CuteNews login - zapamti meŽelim da dodam opciju zapamti me pri logovanju, ali ne znam nacin kako da to uradim.
Imam ovaj fajl index.php od admin panela
Code:
<?php
header('Content-Type: text/html; charset=UTF-8', true);
header('Accept-Charset: UTF-8', true);
/*********************************************
CuteNews CutePHP.com
Copyright (C) 2005 Georgi Avramov ([email protected])
UTF-8 CN: I18N, Security fixes, bug fixes - korn19.ch (2009)
*********************************************/
error_reporting (E_ALL ^ E_NOTICE);
require_once("./inc/functions.inc.php");
//#################
$PHP_SELF = 'index.php';
$cutepath = '.';
$config_path_image_upload = './data/upimages';
$config_use_cookies = TRUE; // Use Cookies When Checking Authorization
$config_use_sessions = FALSE; // Use Sessions When Checking Authorization
$config_check_referer = TRUE; // Set to TRUE for more seciruty
//#################
$Timer = new microTimer;
$Timer->start();
// Check if CuteNews is not installed
$db_err = false;
if(file_exists('./data/users.db.php')){
$all_users_db = file('./data/users.db.php');
$check_users = $all_users_db;
$check_users[1] = trim($check_users[1]);
$check_users[2] = trim($check_users[2]);
}
else{
$db_err = true;
}
if($db_err || ((!$check_users[2] || trim($check_users[2]) == '') && (!$check_users[1] || trim($check_users[1]) == ''))){
if(!file_exists('./inc/install.mdu')){
die('<h2>Error!</h2>CuteNews detected that you do not have users in your /data/users.db.php file and wants to run the install module.<br>
However, the install module (<b>./inc/install.mdu</b>) can not be located, please reupload this file and make sure you set the proper permissions so the installation can continue.');
}
require('./inc/install.mdu');
exit;
}
require_once('./data/config.php');
if(isset($config_skin) and $config_skin != '' and file_exists('./skins/'.$config_skin.'.skin.php')){
require_once("./skins/${config_skin}.skin.php");
}
else{
$using_safe_skin = true;
require_once("./skins/default.skin.php");
}
b64dck();
if($config_use_sessions){
@session_start();
@header("Cache-control: private");
}
if($action == 'logout'){
setcookie('md5_password', '');
setcookie('username', '');
setcookie('login_referer', '');
if($config_use_sessions){
@session_destroy();
@session_unset();
setcookie(session_name(), '');
}
msg('info', 'Logout', 'You are now logged out, <a href="'.$PHP_SELF.'">login</a><br /><br>');
}
$is_loged_in = FALSE;
$cookie_logged = FALSE;
$session_logged = FALSE;
$temp_arr = explode('?', $HTTP_REFERER);
$HTTP_REFERER = $temp_arr[0];
if(substr($HTTP_REFERER, -1) == '/'){
$HTTP_REFERER .= 'index.php';
}
// Check if The User is Identified
if($config_use_cookies == TRUE){
/* Login Authorization using COOKIES */
if(isset($username)){
if(isset($HTTP_COOKIE_VARS['md5_password'])){ $cmd5_password = $HTTP_COOKIE_VARS['md5_password']; }
elseif(isset($_COOKIE['md5_password'])){ $cmd5_password = $_COOKIE['md5_password']; }
else{ $cmd5_password = md5($password); }
// Do we have correct username and password ?
