2005-09-12 21:51:19 +02:00
|
|
|
|
<?php
|
|
|
|
|
require_once "includes/config.php";
|
|
|
|
|
require "includes/database.php";
|
|
|
|
|
require "includes/fonctions.php";
|
|
|
|
|
|
|
|
|
|
//md5 du mot de passe admin : "echo -n PASS | md5sum"
|
|
|
|
|
$apass = "15e1dd7a1ab7eac39387ccfcbad90263";
|
|
|
|
|
|
|
|
|
|
// administrateur ?
|
2005-09-15 12:17:36 +02:00
|
|
|
|
if ($_POST['login'] == "admin" && md5($_POST['pass']) == $apass)
|
2005-09-12 21:51:19 +02:00
|
|
|
|
{
|
|
|
|
|
$ulog = $_POST['login'];
|
|
|
|
|
$upass = $_POST['pass'];
|
|
|
|
|
$ugroup = "admin";
|
|
|
|
|
login($ulog, $upass, $ugroup);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// utilisateur ?
|
2005-09-15 12:17:36 +02:00
|
|
|
|
else if (md5($_POST['pass']) == getpass($_POST['login']) && getactif($_POST['login']) == "1")
|
2005-09-12 21:51:19 +02:00
|
|
|
|
{
|
|
|
|
|
$ulog = $_POST['login'];
|
|
|
|
|
$upass = getpass($_POST['login']);
|
|
|
|
|
$ugroup = getgroup($_POST['login']);
|
|
|
|
|
login($ulog, $upass, $ugroup);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
kick("Acc<EFBFBD>s refus<75>.");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// creation de la session
|
|
|
|
|
function login($ulog,$upass,$ugroup)
|
|
|
|
|
{
|
|
|
|
|
// adresse ip de la machine utilis<69>e
|
|
|
|
|
$ip = getenv("REMOTE_ADDR");
|
|
|
|
|
|
2005-09-13 22:54:44 +02:00
|
|
|
|
session_name("EVOAUTH_PHPSESSION");
|
2005-09-12 21:51:19 +02:00
|
|
|
|
session_start ();
|
|
|
|
|
|
|
|
|
|
// on v<>rifie que l'utilisateur ne soit pas d<>sactiv<69>
|
|
|
|
|
$actif = getactif($_POST['login']);
|
|
|
|
|
|
|
|
|
|
if ($actif != 1 && $_POST['login'] != "admin")
|
|
|
|
|
header ('location: index.php');
|
|
|
|
|
|
|
|
|
|
// <20>tablissement des variables de session
|
|
|
|
|
$_SESSION['login'] = $_POST['login'];
|
|
|
|
|
|
|
|
|
|
if ($_POST['login'] == "admin")
|
|
|
|
|
$_SESSION['group'] = "adm";
|
|
|
|
|
else
|
|
|
|
|
$_SESSION['group'] = $ugroup;
|
|
|
|
|
|
|
|
|
|
$_SESSION['ip'] = $ip;
|
|
|
|
|
$_SESSION['mac'] = getmac($ip);
|
|
|
|
|
|
|
|
|
|
// on ne d<>cr<63>mentera par la suite que le cr<63>dit des
|
|
|
|
|
// utilisateurs cr<63>dit<69>s
|
|
|
|
|
if ($_POST['login'] != "admin")
|
|
|
|
|
$_SESSION['credit'] = getutype($_SESSION['login']);
|
|
|
|
|
|
|
|
|
|
header ('location: membre.php');
|
|
|
|
|
|
2005-09-23 15:04:07 +02:00
|
|
|
|
clean_ip($ip);
|
2005-09-12 21:51:19 +02:00
|
|
|
|
update_ip($_POST['login'], $ip);
|
|
|
|
|
}
|
|
|
|
|
?>
|