Newer
Older
if ($_SESSION["user_right"] == 0)
$str .= dispConnectionLogin();
else
$str .= dispConnectionDisconnect();
echo $str;
}
function dispConnectionLogin() { /////// CONNECTION LOGIN ///////
$str .= dispTableBegin("c o n n e x i o n", "30", 1);
if ($_SERVER['HTTPS'] == "on") {
$str .= '<form name="saisie" method="post" action="index.php?connect=1&html=Home">';
$str .= '<tr><td width="40%" class="small" align="center">Login</td></tr>';
$str .= '<tr><td width="60%" align="center"><input type="login" name="user_login" size="15" maxlength="15"></td></tr>';
$str .= '<tr><td width="40%" class="small" align="center">Pass</td></tr>';
$str .= '<tr><td width="60%" align="center"><input type="password" name="user_pass" size="15" maxlength="15"></td></tr>';
$str .= '<tr><td colspan="2" align="center"><input type="submit" value="Donne tout"><br></td></tr>';
$str .= '</form>';
}
else
$str .= "<p>Pour vous connecter au site, <strong>vous devez utiliser une connexion SSL</strong>!</p>";
$str .= dispTableEnd();
$str .= '</div>';
}
function dispConnectionDisconnect() { /////// CONNECTION PROFIL ///////
$ID = $_SESSION["user_id"];
$result = getOneUserById($ID);
$user = mysql_fetch_array($result);
$str = '<div id="all_side">';
$str .= dispTableBegin("d é c o n n e c t e r", "30", 1);
<form name="saisie" method="post" action="index.php?connect=-1&html=Home">
<tr><td width="40%" class="small" align="center"> <b>Salut à toi
'.$user["user_pseudo"].'
</b></td></tr>
<!--
<tr><td width="40%" class="small" align="center">Status: <b>
'.get_right_name($user["user_right"]).'
</b></td></tr>
<tr><td width="40%" class="small" align="center">Rights: <b>
'.get_right_name($_SESSION["user_right"]).'
</b></td></tr>
-->
<tr><td width="40%" class="small" align="center">
'.$user["user_comment"].'
</td></tr>
<tr><td></td></tr>
<tr><td colspan="2" align="center"><input type="submit" value="Déconnecter"><br></td></tr>
</form>
';
$str .= dispTableEnd();
Seblu
committed
$_SESSION["user_right"] = 0;
$_SESSION["user_id"] = 0;
}
function checkUser($Check_Login, $Check_Pass){
$result_login = getOneUserByName($Check_Login);
$result_pseudo = getOneUserByPseudo($Check_Login);
// MD5
$md5_Pass = stripslashes($Check_Pass);
$md5_Pass = md5($md5_Pass);
if (mysql_num_rows($result_login)){
$user = mysql_fetch_array($result_login);
if ($user["user_login"] == $Check_Login && $user["user_pass"] == $md5_Pass ) {
$_SESSION["user_right"] = $user["user_right"];
$_SESSION["user_id"] = $user["user_id"];
return;
}
}
else if (mysql_num_rows($result_pseudo)){
$user = mysql_fetch_array($result_pseudo);
if ($user["user_pseudo"] == $Check_Login && $user["user_pass"] == $md5_Pass ) {
$_SESSION["user_right"] = $user["user_right"];
$_SESSION["user_id"] = $user["user_id"];
return;
}
}
if (yp_check($Check_Login, $Check_Pass)) {
if ($user["user_login"] == $Check_Login){
$_SESSION["user_right"] = $user["user_right"];
$_SESSION["user_id"] = $user["user_id"];
}
else {
if (!check_blacklist($Check_Login)) {
$_SESSION["user_right"] = 3;
$_SESSION["user_id"] = 0;
}
else {
}
}
return;
}
}
function check_blacklist($Check_Login) { ////// CHECK IF BLACKLISTED //////
$result = getOneBlacklistByLogin($Check_Login);
if (mysql_num_rows($result)){
$blacklist = mysql_fetch_array($result);
$try = $blacklist["blacklist_try"] + 1;
$query = " UPDATE `blacklist_db` ";
$query .= " SET `blacklist_try` = '$try' ";
$query .= " WHERE `blacklist_login` = '$Check_Login' LIMIT 1";
or die("Query failed");
$result = getAllBlacksite();
// random un peu porc pour les fake sites.
$cpt = 0;
while ($blacksite = mysql_fetch_array($result)) {
$randsite = rand (1, $cpt);
$result = getOneBlacksiteById($tabsite[$randsite]);
$blacksite = mysql_fetch_array($result);
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL='.$blacksite["blacksite_adress"].'"> '; // automatique redirection
return (1);
}
return (0);
}
function go_random_blacksite() {
$result = getAllBlacksite();
// random un peu porc pour les fake sites.
$cpt = 0;
while ($blacksite = mysql_fetch_array($result)) {
$randsite = rand (1, $cpt);
$result = getOneBlacksiteById($tabsite[$randsite]);
$blacksite = mysql_fetch_array($result);
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0; URL='.$blacksite["blacksite_adress"].'"> '; // automatique redirection
}