if(check_login($username, $cmd5_password)){
if($action == 'dologin'){
setcookie('lastusername', $username, time()+1012324305);
if($rememberme == 'yes'){
setcookie('username', $username, time()+60*60*24*30);
setcookie('md5_password', $cmd5_password, time()+60*60*24*30);
}
else{
setcookie('username', $username);
setcookie('md5_password', $cmd5_password);
}
}
$cookie_logged = TRUE;
}
else{
setcookie('username', FALSE);
setcookie('md5_password', FALSE);
$result = '<span style="color: #f00">Wrong username or password</span>';
$cookie_logged = FALSE;
}
}
/* END Login Authorization using COOKIES */
}
if($config_use_sessions == TRUE){
/* Login Authorization using SESSIONS */
if(isset($HTTP_X_FORWARDED_FOR)){ $ip = $HTTP_X_FORWARDED_FOR; }
elseif(isset($HTTP_CLIENT_IP)){ $ip = $HTTP_CLIENT_IP; }
if($ip == ''){ $ip = $REMOTE_ADDR; }
if($ip == ''){ $ip = "not detected";}
if($action == 'dologin'){
$md5_password = md5($password);
if(check_login($username, $md5_password)){
$session_logged = TRUE;
@session_register('username');
@session_register('md5_password');
@session_register('ip');
@session_register('login_referer');
$_SESSION['username'] = $username;
$_SESSION['md5_password'] = $md5_password;
$_SESSION['ip'] = $ip;
$_SESSION['login_referer'] = $HTTP_REFERER;
}
else{
$result = '<font color=red>Wrong username and/or password</font>';
$session_logged = FALSE;
}
}
elseif(isset($_SESSION['username'])){ // Check the if member is using valid username/password
if(check_login($_SESSION['username'], $_SESSION['md5_password'])){
if($_SESSION['ip'] != $ip){
$session_logged = FALSE; $result = "The IP in the session doesn not match with your IP";
}
else{
$session_logged = TRUE;
}
}
else{
$result = '<font color=red>Wrong username and/or password !!!</font>';
$session_logged = FALSE;
}
}
if(!$username){ $username = $_SESSION['username']; }
/* END Login Authorization using SESSIONS */
}
###########################
if($session_logged == TRUE or $cookie_logged == TRUE){
if($action == 'dologin'){
//-------------------------------------------
// Modify the Last Login Date of the user
//-------------------------------------------
$old_users_db = $all_users_db;
$modified_users = fopen('./data/users.db.php', 'w');
foreach($old_users_db as $old_users_db_line){
$old_users_db_arr = explode('|', $old_users_db_line);
if($member_db[0] != $old_users_db_arr[0]){
fwrite($modified_users, $old_users_db_line);
}
else{
fwrite($modified_users, "$old_users_db_arr[0]|$old_users_db_arr[1]|$old_users_db_arr[2]|$old_users_db_arr[3]|$old_users_db_arr[4]|$old_users_db_arr[5]|$old_users_db_arr[6]|$old_users_db_arr[7]|$old_users_db_arr[8]|".time()."||\n");
}
}
fclose($modified_users);
}
$is_loged_in = TRUE;
}
###########################
// If User is Not Logged In, Display The Login Page
if($is_loged_in == FALSE){
if($config_use_sessions){
@session_destroy();
@session_unset();
}
echoheader("user","Please Login");
if($config_allow_registration == "yes"){ $allow_reg_status = "<a href='register.php'>(register)</a> "; }else{ $allow_reg_status = ""; }
echo "
<table width=\"100%\" border=0 cellpadding=1 cellspacing=0>
<form name=login action='$PHP_SELF' method=post>
<tr>
<td width=80>Username: </td>
<td width='160'><input tabindex=1 type=text name=username value='$lastusername' style='width:150;'></td>
<td> $allow_reg_status</a></td>
</tr>
<tr>
<td>Password: </td>
<td><input type=password name=password style='width:150'></td>
<td> <a href='register.php?action=lostpass'>(lost password)</a> </td>
</tr>
<tr>
<td></td>
<td style='text-align:left'>
<input accesskey='s' type=submit style=\"width:150; background-color: #F3F3F3;\" value=' Login... '><br/>
</td>
<td style='text-align:left'><label for=rememberme title='Remmber me for 30 days, Do not use on Public-Terminals!'>
<input id=rememberme type=checkbox value=yes style=\"border:0px;\" name=rememberme>
Remember Me</label> </td>
</tr>
<tr>
<td align=center colspan=4 style='text-align:left;'>$result</td>
</tr>
<input type=hidden name=action value=dologin>
</form>
</table>";
echofooter();
}
elseif($is_loged_in == TRUE){
//----------------------------------
// Check Referer
//----------------------------------
if($config_check_referer == TRUE){
