diff options
| author | root | 2014-02-23 18:33:35 +0100 |
|---|---|---|
| committer | root | 2014-02-23 18:33:35 +0100 |
| commit | 8d95fb4b71029d96fa69e1c472b261fec32786c9 (patch) | |
| tree | 83cc6bfbd4659cc9cbd092809733909c0e711715 /www/login.php | |
| parent | 722e0d07fc89b3fe296c0f07b1cd4ae381714066 (diff) | |
| download | files.iamfabulous.de-8d95fb4b71029d96fa69e1c472b261fec32786c9.tar.gz | |
removed stuff
Diffstat (limited to 'www/login.php')
| -rw-r--r-- | www/login.php | 83 |
1 files changed, 0 insertions, 83 deletions
diff --git a/www/login.php b/www/login.php deleted file mode 100644 index 0c6aeb2..0000000 --- a/www/login.php +++ /dev/null @@ -1,83 +0,0 @@ -<?php -/* Copyright Maximilian Möhring, 2013 -Licensed under the GPL. Read LICENSE for more Information.*/ - -/*Process the login*/ - -session_start(); - -if($_SERVER['REQUEST_METHOD'] == 'POST') { - -/*___Database Query: Login___*/ - $unsafe_username = $_POST["username"]; - $unsafe_passwort = $_POST["password"]; - $username = SQLite3::escapeString("$unsafe_username"); - $passwort = SQLite3::escapeString("$unsafe_passwort"); - - $db = new SQLite3("../database/sqlite.db"); - $salt_db = $db->query("SELECT salt FROM user WHERE name='$username';"); - while($salt_array = $salt_db->fetchArray(SQLITE3_NUM)){ - foreach($salt_array as $firstelement){ - $salt=$firstelement; - } - } - - $password = "$salt"."$passwort"; - $hash_password = md5($password); - for($i=0;$i<15000;$i++) - $hash_password = md5($hash_password); - - $real_password_db = $db->query("SELECT password FROM user WHERE name='$username';"); - while($real_password_array = $real_password_db->fetchArray(SQLITE3_NUM)){ - foreach($real_password_array as $secondelement){ - $real_password=$secondelement; - } - } - -/*___Login___*/ - if ($real_password == $hash_password) { - - if($db->exec(" - BEGIN TRANSACTION; - INSERT INTO log (id, user, login) VALUES (NULL, (SELECT id FROM user WHERE name='$username'), (SELECT datetime()) ); - COMMIT; - ")){ - - $_SESSION["login"] = true; - $_SESSION["username"] = "$unsafe_username"; - - header("Refresh: 0; /"); - - } else { - header("Refresh: 0; login?reason=database"); - } - } else { - header("Refresh: 0; login?reason=failure"); - } -} else { - -/*Prints the GET version*/ - - foreach ($_GET as $argument => $value) { - if(preg_match("/logout/",$argument)){ - session_destroy(); - header("Refresh: 0; /login?success"); - exit; - } else { - if(preg_match("/success/",$argument)) - $logout="Successfull loged out!"; - } - } - - if($_SESSION["login"]){ - header("Refresh: 0; /"); - } else { - echo $logout; - - echo "<form method='post' action='/login.php'> - <p>Name: <input type='text' name='username'></p> - <p>Password: <input type='password' name='password'> - <p><input type='submit' name='submit' value='login'></p> - </form>"; - } -} |