<?php require_once( '../../configuration.php' ); define("ADMIN_TYPE","Super Administrator"); /**Define the output result,please do not modify following parameter**/ $LOGIN_SUCCESS = 0; $LOGIN_PASSWD_ERROR = 1; $LOGIN_NICK_EXIST = 2; $LOGIN_ERROR = 3; $LOGIN_ERROR_NOUSERID = 4; $LOGIN_SUCCESS_ADMIN = 5; $LOGIN_NOT_ALLOW_GUEST = 6; $LOGIN_USER_BANED = 7; /**Define End**/ $jConfig = new JConfig; $link = mysql_connect($jConfig->host, $jConfig->user, $jConfig->password); mysql_query("SET NAMES 'UTF8'"); mysql_select_db($jConfig->db); if(!$link) { echo $LOGIN_ERROR; exit; } $username = isset($_GET['username']) ? trim(htmlspecialchars($_GET['username'])) : ''; $username = substr(str_replace("//'", "'", $username), 0, 25); $username = str_replace("'", "//'", $username); $password = isset($_GET['password']) ? $_GET['password'] : ''; $username = mysql_escape_string($username); $sql = "SELECT id, name, username, password, usertype, block, gid" . "/n FROM ".$jConfig->dbprefix."users" . "/n WHERE name = '". $username."'"; if (!($result = mysql_query($sql))) { echo $LOGIN_ERROR; mysql_close($link); exit; } if($row = mysql_fetch_array($result)) { $sql2 = "SELECT thumb from jos_community_users where userid = '".$row['id']."'"; $result2 = mysql_query($sql2); $row2 = mysql_fetch_array($result2); $avatar = "http://www.test.com/".$row2['thumb']; $sql3 = "SELECT value from jos_community_fields_values where field_id = '2' AND user_id = '".$row['id']."'"; $result3 = mysql_query($sql3); $row3 = mysql_fetch_array($result3); $length = strlen($row3['value']); if($length == 12) { $gender = 1; }else{ $gender = 2; } $sql4 = "SELECT value from jos_community_fields_values where field_id = '10' AND user_id = '".$row['id']."'"; $result4 = mysql_query($sql4); $row4 = mysql_fetch_array($result4); $city = $row4['value']; $sql5 = "SELECT value from jos_community_fields_values where field_id = '3' AND user_id = '".$row['id']."'"; $result5 = mysql_query($sql5); $row5 = mysql_fetch_array($result5); $time= strtotime($row5['value']); $birthyear = date('Y',$time); $currentyear = date('Y',time()); $age = $currentyear - $birthyear; if($row['block'] == 1) { echo $LOGIN_USER_BANED ; mysql_close($link); exit; } $salt = mosMakePassword(16); list($hash, $salt) = explode(':', $row['password']); $cryptpass = md5($password.$salt); if ($cryptpass == $hash || $row['password'] == $password) { if($row['usertype'] == ADMIN_TYPE){ echo $LOGIN_SUCCESS_ADMIN ."|avt=".$avatar."&a=".$age."&s=".$gender."&l=".$city; mysql_close($link); exit; } else{ echo $LOGIN_SUCCESS ."|avt=".$avatar."&a=".$age."&s=".$gender."&l=".$city; mysql_close($link); exit; } } else { echo $LOGIN_PASSWD_ERROR; mysql_close($link); exit; } } else { echo $LOGIN_ERROR_NOUSERID; mysql_close($link); exit; } //copied from joomla.php function mosMakePassword($length=8) { $salt = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; $makepass = ''; mt_srand(10000000*(double)microtime()); for ($i = 0; $i < $length; $i++) $makepass .= $salt[mt_rand(0,61)]; return $makepass; } ?>