BossBey File Manager

Editing: auth_incl.php

<?php
//*****************************AUTHORIZATION****************************
$rez=0;
$lifetime=1800;
$sid=$_GET['sid'];
$login=$_GET['login'];
if ($login!="") {
  include_once("db_connect_incl.php");
  $sql_query = "select sid, access from users where name='$login';";
  $result = mysql_query($sql_query);
  if (mysql_numrows($result)!=0) {
   $uid = mysql_result($result,0,sid);
   $access = mysql_result($result,0,access);
   $cryp=date(d).date(m).date(y).$uid;
   $usid=md5($cryp);
   if ($usid==$sid) {
	$sql_query = "select lasttime from sessions where sid='$sid';";
	$result=mysql_query($sql_query);
	$n=mysql_numrows($result);
	if ($n==0) {
		$t=time();
		$sql_query = "insert into sessions values (null, '$sid', $t);";
        	mysql_query($sql_query);
        	$rez=$access;
	}
	else {
		$lasttime=mysql_result($result,0,lasttime);
		$curtime=time();
		$d=$curtime-$lasttime;
		if ($d<$lifetime) {
			$sql_query="update sessions set lasttime=$curtime where sid='$sid';";
			mysql_query($sql_query);
			$rez=$access;
		}
		else {
			$sid='';
			$login='';
		}
	}
   }
   else {
	$sid='';
	$login='';
   }
  }
  else {
   $sid='';
   $login='';
  }
}
if ($sid!='') {$add="&sid=$sid&login=$login";};
//******************************END AUTHORIZATION************************
?>

Cancel