|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
if(isset($_POST['login'])) $login = $_POST['login']; |
|
4
|
|
|
else $login = ""; |
|
5
|
|
|
if(isset($_POST['passwd'])) $passwd = $_POST['passwd']; |
|
6
|
|
|
else $passwd = ""; |
|
7
|
|
|
if(isset($_POST['cms'])) $cms = $_POST['cms']; |
|
8
|
|
|
elseif(isset($_GET['cms'])) $cms = $_GET['cms']; |
|
9
|
|
|
else $cms = ""; |
|
10
|
|
|
|
|
11
|
|
|
//odhlaseni uzivatele |
|
12
|
|
|
if($cms == "logout") { |
|
13
|
|
|
//zrusim promenne v session |
|
14
|
|
|
session_unset(); |
|
15
|
|
|
session_destroy(); |
|
16
|
|
|
//a presmeruji na homepage |
|
17
|
|
|
header("Location: ".HTTP_DIR."login.php"); |
|
18
|
|
|
//ukoncim |
|
19
|
|
|
exit; |
|
20
|
|
|
} |
|
21
|
|
|
|
|
22
|
|
|
######################################################################################################### |
|
23
|
|
|
|
|
24
|
|
|
######## Kontrola prihlaseni |
|
25
|
|
|
$nologin = true; |
|
26
|
|
|
//dd(isset($_SESSION) && (!isset($_SESSION[SESSION_PREFIX.'user'])) || !isset($_SESSION[SESSION_PREFIX.'password'])); |
|
27
|
|
|
//kontrola casove existence session a delky jeji necinnosti |
|
28
|
|
|
if(isset($_SESSION) && (!isset($_SESSION[SESSION_PREFIX.'user']) || !isset($_SESSION[SESSION_PREFIX.'password']))) { |
|
29
|
|
|
$_SESSION['user']["logged"] = false; |
|
30
|
|
|
session_unset(); |
|
31
|
|
|
if(session_id()) { |
|
32
|
|
|
session_destroy(); |
|
33
|
|
|
} |
|
34
|
|
|
header("Location: ".HTTP_DIR."admin/"); |
|
35
|
|
|
exit('Session Not Exists'); |
|
36
|
|
|
} |
|
37
|
|
|
else $_SESSION['user']["logged"] = true; |
|
38
|
|
|
|
|
39
|
|
|
if(isset($_SESSION['user']['logged']) && ($_SESSION['user']['logged'] == true)) { |
|
40
|
|
|
// neverim session z jineho systemu, takze overuju, jestli jsou udaje pravdive |
|
41
|
|
|
if(!isset($database)) { |
|
42
|
|
|
$database = $this->database; |
|
43
|
|
|
} |
|
44
|
|
|
$user = $database->table('sunlight-users')->where('id', $_SESSION[SESSION_PREFIX.'user'])->fetch(); |
|
45
|
|
|
|
|
46
|
|
|
if($user) { |
|
47
|
|
|
if($_SESSION[SESSION_PREFIX.'password'] != $user['password']) { |
|
48
|
|
|
Tracy\Debugger::log('Access: bad password!', Tracy\Debugger::ERROR); |
|
49
|
|
|
} |
|
50
|
|
|
else { |
|
51
|
|
|
$nologin = false; |
|
52
|
|
|
// znovuobnovim pocitani casu |
|
53
|
|
|
$_SESSION['user']['access_time'] = time(); |
|
54
|
|
|
} |
|
55
|
|
|
|
|
56
|
|
|
$uid = $_SESSION[SESSION_PREFIX.'user']; |
|
57
|
|
|
// 20 slunda || 19 dytta || 7 pavlik || 105 liska || 21 Pumpa || 155 jantikjanouch || 165 OVAMysak || 46 Luca || 2 hvezdar || 178 cednik || 182 tester || 179 koblizek |
|
58
|
|
|
if(($uid != 19) && ($uid != 7) && ($uid != 105) && ($uid != 21) && ($uid != 20) && ($uid != 155) && ($uid != 165) && ($uid != 46) && ($uid != 2) && ($uid != 13) && ($uid != 178) && ($uid != 182) && ($uid != 179)){ |
|
59
|
|
|
header("Location: ".HTTP_DIR."admin/"); |
|
60
|
|
|
} |
|
61
|
|
|
} else { |
|
62
|
|
|
Tracy\Debugger::log('Access: user data does not exist!', Tracy\Debugger::ERROR); |
|
63
|
|
|
} |
|
64
|
|
|
} |
|
65
|
|
|
else { |
|
66
|
|
|
session_unset(); |
|
67
|
|
|
session_destroy(); |
|
68
|
|
|
header("Location: ".HTTP_DIR."admin/"); |
|
69
|
|
|
exit('User Is Not Logged'); |
|
70
|
|
|
} |
|
71
|
|
|
|
|
72
|
|
|
?> |
|
|
|
|
|
|
73
|
|
|
|
literat /
srazvs
literat
Using a closing tag in PHP files that only contain PHP code is not recommended as you might accidentally add whitespace after the closing tag which would then be output by PHP. This can cause severe problems, for example headers cannot be sent anymore.
A simple precaution is to leave off the closing tag as it is not required, and it also has no negative effects whatsoever.