$self = $_SERVER['SCRIPT_NAME'];
if($self == ''){ $self = $_SERVER['REDIRECT_URL']; }
if($self == ''){ $self = $PHP_SELF; }
if(!eregi($self, $HTTP_REFERER) and $HTTP_REFERER != ''){
die("<h2>Sorry but your access to this page was denied !</h2><br>try to <a href=\"?action=logout\">logout</a> and then login again<br>To turn off this security check, change \$config_check_referer in ".$PHP_SELF." to FALSE");
}
}
// ********************
// Include System Module
// ********************
//name of mod //access
if($mod == ''){
require('./inc/main.mdu');
}
elseif(isset($system_modules[$mod])){
if($member_db[1] == 4 and $mod != 'options' and $mod != 'main'){
msg('error', 'Error!', 'Access Denied for your user-level (commenter)');
}
elseif($system_modules[$mod] == 'user'){
require('./inc/'. $mod . '.mdu');
}
elseif($system_modules[$mod] == 'admin' and $member_db[1] == 1){
require('./inc/'. $mod . '.mdu');
}
elseif($system_modules[$mod] == 'admin' and $member_db[1] != 1){
msg('error', 'Access denied', 'Only admin can access this module');
exit;
}
elseif($system_modules[$mod] == "any") {require("./inc/{$mod}.mdu");}
else{
die('Module access must be set to <b>user</b> or <b>admin</b>');
}
}
else{
die(htmlentities($mod).' is NOT a valid module');
}
}
echo '<!-- execution time: '.$Timer->stop().' -->';
?>
<?php
header('Content-Type: text/html; charset=UTF-8', true);
header('Accept-Charset: UTF-8', true);
/*********************************************
CuteNews CutePHP.com
Copyright (C) 2005 Georgi Avramov ([email protected])
UTF-8 CN: I18N, Security fixes, bug fixes - korn19.ch (2009)
*********************************************/
error_reporting (E_ALL ^ E_NOTICE);
require_once("./inc/functions.inc.php");
//#################
$PHP_SELF = 'index.php';
$cutepath = '.';
$config_path_image_upload = './data/upimages';
$config_use_cookies = TRUE; // Use Cookies When Checking Authorization
$config_use_sessions = FALSE; // Use Sessions When Checking Authorization
$config_check_referer = TRUE; // Set to TRUE for more seciruty
//#################
$Timer = new microTimer;
$Timer->start();
// Check if CuteNews is not installed
$db_err = false;
if(file_exists('./data/users.db.php')){
$all_users_db = file('./data/users.db.php');
$check_users = $all_users_db;
$check_users[1] = trim($check_users[1]);
$check_users[2] = trim($check_users[2]);
}
else{
$db_err = true;
}
if($db_err || ((!$check_users[2] || trim($check_users[2]) == '') && (!$check_users[1] || trim($check_users[1]) == ''))){
if(!file_exists('./inc/install.mdu')){
die('<h2>Error!</h2>CuteNews detected that you do not have users in your /data/users.db.php file and wants to run the install module.<br>
However, the install module (<b>./inc/install.mdu</b>) can not be located, please reupload this file and make sure you set the proper permissions so the installation can continue.');
}
require('./inc/install.mdu');
exit;
}
require_once('./data/config.php');
if(isset($config_skin) and $config_skin != '' and file_exists('./skins/'.$config_skin.'.skin.php')){
require_once("./skins/${config_skin}.skin.php");
}
else{
$using_safe_skin = true;
require_once("./skins/default.skin.php");
}
b64dck();
if($config_use_sessions){
@session_start();
@header("Cache-control: private");
}
if($action == 'logout'){
setcookie('md5_password', '');
setcookie('username', '');
setcookie('login_referer', '');
if($config_use_sessions){
@session_destroy();
@session_unset();
setcookie(session_name(), '');
}
msg('info', 'Logout', 'You are now logged out, <a href="'.$PHP_SELF.'">login</a><br /><br>');
}
$is_loged_in = FALSE;
$cookie_logged = FALSE;
$session_logged = FALSE;
$temp_arr = explode('?', $HTTP_REFERER);
$HTTP_REFERER = $temp_arr[0];
if(substr($HTTP_REFERER, -1) == '/'){
$HTTP_REFERER .= 'index.php';
}
// Check if The User is Identified
if($config_use_cookies == TRUE){
/* Login Authorization using COOKIES */
if(isset($username)){
if(isset($HTTP_COOKIE_VARS['md5_password'])){ $cmd5_password = $HTTP_COOKIE_VARS['md5_password']; }
elseif(isset($_COOKIE['md5_password'])){ $cmd5_password = $_COOKIE['md5_password']; }
else{ $cmd5_password = md5($password); }
// Do we have correct username and password ?
