login
");
}
$is_loged_in = FALSE;
$cookie_logged = FALSE;
$session_logged = FALSE;
// Check if The User is Identified
if($config_use_cookies == TRUE){
/* Login Authorization using COOKIES */
if(isset($username))
{
if(!isset($HTTP_COOKIE_VARS["md5_password"])) { $cmd5_password = md5($password); }
else { $cmd5_password = $HTTP_COOKIE_VARS["md5_password"]; }
if(check_login($username, $cmd5_password))
{
$cookie_logged = TRUE;
setcookie("lastusername", $username, time()+1012324305);
setcookie("username", $username);
setcookie("md5_password", $cmd5_password);
}else{
$result = "Wrong username or password";
$cookie_logged = FALSE;
}
}
/* END Login Authorization using COOKIES */
}
if($config_use_sessions == TRUE){
/* Login Authorization using SESSIONS */
if(isset($HTTP_X_FORWARDED_FOR)){ $ip = $HTTP_X_FORWARDED_FOR; }
elseif(isset($HTTP_CLIENT_IP)) { $ip = $HTTP_CLIENT_IP; }
if($ip == "") { $ip = $REMOTE_ADDR; }
if($ip == "") { $ip = "not detected";}
if($action == "dologin")
{
$md5_password = md5($password);
if(check_login($username, $md5_password)){
$session_logged = TRUE;
@session_register('username');
@session_register('md5_password');
@session_register('ip');
$_SESSION['username'] = "$username";
$_SESSION['md5_password'] = "$md5_password";
$_SESSION['ip'] = "$ip";
}else{
$result = "Wrong username and/or password";
$session_logged = FALSE;
}
}elseif(isset($_SESSION['username'])){ // Check the if member is using valid username/password
if(check_login($_SESSION['username'], $_SESSION['md5_password'])){
if($_SESSION['ip'] != $ip){ $session_logged = FALSE; $result = "The IP in the session doesn not match with your IP"; }
else{ $session_logged = TRUE; }
}else{
$result = "Wrong username and/or password !!!";
$session_logged = FALSE;
}
}
if(!$username){ $username = $_SESSION['username']; }
/* END Login Authorization using SESSIONS */
}
###########################
if($session_logged == TRUE or $cookie_logged == TRUE){ $is_loged_in = TRUE; }
###########################
// If User is Not Logged In, Display The Login Page
if($is_loged_in == FALSE)
{
if($config_use_sessions){
@session_destroy();
@session_unset();
}
setcookie("username","");
setcookie("password","");
setcookie("md5_password","");
echoheader("user","Please Login");
echo "