<?php
class SESSION{
public function status($status){
$status_ret = true;
if ($status == 0) {
$_SESSION['uid'] = "";
$_SESSION['passwort'] = "";
$_SESSION['login'] = "";
$_GET['content'] = '/error/kein_zutritt';
$status_ret = false;
}
if ($status == 2) {
$_SESSION['uid'] = "";
$_SESSION['passwort'] = "";
$_SESSION['login'] = "";
$_GET['content'] = '/error/user_gesperrt';
$status_ret = false;
}
return $status_ret;
}
function login($nickname,$passwort){
global $datenbank,$grundconfig,$meldung,$ip;
$pw = pw_erstellen($passwort);
$query = "
SELECT
k.admin,
k.uid,
k.passwort,
k.status,
k.hinweis,
u.nickname
FROM
" . PREFIX . USER . " u
LEFT JOIN
" . PREFIX . KONTO . " k
ON
k.uid = u.uid
WHERE
u.nickname = '" . $datenbank->escape($nickname) . "'
OR
u.uid = '". $datenbank->escape($nickname) ."'
AND
k.passwort='" . $pw . "' LIMIT 1
";
$login_check = $datenbank->num_rows($query);
if ($login_check == 1) {
$user_check = $datenbank->get_row($query,true);
$status_login = $this->status($user_check->status);
if ($status_login == true) {
$user = $datenbank->get_row($query,true);
$update = array(
"login_ip" => $ip,
"loginzeit" => time()
);
$where = array("uid" => $user->uid, "passwort" => $pw);
$datenbank->update(PREFIX . KONTO ,$update, $where);
if ($_POST['autologin'] == 'on') {
setCookie('uid', $user->uid, time() + 86400 * 30);
setCookie('passwort', $user->passwort, time() + 86400 * 30);
setCookie('autologin', 'true', time() + 86400 * 30);
}else{
$_SESSION['uid'] = $user->uid;
$_SESSION['admin'] = $user->admin;
$_SESSION['passwort'] = $user->passwort;
$_SESSION['login'] = true;
$_SESSION['lang'] = 'de';
$meldung = LOGIN_SESSION_TRUE;
}
header ("location: " . $grundconfig->domain);
}
} else {
meldung(1,LOGIN_ERROR_PASS_FALSE);
}
}
function wartung(){
global $grundconfig,$_SESSION;
if ($grundconfig->wartung == 1 && $_SESSION['uid'] != $admin_id) {
setCookie('uid', '', time() - 86400 * 30);
setCookie('passwort', '', time() - 86400 * 30);
setCookie('autologin', '', time() - 86400 * 30);
$_SESSION['uid'] = "";
$_SESSION['passwort'] = "";
$_SESSION['admin'] = "";
$_SESSION['login'] = false;
header ("location: " . $domain . "/wartung.php");
die();
}
}
function autologin(){
global $datenbank,$_SESSION,$ip;
if ($_SESSION['login'] != true && isset($_COOKIE['autologin']) && isset($_COOKIE['uid']) && isset($_COOKIE['passwort'])) {
$_COOKIE['uid'] = (int)$_COOKIE['uid'];
$_COOKIE['passwort'] = addslashes ($_COOKIE['passwort']);
$query = "SELECT `uid`,`passwort`,`status`,`hinweis`,`admin` FROM " . PREFIX . KONTO . " WHERE uid=" . $_COOKIE['uid'] . " and passwort='" . $_COOKIE['passwort'] . "' LIMIT 1";
$login_check = $datenbank->num_rows($query);
if ($login_check == 1) {
$login_check = $datenbank->get_row($query,true);
if ($login_check->status == 1) {
$datenbank->update(PREFIX . KONTO ,array("login_ip" => $ip,"loginzeit" => time() ), array("uid" => $_COOKIE['uid'],"passwort" => $_COOKIE['passwort']),1);
$_SESSION['uid'] = $login_check->uid;
$_SESSION['passwort'] = $login_check->passwort;
$_SESSION['admin'] = $login_check->admin;
$_SESSION['login'] = true;
$_SESSION['lang'] = 'de';
}
}
}
}
function logout(){
global $grundconfig;
setCookie('uid', '', time() - 86400 * 30);
setCookie('passwort', '', time() - 86400 * 30);
setCookie('autologin', '', time() - 86400 * 30);
$_SESSION['uid'] = "";
$_SESSION['passwort'] = "";
$_SESSION['admin'] = "";
$_SESSION['login'] = false;
header ("location: " . $grundconfig->domain);
die();
}
/**
* userstatus()
*
* @author designerscripte.net
* @category system
* @version 2.5.0
* @example userstatus();
* @return Leitet bei keinem zugriff auf die entsprechenden fehlerseiten weiter
*/
function userstatus () {
global $_SESSION,$datenbank,$grundconfig;
if ($_SESSION['login'] == 'true') {
$query = "SELECT `uid`,`passwort`,`status`,`hinweis` FROM " . PREFIX . KONTO . " WHERE uid=" . $datenbank->escape($_SESSION['uid']) . " and passwort='" . $datenbank->escape($_SESSION['passwort']) . "' LIMIT 1";
$login_check = $datenbank->get_row($query,true);
// nicht aktiviert oder nicht angemeldet!
if (!$datenbank->num_rows($query) OR $login_check->status == 0) {
setCookie('uid', '', time() - 86400 * 30);
setCookie('passwort', '', time() - 86400 * 30);
setCookie('autologin', '', time() - 86400 * 30);
$_SESSION['uid'] = "";
$_SESSION['passwort'] = "";
$_SESSION['login'] = false;
header ("location: " . $grundconfig->domain . "/?page=/error/kein_zutritt");
die();
}
// gesperrt
if ($login_check->status == 2) {
setCookie('uid', '', time() - 86400 * 30);
setCookie('passwort', '', time() - 86400 * 30);
setCookie('autologin', '', time() - 86400 * 30);
$_SESSION['uid'] = "";
$_SESSION['passwort'] = "";
$_SESSION['login'] = false;
header ("location: " . $grundconfig->domain . "/?page=/error/user_gesperrt");
}
}else {
header ("location: " . $grundconfig->domain . "/?page=/error/kein_zutritt");
}
}
}