]>
Commit | Line | Data |
---|---|---|
31f96580 JR |
1 | <?php |
2 | define('WEBOS', TRUE); | |
3 | require_once('common.php'); | |
4 | ||
5 | if (empty($_POST['user']) || empty($_POST['pass'])) { | |
c9efe00e | 6 | make_error('Username or password empty.'); |
31f96580 JR |
7 | } |
8 | $sth = $db->prepare('SELECT uid, displayname FROM users WHERE username = ? AND password = ?'); | |
9 | $sth->bind_param('ss', $_POST['user'], sha1(PWSALT.$_POST['pass'])); | |
10 | $sth->execute(); | |
11 | $sth->bind_result($uid, $dispname); | |
12 | if (!$sth->fetch()) { // no row returned | |
c9efe00e | 13 | make_error('Username or password incorrect.'); |
31f96580 JR |
14 | } |
15 | ||
16 | // row returned, user/pw good | |
17 | $sth->close(); | |
18 | $sth = $db->prepare('INSERT INTO sessions(sid, uid, started, last, active) VALUES (NULL, ?, NOW(), NOW(), 1)'); | |
19 | $sth->bind_param('i', $uid); | |
20 | $sth->execute(); | |
21 | $sid = $sth->insert_id; | |
22 | ||
c9efe00e JR |
23 | |
24 | $data = <<<EOF | |
25 | <script> | |
26 | $(document).ready(function () { | |
27 | $("div#body").html(""); | |
28 | poster("display.php?app=core&part=desktop", {}); | |
29 | }); | |
30 | </script> | |
31 | EOF; | |
32 | make_reply($data, array('uid' => $uid, 'sid' => $sid, 'name' => $dispname)); |