login.php 1.7 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374
  1. <?php
  2. session_start();
  3. if(isset($_SESSION['hostz-user']) && isset($_SESSION['hostz-passwd'])) { header("Location: ctrl.php"); }
  4. if(isset($_SESSION['hostz-vpspanel-user']) && isset($_SESSION['hostz-vpspanel-passwd'])) { header("Location: vps-panel.php"); }
  5. include("config.php");
  6. include_once("header.php");
  7. echo "<div class='ptitle'>$title: $desc ~ login</div>\n\n";
  8. if(isset($_GET['action']))
  9. {
  10. $action = $_GET['action'];
  11. if($action=="filehost")
  12. {
  13. if($_POST['hostzusername']!="" && $_POST['hostzpassword']!="")
  14. {
  15. $username = $_POST['hostzusername'];
  16. if(file_exists("users/$username.php"))
  17. {
  18. $password = $_POST['hostzpassword'];
  19. include("users/$username.php");
  20. if($user_password==$password)
  21. {
  22. $_SESSION['hostz-user'] = $_POST['hostzusername'];
  23. $_SESSION['hostz-passwd'] = $_POST['hostzpassword'];
  24. echo "Logged in, <a href=\"ctrl.php\">Redirecting to control panel in 3 seconds</a><meta http-equiv='refresh' content='3;url=ctrl.php'>";
  25. }
  26. else
  27. {
  28. echo "Error: Wrong password";
  29. }
  30. }
  31. else
  32. {
  33. echo "Error: User not found.";
  34. }
  35. }
  36. else
  37. {
  38. echo "Error: No username or password provided";
  39. }
  40. }
  41. }
  42. else
  43. {
  44. print <<<EOD
  45. <div class="form">
  46. <form method="post" action="login.php?action=filehost">
  47. <table>
  48. <tr>
  49. <td>Username:</td>
  50. <td><input type="text" name="hostzusername"></td>
  51. </tr>
  52. <tr>
  53. <td>Password:</td>
  54. <td><input type="password" name="hostzpassword"></td>
  55. </tr>
  56. <tr>
  57. <td>Go!</td>
  58. <td><input type="submit" value="Login"></td>
  59. </tr>
  60. </table>
  61. </form>
  62. </div>
  63. EOD;
  64. }
  65. include_once("footer.php");
  66. ?>