I would like to have 1 small help asking why you write this and how can I fix it? Please help who helps
Code:
<?php
ob_start();
/*
if (!defined("FOOLDAL")){
die("Ne kutakodj olyan helyen ahol nem kéne... a főoldalon tudsz bejelentkezni!");
}
*/
require_once ("include/functions.php");
require_once ("include/config.php");
dbconn();
function login(){
global $PRIVATE_TRACKER, $STYLEPATH;
?>
<?php
//Invalid Login System Hack Start - 10:35 12/23/2006
if ($GLOBALS["inv_login"]==true){
$real_ip = $_SERVER["REMOTE_ADDR"];
$db_ip = sprintf("%u", ip2long($real_ip));
$resource = mysql_query("SELECT * FROM invalid_logins WHERE ip ='".$db_ip."'") or die(mysql_error());
$result = mysql_fetch_array($resource);
if (!$result){
$logins_left = $GLOBALS["login_attempts"];
}else{
$logins_left = $result["remaining"];
}
if ($result["remaining"] == "0"){
//find remaining minutes untill next sanity
//current time
$now = time("d/m/Y H:i:s");
//last sanity
$res = mysql_query("SELECT last_time FROM tasks WHERE task='sanity' ") or mysqlerr();
$sanity = mysql_fetch_assoc($res);
$last_sanity = $sanity["last_time"];
//next sanity
$next_sanity = $last_sanity+$GLOBALS["clean_interval"];
//minutes untill next sanity
$ban_time = ($next_sanity-$now)/60;
$ban = round($ban_time);
if ("$ban" >= "2" || "$ban" == "0"){
$s="s";
}elseif ("$ban" == 1){
$s="";
}
echo "<br>";
szovegdoboz1("433px", "center", "justify");
?>
<center><span style="color:#FF0000"><b>Figyelem!</b></span></center><br>
Ez az utoljára megmaradó bejelentkezési kísérleted.
Ha most is rosszul jelentkeznél be, akkor <span style="color:#FF0000"><?= $ban ?> percre tiltani fog az oldal...</span><br>
<?
szovegdoboz2();
}
}
//Invalid Login System Hack Stop
if(!isset ($user)){
$user="";
}
?>
<br>
<form method="post" action="index.php?returnto=<?= urlencode("index.php") ?>">
<table align="center" width="450" border="0" cellpadding="5" cellspacing="1">
<!-- Invalid Login System Hack Start - 09:19 12/23/2006 -->
<?php
if ($GLOBALS["inv_login"]==true){
if ("$logins_left" >= "2" || "$logins_left" == "0"){
$ss = "s";
}elseif ("$logins_left" == "1"){
$ss = "";
}
print("<tr height='30'><td colspan='3' class='header' align='center'>Hátravan még <span style='color:#FF0000; font-size: 14 px;'>".$logins_left."</span> bejelentkezési kísérleted!</td></tr>");
}
?>
<!-- Invalid Login System Hack Stop -->
<tr>
<td align="right" class="lista"><b>Név:</b></td>
<td class="lista" align="left" width="1">
<?= inputstyle1("<img src='".$STYLEPATH."/kepek/ikon_User-icon2.png'>") ?>
<input type="text" name="uid" value="<?= $user ?>" maxlength="" class="inputstyle" tabindex="1" style="width: 230px">
<?= inputstyle2() ?>
</td>
<td rowspan="2" class="lista" align="center" valign="middle">
<span><?= gomb("gomb_belepes.png", "96", "28", "submit", "", "", "3") ?></span>
</td>
</tr>
<tr>
<td align="right" class="lista"><b>Jelszó:</b></td>
<td class="lista" align="left" width="1">
<?= inputstyle1("<img src='".$STYLEPATH."/kepek/ikon_Key-icon.png'>") ?>
<input type="password" name="pwd" maxlength="40" class="inputstyle" tabindex="2" style="width: 230px">
<?= inputstyle2() ?>
</td>
</tr>
<tr>
<td colspan="3" class="lista" align="center"><b>Megjegyzés:</b> Engedélyezned kell a cookiekat a bejelentkezéshez. </td>
</tr>
<tr>
<td class="lista" colspan="3" align="center">
<input type="checkbox" name="logout" value="yes"> Automatikus kiléptetés 15 perc inaktívitás után!
