login.php

BLOG HOSTER---PHP & MYSQL Create Blogs in seconds Installation of your BlogHoster system is easy.

<?
$page = "login.php";
include "header.php";

if(isset($_POST['task'])) { $task = $_POST['task']; } elseif(isset($_GET['task'])) { $task = $_GET['task']; } else { $task = "main"; }
if(isset($_POST['u'])) { $u = $_POST['u']; } elseif(isset($_GET['u'])) { $u = $_GET['u']; } else { $u = ""; }
if(isset($_POST['e_id'])) { $e_id = $_POST['e_id']; } elseif(isset($_GET['e_id'])) { $e_id = $_GET['e_id']; } else { $e_id = ""; }
if(isset($_POST['c_id'])) { $c_id = $_POST['c_id']; } elseif(isset($_GET['c_id'])) { $c_id = $_GET['c_id']; } else { $c_id = ""; }
if(isset($_POST['ref'])) { $ref = $_POST['ref']; } elseif(isset($_GET['ref'])) { $ref = $_GET['ref']; } else { $ref = ""; }





if($task == "forgot") {
echo $head;
echo "
<table width='100%' cellpadding='0' cellspacing='0'>
<tr>
<td valign='top' class='box'>
<h2>$login1</h2>
$login2
<br><br>

<form action='login.php' method='POST'>
<b>$login3</b><br>
<input type='text' class='text' name='username' maxlength='200'>
<input type='submit' class='sbutton' name='submit' value='$login4' style='margin-bottom: 2px;'>
<input type='submit' class='sbutton' name='submit' value='$login5' style='margin-bottom: 2px;'>
<input type='hidden' name='task' value='sendpass'>
</form>
</td>
</tr>
</table>
";
echo $foot;
}





if($task == "sendpass") {
$submit = $_POST['submit'];
$username = $_POST['username'];

$user = mysql_query("SELECT * FROM bhost_users WHERE username='$username'");

if(mysql_num_rows($user) != 1) {
echo $head;
echo "
<h2>$login22</h2>
$login23
";
echo $foot;
exit();
}

$user_info = mysql_fetch_assoc($user);

$subject = str_replace("<fname>", "$user_info[fname]", $admin_info[forgot_subject]);
$subject = str_replace("<lname>", "$user_info[lname]", $subject);
$subject = str_replace("<username>", $user_info[username], $subject);
$subject = str_replace("<password>", u_decrypt($user_info[password]), $subject);
$message = str_replace("<fname>", "$user_info[fname]", $admin_info[forgot_message]);
$message = str_replace("<lname>", "$user_info[lname]", $message);
$message = str_replace("<username>", $user_info[username], $message);
$message = str_replace("<password>", u_decrypt($user_info[password]), $message);

$forgot_headers = "From: $admin_info[fname] $admin_info[lname] <$admin_info[email]>";
mail($user_info[email], $subject, $message, $forgot_headers);

if($submit == "$login5") {
header("Location: login.php");
exit();
}


echo $head;
echo "
<table width='100%' cellpadding='0' cellspacing='0'>
<tr>
<td valign='top' class='box'>
<h2>$login1</h2>
$login11
<br><br>
<form action='login.php' method='POST'>
<input type='submit' class='sbutton' value='$login12'>
</form>
</td>
</tr>
</table>
";
echo $foot;
}







if($task == "dologin") {
$date = time();
$username = $_POST['username'];
$password_unencrypted = $_POST['password'];
$password = u_encrypt($password_unencrypted);
$rememberme = $_POST['rememberme'];
$ipaddress = $_SERVER['REMOTE_ADDR'];

$check = mysql_query("SELECT username, password, verified FROM bhost_users WHERE username='$username' AND password='$password'");
$check_info = @mysql_fetch_assoc($check);

// NO JAVASCRIPT
if(isset($_POST['javascript']) & $_POST['javascript'] == "no") {
$result = "<table cellpadding='0' cellspacing='0' style='margin-top: 2px;'><tr><td>$login13</td></tr></table>";
$task = "main";

