<?php
/*******************************************************************/
/* Vsecurity */
/* Copyrights(C)2001 Jan Vilimek(hide@address.com) */
/* See GPL license in file license.txt */
/* and http://www.guanoweb.cz for more details */
/* */
/* Function: Secure your pages (getpaswd) */
/* for instalation see readme.txt */
/*******************************************************************/
if (!defined("LOADED_PROPERLY")) die( "<h1>Acess denied!</h1><br>-VSecurity required-<br><br>get it on www.guanoweb.cz");
my_register_globals('id_form');
my_register_globals('paswd');
my_register_globals('md5');
if (($_SESSION['ID_form_login']!=$id_form)||($_SESSION['ID_form_login']==0))
{
$message=$alert_bad_id_form;
include dirname(__FILE__)."/defined/selflink.php";
}
if ($_SESSION['Tryings']>$VSecure_conf['max_tryings'])
{
$message=$reached_max_tryings;
include dirname(__FILE__)."/defined/selflink.php";
}
$qw="SELECT password FROM $VSecure_tbl_usr ".
"WHERE login='".md5($login)."' " ;
$result= mysql_query ($qw , $MySQL_link)
or die ("Updating page, please wait...");
if (!($row= mysql_fetch_row($result)))
{
if ($VSecure_conf["permit_new_user"]=="YES")
{ include dirname(__FILE__)."/newuserform.php"; }
else
{
$_SESSION['Tryings']++;
$message=$error_badpaswd2;
if ($_SESSION['Tryings']>$VSecure_conf['max_tryings']) $message.= ' ('. $reached_max_tryings .')';
include dirname(__FILE__)."/defined/selflink.php";
}
}
if ($md5==true) { $por=$paswd; }else $por=md5($paswd); /*if md5 then password is allreadz hashed*/
if ($row[0]!=$por)
{
$_SESSION['Tryings']++;
$message=$error_badpaswd2;
if ($_SESSION['Tryings']>$VSecure_conf['max_tryings']) $message.= ' ('. $reached_max_tryings .')';
include dirname(__FILE__)."/defined/selflink.php";
}
$_SESSION['Tryings']=0;
set_user_session($login);
do_redir($MAIN_URL);
?>