source: trunk/admin/inc/ckeditor/filemanager/check.php@ 239

<?php

##############################################
# WL-CMS inclusion                           #
# adapted to Accessbile Portal               #
# =================                          #
# Copyright (c) 2010 by Weblord              #
# http://www.weblord.it                      #
# http://www.webelite.it                     #
# http://www.portaleacccessibile.com         #
##############################################

if (!defined('FILEMANAGER_FILE')) {
        die("Non puoi accedere direttamente a questo file...");
}
error_reporting(E_ALL ^ E_NOTICE);
function check_admin() {
@require_once("../../../../config.php");
@require_once("db.class.php");
$db=new DBConnection($dbhost,$dbuname,$dbpass,$dbname);

if(isset($HTTP_COOKIE_VARS)) {
    $_COOKIE = $HTTP_COOKIE_VARS;
  }
$admin = $_COOKIE['admin'];

if (!$admin) { return 0; }
$adminSave = 0;
static $adminSave; 
if (isset($adminSave)) return $adminSave;
$admin = base64_decode($admin);
$admin = addslashes($admin);
$admin = explode(':', $admin);

$aid = $admin[0];
$pwd = $admin[1];
$site_id = $admin[3];

$aid = substr(addslashes($aid), 0, 25);
if (!empty($aid) && !empty($pwd)) {

        $query = "SELECT pwd, site_id FROM ".$prefix."_authors WHERE aid='$aid'";
        $res=$db->rq($query);
        if (!$res)
                {
                        echo " Errore di MySQL: (" . mysql_errno() . ") " . mysql_error() . " \n";
                        exit();
                }
        
$pass=$db->afetch($res);
$db->free_result($res);

if ((($pass[0] == $pwd && !empty($pass[0])) AND ($pass[1] == $site_id && !empty($pass[1])))) {
                return $adminSave = 1;
        } else {
        return $adminSave = 0;
        }
}
}

?>