fic/server
2
0
Fork 0
Code Issues Pull Requests 6 Releases Wiki Activity

Can always login from login page, even if already logged

Browse Source
This commit is contained in:
Némunaire 2013-10-10 04:47:37 +02:00
parent 0fdc0703f6
commit ee2147cf74
1 changed files with 18 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
onyx/include/public/login.php
View File

@ -1,8 +1,6 @@
<?php <?php
if (!defined('ONYX')) exit; if (!defined('ONYX')) exit;
if ($SESS->level < 1)
{
if (isset($_POST['username']) && isset($_POST['password'])) if (isset($_POST['username']) && isset($_POST['password']))
{ {
$username = $_POST['username']; $username = $_POST['username'];
@ -11,24 +9,21 @@ if ($SESS->level < 1)
$bdd = new BDD(); $bdd = new BDD();
// TODO: use function // TODO: use function
$hash = mdp($bdd->escape($username), $bdd->escape($password)); $bdd->escape($username);
$result = $bdd->unique_query("SELECT username, auth_level FROM users $bdd->escape($password);
$hash = mdp($username, $password);
$result = $bdd->unique_query("SELECT id, username, auth_level FROM users
WHERE username='$username' WHERE username='$username'
AND password=unhex('$hash')"); AND password=unhex('$hash')");
if (!empty($result) && $result['auth_level'] != 0) if (!empty($result) && $result['auth_level'] != 0)
{ {
$SESS->level = $result['auth_level']; $SESS->level = $result["auth_level"];
$SESS->values = $result; $SESS->values = $result;
$SESS->put($username); $SESS->put($result["id"]);
header("Location: /home"); header("Location: /home");
exit; exit;
} }
} }
$page = "public/login"; $page = "public/login";
}
else
{
// Show some page ?
header("Location: /home");
}