Old stuff/old_sites/newepik/include/auth.php
(Deskargatu)
<?php
$seed = floor(time()/86400);
srand($seed);
$nick = $_POST['nick'] or $nick = $_COOKIE['nick'];
$password = $_POST['password'] or $password="";
if($chemin[1] == "anonymous")
{
setcookie("PHPSESSID","",(time()-3600),"/");
$identified="LOGGED OUT";
setcookie("nick","",(time()-3600),"/");
unset($nick); unset($axx);
}
else
{
if (!empty($nick) and !empty($password))
{
$query = "SELECT * FROM membres WHERE pseudo='$nick'";
$result=mysql_query($query) or die("FATAL: ".mysql_error());
if ($row = mysql_fetch_array($result))
{
$pass=$row[2];
$email = $row[3];
$axx =$row[9];
}
if (strcmp($pass,md5($password))==0)
{
$pid = "";
for($i=0;$i<25;$i++) { $pid=$pid.rand(0,9); }
setcookie("PHPSESSID",$pid,(time()+60*60*24*365),"/");
setcookie("nick",$nick,(time()+60*60*24*365),"/");
$query = "UPDATE membres SET PHPSESSID='".$pid."' WHERE pseudo='$nick' ";
mysql_query($query) or die("FATAL: ".mysql_error());
}
else { $identified="Mot de passe incorect"; unset($axx); unset($email); unset($nick);}
}
elseif ($nick and $_COOKIE['PHPSESSID'])
{
$query = "SELECT * FROM membres WHERE pseudo='".$_COOKIE['nick']."'";
$result=mysql_query($query) or die("FATAL: ".mysql_error());
if ($row = mysql_fetch_array($result)) { $phpid=$row[10]; $axx =$row[9]; $email=$row[3]; }
if (strcmp($phpid,$_COOKIE['PHPSESSID'])!=0)
{
$identified="PHPSESSID failed";
unset($axx); unset($email); unset($nick);
}
else
{
}
}
else
{
unset($axx); unset($nick);
}
}
if (empty($nick)) { $nick = "Anonymous"; }
?>
Tfe