" . LA_ALREADY_LOGGED . "
"; echo LA_ALREADY_LOGGED_DESC . "

"; include("footer_inc.php"); exit; } if (empty($set_outer_color)) { $set_outer_color = "#A9B8D1"; } if (empty($set_inner_color)) { $set_inner_color = "#FFFFFF"; } if (empty($set_descr_color)) { $set_descr_color = "#FFFFFF"; } if (isset($_POST["submit"]) AND !isset($_REQUEST["forgot"])) { $username=""; $password=""; if (isset($_POST["username"])) $username = htmlspecialchars($_POST["username"]); if (isset($_POST["password"])) $password = htmlspecialchars($_POST["password"]); $username=trim(getParam("username","")); $password=trim(getParam("password","")); $sql = "select user_status,user_verify_code,user_approved,user_id,user_name,user_email from $usr_tbl where user_email = '$username' AND user_pass_md5 = md5('$password')"; $result = q($sql); $num_check = mysql_num_rows($result); if ($num_check==1) { $row_line = mysql_fetch_array($result); $status = $row_line["user_status"]; $verify_code = $row_line["user_verify_code"]; $approve = $row_line["user_approved"]; $user_id = $row_line["user_id"]; $user_email = $row_line["user_email"]; $name = $row_line["user_name"]; if ($status == 1) $msg = LA_BLOCKED_LOGIN; elseif ($verify_code AND $opt_verify) $msg = LA_NEED_TO; elseif ($approve_mem AND !$approve) $msg = LA_WAIT_APP; else { $_SESSION["valid_user"] = $user_id; $_SESSION["user_name"] = $name; $_SESSION["user_email"] = $user_email; addLoginItem($user_id); addToHistory(1,$user_id,"",""); // Redirect user to correct page if (!empty($_REQUEST["redirect_to"])) redirect($_REQUEST["redirect_to"]); else redirect("member.php"); } } else { // Failed login //$msg = writeHeadLine(LA_WARNING,"red"); $msg = $msg . LA_NOT_AUTHORIZED; addToHistory(13,"","","$username"); } } elseif (isset($_REQUEST["forgot"]) AND isset($_POST["email"])) { $email = $_POST["email"]; $new_password = generatePassword(5); if (($email)) { $result = q ("select user_email from $usr_tbl where user_email = '$email'"); $count_results = mysql_num_rows($result); if ($count_results>0) { $sql="update $usr_tbl set user_pass_md5 = md5('$new_password') where user_email = '$email'"; $res = q ($sql); $msg = writeHeadLine(LA_SUCCESS,"black"); $msg = $msg . formatString(LA_FORGOT_SENT_MSG,array("$email")); addToHistory(14,"","","$username"); sendEmail($email,$from_adress_mail,LA_FORGOT_SEND_MAIL_TITLE,formatString(LA_FORGOT_SEND_MAIL_BODY, array("$new_password","http://$url/member_login.php","$name_of_site"))); } else { $msg = writeHeadLine(LA_WARNING,"red"); $msg = $msg . formatString(LA_FORGOT_NOTF,array("$email")); } } else { $msg = writeHeadLine(LA_WARNING,"red"); $msg = $msg . LA_ERROR_MSG21; } } if (isset($_REQUEST["logout"])) { $msg = $la_session_remove; } check_valid_user("$msg"); require("footer_inc.php"); ?>