jrtechs
/
jrtechs-Club-Panda
mirror of https://github.com/jrtechs/Club-Panda.git


								<?php


								$errors = array();


								if(isset($_POST['logout']))

								{

								    $_SESSION = array();


								    echo '<h3>You are now logged out</h3>';


								    if($dir == 2)

								        header("Location: ../index.php");


								    else

								        header("Location: index.php");

								}


								if(isset($_POST['log_in']))

								{

								    //echo 'Login procces';

								    if(isset($_POST['user_name']))

								        $i_username = @mysqli_real_escape_string($dbc,

								            trim($_POST['user_name']));

								    else

								        $errors['User Name'] = 'You need to enter a user name!';


								    if(isset($_POST['password']))

								        $i_password = @mysqli_real_escape_string($dbc,

								            trim($_POST['password']));

								    else

								        $errors['password'] = "You need to enter a password!";


								    if($i_password && $i_username)

								    {

								        //valid username

								        $q3 = "select * from users where user_name='$i_username'";

								        //echo $q3;

								        $r3 = mysqli_query($dbc, $q3);


								        if(@mysqli_num_rows($r3) == 1)

								        {

								            //echo 'das good';

								            $firstName = "";

								            while($row = mysqli_fetch_array($r3))

								                $firstName = $row['first_name'];


								            $q2 = "select * from users where user_name =

								                  '$i_username' and pass ='"  . SHA1($i_password

								                    . $firstName) .   "'";


								            $r2 = mysqli_query($dbc, $q2);


								            if(@mysqli_num_rows($r2) == 1)

								            {

								                while($row = mysqli_fetch_array($r2))

								                {


								                    $_SESSION['use'] = true;

								                    $_SESSION['fname'] = $firstName;

								                    $_SESSION['user_id'] = $row['user_id'];

								                    $_SESSION['username'] = $row['user_name'];

								                    $_SESSION['agent'] = md5($_SERVER['HTTP_USERAGENT']

								                        . 'salt');


								                    if($dir == 2)

								                        header("Location: ../index.php");

								                    else

								                        header("Location: index.php");


								                }

								            }

								            else

								            {

								                $errors['password'] = "You entered an invalid password";

								            }

								        }

								        else

								        {

								            $errors['user'] = "You entered an invalid user name!";

								        }

								    }

								}


								echo '<h1 class="w3-text-teal">';


								echo '<center>';


								if($loggedIn)

								    echo 'Profile';

								else

								    echo 'Log In';


								echo '</center></h1>';


								echo '<div class ="w3-card-4 w3-container w3-padding-16">';

								if($loggedIn)

								{

								    echo '<h3 class="w3-center">Welcome ' . $_SESSION['fname'] . '</h3>';


								    if($dir == 2)

								    {

								        echo '<form action="../index.php" method ="post">

								        <input class="w3-padding-16 w3-hover-dark-grey

								         w3-btn-block w3-center-align" type="submit" name ="logout"

								         value="logout" />

								        <input type="hidden" name="logout" value="TRUE" />

								        </form>';

								    }

								    else

								    {

								        echo '<form action="index.php" method ="post">

								        <input class="w3-padding-16 w3-hover-dark-grey w3-btn-block

								        w3-center-align" type="submit" name ="logout" value="logout" />

								        <input type="hidden" name="logout" value="TRUE" />

								        </form>';

								    }

								}

								else

								{

								    if($dir == 2)

								        echo '<form action ="../index.php" method ="post">';

								    else

								        echo '<form action ="index.php" method ="post">';


								    echo '

								        <div class="w3-group">

								        <input class="w3-input" type="text" value="" name="user_name"

								        class="w3-container w3-card-4" required/>

								        <label class="w3-label w3-validate">User Name</label>

								        </div>


								        <div class="w3-group">

								        <input class="w3-input" type="password" value="" name="password"

								        class="w3-container w3-card-4" required/>

								        <label class="w3-label w3-validate">Password</label>

								        </div>


								        <input type="submit" name="login" value="login"

								        class="w3-padding-16 w3-hover-dark-grey w3-btn-block w3-center-align"/>

								        <input type="hidden" name="log_in" value="TRUE"/>

								        </form>';


								}

								foreach($errors as $msg)

								    echo " - $msg<br />";


								echo '</div>';