blob: 2004b640b0aa05978d47528bf28ce855732b5329 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
<?php
/* Copyright Maximilian Möhring, 2013
Licensed under the GPL. Read LICENSE.txt for more Information.*/
session_start();
/*___Datenbankabfrage: Login___*/
$unsafe_username = $_POST["username"];
$unsafe_passwort = $_POST["password"];
$username = SQLite3::escapeString("$unsafe_username");
$passwort = SQLite3::escapeString("$unsafe_passwort");
$db_check = new SQLite3("../database/share.db");
$salt_db = $db_check->query("SELECT salt FROM user WHERE name='$username';");
while($salt_array = $salt_db->fetchArray(SQLITE3_NUM)){
foreach($salt_array as $firstelement){
$salt=$firstelement;
}
}
$password = "$salt"."$passwort";
$hash_password = md5($password);
for($i=0;$i<15000;$i++)
$hash_password = md5($hash_password);
$real_password_db = $db_check->query("SELECT password FROM user WHERE name='$username';");
while($real_password_array = $real_password_db->fetchArray(SQLITE3_NUM)){
foreach($real_password_array as $secondelement){
$real_password=$secondelement;
}
}
/*___Einloggen___*/
if ($real_password == $hash_password) {
$_SESSION["login"] = true;
$_SESSION["username"] = "$username";
/*___Datenbankabfrage: Spruch___*/
$zufall = mt_rand(1,52);
$db = new SQLite3("../database/jg.db");
$zufall = SQLite3::escapeString("$zufall");
$ergebnis = $db->query("SELECT * FROM sprueche where id=$zufall;");
while($row=$ergebnis->fetchArray()){
$spruch = $row["spruch"];
}
echo"
<!doctype html public '-//W3C//DTD XHTML 1.0 //EN'>
<html>
<head>
<title>Login: Random Quote.</title>
<script type='text/javascript'>
function animiere() {
var ladebalken = document.getElementById('ladebalken');
var laenge = parseInt(ladebalken.style.width);
laenge++;
ladebalken.style.width = laenge + 'px';
if (laenge < 450) {
window.setTimeout(animiere, 8);
}
if (laenge == 450) {
document.location='/';
}
}
</script>
<meta http-equiv='Content-type' content='text/html; charset=utf-8' />
<link rel='stylesheet' type='text/css' href='hyperstyle.css' />
<link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'>
</head>
<body onload='animiere()' link='#000000' vlink='#000000' alink='#FF0000' >
<div id='distance' ></div>
<div id='container' align='center' class='mittlereschrift'>
<b>Zitat Nummer #$zufall</b><br><br><div id='bgcolor'>
$spruch
</div>
<br><br>
<div class='katze'<p> Fortschritt: </p></div>
<div id='balken' align='left'>
<span id='ladebalken' style='display: block; background: #ecece1; width: 0px;'>
</span>
</div>
<br><br>
<div class='unterstrich'><a href='/'>Überspringen</a></div>
</div>
</body>
</html>
";
header("Refresh: 7; /");
} else {
header("Location: login.php?failure=1");
}
?>
|
