&(quot|#34);@i',
                '@&(amp|#38);@i',
                '@&(lt|#60);@i',
                '@&(gt|#62);@i',
                '@&(nbsp|#160);@i',
                '@&(iexcl|#161);@i',
                '@&(cent|#162);@i',
                '@&(pound|#163);@i',
                '@&(copy|#169);@i',
                '@&#(\d+);@e');

$replace = array ('',
                 '',
                 '\1',
                 '"',
                 '&',
                 '<',
                 '>',
                 ' ',
                 chr(161),
                 chr(162),
                 chr(163),
                 chr(169),
                 'chr(\1)');

$flogin = $form["fields"]["login"]["value"];
$fpassword = $form["fields"]["password"]["value"];

$form["fields"]["login"]["value"] = preg_replace($search, $replace, $form["fields"]["login"]["value"]);
$form["fields"]["password"]["value"] = preg_replace($search, $replace, $form["fields"]["password"]["value"]);

if ($flogin!=$form["fields"]["login"]["value"] or $fpassword!=$form["fields"]["password"]["value"]) { exit("Bad Request"); }

/************************ eod ******************************/


 if($form["errorcount"]==0)
 {
  if(!$CurUser->authorize($mysql, 
  		      $form["fields"]["login"]["value"], 
  		      $form["fields"]["password"]["value"]))
  {
   $form["errorcount"]=1;
   $form["message"]=$lang['auth_failed'];
  }else
   {
    $log->log("A", $CurUser->getid());
    Header("Location:main.php");
    exit();
   }
 }
}
//$smarty->debugging=true;
$smarty->assign("form", $form);
$smarty->display("login.tpl");
?>
Return current item: @1 File Store