forked from simmoo/Mafia-Game-Script
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauthenticate.php
80 lines (77 loc) · 2.63 KB
/
authenticate.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<?php
/**************************************************************************************************
| Software Name : Ravan Scripts Online Mafia Game
| Software Author : Ravan Soft Tech
| Software Version : Version 2.0.1 Build 2101
| Website : http://www.ravan.info/
| E-mail : [email protected]
|**************************************************************************************************
| The source files are subject to the Ravan Scripts End-User License Agreement included in License Agreement.html
| The files in the package must not be distributed in whole or significant part.
| All code is copyrighted unless otherwise advised.
| Do Not Remove Powered By Ravan Scripts without permission .
|**************************************************************************************************
| Copyright (c) 2010 Ravan Scripts . All rights reserved.
|**************************************************************************************************/
session_start();
if(get_magic_quotes_gpc() == 0)
{
foreach($_POST as $k => $v)
{
$_POST[$k]=addslashes($v);
}
foreach($_GET as $k => $v)
{
$_GET[$k]=addslashes($v);
}
}
include "config.php";
include "language.php";
global $_CONFIG;
define("MONO_ON", 1);
require "class/class_db_{$_CONFIG['driver']}.php";
$db=new database;
$db->configure($_CONFIG['hostname'],
$_CONFIG['username'],
$_CONFIG['password'],
$_CONFIG['database'],
$_CONFIG['persistent']);
$db->connect();
$c=$db->connection_id;
$set=array();
$settq=$db->query("SELECT * FROM settings");
while($r=$db->fetch_row($settq))
{
$set[$r['conf_name']]=$r['conf_value'];
}
if ($_POST['username'] == "" || $_POST['password'] == "")
{
die("<h3>{$set['game_name']} Error</h3>
$nofill<br>
<a href=login.php>> Back</a>");
}
$uq=$db->query("SELECT userid FROM users WHERE login_name='{$_POST['username']}' AND `userpass`=md5('{$_POST['password']}')");
if ($db->num_rows($uq)==0)
{
die("<h3>{$set['game_name']} Error</h3>
$invalid<br>
<a href=login.php>> $lerrortry</a>");
}
else
{
$_SESSION['loggedin']=1;
$mem=$db->fetch_row($uq);
$_SESSION['userid']=$mem['userid'];
$IP = $_SERVER['REMOTE_ADDR'];
$IP=addslashes($IP);
$IP=mysql_real_escape_string($IP);
$IP=strip_tags($IP);
$db->query("UPDATE users SET lastip_login='$IP',last_login=unix_timestamp() WHERE userid={$mem['userid']}");
$db->query("UPDATE users SET active=1 WHERE userid={$mem['userid']}");
if($set['validate_period'] == "login" && $set['validate_on'])
{
$db->query("UPDATE users SET verified=0 WHERE userid={$mem['userid']}");
}
header("Location: index.php");
}
?>