Login
Código PHP:
<?php require_once('../../Connections/database.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
mysql_select_db($database_database, $database);
$query_site = "SELECT * FROM site";
$site = mysql_query($query_site, $database) or die(mysql_error());
$row_site = mysql_fetch_assoc($site);
$totalRows_site = mysql_num_rows($site);
mysql_select_db($database_database, $database);
$query_afiliados = "SELECT * FROM navigator ORDER BY id ASC";
$afiliados = mysql_query($query_afiliados, $database) or die(mysql_error());
$row_afiliados = mysql_fetch_assoc($afiliados);
$totalRows_afiliados = mysql_num_rows($afiliados);
$colname_user_active = "-1";
if (isset($_SESSION['username'])) {
$colname_user_active = (get_magic_quotes_gpc()) ? $_SESSION['username'] : addslashes($_SESSION['username']);
}
mysql_select_db($database_database, $database);
$query_user_active = sprintf("SELECT * FROM users WHERE username = '%s'", $colname_user_active);
$user_active = mysql_query($query_user_active, $database) or die(mysql_error());
$row_user_active = mysql_fetch_assoc($user_active);
$totalRows_user_active = mysql_num_rows($user_active);
$colname_messages_advert = "-1";
if (isset($_SESSION['username'])) {
$colname_messages_advert = (get_magic_quotes_gpc()) ? $_SESSION['username'] : addslashes($_SESSION['username']);
}
mysql_select_db($database_database, $database);
$query_messages_advert = sprintf("SELECT * FROM messages WHERE `to` = '%s'", $colname_messages_advert);
$messages_advert = mysql_query($query_messages_advert, $database) or die(mysql_error());
$row_messages_advert = mysql_fetch_assoc($messages_advert);
$totalRows_messages_advert = mysql_num_rows($messages_advert);
mysql_select_db($database_database, $database);
$query_modules = "SELECT * FROM modules";
$modules = mysql_query($query_modules, $database) or die(mysql_error());
$row_modules = mysql_fetch_assoc($modules);
$totalRows_modules = mysql_num_rows($modules);
?><?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "level";
$MM_redirectLoginSuccess = "./?action=controlpanel";
$MM_redirectLoginFailed = "?action=login&error=1";
$MM_redirecttoReferrer = false;
mysql_select_db($database_database, $database);
$LoginRS__query=sprintf("SELECT username, password, level FROM users WHERE username='%s' AND password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));
$LoginRS = mysql_query($LoginRS__query, $database) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = mysql_result($LoginRS,0,'level');
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?><?php
$_SESSION['username'] = $_POST['username'];
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title><?php echo $row_site['sitename']; ?> » Iniciar Sesión</title>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">
<meta name="generator" content="Sumolari CMS 1.0">
<meta name="description" content="<?php echo $row_site['sitedesc']; ?>">
<meta name="keywords" content="<?php echo $row_site['sitekeywords']; ?>">
<link rel="stylesheet" type="text/css" href="NiftyLayout.css" media="screen">
<script type="text/javascript" src="niftycube.js"></script>
<script type="text/javascript" src="NiftyLayout.js"></script>
</head>
<body>
<div id="header">
<h1><?php echo $row_site['sitename']; ?></h1>
<div id="menu">
<ul id="nav">
<li id="home"><a href="/.">Inicio</a></li>
<li id="session" class="activelink">
<?php if(isset($_SESSION['username'])){ echo '<a href="?action=logout">';
} else {
echo '<a href="?action=login">';
}
?>
<?php if(isset($_SESSION['username'])){ echo '<span class="side">Logout</span></a>';
} else { echo '<span class="side">Login</span></a>'; } ?>
