|
|
@ -148,7 +148,7 @@
|
|
|
|
if(mysql_num_rows($res) > 0)
|
|
|
|
if(mysql_num_rows($res) > 0)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
$row = mysql_fetch_assoc($res);
|
|
|
|
$row = mysql_fetch_assoc($res);
|
|
|
|
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$row[memid]' and `deleted`=0"));
|
|
|
|
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$row[memid]' and `deleted`=0 and `locked`=0"));
|
|
|
|
if($_SESSION['profile']['id'] != 0)
|
|
|
|
if($_SESSION['profile']['id'] != 0)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
$_SESSION['profile']['loggedin'] = 1;
|
|
|
|
$_SESSION['profile']['loggedin'] = 1;
|
|
|
@ -176,7 +176,7 @@
|
|
|
|
$email = mysql_escape_string(stripslashes(strip_tags(trim($_REQUEST['email']))));
|
|
|
|
$email = mysql_escape_string(stripslashes(strip_tags(trim($_REQUEST['email']))));
|
|
|
|
$pword = mysql_escape_string(stripslashes(trim($_REQUEST['pword'])));
|
|
|
|
$pword = mysql_escape_string(stripslashes(trim($_REQUEST['pword'])));
|
|
|
|
$query = "select * from `users` where `email`='$email' and (`password`=old_password('$pword') or `password`=sha1('$pword') or
|
|
|
|
$query = "select * from `users` where `email`='$email' and (`password`=old_password('$pword') or `password`=sha1('$pword') or
|
|
|
|
`password`=password('$pword')) and `verified`=1 and `deleted`=0";
|
|
|
|
`password`=password('$pword')) and `verified`=1 and `deleted`=0 and `locked`=0";
|
|
|
|
$res = mysql_query($query);
|
|
|
|
$res = mysql_query($query);
|
|
|
|
if(mysql_num_rows($res) > 0)
|
|
|
|
if(mysql_num_rows($res) > 0)
|
|
|
|
{
|
|
|
|
{
|
|
|
|