42 righe
1,3 KiB
PHP
42 righe
1,3 KiB
PHP
<?php
|
|
|
|
require('include/glob.php');
|
|
require('include/muoribene.php');
|
|
|
|
function hspech($str) {
|
|
return(htmlspecialchars($str,ENT_QUOTES|ENT_HTML5,'UTF-8'));
|
|
}
|
|
|
|
$btl='<a href="index.php">Back to login</a>';
|
|
|
|
$errs='';
|
|
|
|
if (!array_key_exists('email',$_POST) || trim($_POST['email'])=='')
|
|
$errs.='You didn’t specify your email.<br>'.N;
|
|
if (!array_key_exists('password',$_POST) || trim($_POST['password'])=='')
|
|
$errs.='You didn’t specify your password.<br>'.N;
|
|
if ($errs!='') muoribene($errs.$btl,false);
|
|
|
|
require('include/myconn.php');
|
|
|
|
$res=mysqli_query($link,'SELECT * FROM Admins WHERE Email=\''.mysqli_real_escape_string($link,$_POST['email']).'\'')
|
|
or muoribene(__LINE__.': '.mysqli_error($link).'<br>'.$btl,true);
|
|
mysqli_close($link);
|
|
if (mysqli_num_rows($res)>1)
|
|
muoribene('There’s more than one account with Email=«'.hspech($_POST['email']).'»!<br>'.$btl,false);
|
|
$row=mysqli_fetch_assoc($res);
|
|
if (mysqli_num_rows($res)<1 || !password_verify($_POST['password'],$row['Password']))
|
|
muoribene('Unknown email or wrong password.<br>'.$btl,false);
|
|
if ($row['Enabled']==0)
|
|
muoribene('Your account is not enabled.<br>'.$btl,false);
|
|
|
|
session_name('mustard');
|
|
session_start();
|
|
$_SESSION['AdmID']=$row['ID'];
|
|
|
|
if ($row['Level']=='guest')
|
|
header('Location: guestinsts.php');
|
|
else
|
|
header('Location: instances.php');
|
|
|
|
?>
|