'.$meta.'

 Login
 Username:  
 Passwort:  
   
'; exit; } elseif (!$_SESSION["name"] && $_GET["mode"] == 'login' && $_REQUEST["a_name"] && $_REQUEST["a_pass"]) { $result = mysqli_query($dbconn, "SELECT id, a_name, a_admin, a_mail, real_name, wap_show, wap_rows, wap_def_orgfilter, wap_def_statfilter, wap_handy, login_count FROM admin_users WHERE a_name = '$_REQUEST[a_name]' AND wap_pass = '$_REQUEST[a_pass]'") or die (mysqli_error($dbconn)); $row = mysqli_fetch_array($result); if( !$row["wap_handy"] ) { $result = mysqli_query($dbconn, "UPDATE admin_users SET wap_handy='$HTTP_USER_AGENT' WHERE a_name = '$_REQUEST[a_name]' AND wap_pass = '$_REQUEST[a_pass]'"); } else { //if( $row["wap_handy"] != $HTTP_USER_AGENT) $row["a_name"] = ''; } if( $row["a_name"] && $row["a_admin"] != '2' ) { $_SESSION["userid"] = $row["id"]; $_SESSION["name"] = $row["a_name"]; $_SESSION["admin"] = $row["a_admin"]; $_SESSION["mail"] = $row["a_mail"]; $_SESSION["filter"] = $row["wap_show"]; $_SESSION["limit_to"] = $row["wap_rows"]; $_SESSION["org_filter"] = $row["wap_def_orgfilter"]; $_SESSION["stat"] = $row["wap_def_statfilter"]; $_SESSION["pmallow"] = '0'; $login = 1; $datnow = date("Y-m-d", mktime(0,0,0, date("m"),date("d"),date("Y"))); $timenow = date("G:i"); $ip = $_SERVER["REMOTE_ADDR"]; $agent = $HTTP_USER_AGENT; $result = mysqli_query($dbconn, "INSERT INTO pocsag_logins (name, zeit, datum, ip, agent) VALUES ('$row[real_name]', '$timenow', '$datnow', '$ip', '$agent')"); $row["login_count"]++; $result = mysqli_query($dbconn, "UPDATE admin_users SET login_count = '$row[login_count]' WHERE id = '$row[id]' ") or die(mysqli_error($dbconn)); } else { echo ' Wapsag '.$meta.' Login falsch!
zurück '; exit; } } } else { //////////////////////// // Sicherheitsabfrage //////////////////////// if (!isset($_GET["mode"])) $_GET["mode"] =""; if ( !isset($_SESSION["name"]) && $_GET["mode"] != 'login' && !isset($_GET["login"]) ) { echo '

'.$login_infotext.'

 Login
 Username:  
   
'; exit; } elseif (!isset($_SESSION["name"]) && $_GET["mode"] == 'login') { $result = mysqli_query($dbconn, "SELECT id, a_name, a_admin, a_mail FROM admin_users WHERE a_name = '$_POST[a_name]'") or die (mysqli_error($dbconn)); $row = mysqli_fetch_array($result); if( $row["a_name"] && $row["a_admin"] != '2' ) { //$_SESSION["name"] = $_REQUEST["a_name"]; //$_SESSION["admin"] = $row["a_admin"]; $login = 1; $pass = pass_erstellen(8); mail_pass($row["a_mail"], $pass); $result = mysqli_query($dbconn, "UPDATE admin_users SET login_pass='$pass' WHERE id='$row[id]'") or die(mysqli_error($dbconn)); echo'



Eine EMail mit deinem Zugang wurde an '.$row["a_mail"].' versand.'; exit; } else { echo 'Login falsch!
zurück'; exit; } } elseif (!isset($_SESSION["name"]) && isset($_GET["mode"]) && $_GET["mode"] == 'register') { echo '

 Erlaubnis anfordern
 Username:  
 EMail:  
   
'; exit; } if( isset($_GET["login"]) ) { $result = mysqli_query($dbconn, "SELECT id, a_name, a_admin, a_mail, real_name, login_count, pm_allow, DATE_FORMAT(last_seen, '%Y%m%d%H%i%s') AS last_seen FROM admin_users WHERE login_pass = '$_GET[login]'") or die (mysqli_error($dbconn)); $row = mysqli_fetch_array($result); if( !empty($row["a_name"]) ) { $_SESSION["userid"] = $row["id"]; $_SESSION["name"] = $row["a_name"]; $_SESSION["admin"] = $row["a_admin"]; $_SESSION["mail"] = $row["a_mail"]; $_SESSION["pmallow"] = $row["pm_allow"]; $_SESSION["last_seen"] = ($row["last_seen"] - 200 ); $login = 1; $datnow = date("Y-m-d", mktime(0,0,0, date("m"),date("d"),date("Y"))); $timenow = date("G:i"); $ip = $_SERVER["REMOTE_ADDR"]; $agent = $_SERVER["HTTP_USER_AGENT"]; $result = mysqli_query($dbconn, "INSERT INTO pocsag_logins (name, zeit, datum, ip, agent) VALUES ('$row[real_name]', '$timenow', '$datnow', '$ip', '$agent')"); $row["login_count"]++; $result = mysqli_query($dbconn, "UPDATE admin_users SET login_pass='', login_count='$row[login_count]' WHERE id='$row[id]'") or die(mysqli_error($dbconn)); echo gohome("index.php"); } else { echo'



Falscher oder schon benutzer Logincode.'; exit; } } } ?>