31 lines
1.3 KiB
PHP
31 lines
1.3 KiB
PHP
<?
|
|
$username = mysql_escape_string($_REQUEST['username']);
|
|
$password = mysql_escape_string($_REQUEST['password']);
|
|
|
|
$query = "select * from `users` where `email`='$username' and (`password`=old_password('$password') or `password`=sha1('$password'))";
|
|
$res = mysql_query($query);
|
|
if(mysql_num_rows($res) != 1)
|
|
die("403,That username couldn't be found\n");
|
|
echo "200,Authentication Ok\n";
|
|
$user = mysql_fetch_assoc($res);
|
|
$memid = $user['id'];
|
|
$query = "select sum(`points`) as `points` from `notary` where `to`='$memid' group by `to`";
|
|
$row = mysql_fetch_assoc(mysql_query($query));
|
|
$points = $row['points'];
|
|
echo "CS=".$user['codesign']."\n";
|
|
echo "NAME=CAcert WoT User\n";
|
|
if($points >= 50)
|
|
{
|
|
echo "NAME=".$user['fname']." ".$user['lname']."\n";
|
|
if($user['mname'] != "")
|
|
echo "NAME=".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
|
|
if($user['suffix'] != "")
|
|
echo "NAME=".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
|
|
if($user['mname'] != "" && $user['suffix'] != "")
|
|
echo "NAME=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
|
|
}
|
|
$query = "select * from `email` where `memid`='$memid' and `hash`='' and `deleted`=0";
|
|
$res = mysql_query($query);
|
|
while($row = mysql_fetch_assoc($res))
|
|
echo "EMAIL=".$row['email']."\n";
|
|
?>
|