File: WIAdmin/WIModule/modules/login.php

Recommend this page to a friend!
  Classes of Jules Warner  >  WICMS  >  WIAdmin/WIModule/modules/login.php  >  Download  
File: WIAdmin/WIModule/modules/login.php
Role: Auxiliary script
Content type: text/plain
Description: Auxiliary script
Class: WICMS
Database driven content management system with PDO
Author: By
Last change:
Date: 3 years ago
Size: 1,737 bytes
 

Contents

Class file image Download
<?php

ini_set
('display_errors',1);
error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT );

// AJAX CALLS THIS LOGIN CODE TO EXECUTE
if(isset($_POST["e"])){
   
// CONNECT TO THE DATABASE
   
include_once("core/init.php");
   
// GATHER THE POSTED DATA INTO LOCAL VARIABLES AND SANITIZE
   
$e = mysqli_real_escape_string($db_conn, $_POST['e']);
   
$e = sanitize($e);
   
$p = mysqli_real_escape_string ($db_conn, $_POST['p']);
   
$p = sanitize($p);
   
$input_password = crypt($p, $db_pass_str);
   
   
// GET USER IP ADDRESS
   
$ip = preg_replace('#[^0-9.]#', '', getenv('REMOTE_ADDR'));
   
// FORM DATA ERROR HANDLING
   
if($e == "" || $p == ""){
        echo
"login_failed";
        exit();
    } else {
   
// END FORM DATA ERROR HANDLING
       
$sql = "SELECT id, username, password FROM users WHERE email='$e' AND activated='1' LIMIT 1";
       
$query = mysqli_query($db_conn, $sql);
       
$row = mysqli_fetch_row($query);
       
$db_id = $row[0];
       
$db_username = $row[1];
       
$db_pass_str = $row[2];
       
$input_password = crypt($p, $db_pass_str);
        if(
$input_password == $db_pass_str){
            echo
"login_failed";
            exit();
        } else {
           
// CREATE THEIR SESSIONS AND COOKIES
           
$_SESSION['userid'] = $db_id;
           
$_SESSION['username'] = $db_username;
           
$_SESSION['password'] = $db_pass_str;
           
setcookie("id", $db_id, strtotime( '+30 days' ), "/", "", "", TRUE);
           
setcookie("user", $db_username, strtotime( '+30 days' ), "/", "", "", TRUE);
           
setcookie("pass", $db_pass_str, strtotime( '+30 days' ), "/", "", "", TRUE);
           
// UPDATE THEIR "IP" AND "LASTLOGIN" FIELDS
           
$sql = "UPDATE users SET ip='$ip', lastlogin=now() WHERE username='$db_username' LIMIT 1";
           
$query = mysqli_query($db_conn, $sql);
            echo
$db_username;
            exit();
        }
    }
    exit();
}
?>


For more information send a message to info at phpclasses dot org.