login.js
var l_ajaxpath='ajax/logon.php';
function login()
{
if($('#ulogin').val()=='smg') document.location.href='http://31337.pl/'; else
if($('#ulogin').val()!='' && $('#upass').val()!='') {
//$('#rpanel').load(l_ajaxpath+'?t=login',{l:$('#ulogin').val(),ph:sha1(passhash+$('#upass').val())});
$('#rpanel').load(l_ajaxpath+'?t=login',{l:$('#ulogin').val(),ph:$('#upass').val()});
if($('#cfgmenu').length>0) window.location.reload();
}
}
logon.php
<?php
error_reporting(E_ALL);
ini_set('display_errors', true);
ini_set('display_startup_errors', true);
?>
<script type="text/javascript">
$(document).ready(function () {
$('#upass').keypress(function(e){
if(e.which==13) login();
});
});
</script>
<div id=logpanel>
<div id=login><br><center>
<div class=inp><input type=text id=ulogin></div>
<div class=inp><input type=password id=upass maxLength=20></div></center>
<button id=loginbutton onclick='login();' rollover=30> </button><br />
</div>
<img src="/img/log_back1.png" class=logfoot>
</div>
<?php
header("Content-Type: text/plain");
require_once('../config.class.php');
require_once('../login.class.php');
$doVariableLogin = isset($_GET['t']) ? $_GET['t'] : null;
if($doVariableLogin == 'login') {
if(!empty($_POST['l']) && !empty($_POST['ph'])){
$l = new login;
$r = $l->istniejelogin(po5($_POST['ulogin']));
if($r == true){
$r = $l->istniejehaslo(po5($_POST['ulogin']), po5($_POST['upass']));
if($r >= 0){
$_SESSION['logged'] = $r;
header("Location: ?t=login");
} else echo "Bledne Haslo.";
} else echo "Bledny Login.";
} else echo "failed";
}
print_r($_POST);
print_r($_GET);
?>
login.class.php
function po5($a){
//syfrowanie hasla $b = strlen($a);
for($i=1;$i<=$b-2;$i++){
$tmp = $a[$i];
$a[$i] = $a[$i++];
$a[$i++] = $tmp;
}
return $a;
}
class login {
function istniejelogin($a){
$b = mysql_fetch_array(mysql_query("select * from account where login = '".$a."' limit 1"));
if(empty($b)) return false;
else return true;
}
function istniejehaslo($a, $b){
$c = mysql_fetch_array(mysql_query("select * from account where login = '".$a."' and haslo = '".$b."' limit 1"));
if(empty($c)) return false;
else return $c['id'];
}
}