if(check_login($username, $cmd5_password)){
if($action == 'dologin'){
setcookie('lastusername', $username, time()+1012324305);
if($rememberme == 'yes'){
setcookie('username', $username, time()+60*60*24*30);
setcookie('md5_password', $cmd5_password, time()+60*60*24*30);
}
else{
setcookie('username', $username);
setcookie('md5_password', $cmd5_password);
}
}
$cookie_logged = TRUE;
}
else{
setcookie('username', FALSE);
setcookie('md5_password', FALSE);
$result = '<span style="color: #f00">Wrong username or password</span>';
$cookie_logged = FALSE;
}
}
/* END Login Authorization using COOKIES */
}
if($config_use_sessions == TRUE){
/* Login Authorization using SESSIONS */
if(isset($HTTP_X_FORWARDED_FOR)){ $ip = $HTTP_X_FORWARDED_FOR; }
elseif(isset($HTTP_CLIENT_IP)){ $ip = $HTTP_CLIENT_IP; }
if($ip == ''){ $ip = $REMOTE_ADDR; }
if($ip == ''){ $ip = "not detected";}
if($action == 'dologin'){
$md5_password = md5($password);
if(check_login($username, $md5_password)){
$session_logged = TRUE;
@session_register('username');
@session_register('md5_password');
@session_register('ip');
@session_register('login_referer');
$_SESSION['username'] = $username;
$_SESSION['md5_password'] = $md5_password;
$_SESSION['ip'] = $ip;
$_SESSION['login_referer'] = $HTTP_REFERER;
}
else{
$result = '<font color=red>Wrong username and/or password</font>';
$session_logged = FALSE;
}
}
elseif(isset($_SESSION['username'])){ // Check the if member is using valid username/password
if(check_login($_SESSION['username'], $_SESSION['md5_password'])){
if($_SESSION['ip'] != $ip){
$session_logged = FALSE; $result = "The IP in the session doesn not match with your IP";
}
else{
$session_logged = TRUE;
}
}
else{
$result = '<font color=red>Wrong username and/or password !!!</font>';
$session_logged = FALSE;
}
}
if(!$username){ $username = $_SESSION['username']; }
/* END Login Authorization using SESSIONS */
}
###########################
if($session_logged == TRUE or $cookie_logged == TRUE){
if($action == 'dologin'){
//-------------------------------------------
// Modify the Last Login Date of the user
//-------------------------------------------
$old_users_db = $all_users_db;
$modified_users = fopen('./data/users.db.php', 'w');
foreach($old_users_db as $old_users_db_line){
$old_users_db_arr = explode('|', $old_users_db_line);
if($member_db[0] != $old_users_db_arr[0]){
fwrite($modified_users, $old_users_db_line);
}
else{
fwrite($modified_users, "$old_users_db_arr[0]|$old_users_db_arr[1]|$old_users_db_arr[2]|$old_users_db_arr[3]|$old_users_db_arr[4]|$old_users_db_arr[5]|$old_users_db_arr[6]|$old_users_db_arr[7]|$old_users_db_arr[8]|".time()."||\n");
}
}
fclose($modified_users);
}
$is_loged_in = TRUE;
}
###########################
// If User is Not Logged In, Display The Login Page
if($is_loged_in == FALSE){
if($config_use_sessions){
@session_destroy();
@session_unset();
}
echoheader("user","Please Login");
if($config_allow_registration == "yes"){ $allow_reg_status = "<a href='register.php'>(register)</a> "; }else{ $allow_reg_status = ""; }
echo "
<table width=\"100%\" border=0 cellpadding=1 cellspacing=0>
<form name=login action='$PHP_SELF' method=post>
<tr>
<td width=80>Username: </td>
<td width='160'><input tabindex=1 type=text name=username value='$lastusername' style='width:150;'></td>
<td> $allow_reg_status</a></td>
</tr>
<tr>
<td>Password: </td>
<td><input type=password name=password style='width:150'></td>
<td> <a href='register.php?action=lostpass'>(lost password)</a> </td>
</tr>
<tr>
