123456789101112131415161718192021222324252627282930313233343536373839404142 |
- <?php
- require '../../lib/glob.php';
- require '../../lib/muoribene.php';
- function hspech($str) {
- return(htmlspecialchars($str,ENT_QUOTES|ENT_HTML5,'UTF-8'));
- }
- $btl='<a href="index.php">Back to login</a>';
- $errs='';
- if (!array_key_exists('email',$_POST) || trim($_POST['email'])=='')
- $errs.='You didn’t specify your email.<br>'.N;
- if (!array_key_exists('password',$_POST) || trim($_POST['password'])=='')
- $errs.='You didn’t specify your password.<br>'.N;
- if ($errs!='') muoribene($errs.$btl,false);
- require '../../lib/myconn.php';
- $res=mysqli_query($link,'SELECT * FROM Admins WHERE Email=\''.mysqli_real_escape_string($link,$_POST['email']).'\'')
- or muoribene(__LINE__.': '.mysqli_error($link).'<br>'.$btl,true);
- mysqli_close($link);
- if (mysqli_num_rows($res)>1)
- muoribene('There’s more than one account with Email=«'.hspech($_POST['email']).'»!<br>'.$btl,false);
- $row=mysqli_fetch_assoc($res);
- if (mysqli_num_rows($res)<1 || !password_verify($_POST['password'],$row['Password']))
- muoribene('Unknown email or wrong password.<br>'.$btl,false);
- if ($row['Enabled']==0)
- muoribene('Your account is not enabled.<br>'.$btl,false);
- session_name('mustard');
- session_start();
- $_SESSION['AdmID']=$row['ID'];
- if ($row['Level']=='guest')
- header('Location: guestinsts.php');
- else
- header('Location: instances.php');
- ?>
|