Hier nochmal der Quelltext
LOGIN.PHP (komplett)
<?php
settype($userx, "string");
settype($pwdx, "string");
include("../web/post_get.php");
$pwdx = $_POST["pwdx"];
$userx = $_POST["userx"];
$curdir = dirname($_SERVER["PHP_SELF"]);
if ($curdir == "/") { $curdir = ""; }
$userxf = $userx;
if (file_exists("../daten/mdata/$userxf.pwl")) {
$tf = fopen ("../daten/mdata/$userxf.pwl", "r-");
$user = fgets ($tf,30);
$pwd = fgets ($tf,15);
$pwd = trim ($pwd);
$status = fgets ($tf,5);
fclose ($tf); }
else {
$log = date("d.m.Y") . " " . date("h:i:s A") . " USR WR" . " user: " . $userx . " pwd: " . $pwdx . " " . $_SERVER["REMOTE_ADDR"];
$fw = fopen("../daten/mdata/log/reg.log", "a");
$log = $log . "rn";
fputs ($fw,$log);
fclose ($fw);
header("location:
http://".$_SERVER["HTTP_HOST"].$curdir."/mlog.php?msg=User-Name oder Passwort nicht registriert!");
exit; }
if (file_exists("../daten/mdata/$userxf.pwl") AND !isset($pwdx) OR $pwdx != $pwd){
$log = date("d.m.Y") . " " . date("h:i:s A") . " PWD WR" . " user: " . $userx . " pwd: " . $pwdx . " " . $_SERVER["REMOTE_ADDR"];
$fw = fopen("../daten/mdata/log/$userxf.log", "a");
$log = $log . "rn";
fputs ($fw,$log);
fclose ($fw);
header("location:
http://".$_SERVER["HTTP_HOST"].$curdir."/mlog.php?msg=User-Name oder Passwort nicht registriert!");
exit; }
if (file_exists("../daten/mdata/$userxf.pwl") AND $pwdx == $pwd) {
session_start();
$log = date("d.m.Y") . " " . date("h:i:s A") . " accept" . " user: " . $userx . " pwd: " . $pwdx . " " . $_SERVER["REMOTE_ADDR"];
$fw = fopen("../daten/mdata/log/$userxf.log", "a");
$log = $log . "rn";
fputs ($fw,$log);
fclose ($fw);
$_SESSION["suserx"] = "userx";
$_SESSION["spwdx"] = "pwdx";
session_write_close();
header("location:
http://".$_SERVER["HTTP_HOST"].$curdir."/main.php?sid=".session_id());
exit; }
?>
MAIN.PHP (nur header)
<?php
settype($sid, "integer");
settype($status, "integer");
$curdir = dirname($_SERVER["PHP_SELF"]);
if ($curdir == "/") { $curdir = ""; }
session_start();
$suserfx2 = $_SESSION["suserx"];
if (file_exists("../daten/mdata/$suserxf2.pwl")) {
$tf = fopen ("../daten/mdata/$suserxf2.pwl", "r-");
$user = fgets ($tf,30);
$user = trim ($user);
$pwd = fgets ($tf,15);
$pwd = trim ($pwd);
$status = fgets ($tf,5);
fclose ($tf); }
else {
header("location:
http://".$_SERVER["HTTP_HOST"].$curdir."/mlog.php?msg=Vorgang fehlgeschlagen. Bitte einloggen!");
exit; }
if (!isset($_SESSION["spwdx"]) OR $_SESSION["spwdx"] != $pwd){
header("location:
http://".$_SERVER["HTTP_HOST"].$curdir."/mlog.php?msg=Vorgang fehlgeschlagen. Bitte einloggen!");
exit; }
?>