<td></td>
<td style='text-align:left'>
<input accesskey='s' type=submit style=\"width:150; background-color: #F3F3F3;\" value=' Login... '><br/>
</td>
<td style='text-align:left'><label for=rememberme title='Remmber me for 30 days, Do not use on Public-Terminals!'>
<input id=rememberme type=checkbox value=yes style=\"border:0px;\" name=rememberme>
Remember Me</label> </td>
</tr>
<tr>
<td align=center colspan=4 style='text-align:left;'>$result</td>
</tr>
<input type=hidden name=action value=dologin>
</form>
</table>";
echofooter();
}
elseif($is_loged_in == TRUE){
//----------------------------------
// Check Referer
//----------------------------------
if($config_check_referer == TRUE){
$self = $_SERVER['SCRIPT_NAME'];
if($self == ''){ $self = $_SERVER['REDIRECT_URL']; }
if($self == ''){ $self = $PHP_SELF; }
if(!eregi($self, $HTTP_REFERER) and $HTTP_REFERER != ''){
die("<h2>Sorry but your access to this page was denied !</h2><br>try to <a href=\"?action=logout\">logout</a> and then login again<br>To turn off this security check, change \$config_check_referer in ".$PHP_SELF." to FALSE");
}
}
// ********************
// Include System Module
// ********************
//name of mod //access
if($mod == ''){
require('./inc/main.mdu');
}
elseif(isset($system_modules[$mod])){
if($member_db[1] == 4 and $mod != 'options' and $mod != 'main'){
msg('error', 'Error!', 'Access Denied for your user-level (commenter)');
}
elseif($system_modules[$mod] == 'user'){
require('./inc/'. $mod . '.mdu');
}
elseif($system_modules[$mod] == 'admin' and $member_db[1] == 1){
require('./inc/'. $mod . '.mdu');
}
elseif($system_modules[$mod] == 'admin' and $member_db[1] != 1){
msg('error', 'Access denied', 'Only admin can access this module');
exit;
}
elseif($system_modules[$mod] == "any") {require("./inc/{$mod}.mdu");}
else{
die('Module access must be set to <b>user</b> or <b>admin</b>');
}
}
else{
die(htmlentities($mod).' is NOT a valid module');
}
}
echo '<!-- execution time: '.$Timer->stop().' -->';
?>
a u ovom fajlu loginbox.php želim da dodam box zapamti me
Code:
<?php
if (!defined('CN_INIT_LOGINBOX')) {
// Define variables and constants and include files
define('CN_INIT_LOGINBOX', true);
$cutepath = dirname(__FILE__);
chdir($cutepath);
if (isset($_GET['action'])) {
$action = $_GET['action'];
} elseif (isset($_POST['action'])) {
$action = $_POST['action'];
} else {
$action = '';
}
require_once($cutepath.'/inc/functions.inc.php');
// Start Session
session_start();
// Log user out if requested
if ($action == 'logout') {
session_destroy();
session_unset();
setcookie(session_name(), '');
unset($_SESSION);
$message = '';
}
// Detect IP
$ip = '';
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
}
if ($ip == '') {
$ip = $_SERVER['REMOTE_ADDR'];
}
if ($ip == '') {
$ip = 'not detected';
}
$all_users = file($cutepath.'/data/users.db.php');
$is_logged_in = false;
if ($action == 'login') {
$md5_password = md5($password);
if (check_login($username, $md5_password)) {
$_SESSION['username'] = $username;
$_SESSION['md5_password'] = $md5_password;
$_SESSION['ip'] = $ip;
$_SESSION['login_referer'] = $HTTP_REFERER;
$is_logged_in = true;
$name = $_POST['name'] = $member_db[4];
$mail = $_POST['mail'] = $member_db[5];
$old_users_db = file($cutepath.'/data/users.db.php');
$modified_users = fopen($cutepath.'/data/users.db.php', 'w');
foreach ($old_users_db as $old_users_db_line) {
$old_users_db_arr = explode('|', $old_users_db_line);
if ($member_db[0] != $old_users_db_arr[0]) {
