Home Explore Help
Register Sign In
GlobalCube
/
qbuilder
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: main
Branches Tags
qbuilder
/
auth.php

auth.php 2.1 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 
  1. <?php
    2. 

  2. 	require_once 'init.php';
    3. 

  3. 	
    4. 

  4. 	$errorFail =  "<div align=center><font color=red>Login Failed </font></div>
    5. 

  5. 	<script language=javascript>
    6. 

  6. 	setTimeout('location.href = \"logout.php\"', 1000);
    7. 

  7. 	</script>";
    8. 

  8. 	
    9. 

  9. 	$errorFail2 =  "<div align=center><font color=red>Login Failed<br>-<br>Adminseite wird benutzt!</font></div>
    10. 

  10. 	<script language=javascript>
    11. 

  11. 	setTimeout('location.href = \"logout.php\"', 2000);
    12. 

  12. 	</script>";
    13. 

  13. 

  14. 	if (isset($_SESSION['userid'])) {
    15. 

  15. 		$rs = $adodb->Execute("SELECT * FROM qb_user".
    16. 

  16. 		" WHERE userid = '".$_SESSION['userid']."'");
    17. 

  17. 		if (!$rs->EOF) {
    18. 

  18. 			if ( file_exists("templates/sem") && $_SESSION['userid'] != implode(file("templates/sem")) ) {
    19. 

  19. 				die($errorFail2);
    20. 

  20. 			} else {
    21. 

  21.  				if (ereg('login2\.php', @$_SERVER['HTTP_REFERER'])) {
    22. 

  22. 					header('Location: nola.php');
    23. 

  23. 				}
    24. 

  24. 				$passkey = md5($_SESSION['userid'].($rs->fields['passwd']).'qbuilder');
    25. 

  25. 				if ($_SESSION['passkey'] !== $passkey) {
    26. 

  26. 					die($errorFail);
    27. 

  27. 				}
    28. 

  28. 				return true;
    29. 

  29. 			}
    30. 

  30. 		}
    31. 

  31. 	}
    32. 

  32. 

  33. 	$userid = $_REQUEST['auth_user'];
    34. 

  34. 	$pass = $_REQUEST['password_md5'];
    35. 

  35. 	
    36. 

  36. 	//Semaphor-Check
    37. 

  37. 	if ( file_exists("templates/sem") && $userid != implode(file("templates/sem")) ) {
    38. 

  38. 		die($errorFail2);
    39. 

  39. 	} else {	
    40. 

  40. 	$rs = $adodb->Execute("SELECT *, u.userid as userid FROM qb_user u LEFT JOIN qb_user_group ug ON ug.userid = u.userid WHERE u.userid = '".$userid."'") or die($adodb->ErrorMsg());
    41. 

  41. //	$rs = $adodb->Execute("SELECT * FROM qb_user WHERE userid = '".$userid."'") or die($adodb->ErrorMsg());
    42. 

  42. 	if ($rs && strlen($pass) > 0 && $rs->fields['passwd'] === $pass) {
    43. 

  43. 		$record = array();
    44. 

  44. 		$record['updated'] = date('Y-m-d H:i:s');
    45. 

  45. 		$record['user'] = $userid;
    46. 

  46. 		$record['host'] = $_SERVER['REMOTE_ADDR'];
    47. 

  47. 		$record['operation'] = 'login';
    48. 

  48. 		$record['newval'] = session_id();
    49. 

  49. 		$rs2 = $adodb->SelectLimit("SELECT * FROM qb_changelog", 1);
    50. 

  50. 		$adodb->Execute($adodb->GetInsertSQL($rs2, $record));
    51. 

  51. 

  52. 		$_SESSION['userid'] = $rs->fields['userid'];
    53. 

  53. 		$_SESSION['passkey'] = md5($userid.$pass.'qbuilder');
    54. 

  54.         $_SESSION['group_name'] = $rs->fields['group_name'];
    55. 

  55. 		#header('Location: phplayersmenu-3.2.0/index3.php');
    56. 

  56. 		header('Location: nola.php');
    57. 

  57. 	} else {
    58. 

  58. 		die($errorFail);
    59. 

  59. 	}
    60. 

  60. 	}
    61. 

  61. 

  62. 

  63. ?>
    64.