42 wiersze
1,3 KiB
PHP
42 wiersze
1,3 KiB
PHP
<?php
|
||
|
||
require('include/glob.php');
|
||
require('include/muoribene.php');
|
||
|
||
function hspech($str) {
|
||
return(htmlspecialchars($str,ENT_QUOTES|ENT_HTML5,'UTF-8'));
|
||
}
|
||
|
||
$btl='<a href="index.php">Back to login</a>';
|
||
|
||
$errs='';
|
||
|
||
if (!array_key_exists('email',$_POST) || trim($_POST['email'])=='')
|
||
$errs.='You didn’t specify your email.<br>'.N;
|
||
if (!array_key_exists('password',$_POST) || trim($_POST['password'])=='')
|
||
$errs.='You didn’t specify your password.<br>'.N;
|
||
if ($errs!='') muoribene($errs.$btl,false);
|
||
|
||
require('include/myconn.php');
|
||
|
||
$res=mysqli_query($link,'SELECT * FROM Admins WHERE Email=\''.mysqli_real_escape_string($link,$_POST['email']).'\'')
|
||
or muoribene(__LINE__.': '.mysqli_error($link).'<br>'.$btl,true);
|
||
mysqli_close($link);
|
||
if (mysqli_num_rows($res)>1)
|
||
muoribene('There’s more than one account with Email=«'.hspech($_POST['email']).'»!<br>'.$btl,false);
|
||
$row=mysqli_fetch_assoc($res);
|
||
if (mysqli_num_rows($res)<1 || !password_verify($_POST['password'],$row['Password']))
|
||
muoribene('Unknown email or wrong password.<br>'.$btl,false);
|
||
if ($row['Enabled']==0)
|
||
muoribene('Your account is not enabled.<br>'.$btl,false);
|
||
|
||
session_name('mustard');
|
||
session_start();
|
||
$_SESSION['AdmID']=$row['ID'];
|
||
|
||
if ($row['Level']=='guest')
|
||
header('Location: guestinsts.php');
|
||
else
|
||
header('Location: instances.php');
|
||
|
||
?>
|