converted from the mysql_ API to the PDO library
This commit is contained in:
Ryan Walberg
parent
75aefbd9e3
commit
246232f0a3
31 changed files with 1460 additions and 1217 deletions
|
|
@ -13,9 +13,10 @@
|
|||
// along with this program; if not, write to the Free Software
|
||||
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
include("config.php");
|
||||
include("db.php");
|
||||
include("funcLib.php");
|
||||
require_once(dirname(__FILE__) . "/includes/funcLib.php");
|
||||
require_once(dirname(__FILE__) . "/includes/MySmarty.class.php");
|
||||
$smarty = new MySmarty();
|
||||
$opt = $smarty->opt();
|
||||
|
||||
if (isset($_GET["action"])) {
|
||||
if ($_GET["action"] == "logout") {
|
||||
|
|
@ -25,30 +26,35 @@ if (isset($_GET["action"])) {
|
|||
}
|
||||
|
||||
if (!empty($_POST["username"])) {
|
||||
include "db.php";
|
||||
$username = $_POST["username"];
|
||||
$password = $_POST["password"];
|
||||
if (!get_magic_quotes_gpc()) {
|
||||
$username = addslashes($username);
|
||||
$password = addslashes($password);
|
||||
|
||||
try {
|
||||
$stmt = $smarty->dbh()->prepare("SELECT userid, fullname, admin FROM {$opt["table_prefix"]}users WHERE username = ? AND password = {$opt["password_hasher"]}(?) AND approved = 1");
|
||||
$stmt->bindParam(1, $username, PDO::PARAM_STR);
|
||||
$stmt->bindParam(2, $password, PDO::PARAM_STR);
|
||||
|
||||
$stmt->execute();
|
||||
if ($row = $stmt->fetch()) {
|
||||
session_start();
|
||||
$_SESSION["userid"] = $row["userid"];
|
||||
$_SESSION["fullname"] = $row["fullname"];
|
||||
$_SESSION["admin"] = $row["admin"];
|
||||
|
||||
header("Location: " . getFullPath("index.php"));
|
||||
exit;
|
||||
}
|
||||
}
|
||||
catch (PDOException $e) {
|
||||
die("sql exception: " . $e->getMessage());
|
||||
}
|
||||
|
||||
$query = "SELECT userid, fullname, admin FROM {$OPT["table_prefix"]}users WHERE username = '$username' AND password = {$OPT["password_hasher"]}('$password') AND approved = 1";
|
||||
$rs = mysql_query($query) or die("Could not query: " . mysql_error());
|
||||
if ($row = mysql_fetch_array($rs,MYSQL_ASSOC)) {
|
||||
session_start();
|
||||
$_SESSION["userid"] = $row["userid"];
|
||||
$_SESSION["fullname"] = $row["fullname"];
|
||||
$_SESSION["admin"] = $row["admin"];
|
||||
header("Location: " . getFullPath("index.php"));
|
||||
mysql_free_result($rs);
|
||||
exit;
|
||||
}
|
||||
$smarty->assign('username', $username);
|
||||
$smarty->assign('opt', $smarty->opt());
|
||||
$smarty->display('login.tpl');
|
||||
}
|
||||
|
||||
define('SMARTY_DIR',str_replace("\\","/",getcwd()).'/includes/Smarty-3.1.12/libs/');
|
||||
require_once(SMARTY_DIR . 'Smarty.class.php');
|
||||
$smarty = new Smarty();
|
||||
$smarty->assign('username', $_POST['username']);
|
||||
$smarty->assign('opt', $OPT);
|
||||
$smarty->display('login.tpl');
|
||||
else {
|
||||
$smarty->assign('opt', $smarty->opt());
|
||||
$smarty->display('login.tpl');
|
||||
}
|
||||
?>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue