define_dynamic("error_$val","main"); if (!$errors[$val]) $tpl->clear_dynamic("error_$val"); else $tpl->parse("ERROR_$val","error_$val"); } $tpl->assign(array("USERNAME" => "$data[username]", "PASSWORD" => "$data[password]", "RETURN_URL" => "$return_url", "DB" => $_REQUEST['db'])); } #-------------------------- #-------- LOGIN ----------- #-------------------------- function user_login() { global $tpl,$data,$errors,$password_remind,$config; $errors = array(); $data = &$_REQUEST['data']; $submit = &$_REQUEST['submit']; $return_url = $_REQUEST['return_url']; if (!$data[username] || !$data[password]) $errors[password] = 1; else { $data[username] = trim($data[username]); $result = mysql_query("SELECT * FROM $config[table_prefix]partnerlogin WHERE username = '$data[username]' AND password = '$data[password]'"); if ($result && mysql_num_rows($result)) { $_SESSION["$config[db_name]partnerid"] = mysql_result($result,0,"partnerid"); session_write_close(); security_log($_SESSION["$config[db_name]partnerid"]); } else $errors[password] = 1; } if (count($errors) > 0) { user_login_form(); return; } else { if (!$return_url) $return_url = "index.php"; else $return_url = base64_decode($return_url); redirect($return_url,"Prijavljivanje uspešno"); } } #-------------------------- #-------- LOGOUT ---------- #-------------------------- function user_logout() { global $_SESSION, $config; $_SESSION["$config[db_name]partnerid"] = ""; redirect("index.php?db=$config[db_name]","Odjavljivanje"); } #-------------------------- #-------- SECURITY LOG ---- #-------------------------- function security_log($partnerid){ global $administrator; $set = array(); $set[] = "partnerid = '" . addslashes($partnerid) . "'"; $set[] = "IP = '" . addslashes($_SERVER['REMOTE_ADDR']) . "'"; $set[] = "referral_url = '" . addslashes($_SERVER['HTTP_REFERER']) . "'"; $set[] = "browser = '" . addslashes($_SERVER['HTTP_USER_AGENT']) . "'"; $set[] = "security_logts = NOW()"; mysql_query("INSERT INTO $config[table_prefix]additinaltable_security_log SET " . implode(",",$set)); } include_once "prepare_script.php"; $tpl->define(array("main" => "userlogin.tpl")); $action = $_REQUEST['action']; if (!function_exists("user_$action")) $action = "login_form"; eval("user_${action}();"); $tpl->parse("HTML","main"); $tpl->FastPrint("HTML"); ?>