" . $err; if (!isset($_POST["userLogin"]) || $_POST["userLogin"] == "") $err = $langErrorNoLogin . "
" . $err; if (!isset($_POST["userPass"]) || $_POST["userPass"] == "") { $err = $langErrorNoPass . "
" . $err; } else { $salt = substr(crypt($_POST["userID"], "ef"), 0, 2); $cryptPassword = crypt($_POST["userPass"], $salt); } if ($err == "") { //$link = mysql_connect($mysqlHost,$mysqlUser,$mysqlPass)result = mysql($mysqlEFDB,"select id, nick, flags from members where id=\"". $_POST["userID"] . "\" AND flags like \"%suit%\""); //$row=mysql_fetch_array($result); //Prepare Array for Authcheck // make Data for CURL instead: /* $data = array('id' => strtolower($_POST["userID"]), 'nick' => stripslashes($_POST["userLogin"]), 'password' => $_POST["userPass"]);*/ $data = "id=" . urlencode(strtolower(trim($_POST["userID"]))) . "&nick=" . urlencode(stripslashes($_POST["userLogin"])) . "&password=" . urlencode($_POST["userPass"]); // 'nick' => strtolower(stripslashes($_POST["userLogin"])), //Send Authrequest // list($header, $content) = PostRequest($authURL, "http://fursuit.eurofurence.org", $data); $content = PostRequestNew($authURL, "http://fursuit.eurofurence.org", $data); // Backup for SQL // if ((strtolower($row["id"]) == strtolower($_POST["userID"])) && (utf8_encode(strtolower($row["nick"])) == strtolower(stripslashes($_POST["userLogin"]))) && ($row["password"] == $cryptPassword)) $content = substr($content, 0, (strlen($content) -1)); ///echo "|" . $content . "|"; if ($content == "Login OK") { $_SESSION["userID"] = $_POST["userID"]; $_SESSION["userLogin"] = stripslashes($_POST["userLogin"]); $_SESSION["userPass"] = $cryptPassword; $_SESSION["loggedin"] = true; $action = "loggedin"; } else { // Logging /* $file = fopen ( "loginfailbananansqueezeblahding.txt", "a"); fwrite($file, $_POST["userID"] . ", " . $_POST["userLogin"] . ", " . $_POST["userPass"] . ", ["); foreach($data as $key => $value) { fwrite($file,$value.", "); } fwrite($file,"], " . $content . ", " . $_SERVER['HTTP_USER_AGENT'] . "\n"); fclose($file); */ // /Logging $err = "User " . $_POST["userLogin"] . " or password not found in Database
Please check your login data.
$content."; $action = "loginfail"; } //mysql_close($link); } } #if ($action == "logout") #{ session_unset(); # $_SESSION=array(); #} if ($action == "checkvote") { if (isset($_REQUEST['answer'])) { $link = mysql_connect($mysqlHost,$mysqlUser,$mysqlPass); mysql_select_db($mysqlDB); $resultVoting = mysql_query("select * from votingEF". $intCurrentEF. " where regNum=\"". $_SESSION["userID"] . "\""); if (mysql_num_rows($resultVoting) == 0) { if ($_REQUEST['answer'] == "1" || $_REQUEST['answer'] == "2") { $action = "yesVoteIsOkay6wqmJuj3EF6oybiD1sCt"; } else { $action = ""; $err = $langErrNoAnswer; } } else { $action = ""; } mysql_free_result($resultVoting); mysql_close($link); } else { $action = ""; $err = $langErrNoAnswer; } } $dateNow = new DateTime(); ?>

(" . $langLogout . ")"); ?>