var » www » localhost » htdocs » criminalcity

login.php

Ga naar de documentatie van deze file.
00001 <?php
00002 /***************************************************************************
00003  *   Copyright (C) 2007 by Damian Bodde and Peter Wessels                  *
00004  *   damian@elsw.de  peter1wessels@gmail.com                               *
00005  *                                                                         *
00006  *   This program is free software; you can redistribute it and/or modify  *
00007  *   it under the terms of the GNU General Public License as published by  *
00008  *   the Free Software Foundation; either version 2 of the License, or     *
00009  *   (at your option) any later version.                                   *
00010  *                                                                         *
00011  *   This program is distributed in the hope that it will be useful,       *
00012  *   but WITHOUT ANY WARRANTY; without even the implied warranty of        *
00013  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the         *
00014  *   GNU General Public License for more details.                          *
00015  *                                                                         *
00016  *   You should have received a copy of the GNU General Public License     *
00017  *   along with this program; if not, write to the                         *
00018  *   Free Software Foundation, Inc.,                                       *
00019  *   59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.             *
00020  ***************************************************************************/
00021 ?>
00022 
00023 <?php
00024 
00025 if(isset($_GET['action']))
00026 {
00027                 $action = $_GET['action'];
00028 }
00029 else
00030 {
00031                 $action = "main";
00032 }
00033 
00034 if($action == "main")
00035 {
00036                 if(isset($_SESSION['nick']))
00037                 {
00038                                 session_destroy();
00039                                 echo "<meta http-equiv=\"refresh\" content=\"0; URL=index.php\">";
00040                                 exit();
00041                 }
00042                 if($_POST['login'] == true)
00043                 {
00044                                 $username = strip_tags(mysql_real_escape_string($_POST['naam']));
00045                                 $passwort = md5(strip_tags(mysql_real_escape_string($_POST['pass'])));
00046                                 
00047                                 if(!$username || !$passwort)
00048                                 {
00049                                                 $meldung = "Je dient wel alles in te vullen.";
00050                                 }
00051                                 
00052                                 if(!$melding)
00053                                 {
00054                                                 $sql = ("SELECT id,name, pass, status FROM users WHERE name='$username'");
00055                                                 $result = mysql_query($sql) or die(mysql_error());
00056                                                 if(mysql_num_rows($result) < 1)
00057                                                 {
00058                                                                 $meldung.= "Deze gebruiker bestaat niet.";
00059                                                 }
00060                                                 if(!$meldung)
00061                                                 {
00062                                                                 $row = mysql_fetch_array($result);
00063                                                                 
00064                                                                 $sql = ("SELECT fails FROM users WHERE name='$username'");
00065                                                                 $result = mysql_query($sql) or die(mysql_error());
00066                                                                 $rod = mysql_fetch_array($result);
00067                                                                 $fail_versuche = $rod[0];
00068                                                                 
00069                                                                 if($fail_versuche > 3)
00070                                                                 {
00071                                                                                 $meldung.= "Het account is geblokkeerd. Contacteer de Admin";
00072                                                                 }
00073                                                                 
00074                                                                 if(!$meldung)
00075                                                                 {
00076                                                                                 if($row['pass'] != $passwort)
00077                                                                                 {
00078                                                                                                 $fail = $fail_versuche + 1;
00079                                                                                                 $meldung.= "Je wachtwoord is verkeerd";
00080                                                                                                 $sql = ("UPDATE users SET fails='$fail' WHERE name='$username'");
00081                                                                                                 mysql_query($sql) or die(mysql_error());
00082                                                                                 }
00083                                                                 }
00084                                                                 
00085                                                                 if(!$meldung)
00086                                                                 {
00087                                                                                 $_SESSION['nick'] = $username;
00088                                                                                 $_SESSION['level'] = $row['level'];
00089                                                                                 $_SESSION['userid'] = $row['id'];
00090                                                                                 if($row['status'] == "banned")
00091                                                                                 {
00092                                                                                                 $meldung.= "Je bent verbannen!";
00093                                                                                 }
00094                                                                                 if(!$meldung)
00095                                                                                 {
00096                                                                                                 $sql = ("UPDATE users SET lastip='$ip', lastlogin=NOW(), fails='0' WHERE name='$username'");
00097                                                                                                 mysql_query($sql) or die(mysql_error());
00098                                                                                                 echo login_correct;
00099                                                                                                 echo "<meta http-equiv=\"refresh\" content=\"0; URL=index.php\">";
00100                                                                                                 exit();
00101                                                                                 }
00102                                                                 }
00103                                                 }
00104                                 }
00105                 }
00106                 ?>
00107                 <form action=index.php?menu=login&action=main method=post>
00108                                 <?=$meldung;?>
00109                                 <table>
00110                                                 <tr>
00111                                                                 <td>Gebruikersnaam:</td>
00112                                                                 <td>:</td>
00113                                                                 <td><input type=name class=input name=naam>
00114                                                 </tr><tr>
00115                                                                 <td>Wachtwoord:</td>
00116                                                                 <td>:</td>
00117                                                                 <td><input type=password class=input name=pass>
00118                                                 </tr>
00119                                 </table>
00120                                 <input type=submit value=Inloggen name=login>
00121                 </form>
00122                 <?php
00123 }
Gegenereerd op Wed May 30 17:41:05 2007 voor criminalcity.kdevelop door  doxygen 1.4.7