| Server IP : 79.136.114.73 / Your IP : 216.73.216.61 Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64 User : www-data ( 33) PHP Version : 5.5.9-1ubuntu4.29 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /var/www/digitaliseringstrappan.astacus.se/ |
Upload File : |
<?php
session_start();
function sanitize_input($data) {
// Trimma vita utrymmen från början och slutet
$data = trim($data);
// Konvertera specialtecken till HTML-entiteter för att förhindra XSS
$data = htmlspecialchars($data, ENT_QUOTES, 'UTF-8');
// Använd mysqli_real_escape_string för att skydda mot SQL-injektioner
return $data;
}
$link = mysql_connect ("localhost", "root", "root123");
mysql_select_db ("fi2xml_tool");
$email = sanitize_input($_POST['email']);
$password = md5(sanitize_input($_POST['password']));
$sql = "SELECT * FROM tblLicenses WHERE Username = '".$email."' and Password = '".$password."'";
$Login = false;
$result = mysql_query($sql);
while ($row = mysql_fetch_assoc($result)){
$SystemUserId = $row['id'];
$Admin = $row['Admin'];
$CompanyId = $row['CompanyId'];
$Username = $row['Username'];
$Active = $row['Active'];
$Login = true;
}
if($Active == "0"){
header("location: index.php?message=Ditt konto är inaktiverat, kontakta din administratör för att ändra det!");
}
if($Login == true){
$_SESSION['DIGTRAPP_LOGIN'] = array($SystemUserId, $Username, $CompanyId ,$Admin);
header("location: konto.php");
}else{
header("location: index.php?message=Fel användarnamn eller lösenord!");
}
?>