diff options
| author | root | 2014-04-14 08:35:13 +0200 |
|---|---|---|
| committer | root | 2014-04-14 08:35:13 +0200 |
| commit | 12734da8826299ffd24c0a15f6dbf205892d7221 (patch) | |
| tree | 3b894dd30e332df23a564ce44e42ce164c8abd78 /oldwww/check.php | |
| parent | 7b9d516cd3bcdb8eaa5f1eb533d71010061c681b (diff) | |
| download | jungegemeinde-12734da8826299ffd24c0a15f6dbf205892d7221.tar.gz | |
Pushed to v3
Diffstat (limited to 'oldwww/check.php')
| -rw-r--r-- | oldwww/check.php | 105 |
1 files changed, 105 insertions, 0 deletions
diff --git a/oldwww/check.php b/oldwww/check.php new file mode 100644 index 0000000..3e575a9 --- /dev/null +++ b/oldwww/check.php @@ -0,0 +1,105 @@ +<?php +/* Copyright Maximilian Möhring, 2013 +Licensed under the GPL. Read LICENSE for more Information.*/ + +session_start(); + +/*___Datenbankabfrage: Login___*/ + $unsafe_username = $_POST["username"]; + $unsafe_passwort = $_POST["password"]; + $username = SQLite3::escapeString("$unsafe_username"); + $passwort = SQLite3::escapeString("$unsafe_passwort"); + + $db = new SQLite3("../database/database.sqlite"); + $salt_db = $db->query("SELECT salt FROM user WHERE name='$username';"); + while($salt_array = $salt_db->fetchArray(SQLITE3_NUM)){ + foreach($salt_array as $firstelement){ + $salt=$firstelement; + } + } + + $password = "$salt"."$passwort"; + $hash_password = md5($password); + for($i=0;$i<15000;$i++) + $hash_password = md5($hash_password); + + $real_password_db = $db->query("SELECT password FROM user WHERE name='$username';"); + while($real_password_array = $real_password_db->fetchArray(SQLITE3_NUM)){ + foreach($real_password_array as $secondelement){ + $real_password=$secondelement; + } + } + +/*___Einloggen___*/ +if ($real_password == $hash_password) { + + $_SESSION["login"] = true; + $_SESSION["username"] = "$username"; + +/*___Datenbankabfrage: Spruch___*/ + $zufall = mt_rand(1,52); + + $zufall = SQLite3::escapeString("$zufall"); + $ergebnis = $db->query("SELECT * FROM sprueche where id=$zufall;"); + + while($row=$ergebnis->fetchArray()){ + $spruch = $row["spruch"]; + } + + +echo" +<!doctype html public '-//W3C//DTD XHTML 1.0 //EN'> + + +<html> +<head> + <title>Login: Random Quote.</title> +<script type='text/javascript'> + function animiere() { + var ladebalken = document.getElementById('ladebalken'); + var laenge = parseInt(ladebalken.style.width); + + laenge++; + ladebalken.style.width = laenge + 'px'; + + if (laenge < 450) { + window.setTimeout(animiere, 8); + } + if (laenge == 450) { + document.location='/'; + } + } + </script> + <meta http-equiv='Content-type' content='text/html; charset=utf-8' /> + <link rel='stylesheet' type='text/css' href='hyperstyle.css' /> + <link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'> +</head> + +<body onload='animiere()' link='#000000' vlink='#000000' alink='#FF0000' > + +<div id='distance' ></div> +<div id='container' align='center' class='mittlereschrift'> +<b>Zitat Nummer #$zufall</b><br><br><div id='bgcolor'> +$spruch +</div> + +<br><br> +<div class='katze'<p> Fortschritt: </p></div> + <div id='balken' align='left'> + <span id='ladebalken' style='display: block; background: #ecece1; width: 0px;'> + </span> + </div> + +<br><br> +<div class='unterstrich'><a href='/'>Überspringen</a></div> + +</div> + +</body> +</html> +"; +header("Refresh: 7; /"); +} else { +header("Location: login.php?failure=1"); +} +?> |