WordPress/wp-admin/auth.php

48 lines
1.2 KiB
PHP

<?php
require_once('../wp-config.php');
/* Checking login & pass in the database */
function veriflog() {
global $HTTP_COOKIE_VARS,$cookiehash;
global $tableusers, $wpdb;
if (!empty($HTTP_COOKIE_VARS["wordpressuser_".$cookiehash])) {
$user_login = $HTTP_COOKIE_VARS["wordpressuser_".$cookiehash];
$user_pass_md5 = $HTTP_COOKIE_VARS["wordpresspass_".$cookiehash];
} else {
return false;
}
if (!($user_login != ''))
return false;
if (!$user_pass_md5)
return false;
$login = $wpdb->get_row("SELECT user_login, user_pass FROM $tableusers WHERE user_login = '$user_login'");
if (!$login) {
return false;
} else {
if ($login->user_login == $user_login && md5($login->user_pass) == $user_pass_md5) {
return true;
} else {
return false;
}
}
}
if ( !veriflog() ) {
header('Expires: Wed, 11 Jan 1984 05:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
header('Pragma: no-cache');
if (!empty($HTTP_COOKIE_VARS["wordpressuser_".$cookiehash])) {
$error="<strong>Error</strong>: wrong login or password.";
}
$redir = "Location: $siteurl/wp-login.php?redirect_to=" . urlencode($HTTP_SERVER_VARS["REQUEST_URI"]);
header($redir);
exit();
}
?>