</li>
<?php if(isset($_SESSION['username'])){ echo '<li id="controlpanel"><a href="?action=controlpanel">Panel de control </a></li>'; } else { echo '<li id="register"><a href="?action=register">Regístrate</a></li>'; } ?>
<li id="users"><a href="?action=users">Usuarios</a></li>
<li id="platform"><a href="?action=platform">Plataformas</a></li>
<li id="game"><a href="?action=game">Juegos</a></li>
<li id="search"><a href="?action=search">Buscar</a></li>
</ul>
</div>
</div>
<div id="container">
<div id="content">
<h2>Iniciar Sesión </h2>
<h3>Login</h3>
<form action="<?php echo $loginFormAction; ?>" method="POST" name="login" id="login">
<table width="80%" border="0" cellpadding="1" cellspacing="1">
<tr>
<td>Nombre de usuarios: </td>
<td><label>
<input name="username" type="text" id="username">
</label></td>
</tr>
<tr>
<td>Contraseña:</td>
<td><label>
<input name="password" type="password" id="password">
</label></td>
</tr>
<tr>
<td colspan="2"><label>
<input type="submit" name="Submit" value="Login">
<?php switch ($_GET['error']) {
case 1:
echo 'El nombre de usuario o contraseña son incorrectos';
break;
case 2:
echo 'Es necesario ser un usuario registrado para poder acceder a esta zona';
break;
default:
echo '';
break;
} ?>
</label></td>
</tr>
</table>
</form>
<p> </p>
<p> </p>
</div>
<div class="side">
<h3>Sesión</h3>
<?php if(isset($_SESSION['username'])){ echo ?>
<p>Has iniciado sesión como <strong><?php echo $row_user_active['username']; ?></strong>.
<br>
Tienes <strong><?php echo $totalRows_messages_advert ?></strong> mensajes privados, ir a la bandeja de entrada. </p>
<?php } else { echo ?>
<p>Estás iniciando sesión...
<?php } ?>
</div>
<div class="side">
<h3>Acceso rápido</h3>
<p><a href="http://blog-noticias.sumolari.com">Blog de noticias</a></p>
<p><a href="http://blog-sumolari.sumolari.com">Blog de Sumolari</a></p>
<p><a href="http://blogs.sumolari.com">Blogs gratis </a></p>
<p><a href="http://foro.sumolari.com">Foro</a> </p>
<p><a href="?action=about">Sobre</a></p>
</div>
<div class="side">
<h3>Afiliados</h3>
<?php do { ?>
<p><a href="<?php echo $row_afiliados['link_url']; ?>" title="<?php echo $row_afiliados['link_desc']; ?>"><?php echo $row_afiliados['link_title']; ?></a></p>
<?php } while ($row_afiliados = mysql_fetch_assoc($afiliados)); ?></div>
<?php if ($totalRows_modules > 0) { // Show if recordset not empty ?>
<?php do { ?>
<div class="side">
<h3><?php echo $row_modules['module_title']; ?></h3>
<p><?php echo $row_modules['module_text']; ?></p>
</div>
<?php } while ($row_modules = mysql_fetch_assoc($modules)); ?>
<?php } // Show if recordset not empty ?>
<div class="side">
<h3>Amigos</h3>
<p align="center"><a href="http://www.spreadfirefox.com/?q=affiliates&id=0&t=210" target="_blank"><img border="0" alt="Firefox 2" title="Firefox 2" src="http://sfx-images.mozilla.org/affiliates/Buttons/firefox2/firefox-spread-btn-1b.png"/></a></p>
</div>
<div id="footer">
<p><a href="http://creativecommons.org/licenses/by-sa/2.5/es/" target="_blank" rel="license">
<img src="http://i.creativecommons.org/l/by-sa/2.5/es/80x15.png" alt="Creative Commons License" border="0" style="border-width:0" />
</a>
<?php if ($row_site['siteyears'] == $row_site['siteyearf']) {
echo $row_site['siteyears'];
} else {
echo $row_site['siteyears']; echo " - "; echo $row_site['siteyearf'];
} ?>
<?php echo $row_site['sitename']; ?> - Programado por Lluís Ulzurrun de Asanza Sàez </p>
</div>
</div>
</body>
</html>
<?php
mysql_free_result($site);
mysql_free_result($afiliados);
mysql_free_result($user_active);
mysql_free_result($messages_advert);
mysql_free_result($modules);
?>