fwrite($modified_users, $old_users_db_line);
} else {
fwrite($modified_users, $old_users_db_arr[0].'|'.$old_users_db_arr[1].'|'.$old_users_db_arr[2].'|'.$old_users_db_arr[3].'|'.$old_users_db_arr[4].'|'.$old_users_db_arr[5].'|'.$old_users_db_arr[6].'|'.$old_users_db_arr[7].'|'.$old_users_db_arr[8].'|'.time().'||'.chr(10));
}
}
fclose($modified_users);
} else {
$message = '<div style="color: red;" align="right"><font face="Arial" style="font-size: 8pt">Neuspjesna prijava</font></div>';
}
} elseif (isset($_SESSION['username'])) {
if (check_login($_SESSION['username'], $_SESSION['md5_password'])) {
if ($_SESSION['ip'] != $ip) {
$message = '<div style="color: red;" align="right"><font face="Arial" style="font-size: 8pt">Session IP doesn\'t match.</font></div>';
} else {
$is_logged_in = true;
$name = $_POST['name'] = $member_db[4];
$mail = $_POST['mail'] = $member_db[5];
}
} else {
$message = '<div style="color: red;" align="right"><font face="Arial" style="font-size: 8pt">Neuspjesna prijava</font></div>';
}
}
chdir(dirname($_SERVER['SCRIPT_FILENAME']));
} else {
if ($is_logged_in) {
?>
<p align="right">
<font color="#FFFFFF" face="Arial" style="font-size: 9pt" >Dobrodosao <b><?=htmlentities($_SESSION['username'])?></b>, <a href="<?=$PHP_SELF?>?action=logout"></font><font color="#FFAE00" face="Arial" style="font-size: 9pt">odjavi se</font></a>
</p>
<?php
} else {
?>
<form name="login" action="<?=htmlentities($PHP_SELF)?>" method="post">
<input type="hidden" name="action" value="login" />
<table border="0" cellpadding="0" cellspacing="0" bordercolor="#111111" width="100%">
<tr>
<td width="66%">
<p align="right"></td>
<td width="134%"> <fieldset class="search">
<table border="0" cellpadding="2" cellspacing="0" bordercolor="#111111" width="100%" height="29">
<tr>
<td width="50%" height="13">
<font face="Arial" style="font-size: 9pt">Korisnicko ime</font></td>
<td width="50%" height="13">
<font face="Arial" style="font-size: 9pt">Lozinka</font></td>
<td width="50%" height="13"></td>
</tr>
<tr>
<td width="50%" height="25">
<input type="text" class="box" name="username" id="username" value="<?=htmlentities($_SESSION['lastusername'])?>" size="20" /></td>
<td width="50%" height="25">
<input class="box" type="password" name="password" id="password" size="20" /></td>
<td width="50%" height="25">
<button class="btn" title="Login" type="submit">Login</button>
</td>
</tr>
<tr>
</fieldset>
<td width="50%" height="1">
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td width="66%"></td>
<td width="134%">
</td>
</tr>
</table>
</form>
<?php
}
}
?>
<?php
if (!defined('CN_INIT_LOGINBOX')) {
// Define variables and constants and include files
define('CN_INIT_LOGINBOX', true);
$cutepath = dirname(__FILE__);
chdir($cutepath);
if (isset($_GET['action'])) {
$action = $_GET['action'];
} elseif (isset($_POST['action'])) {
$action = $_POST['action'];
} else {
$action = '';
}
require_once($cutepath.'/inc/functions.inc.php');
// Start Session
session_start();
// Log user out if requested
if ($action == 'logout') {
session_destroy();
session_unset();
setcookie(session_name(), '');
unset($_SESSION);
$message = '';
}
// Detect IP
$ip = '';
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
}
if ($ip == '') {
$ip = $_SERVER['REMOTE_ADDR'];
}
if ($ip == '') {
$ip = 'not detected';
}
$all_users = file($cutepath.'/data/users.db.php');
$is_logged_in = false;
if ($action == 'login') {
$md5_password = md5($password);
if (check_login($username, $md5_password)) {
$_SESSION['username'] = $username;