// LOGIN FAIL
} elseif(mysql_num_rows($check) == 0) {
mysql_query("INSERT INTO bhost_log (date, username, password, ipaddress, result) VALUES ('$date', '$username', '$password', '$ipaddress', 'Failure')");
$result = "<table cellpadding='0' cellspacing='0' style='margin-top: 2px;'><tr><td>$login14</td></tr></table>";
$task = "main";
} elseif($check_info[verified] == 0) {
mysql_query("INSERT INTO bhost_log (date, username, password, ipaddress, result) VALUES ('$date', '$username', '$password', '$ipaddress', '0')");
$result = "<table cellpadding='0' cellspacing='0' style='margin-top: 2px;'><tr><td>$login15</td></tr></table>";
$task = "main";
} else {
// LOGIN SUCCESS
$user_info = mysql_fetch_assoc(mysql_query("SELECT * FROM bhost_users WHERE username='$username' AND password='$password'"));
$date = time();
mysql_query("UPDATE bhost_users SET last_login='$date' WHERE u_id='$user_info[u_id]'");
mysql_query("INSERT INTO bhost_log (date, username, password, ipaddress, result) VALUES ('$date', '$username', '$password', '$ipaddress', '1')");
bumplog();
$user = u_encrypt($user_info[username]);
$pass = cookie_encrypt(u_decrypt($user_info[password]), $user_info[code]);
$u_id = u_encrypt($user_info[u_id]);

// REMEMBER ME
if(isset($rememberme) AND $rememberme == "1") {
setcookie("username", "$user", time()+60*999999, "/");
setcookie("password", "$pass", time()+60*999999, "/");
setcookie("u_id", "$u_id", time()+60*999999, "/");
} else {
// DONT REMEMBER ME
setcookie("username", "$user", 0, "/");
setcookie("password", "$pass", 0, "/");
setcookie("u_id", "$u_id", 0, "/");
}

// SET LOCATION
if($ref == "1") {
$location = url("entry", "$u", "$e_id");
} elseif($ref == "2") {
$location = "post_comment.php?u=$u&e_id=$e_id";
} elseif($ref == "3") {
$location = "edit_comment.php?u=$u&e_id=$e_id&c_id=$c_id";
} elseif($ref == "4") {
$location = "delete_comment.php?u=$u&e_id=$e_id&c_id=$c_id";
} else {
$location = "./manager/index.php";
}

header("Location: $location");
exit();
}
}













if($task == "main") {
echo $head;
echo "

<table width='100%' cellpadding='0' cellspacing='0'>
<tr>
<td valign='top' class='box'>

<h2>$login16</h2>
$login17
<br><br>
<table cellpadding='0' cellspacing='0'>
<form action='login.php' name='login' method='POST'>
<tr>
<td>
<b>$login18</b><br>
<input type='text' class='text' name='username' maxlength='30'>&nbsp;
</td>
<td>
<b>$login19</b><br>
<input type='password' class='text' name='password' maxlength='30'>&nbsp;
</td>
<td valign='bottom'>
<input type='submit' class='sbutton' value='$login20' style='margin-bottom: 3px;'>
</td>
<td><br>&nbsp;<input type='checkbox' name='rememberme' value='1'></td>
<td><br><span onClick='rememberbox();'>$login21</span></td>
<input type='hidden' name='task' value='dologin'>
<input type='hidden' name='u' value='$u'>
<input type='hidden' name='e_id' value='$e_id'>
<input type='hidden' name='c_id' value='$c_id'>
<input type='hidden' name='ref' value='$ref'>
<NOSCRIPT><input type='hidden' name='javascript' value='no'></NOSCRIPT>
</tr></table>
$result
</form>

</td>
</tr>
</table>

<script language='JavaScript'>
<!-- 
appendEvent = function(el, evname, func) {
 if (el.attachEvent) { // IE
   el.attachEvent('on' + evname, func);
 } else if (el.addEventListener) { // Gecko / W3C
   el.addEventListener(evname, func, true);
 } else {
   el['on' + evname] = func;
 }
};
appendEvent(window, 'load', windowonload);

function windowonload() { document.login.username.focus(); } 
function rememberbox() {
if(document.login.rememberme.checked == true) {
document.login.rememberme.checked = false;
} else {
document.login.rememberme.checked = true;
}}
// -->
</script>
";

echo $foot;
}


?>