$error
"; $ok=false; }elseif(!isset($_POST['username']) || $_POST['username']===''){ $msg.='Error: username may not be empty.
'; $ok=false; }else{ $stmt=$db->prepare('SELECT username, password, id FROM users WHERE username=?;'); $stmt->execute([$_POST['username']]); $tmp=[]; if(($tmp=$stmt->fetch(PDO::FETCH_NUM))===false && preg_match('/^([2-7a-z]{16}).onion$/', $_POST['username'], $match)){ $stmt=$db->prepare('SELECT users.username, users.password, users.id FROM users INNER JOIN onions ON (onions.user_id=users.id) WHERE onions.onion=?;'); $stmt->execute([$match[1]]); $tmp=$stmt->fetch(PDO::FETCH_NUM); } if($tmp){ $username=$tmp[0]; $password=$tmp[1]; $stmt=$db->prepare('SELECT new_account.approved FROM new_account INNER JOIN users ON (users.id=new_account.user_id) WHERE users.id=?;'); $stmt->execute([$tmp[2]]); if($tmp=$stmt->fetch(PDO::FETCH_NUM)){ if(REQUIRE_APPROVAL && !$tmp[0]){ $msg.='Error: Your account is pending admin approval. Please try again later.
'; }else{ $msg.='Error: Your account is pending creation. Please try again in a minute.
'; } $ok=false; }elseif(!isset($_POST['pass']) || !password_verify($_POST['pass'], $password)){ $msg.='Error: wrong password.
'; $ok=false; } }else{ $msg.='Error: username was not found. If you forgot it, you can enter youraccount.onion instead.
'; $ok=false; } } if($ok){ $_SESSION['hosting_username']=$username; session_write_close(); header('Location: home.php'); exit; } } echo ''; echo 'Info | Register | Login | List of hosted sites | FAQ
'; echo $msg; echo ''; echo 'If you disabled cookies, please re-enable them. You can\'t log in without!
'; echo '';