/*
* Base software v0.2
* Deployement type : Observation v0.3
* Copyright 2007 Mathieu Deschamps
* mathdesc@scourge.fr
*
* This code is released under GPL v2.0 June 1991
* http://www.gnu.org/licenses/gpl.html
***/
ob_start();
if (!include ("baseinc.php")) {die ("Fatal ! Main include file missing ! Can not access baseinc.php !");}
if (COOKIES && isset($_COOKIE['lang'])) $lang=$_COOKIE['lang'];
else {$lang="fr"; if (COOKIES) setcookie("lang", $lang, time()+3600);}
if (!include ("base_$lang.php")) {die ("Fatal ! Language include file missing ! Can not access base_$lang.php !");}
if (!include (USERFILE)) {die ("Fatal ! user include file missing ! ".ERR4);}
if (!include (UTILFILE)) {die ("Fatal ! utilities include file missing! ".ERR9);}
?>
// Some Sanity
if (!@function_exists('session_name')) die (ERR30);
$users=sql_get_usersnames();
if (isset($_POST['user']) && isset($_POST['mdp']) && !empty($_POST['mdp']) && !empty($users)) {
$iv=base64_decode(sql_fetch_userenv($_POST['user']));
// echo "
iv :\t".$iv."
";
$mdp=cipher_it2($_POST['mdp'],NULL,$iv); @$key=$mdp[1]; @$mdp=$mdp[0];
// echo "mdp :\t".$_POST['mdp']."
";
// echo "crypt(mdp) :\t ".$mdp."
";
// echo "key :\t".$key."
";
if (isset($_SESSION) && isset($_SESSION['essid'])) $sid=$_SESSION['essid']; else $sid="0";
echo "_SSID: ".$sid;
$regu=sql_register_user($_POST['user'],$mdp,$key,$iv,$sid);
if ($regu == PHP_SESSION_KEYERROR) {
echo "".ERR24."
";
}
else if ($regu == PHP_SESSION_ALREADY_LOGGED) {
echo "
SessionID: ".$_SESSION['essid']." User: ".$_SESSION['user']. " Logging time : ".$_SESSION['sessiontime']." SiD:" . SID ."Ok!
";
$reqz = preg_replace("/".strrchr($_SERVER['REQUEST_URI'], "&")."/",'',$_SERVER['REQUEST_URI']);
$page = substr(strrchr($_SERVER['REQUEST_URI'], "/"), 1);
$newpage=preg_replace("/".$page."/",'',$reqz)."base.php";
$rd="http://".$_SERVER['SERVER_NAME'].$newpage;
session_write_close();
// header("Location: $rd");
echo "
".TITLE11_1." ".TITLE11_2."
";
// phpinfo();
exit();
}
else if ($regu<0) {
echo "Stopped by error";
die();
}
}
if (!empty($users)) {
?>
}
ob_end_flush();?>