Your IP : 3.15.223.129

Current Path : /data/web/virtuals/51568/virtual/www/plan/
Upload File :
Current File : /data/web/virtuals/51568/virtual/www/plan/header.php

<?
$login=0; $jmeno="";$uid="";$incl=true;

if($_COOKIE["SESSIDWEB"]!="")$session_login_string=$_COOKIE["SESSIDWEB"];
elseif($_GET["$session_login_string"])$session_login_string=$_GET["$session_login_string"];
$session_login_string=mysql_real_escape_string($session_login_string);

//odhlášení
if($_GET["logout"]==1 or $_POST["logout"]!=""){
mysql_query("delete from sessions where session_id='".$session_login_string."'");
$session_login_string=hash("sha256",uniqid(rand()));
$login=0;
setcookie("SESSIDWEB","",time()-3600,"/");
setcookie("sp","",time()-3600,"/");
setcookie("cs","",time()-3600,"/");
}

 //je přihlášen?
function logged(){
global $session_login_string;
if($session_login_string=="") return false;
$f=mysql_fetch_array(mysql_query("select session_data from sessions where session_id='".$session_login_string."' and expires>".time()));
$r=explode("\r",$f[0]);
if($r[1]=="" && $r[2]=="")
$r=explode("\n",$f[0]);
if($r[1]=="") $r[1]=$r[2];
$sql="SELECT * FROM registrace WHERE id='".$r[0]."' and pw='".str_replace("\n","",$r[1])."' ";
$result = @mysql_query($sql);
if(mysql_num_rows($result)>=1){
$GLOBALS["uzivatel"]=mysql_fetch_array($result);
if($_COOKIE["cs"]==1) $ct=0; else $ct=time()+$_COOKIE["cs"]*24*3600;
return true;
}else return false;
}


 
//přihlášení
if(!logged()){
if($_POST["lg_email"]!="" and $_POST["lg_pw"]!=""){

$login_name=mysql_real_escape_string($_POST["lg_email"]);
$login_pw=mysql_real_escape_string($_POST["lg_pw"]);
$new_pw=mb_substr(hash("sha256",$login_pw),0,32);
	
$log=mysql_result(mysql_query("select count(id) from log where username='".$login_name."' and cas>".(time()-180)),0);
mysql_query("insert into log set username='".$login_name."',ip='".$_SERVER["REMOTE_ADDR"]."',cas=".time());
if($log>2){
$GLOBALS["loginerr"]= '<b style=color:red>Bohužel, byl zaznamenán větší počet pokusů o přihlášení a uživatel byl zablokován. Počkejte pár minut a zkuste to prosím znovu. Pokud potíže přetrvávají, kontaktujte prosím správce webu.</b><br>';
}else{
	
$query="SELECT * FROM registrace WHERE email = '".$login_name."' AND pw = '".$new_pw."' and stav=1 limit 0,1";
$result = @mysql_query($query);
if(mysql_num_rows($result)>=1){
$session_login_string=mb_substr(hash("sha256",uniqid(rand())),0,30);
$session_login_string=mysql_real_escape_string($session_login_string);
$login=1;
$_GET["logout"]=0;
$uzivatel=mysql_fetch_array($result);
if($_POST["trvale"]=="on") $cas=31; else $cas=1;
mysql_query("insert into sessions values('$session_login_string','".$uzivatel["id"]."\r".$uzivatel["pw"]."',".(time()+$cas*24*3600).");");
if($_POST["trvale"]=="on") $cas=31; else $cas=1;
if($cas==1) $ct=0;else$ct=time()+$cas*24*3600; 
setcookie("SESSIDWEB",$session_login_string,$ct,"/");
setcookie("sp",1,0,"/");
setcookie("cs",$cas,$ct,"/");

}else $GLOBALS["loginerr"]="<b style=color:red>Špatná kombinace e-mailu a hesla!</b><br>";
}
}//else
//formular();
 
 
}else{
$login=1;
	
//změna hashe po přihlášení
if($_COOKIE["sp"]!=1){
if($_COOKIE["cs"]==1) $ct2=0; else $ct2=time()+$_COOKIE["cs"]*24*3600; 
$blbo=mb_substr(hash("sha256",uniqid(rand())),0,30);
$blbo=mysql_real_escape_string($blbo);
setcookie("SESSIDWEB",$blbo,$ct2,"/");
mysql_query("update sessions set `session_id`='".$blbo."' where `session_id`='".$session_login_string."'");
$session_login_string=$blbo;
setcookie("sp",1,0,"/");
}	
	
}

?>