user_ip = $GLOBALS["REMOTE_ADDR"]; $this->user_port = $GLOBALS["REMOTE_PORT"]; $this->user_agent = $GLOBALS["HTTP_USER_AGENT"]; $sql = "SELECT COUNT(*) FROM actab WHERE (keyword = \"$keyword\")"; $result = sql_execute($sql); $row = mysqli_fetch_row($result); mysqli_free_result($result); $count = (int) $row[0]; if ($count > 0) { $sql = "SELECT ip, IF(cdate > NOW(), 1, 0), login, logid, loglevel FROM actab WHERE keyword = \"$keyword\""; $sql = "SELECT ip, cdate, login, logid, loglevel FROM actab WHERE keyword = \"$keyword\""; $result = sql_execute($sql); $row = mysqli_fetch_row($result); mysqli_free_result($result); $this->permit = $row[1]; $this->level = $row[4]; if ($this->level < $limit) {$this->permit = 0;} if ($this->permit > 0) { $this->login = $row[2]; $this->user_id = $row[3]; $sql = "UPDATE actab SET cdate = DATE_ADD(NOW(), INTERVAL 60 MINUTE) WHERE keyword = \"$keyword\""; $result = sql_execute($sql); } } if ($this->permit == 0) { $login = $GLOBALS["login"]; $password = $GLOBALS["password"]; if ((strlen($login) > 0) and (strlen($password) > 0)) { $sql = "SELECT COUNT(*) FROM users WHERE login = \"$login\""; $result = sql_execute($sql); $row = mysqli_fetch_row($result); mysqli_free_result($result); $count = (int) $row[0]; if ($count > 0) { $sql = "SELECT login, password, vkey, id, level, approved FROM users WHERE login = \"$login\""; $result = sql_execute($sql); $row = mysqli_fetch_row($result); mysqli_free_result($result); $this->level = $row[4]; $this->user_id = $row[3]; $this->permit = 0; $this->login = $login; if (($row[1] == $password) and ($row[5] == 1) and ($row[4] >= $limit)) { $this->permit = 1; srand(time()); $keyword = rand(); $keyword = $this->user_id . $keyword; $sql = "UPDATE users SET vkey = \"$this->user_ip\" WHERE login = \"$login\""; $result = sql_execute($sql); $sql = "DELETE FROM actab WHERE (logid = $this->user_id) and (ip = \"$this->user_ip\")"; $result = sql_execute($sql); // $sql = "INSERT INTO actab (keyword, ip, cdate, login, logid, loglevel, useragent, remport) // VALUES (\"$keyword\",\"$this->user_ip\", DATE_ADD(NOW(), INTERVAL 60 MINUTE), // \"$login\", $this->user_id, $this->level, \"$this->user_agent\", \"$this->user_port\")"; date_default_timezone_set('Europe/London'); $date = date('Y-m-d H:i:s'); $sql = "INSERT INTO actab (keyword, ip, cdate, login, logid, loglevel, useragent, remport) VALUES (\"$keyword\",\"$this->user_ip\", DATE_ADD(NOW(), INTERVAL 60 MINUTE), \"$login\", $this->user_id, $this->level, \"$this->user_agent\", \"$this->user_port\")"; $result = sql_execute($sql); $exp = time() + 3600; @setcookie("gpp",$keyword,$exp,"/"); } } } } if ($this->permit == 0) { $login_form = join(file("login_form.htm"), "\n"); print $login_form; exit(); } } function Set_Permit($item_id) { $sql = "SELECT uadd, uedit, udel, id FROM usaccess WHERE (userid = $this->user_id) and (mpid = $item_id)"; $result = sql_execute($sql); $row = mysqli_fetch_row($result); mysqli_free_result($result); $this->add = $row[0]; $this->edit = $row[1]; $this->del = $row[2]; $id = (int) $row[3]; if ($this->level == 30) { $this->add = 1; $this->edit = 1; $this->del = 1; $id = (int) 1; } if ($id == 0) { $login_form = join(file("login_form.htm"), "\n"); print $login_form; exit(); } } } ?>