3 function passwd($login,$pass)
5 return md5(md5($pass).$login);
8 function check_passwd()
10 if (empty($_POST['login']) || empty($_POST['passwd']))
13 $sql = sprintf("SELECT * FROM sys_user WHERE login = '%s' AND passwd = '%s'",
14 pg_escape_string($_POST['login']), passwd($_POST['login'], $_POST['passwd']));
16 $sth = pg_query($sql);
18 if ($sth === false) return false;
20 if ($row = pg_fetch_assoc($sth)) {
21 $_SESSION['sys'] = array('uid' => $row['id'],
22 'login' => $row['login'],
23 'name' => $row['name'],
24 'email' => $row['email']);
28 error_log('Failed login attempt for user ' . $_POST['login']);
34 $ret = '<div class="login">';
36 $ret .= '<div align="center">';
37 $ret .= '<form action="index.php" method="POST">';
38 $ret .= '<table class="login" cellpadding="5">';
39 $ret .= '<tr><th align="left" colspan="2" style="background: #BBD9EE;">Anmeldung</th></tr>';
41 $ret .= '<tr><th align="right">Login</th><td><input type="text" name="login" size="15"></td></tr>';
42 $ret .= '<tr><th align="right">Passwort</th><td><input type="password" name="passwd" size="15"></td></tr>';
44 $ret .= '<tr><td colspan="2" align="center"><input type="submit" value="Anmelden"></td></tr>';