</td>
</tr>
<tr height="30">
<td colspan="3" class="header" align="center">
<?php
if ($PRIVATE_TRACKER){
print("<img src='".$STYLEPATH."/kepek/ikon_User-icon2.png' style='vertical-align: middle'><a href='recover.php' class='link2'>".RECOVER_PWD."</a>");
}else{
print("<img src='".$STYLEPATH."/kepek/ikon_User-icon2.png' style='vertical-align: middle'><a href='account.php' class='link2'>".ACCOUNT_CREATE."</a> <img src='".$STYLEPATH."/kepek/ikon_Key-icon.png' style='vertical-align: middle'><a href='recover.php' class='link2'>".RECOVER_PWD."</a>");
}
?>
</td>
</tr>
</table>
</form>
<br>
<?php
}
if (!$CURUSER || $CURUSER["uid"]==1) {
if (isset($_POST["uid"]) && $_POST["uid"]){
$user=$_POST["uid"];
}else{
$user='';
}
if (isset($_POST["pwd"]) && $_POST["pwd"]){
$pwd=$_POST["pwd"];
}else{
$pwd='';
}
//Invalid Login System Hack Start - 18:32 12/27/2006
$ip = $_SERVER["REMOTE_ADDR"];
$attempts = $GLOBALS["login_attempts"];
//Invalid Login System Hack Stop
if (isset($_POST["uid"]) && isset($_POST["pwd"])){
$res = mysql_query("SELECT * FROM users WHERE username ='".AddSlashes($user)."'") or die(mysql_error());
$row = mysql_fetch_array($res);
//Invalid Login System Hack Start - 18:32 12/27/2006
$resource = mysql_query("SELECT * FROM invalid_logins WHERE ip='".sprintf("%u", ip2long($ip))."'") or die(mysql_error());
$results = mysql_fetch_array($resource);
//Invalid Login System Hack Stop
//User Warning System Hack Start - 11:17 01.08.2006
if ($row["disabled"] == "yes"){
//standardheader("Login");
echo "<br>";
szovegdoboz1("433px", "center", "center");
print("<font size="2" color="#FF0000"><b>Hiba! Ez az account tiltva van!</b></font><br><br><b>Oka:</b> ".$row["disabledreason"]."");
szovegdoboz2();
login();
//User Warning System Hack Stop
}elseif (!$row){
//standardheader("Login");
echo "<br>";
szovegdoboz1("433px", "center", "center");
print("<font size="2" color="#FF0000"><b>Hibás felhasználónév!</b></font>");
szovegdoboz2();
//Invalid Login System Hack Start - 18:04 12/27/2006
if (!$results)
mysql_query("INSERT INTO invalid_logins SET ip='".sprintf("%u", ip2long($ip))."', userid='".$row['id']."', username='".$row['username']."', failed=failed+1, remaining=$attempts-1") or die(mysql_error());
elseif ($results["failed"] < "$attempts")
mysql_query("UPDATE invalid_logins SET ip='".sprintf("%u", ip2long($ip))."', failed=failed+1, remaining=$attempts-failed WHERE ip='".sprintf("%u", ip2long($ip))."'") or die(mysql_error());
elseif ($results["failed"] == "$attempts" && $results["remaining"] == "0")
{
$firstip = $ip;
$lastip = $ip;
$comment = "max number of invalid logins reached";
$firstip = sprintf("%u", ip2long($firstip));
$lastip = sprintf("%u", ip2long($lastip));
$comment = sqlesc($comment);
$added = sqlesc(time());
mysql_query("INSERT INTO bannedip (added, addedby, first, last, comment) VALUES($added, '2', $firstip, $lastip, $comment)") or die(mysql_error());
mysql_query("DELETE FROM invalid_logins WHERE ip='".sprintf("%u", ip2long($ip))."' LIMIT 1") or sqlerr();
}
//Invalid Login System Hack Stop
login();
