Copyright (C) 2007 nso Copyright (c) 2007 Victor Vikene This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. *********************************************************************************** */ include('init.php'); if (isset($_POST['submit'])) { $db = new dbcon(); $user = mysql_real_escape_string($_POST['user'],$db->link); $passwd = mysql_real_escape_string($_POST['pass'],$db->link); $pass_enc = sha1($passwd); $query = "SELECT * FROM `%slusers` WHERE `username` = '$user'"; $db->query($query); $bruker = mysql_fetch_array($db->result); if ($bruker['passwd'] == $pass_enc || mysql_num_rows($db->result) != '0') { /* Password seems to be correct, so we essentially imports a bunch of things from database to session-variables, so we don't have to query the database every five seconds. Should reduce load a tiny weeny bit. */ $_SESSION['restricted'] = TRUE; $_SESSION['brukar'] = $user; $_SESSION['uid'] = $bruker['uid']; $_SESSION['userlevel'] = $bruker['userlevel']; $_SESSION['registrert'] = $bruker['date']; header("Location: http://$url/user.php"); } else { include($includedir . 'header.php'); /* Set the correct templatefile for the templatesystem */ $xtpl = new XTemplate('login.xtpl',$tpldir); $message = $lang['loginfailed'] . "" . $lang['tryagain'] . ""; dialogbox($message, 'warning'); } } else { include($includedir . 'header.php'); /* Set the correct templatefile for the templatesystem */ $xtpl = new XTemplate('login.xtpl',$tpldir); $xtpl->assign('USERNAME', $lang['username']); $xtpl->assign('PASSWORD', $lang['password']); $xtpl->parse('main'); $xtpl->out('main'); include($includedir . 'tail.php'); } ?>