$_SESSION['md5_password'] = $md5_password;
$_SESSION['ip'] = $ip;
$_SESSION['login_referer'] = $HTTP_REFERER;
$is_logged_in = true;
$name = $_POST['name'] = $member_db[4];
$mail = $_POST['mail'] = $member_db[5];
$old_users_db = file($cutepath.'/data/users.db.php');
$modified_users = fopen($cutepath.'/data/users.db.php', 'w');
foreach ($old_users_db as $old_users_db_line) {
$old_users_db_arr = explode('|', $old_users_db_line);
if ($member_db[0] != $old_users_db_arr[0]) {
fwrite($modified_users, $old_users_db_line);
} else {
fwrite($modified_users, $old_users_db_arr[0].'|'.$old_users_db_arr[1].'|'.$old_users_db_arr[2].'|'.$old_users_db_arr[3].'|'.$old_users_db_arr[4].'|'.$old_users_db_arr[5].'|'.$old_users_db_arr[6].'|'.$old_users_db_arr[7].'|'.$old_users_db_arr[8].'|'.time().'||'.chr(10));
}
}
fclose($modified_users);
} else {
$message = '<div style="color: red;" align="right"><font face="Arial" style="font-size: 8pt">Neuspjesna prijava</font></div>';
}
} elseif (isset($_SESSION['username'])) {
if (check_login($_SESSION['username'], $_SESSION['md5_password'])) {
if ($_SESSION['ip'] != $ip) {
$message = '<div style="color: red;" align="right"><font face="Arial" style="font-size: 8pt">Session IP doesn\'t match.</font></div>';
} else {
$is_logged_in = true;
$name = $_POST['name'] = $member_db[4];
$mail = $_POST['mail'] = $member_db[5];
}
} else {
$message = '<div style="color: red;" align="right"><font face="Arial" style="font-size: 8pt">Neuspjesna prijava</font></div>';
}
}
chdir(dirname($_SERVER['SCRIPT_FILENAME']));
} else {
if ($is_logged_in) {
?>
<p align="right">
<font color="#FFFFFF" face="Arial" style="font-size: 9pt" >Dobrodosao <b><?=htmlentities($_SESSION['username'])?></b>, <a href="<?=$PHP_SELF?>?action=logout"></font><font color="#FFAE00" face="Arial" style="font-size: 9pt">odjavi se</font></a>
</p>
<?php
} else {
?>
<form name="login" action="<?=htmlentities($PHP_SELF)?>" method="post">
<input type="hidden" name="action" value="login" />
<table border="0" cellpadding="0" cellspacing="0" bordercolor="#111111" width="100%">
<tr>
<td width="66%">
<p align="right"></td>
<td width="134%"> <fieldset class="search">
<table border="0" cellpadding="2" cellspacing="0" bordercolor="#111111" width="100%" height="29">
<tr>
<td width="50%" height="13">
<font face="Arial" style="font-size: 9pt">Korisnicko ime</font></td>
<td width="50%" height="13">
<font face="Arial" style="font-size: 9pt">Lozinka</font></td>
<td width="50%" height="13"></td>
</tr>
<tr>
<td width="50%" height="25">
<input type="text" class="box" name="username" id="username" value="<?=htmlentities($_SESSION['lastusername'])?>" size="20" /></td>
<td width="50%" height="25">
<input class="box" type="password" name="password" id="password" size="20" /></td>
<td width="50%" height="25">
<button class="btn" title="Login" type="submit">Login</button>
</td>
</tr>
<tr>
</fieldset>
<td width="50%" height="1">
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td width="66%"></td>
<td width="134%">
</td>
</tr>
</table>
</form>
<?php
}
}
?>
U onom fajlu index.php ima opcija zapamti me/remember me, i sada zelim to da ugradim i u ovaj drugi fajl loginbox.php.
Jedan lik mi je rekao da oba fajla koriste isti session i da bi trebao da budem ulogovan na loginbox.php ako se ulogujem na index.php, ali to ne radi. Svaki je poseban. Ako ne moze da se podesi da koriste isti session, moze li se dodati zapamti me box u ovaj loginbox.php file jer posetioci moraju svaki put da se uloguju kada dodju na sajt ?