}elseif (md5($row["random"].$row["password"].$row["random"]) != md5($row["random"].md5($pwd).$row["random"])){
//standardheader("Login");
echo "<br>";
szovegdoboz1("433px", "center", "center");
print("<font size="2" color="#FF0000"><b>Hibás jelszó!</b></font>");
szovegdoboz2();
//Invalid Login System Hack Start - 18:04 12/27/2006
if (!$results)
mysql_query("INSERT INTO invalid_logins SET ip='".sprintf("%u", ip2long($ip))."', userid='".$row['id']."', username='".$row['username']."', failed=failed+1, remaining=$attempts-1") or die(mysql_error());
elseif ($results["failed"] < "$attempts" && $results["remaining"] != "0")
mysql_query("UPDATE invalid_logins SET ip='".sprintf("%u", ip2long($ip))."', failed=failed+1, remaining=$attempts-failed WHERE ip='".sprintf("%u", ip2long($ip))."'") or die(mysql_error());
elseif ($results["failed"] == "$attempts" && $results["remaining"] == "0")
{
$firstip = $ip;
$lastip = $ip;
$comment = "max number of invalid logins reached";
$firstip = sprintf("%u", ip2long($firstip));
$lastip = sprintf("%u", ip2long($lastip));
$comment = sqlesc($comment);
$added = sqlesc(time());
mysql_query("INSERT INTO bannedip (added, addedby, first, last, comment) VALUES($added, '2', $firstip, $lastip, $comment)") or die(mysql_error());
mysql_query("DELETE FROM invalid_logins WHERE ip='".sprintf("%u", ip2long($ip))."' LIMIT 1") or sqlerr();
}
//Invalid Login System Hack Stop
login();
}elseif($row['id_level'] == 2){
//standardheader("Login");
echo "<br>";
szovegdoboz1("433px", "center", "justify");
print("<font size="2" color="#FF0000"><center><b>Még nincs aktiválva ez az account!</b></center></font><br>Regisztráció illetve e-mail cím módosítás után kapnod kellett egy e-mailt, amiben elküdtük neked az aktivációs linket. Arra kattintva aktiválhatod a regisztrációs fiókodat és beléphetsz az oldalra. Amennyiben nem kaptál ilyen levelet, írj nekünk erre a címre: <span style='color: yellow; font-weight: bold;'>".$SITEEMAIL."</span>");
szovegdoboz2();
login();
}else{
if ((isset ($_POST['logout']) AND $_POST['logout'] == 'yes')){
mysql_query("UPDATE users SET 15_perc_inaktiv = 'igen' WHERE id = ".$row['id']."");
logincookie($row["id"],md5($row["random"].$row["password"].$row["random"]), 15);
}else{
logincookie($row["id"],md5($row["random"].$row["password"].$row["random"]));
mysql_query("UPDATE users SET 15_perc_inaktiv = 'nem' WHERE id = ".$row['id']."");
}
if (isset($_GET["returnto"]))
$url=urldecode($_GET["returnto"]);
else
$url="index.php";
//Invalid Login System Hack Start - 10:55 12/23/2006
mysql_query("DELETE FROM invalid_logins WHERE ip='".sprintf("%u", ip2long($ip))."' LIMIT 1") or sqlerr();
//Invalid Login System Hack Stop
echo "<br>Bejelentkezés folyamatban...<br><br>";
//echo '<meta http-equiv="refresh" content="1;url='.$url.'">';
header("Location:".$url);
//redirect($url);
}
}else{
//standardheader("Login");
login();
//exit;
}
}else{
if (isset($_GET["returnto"]))
$url=urldecode($_GET["returnto"]);
else
$url="index.php";
redirect($url);
}
ob_end_flush();
?>
Szeretnék 1 kis segítséget kérni hogy miért írja ezt és hogyan tudnám javítani ? Legyen szíves aki ért hozzá segítsen