<?php
if ( empty( $_COOKIE['testcookie'] ) )
{
$test = rand(2,999999999);
$test1 = rand(2,999999999);
$test2 = rand(2,999999999);
$testcookie = $test+$test1+$test2;
setcookie("testcookie", $testcookie, time()+60*60*24*30, "/", "$server_name", 0);
}
$werber = $_GET['ref'];
if ($werber != ""){
if(is_numeric($werber)){
include("include/connect/connect.php");
$wxdaten1=mysql_query("SELECT username FROM user_daten WHERE id='$werber'");
$wxdaten=mysql_fetch_array($wxdaten1);
if(mysql_num_rows($wxdaten1)==1){$werber = $wxdaten[0];}
}
if ( empty( $_COOKIE["geworbenvon"] ) ){
setcookie("geworbenvon", $werber, time()+60*60*24*30, "/", "$server_name", 0);
}else{
$werbertest=$_COOKIE["geworbenvon"];
if ($werbertest != $werber){
setcookie("geworbenvon", $werber, time()+60*60*24*30, "/", "$server_name", 0);
}}}
$path = $_SERVER['DOCUMENT_ROOT'];
include("$path/include/connect/connect.php");
$loginuid=md5($username);
$projektdatena = mysql_query("SELECT * FROM einstellungen");
$projektdaten=mysql_fetch_array($projektdatena);
if(isset($_POST["passwort"]) and isset($_POST["username"])) {
$username=$_POST["username"];
$passwort=$_POST["passwort"];
$aktiviert="0";
$gesperrt="1";
$query="select * from user_daten where username='".$username."'";
$result=mysql_query($query);
$row=mysql_fetch_object($result);
$data = mysql_fetch_array ($result);
if(!$row) {
header ("Location: /user/loginfail.php?fail=0");
}
else
if (md5($passwort)!=$row->passwort or $username!=$row->username) {
header ("Location: /user/loginfail.php?fail=1");
}
else
if($aktiviert==$row->aktiviert){
header ("Location: /user/loginfail.php?fail=2");
}
else
if($gesperrt==$row->gesperrt){
header ('Location: /user/loginfail.php?fail=3');
setcookie("loginuid", $loginuid, time()-3600, "/", "$server_name", 0);
}
else
{
header ('Location: /user/loginbereich.php');
$loginuid=md5($username);
setcookie("loginuid", $loginuid, time()+3600, "/", "$server_name", 0);
$letzteaktion = time();
$ip = $_SERVER['REMOTE_ADDR'];
if ( empty( $_COOKIE['testcookie'] ) )
{
header ('Location: /user/loginbereich.php');
$test = rand(2,999999999);
$test1 = rand(2,999999999);
$test2 = rand(2,999999999);
$testcookie += $test1+$test2;
setcookie("testcookie", $testcookie, time()+60*60*24*30, "/", "$server_name", 0);
mysql_query("update user_daten set loginuid='$loginuid', ip='$ip', testcookie='$testcookie', letzteaktion='$letzteaktion' where username='$username'");
}else{
$testcookie = $_COOKIE["testcookie"];
mysql_query("update user_daten set loginuid='$loginuid', ip='$ip', testcookie='$testcookie', letzteaktion='$letzteaktion' where username='$username'");
}
$userdaten1=mysql_query("select * from user_daten WHERE loginuid='$loginuid'");
$userdaten=mysql_fetch_array($userdaten1);
$iptest = mysql_query("SELECT * FROM user_daten WHERE ip='$ip' && username!='$username'");
if(mysql_num_rows($iptest) > 1) {
$letzteaktion = time();
$userid==$row->id;
$grund = "Doppelte IP beim Login";
mysql_query("insert into fakeliste (userid,username,ip,wann,grund) values ('$userdaten[id]','$userdaten[username]','$ip','$letzteaktion','$grund')");
}
$cookietest = mysql_query("SELECT * FROM user_daten WHERE testcookie='$testcookie' && username!='$username'");
if(mysql_num_rows($cookietest) > 1) {
$letzteaktion = time();
$userid==$row->id;
$grund = "Doppeltes Pr�fcookie beim Login";
mysql_query("insert into fakeliste (userid,username,ip,wann,grund) values ('$userdaten[id]','$userdaten[username]','$ip','$letzteaktion','$grund')");
}
}}
echo"
<div id='loginlinks'></div>
<div id='login'>
<form method='POST' action='/user/login.php' style='float:left;'>
<div style='margin-top:15px; margin-left:5px'>
<b>Login:</b>
<br>
<div style=\"font-size:10px; margin-top:10px;\">
<input type=\"text\" size=\"20\" maxlength=\"20\" id=\"mockuser\" name=\"username\" value=\"Benutzername\" onFocus=\"document.getElementById('mockuser').styl e.display='none'; document.getElementById('realuser').style.display= ''; document.getElementById('realuser').focus();\">
<input type=\"text\" size=\"20\" name=\"username\" id=\"realuser\" class=\"real\" style=\"display: none;\" onBlur=\"if(this.value=='') {document.getElementById('mockuser').style.display =''; document.getElementById('realuser').style.display= 'none';}\">
</div>
<div style=\"font-size:10px; margin-top:5px;\">
<input type=\"text\" size=\"20\" id=\"mockpass\" name=\"mock\" value=\"Passwort\" onFocus=\"document.getElementById('mockpass').styl e.display='none'; document.getElementById('realpass').style.display= ''; document.getElementById('realpass').focus();\">
<input type=\"password\" size=\"20\" name=\"passwort\" id=\"realpass\" class=\"real\" style=\"display: none;\" onBlur=\"if(this.value=='') {document.getElementById('mockpass').style.display =''; document.getElementById('realpass').style.display= 'none';}\">
</div>
<div style='margin-top:7px;'>
<input type='image' src='$projekturl/images/login_03.png' style='border:0 none;' name='submit'>
</div>
</div>
</form>
</div>
";
?>