evoauth/htdocs/login.php

<?php
	require_once "includes/config.php";
	require "includes/database.php";
	require "includes/fonctions.php";

	//md5 du mot de passe admin : "echo -n PASS | md5sum"
	$apass = "15e1dd7a1ab7eac39387ccfcbad90263";
	
	// administrateur ?
	if ($_POST['login'] == "admin" && md5($_POST['pass']) == $apass)
	{
		$ulog = $_POST['login'];
		$upass = $_POST['pass'];
		$ugroup = "admin";
		login($ulog, $upass, $ugroup);
	}

	// utilisateur ?
	else if (md5($_POST['pass']) == getpass($_POST['login']) && getactif($_POST['login']) == "1")
	{
		$ulog = $_POST['login'];
		$upass = getpass($_POST['login']);
		$ugroup = getgroup($_POST['login']);
		login($ulog, $upass, $ugroup);
	}

	else
	{
		kick("Accès refusé.");
	}

	// creation de la session
	function login($ulog,$upass,$ugroup)
	{
		// adresse ip de la machine utilisée
		$ip = getenv("REMOTE_ADDR");
	
		session_name("EVOAUTH_PHPSESSION");
   		session_start ();

		// on vérifie que l'utilisateur ne soit pas désactivé
		$actif  = getactif($_POST['login']);

		if ($actif != 1 && $_POST['login'] != "admin")
			header ('location: index.php');

		// établissement des variables de session
		$_SESSION['login'] = $_POST['login'];

		if ($_POST['login'] == "admin")
			$_SESSION['group'] = "adm";
		else
			$_SESSION['group'] = $ugroup;

		$_SESSION['ip'] = $ip;
		$_SESSION['mac'] = getmac($ip);

		// on ne décrémentera par la suite que le crédit des
		// utilisateurs crédités
		if ($_POST['login'] != "admin")
			$_SESSION['credit'] = getutype($_SESSION['login']);

		header ('location: membre.php');

		clean_ip($_POST['login'],$ip);
		update_ip($_POST['login'], $ip);
	}
?>
Initial revision 2005-09-12 21:51:19 +02:00			`<?php`
			`require_once "includes/config.php";`
			`require "includes/database.php";`
			`require "includes/fonctions.php";`

			`//md5 du mot de passe admin : "echo -n PASS \| md5sum"`
			`$apass = "15e1dd7a1ab7eac39387ccfcbad90263";`

			`// administrateur ?`
nettoyage. 2005-09-15 12:17:36 +02:00			`if ($_POST['login'] == "admin" && md5($_POST['pass']) == $apass)`
Initial revision 2005-09-12 21:51:19 +02:00			`{`
			`$ulog = $_POST['login'];`
			`$upass = $_POST['pass'];`
			`$ugroup = "admin";`
			`login($ulog, $upass, $ugroup);`
			`}`

			`// utilisateur ?`
nettoyage. 2005-09-15 12:17:36 +02:00			`else if (md5($_POST['pass']) == getpass($_POST['login']) && getactif($_POST['login']) == "1")`
Initial revision 2005-09-12 21:51:19 +02:00			`{`
			`$ulog = $_POST['login'];`
			`$upass = getpass($_POST['login']);`
			`$ugroup = getgroup($_POST['login']);`
			`login($ulog, $upass, $ugroup);`
			`}`

			`else`
			`{`
			`kick("Accès refusé.");`
			`}`

			`// creation de la session`
			`function login($ulog,$upass,$ugroup)`
			`{`
			`// adresse ip de la machine utilisée`
			`$ip = getenv("REMOTE_ADDR");`

better. 2005-09-13 22:54:44 +02:00			`session_name("EVOAUTH_PHPSESSION");`
Initial revision 2005-09-12 21:51:19 +02:00			`session_start ();`

			`// on vérifie que l'utilisateur ne soit pas désactivé`
			`$actif = getactif($_POST['login']);`

			`if ($actif != 1 && $_POST['login'] != "admin")`
			`header ('location: index.php');`

			`// établissement des variables de session`
			`$_SESSION['login'] = $_POST['login'];`

			`if ($_POST['login'] == "admin")`
			`$_SESSION['group'] = "adm";`
			`else`
			`$_SESSION['group'] = $ugroup;`

			`$_SESSION['ip'] = $ip;`
			`$_SESSION['mac'] = getmac($ip);`

			`// on ne décrémentera par la suite que le crédit des`
			`// utilisateurs crédités`
			`if ($_POST['login'] != "admin")`
			`$_SESSION['credit'] = getutype($_SESSION['login']);`

			`header ('location: membre.php');`

la fonction clean_ip() ignore la personne concern��e. 2005-09-26 00:25:08 +02:00			`clean_ip($_POST['login'],$ip);`
Initial revision 2005-09-12 21:51:19 +02:00			`update_ip($_POST['login'], $ip);`
			`}`
			`?>`