- 01
- 02
- 03
- 04
- 05
- 06
- 07
- 08
- 09
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
<?php
global $userinfo;
global $smarty;
global $cl;
$userinfo['id'] = 0;
$userinfo['name'] = '';
$userinfo['email'] = '';
$userinfo['phone'] = '';
$userinfo['url'] = '';
$userinfo['company'] = '';
$userinfo['type'] = '';
$flogin = def_var('flogin','');
$fpasswd = def_var('fpasswd','');
$fremember = def_var('fremember',0);
if ($fpasswd) {
$fpasswd = md5($fpasswd);
$_SESSION["se_login"] = $flogin;
$_SESSION["se_passwd"] = $fpasswd;
} elseif (isset($_COOKIE["co_login"]) && isset($_COOKIE["co_passwd"])) {
$_SESSION["se_login"] = $_COOKIE['co_login'];
$_SESSION["se_passwd"] = $_COOKIE['co_passwd'];
}
$auth_msg = '';
if (isset($_SESSION["se_login"]) && isset($_SESSION["se_passwd"])) {
$a_query = "select id,name,company,email,phone,url,type from user where login='" .
$_SESSION["se_login"] . "' and passwd='" .
$_SESSION["se_passwd"] . "' and status=1";
$a_res = mysql_query($a_query);
if (mysql_num_rows($a_res) > 0) {
$ip_res = mysql_query("select ip from ipban where ip='".$_SERVER['REMOTE_ADDR']."'");
if (!mysql_num_rows($ip_res)) {
if ($fremember == 1) {
setcookie("co_login",$_SESSION["se_login"],time()+60*60*24*10000,"/", $_SERVER['SERVER_NAME']);
setcookie("co_passwd",$_SESSION["se_passwd"],time()+60*60*24*10000,"/", $_SERVER['SERVER_NAME']);
}
list($userinfo['id'],$userinfo['name'],$userinfo['company'],$userinfo['email'],$userinfo['phone'],
$userinfo['url'],$userinfo['type']) =
mysql_fetch_row($a_res);
mysql_query("update user set last_ip = '".$_SERVER['REMOTE_ADDR']."' where id=".$userinfo['id']);
} else {
$auth_msg = $cl['authorization_error'];
}
} else {
unset($_SESSION["se_login"]);
unset($_SESSION["se_passwd"]);
$auth_msg = $cl['authorization_error'];
}
}
if (isset($smarty)) {
$smarty->assign('auth_msg',$auth_msg);
}
?>