okay, thanks... just one question,
what do i need to edit if i wish to put more users into the tracker?...
i mean, i know i have to define them inside config, but i also know that i need to define them other places... where would that be to be exact?... thanks :)...
EDIT:
this is the login.php page:
PHP Code:
<?php
require_once("include/bittorrent.php");
echo stdhead("Login");
?>
<form method="post" action="takelogin.php">
<table class="login_table" align="center" border="1">
<tr>
<td>Username</td>
<td><input type="text" name="username" id="username" size="35" /></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password" id="password" size="35" /></td>
</tr>
<tr>
<td align="center" colspan="2"><input type="submit" name="login_submit" value="Login Now!" /></td>
</tr>
</table>
</form>
<?php
echo stdfooter();
?>
and this is the takelogin.php page:
PHP Code:
<?php
require_once 'include/bittorrent.php';
require_once "include/password_functions.php";
echo stdhead("Login");
if (!mkglobal('username:password'))
die();
$lang = array_merge(load_language('takelogin'));
$res = mysql_query("SELECT id, passhash, secret, enabled FROM users WHERE username = " . sqlesc($username) . " AND status = 'confirmed'");
$row = mysql_fetch_assoc($res);
if (!$row)
stderr($lang['tlogin_failed'], 'Username or password incorrect');
if ($row['passhash'] != make_passhash($row['secret'], md5($password)))
stderr($lang['tlogin_failed'], 'Username or password incorrect');
if ($row['enabled'] == 'no')
stderr($lang['tlogin_failed'], $lang['tlogin_disabled']);
logincookie($row['id'], $row['passhash']);
header("Location: {$SS['baseurl']}/index.php");
echo stdfooter();
?>
and inside bittorrent.php userlogin:
PHP Code:
function userlogin() {
global $SS;
unset($GLOBALS["CURUSER"]);
$ip = getip();
$nip = ip2long($ip);
require_once "cache/bans_cache.php";
if(count($bans) > 0)
{
foreach($bans as $k) {
if($nip >= $k['first'] && $nip <= $k['last']) {
header("HTTP/1.0 403 Forbidden");
print "<html><body><h1>403 Forbidden</h1>Unauthorized IP address. Please, piss off... you had your chance.</body></html>\n";
exit();
}
}
unset($bans);
}
if (!$SS['site_online'] || !get_mycookie('uid') || !get_mycookie('pass'))
return;
$id = 0 + get_mycookie('uid');
if (!$id || strlen( get_mycookie('pass') ) != 32)
return;
$res = mysql_query("SELECT * FROM users WHERE id = $id AND enabled='yes' AND status = 'confirmed'");// or die(mysql_error());
$row = mysql_fetch_assoc($res);
if (!$row)
return;
if (get_mycookie('pass') !== $row["passhash"])
return;
mysql_query("UPDATE users SET last_access='" . TIME_NOW . "', ip=".sqlesc($ip)." WHERE id=" . $row["id"]);// or die(mysql_error());
$row['ip'] = $ip;
$GLOBALS["CURUSER"] = $row;
}
ideas?...
PS: is userlogin the only thing i need to get the login page to work? 'O_o...