Code: Select all
<?
// Defines
DEFINE('SESSION_MAGIC','sadhjasklsad2342');
// Initialization
@session_start();
@ob_start();
/*
Redirects to another page
*/
function Redirect($to) {
@session_write_close();
@ob_end_clean();
@header("Location: $to");
}
/*
Deletes existing session
*/
function RemoveSession() {
$_SESSION = array();
if (isset($_COOKIE[session_name()])) {
@setcookie(session_name(), '', time()-42000, '/');
}
}
/*
Checks if user is logged in
*/
function isLoggedIn() {
return(isset($_SESSION['magic']) && ($_SESSION['magic']==SESSION_MAGIC));
}
/*
Terminates an existing session
*/
function Logout() {
@RemoveSession();
@session_destroy();
}
/*
read message count
*/
function CountMessages($id) {
if ($res=mysql_query("SELECT * FROM messagedata WHERE recBoxID=$id AND isNew=1"))
{
$count=mysql_num_rows($res);
mysql_free_result($res);
return($count);
}
return 0;
}
/*
Go login go!
*/
function Login($username,$password) {
global $nmsg, $rows;
$ok=false;
if ($res=mysql_query("SELECT id,level,mailNum, echo_count, status FROM userdata WHERE login='$username' AND password='$password'"))
{
if ($rows=mysql_fetch_row($res)) {
$_SESSION['sess_name'] = $username;
$_SESSION['pass'] = $password;
$_SESSION['gal'] = $rows[0];
$_SESSION['mail'] = $rows[2];
$_SESSION['level2'] = $rows[1];
$_SESSION['echos'] = $rows[3];
$_SESSION['status'] = $rows[4];
$_SESSION['magic'] = SESSION_MAGIC;
$_SESSION['rows'] = $rows; /* stupid stupid hack */
$nmsg = CountMessages($rows[0]);
$ok=true;
} else {
include('login_failed.php');
}
mysql_free_result($res);
}
return($ok);
}
/*
Escape array using mysql
*/
function Escape(&$arr)
{
if (Count($arr)>0) {
foreach($arr as $k => $v) {
if (is_array($v)) {
Escape($arr[$k]);
}
else {
if (function_exists('get_magic_quotes')) {
if(!get_magic_quotes_gpc()) {
$arr[$k] = stripslashes($v);
}
}
$arr[$k] = mysql_real_escape_string($v);
}
}
}
}
// -----------------------------------------------
// Main
// -----------------------------------------------
Escape($_POST);
Escape($_GET);
Escape($_COOKIE);
Escape($_REQUEST);
Escape($_GLOBALS);
Escape($_SERVER);
?>