summaryrefslogtreecommitdiff
path: root/www-ssl/nonpublic/index.php
blob: 20b32c00d3f05cf21434bf3e2515c10ac8004f57 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
<?PHP
$title = "Index";
$header = "Index";

include ("./inc/config_db.php");
include ("./inc/crypt.php");

session_start(); // alte Session - falls vorhanden - wiederherstellen...

function LoginOK()
{
	include ("./inc/config.php");
	header("HTTP/1.1 302 Moved Temporarily");
	header("Location: ". substr($url, 0, strlen($url)-1). $ENGEL_ROOT. "nonpublic/news.php");
}

if ( !IsSet($_POST["user"]))
{ // User ist bereits angemeldet... normaler Inhalt...
	LoginOK();
} 
else
{ // User ist noch nicht angemeldet 
	$sql = "select * from User where Nick = '". $_POST["user"]. "'";
	$userstring = mysql_query($sql, $con);

	// anzahl zeilen
	$user_anz  = mysql_num_rows($userstring);

	if ($user_anz == 1) { // Check, ob User angemeldet wird...
		if (mysql_result($userstring, 0, "Passwort") == PassCrypt($_POST["password"])) { // Passwort ok...
			// Session wird eingeleitet und Session-Variablen gesetzt..
			//  session_start();
			session_name("Himmel");
			$_SESSION['UID'] = mysql_result($userstring, 0, "UID");
			$_SESSION['Nick'] = mysql_result($userstring, 0, "Nick");
			$_SESSION['Name'] = mysql_result($userstring, 0, "Name");
			$_SESSION['Vorname'] = mysql_result($userstring, 0, "Vorname");
			$_SESSION['Alter'] = mysql_result($userstring, 0, "Alter");
			$_SESSION['Telefon'] = mysql_result($userstring, 0, "Telefon");
			$_SESSION['Handy'] = mysql_result($userstring, 0, "Handy");
			$_SESSION['DECT'] = mysql_result($userstring, 0, "DECT");
			$_SESSION['email'] = mysql_result($userstring, 0, "email");
			$_SESSION['ICQ'] = mysql_result($userstring, 0, "ICQ");
			$_SESSION['jabber'] = mysql_result($userstring, 0, "jabber");
			$_SESSION['Size'] = mysql_result($userstring, 0, "Size");
			$_SESSION['Gekommen'] = mysql_result($userstring, 0, "Gekommen");
			$_SESSION['Aktiv'] = mysql_result($userstring, 0, "Aktiv");
			$_SESSION['Tshirt'] = mysql_result($userstring, 0, "Tshirt");
			$_SESSION['Menu'] = mysql_result($userstring, 0, "Menu");
			$_SESSION['color'] = mysql_result($userstring, 0, "color");
			$_SESSION['Avatar'] = mysql_result($userstring, 0, "Avatar");
			$_SESSION['Sprache'] = mysql_result($userstring, 0, "Sprache");
			$_SESSION['Hometown'] = mysql_result($userstring, 0, "Hometown");
			$_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
		
			// CVS import Data
			$SQL = "SELECT * FROM `UserCVS` WHERE UID='".$_SESSION['UID']."'";
			$Erg_CVS =  mysql_query($SQL, $con);
			$_SESSION['CVS'] = mysql_fetch_array($Erg_CVS);
			
			LoginOK();
		} 
		else 
		{ // Passwort nicht ok...
			$ErrorText = "pub_index_pass_no_ok";
		} // Ende Passwort-Check
	} 
	else 
	{ // Anzahl der User in User-Tabelle <> 1 --> keine Anmeldung
		if ($user_anz == 0) 
	  		$ErrorText = "pub_index_User_unset";
		else 
			$ErrorText = "pub_index_User_more_as_one";
	} // Ende Check, ob User angemeldet wurde
} 

include ("./inc/header.php");
if( isset($ErrorText))
	echo "<h2>". Get_Text($ErrorText). "</h2><br>\n";
include ("./inc/login_eingabefeld.php");
include ("./inc/footer.php");

?>