verify_code($_POST['rand_num'], $_POST['code_verify'])) { echo "\n"; header("location: ../index.php"); exit; } } $row = $authresult = $obj->authcheck($_POST['authname'], $_POST['authpass']); if ($row[0] == "authfail") { echo "\n"; header("location: ../index.php"); exit; } else { $userpass = md5($_POST['authpass']); $cookieval = $row['user_id'].".".md5($userpass); $sql->db_Select("user", "*", "user_name='".$tp -> toDB($_POST['authname'])."'"); list($user_id, $user_name, $userpass) = $sql->db_Fetch(); if ($pref['tracktype'] == "session") { $_SESSION[$pref['cookie_name']] = $cookieval; } else { cookie($pref['cookie_name'], $cookieval, (time()+3600 * 24 * 30)); } echo "\n"; } } $e_sub_cat = 'logout'; require_once(e_ADMIN."header.php"); if (ADMIN == FALSE) { $obj = new auth; $obj->authform(); require_once(e_ADMIN."footer.php"); exit; } } //------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------// class auth { function authform() { /* # Admin auth login # # - parameters none # - return null # - scope public */ global $use_imagecode, $sec_img; $text = "
\n "; if ($use_imagecode) { $text .= " "; } $text .= "
".ADLAN_89." \n
".ADLAN_90." \n
".ADLAN_152." ". $sec_img->r_image(). "
"; $au = new e107table; $au->tablerender(ADLAN_92, $text); } function authcheck($authname, $authpass) { /* # Admin auth check # - parameter #1: string $authname, entered name # - parameter #2: string $authpass, entered pass # - return boolean if fail, else result array # - scope public */ global $tp; $sql_auth = new db; $authname = $tp -> toDB(preg_replace("/\sOR\s|\=|\#/", "", $authname)); if ($sql_auth->db_Select("user", "*", "user_loginname='$authname' AND user_admin='1' ")) { $row = $sql_auth->db_Fetch(); } else { if ($sql_auth->db_Select("user", "*", "user_name='$authname' AND user_admin='1' ")) { $row = $sql_auth->db_Fetch(); } } if($row['user_id']) { if($row['user_password'] == md5($authpass)) { return $row; } } return array("authfail"); } } //------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------// ?>