Session ID is " . session_id() . "

"; // echo "

Lifetime is: " . $cookie_lifetime . "
Dir is " . rtrim(dirname($_SERVER["SCRIPT_NAME"]),"/") . "/" . "
Session cookie domain path is " . $session_cookie_domain_path . "
SSL is " . $ssl . "

"; //Config Check $config_inc_readable = is_readable(CONFIG_FILE); if ( !$config_inc_readable && file_exists("install.php") ) { header('Location: install.php'); exit(); } if ( '' == file_get_contents(CONFIG_FILE) ) { header('Location: install.php'); exit(); } require_once CONFIG_FILE; // Connect to the database server and select database. $db = createDatabaseConnection($db_type, $db_host, $db_user, $db_pass, $db_name, $table_prefix); // Load languages. include_once("includes/lang.php"); if (!$db instanceof OGPDatabase) { ogpLang(); die(get_lang('no_db_connection')); } // Logged in user settings - access this global variable where needed if(hasValue($_SESSION['user_id'])){ $loggedInUserInfo = $db->getUserById($_SESSION['user_id']); } $settings = $db->getSettings(); @$GLOBALS['panel_language'] = $settings['panel_language']; ogpLang(); require_once("includes/view.php"); $view = new OGPView(); $view->setCharset( get_lang('lang_charset') ); if(isset($_GET['type']) && $_GET['type'] == 'cleared') { heading(true); $view->printView(true); } else { ogpHome(); $view->printView(); } function heading() { global $db,$view,$settings; $view->setCharset( get_lang('lang_charset') ); $view->setTimeZone($settings['time_zone']); if ( !file_exists(CONFIG_FILE) ) { print_failure( get_lang("failed_to_read_config") ); $view->refresh("index.php"); return; } // Start Output Buffering if( isset($settings['maintenance_mode']) && $settings['maintenance_mode'] == "1" ) { if ($_SESSION['users_group'] != "admin" ) { echo "

".$settings['maintenance_title']."

"; echo "

".$settings['maintenance_message']."

"; $view->setTitle("OGP: Maintenance."); echo "

". get_lang("logging_out_10") ."...

"; $view->refresh("index.php", 10); session_destroy(); return; } } include "includes/navig.php"; if(isset($maintenance))echo $maintenance; } function ogpHome() { global $db,$view,$settings; if( isset($_GET['lang']) AND $_GET['lang'] != "-") $lang = $_GET['lang']; elseif( isset($settings['panel_language']) ) $lang = $settings['panel_language']; else $lang = "English"; $locale_files = makefilelist("lang/", ".|..|.svn", true, "folders"); $lang_sel = "\n"; $lang_switch = ( isset( $_GET['lang'] ) AND $_GET['lang'] != "-" ) ? "&lang=" . $_GET['lang'] : ""; ?> %top%
%topbody% $value) $postdata .= ",'$key': '$value'"; $postdata = substr($postdata,1); $postdata = "{".$postdata."}"; */ } else { $default_page = $db->isModuleInstalled('dashboard') ? "m=dashboard&p=dashboard" : "m=gamemanager&p=game_monitor"; if ( isset($_SESSION['users_login']) ) { $userInfo = $db->getUser($_SESSION['users_login']); if( isset($_SESSION['users_passwd']) AND !empty($_SESSION['users_passwd']) AND $_SESSION['users_passwd'] == $userInfo['users_passwd']) { print_success( get_lang("already_logged_in_redirecting_to_dashboard") ."."); $view->refresh("home.php?$default_page",2); echo "%botbody% %bottom%"; return; } } if ( isset($_POST['login']) ) { $client_ip = getClientIPAddress(); $ban_list = $db->resultQuery("SHOW TABLES LIKE 'OGP_DB_PREFIXban_list';"); if ( empty( $ban_list ) ) { $db->query("CREATE TABLE IF NOT EXISTS `OGP_DB_PREFIXban_list` ( `client_ip` varchar(255) NOT NULL, `logging_attempts` int(11) NOT NULL DEFAULT '0', `banned_until` varchar(16) NOT NULL DEFAULT '0', PRIMARY KEY (`client_ip`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1;"); } $banlist_info = $db->resultQuery("SELECT logging_attempts, banned_until FROM `OGP_DB_PREFIXban_list` WHERE client_ip='".$client_ip."';"); $login_attempts = !$banlist_info ? 0 : $banlist_info['0']['logging_attempts']; if( $banlist_info AND $banlist_info['0']['banned_until'] > 0 AND $banlist_info['0']['banned_until'] <= time() ) { $db->query("DELETE FROM `OGP_DB_PREFIXban_list` WHERE client_ip='$client_ip';"); $login_attempts = 0; } if( $login_attempts == $settings["login_attempts_before_banned"] ) { print_failure("Banned until " . date("r",$banlist_info['0']['banned_until'])); echo "%botbody% %bottom%"; return; } $userInfo = $db->getUser($_POST['ulogin']); // If result matched $myusername and $mypassword, table row must be 1 row if( isset($userInfo['users_passwd']) && md5($_POST['upassword']) == $userInfo['users_passwd']) { // Handle recaptcha if enabled // But admins don't have to do this :) if($settings['recaptcha_use_login'] == "1" && !empty($settings['recaptcha_site_key']) && !empty($settings['recaptcha_secret_key']) && $userInfo['users_role'] != "admin"){ $gRecaptchaResponse = sanitizeInputStr($_REQUEST['g-recaptcha-response']); $sitekey = $settings['recaptcha_site_key']; $secretkey = $settings['recaptcha_secret_key']; require_once('includes/classes/recaptcha/autoload.php'); $recaptcha = new \ReCaptcha\ReCaptcha($secretkey); $resp = $recaptcha->verify($gRecaptchaResponse, $client_ip); if (empty($gRecaptchaResponse) || !$resp->isSuccess()){ print_failure("Recaptcha failed. Try again!"); $view->refresh("index.php",5); return; } } $_SESSION['user_id'] = $userInfo['user_id']; $_SESSION['users_login'] = $userInfo['users_login']; $_SESSION['users_passwd'] = $userInfo['users_passwd']; $_SESSION['users_group'] = $userInfo['users_role']; $_SESSION['users_lang'] = isset( $_GET['lang'] ) ? $_GET['lang'] : $userInfo['users_lang']; $_SESSION['users_theme'] = $userInfo['users_theme']; $_SESSION['users_api_key'] = $db->getApiToken($userInfo['user_id']); print_success( get_lang("logging_in") ."..."); $db->logger( get_lang("logging_in") ."..."); $db->query("DELETE FROM `OGP_DB_PREFIXban_list` WHERE client_ip='$client_ip';"); $view->refresh("home.php?$default_page",2); } else { print_failure( get_lang("bad_login") ); $login_attempts++; if( $login_attempts == $settings["login_attempts_before_banned"] ) { $banned_until = time() + (array_key_exists("login_ban_time" , $settings) && !empty($settings["login_ban_time"]) && is_numeric($settings["login_ban_time"]) ? $settings["login_ban_time"] : 300); // Five minutes or user defined setting. if( !$banlist_info ) $db->query("INSERT INTO `OGP_DB_PREFIXban_list` (`client_ip`) VALUES('$client_ip');"); $db->logger( get_lang("bad_login") . " ( Banned until " . date("r", $banned_until) . " ) [ " . get_lang("login") . ": " . sanitizeInputStr($_POST["ulogin"]) . ", " . get_lang("password") . ": ******** ]" ); $db->query("UPDATE `OGP_DB_PREFIXban_list` SET logging_attempts='$login_attempts', banned_until='$banned_until' WHERE client_ip='$client_ip';"); print_failure("Banned until " . date("r",$banned_until)); } else { if( !$banlist_info ) $db->query("INSERT INTO `OGP_DB_PREFIXban_list` (`client_ip`) VALUES('$client_ip');"); $db->logger( get_lang("bad_login") . " ( $login_attempts ) [ " . get_lang("login") . ": " . sanitizeInputStr($_POST["ulogin"]) . ", " . get_lang("password") . ": ******** ]" ); $db->query("UPDATE `OGP_DB_PREFIXban_list` SET logging_attempts='$login_attempts' WHERE client_ip='$client_ip';"); $view->refresh("index.php",2); } } echo "%botbody% %bottom%"; return; } ?>


" name="login_form" method="post">
:
:
:
:

%botbody% %bottom%