showHeader(); $chall->onCheckSolution(); if (false !== Common::getGet('login')) { $username = Common::getGetString('username', ''); $password = Common::getGetString('password', ''); if (preg_match('/statistics|tables|columns|table_constraints|key_column_usage|partitions|schema_privileges|schemata|database|schema\(\)/i', $username.$password)) { echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('on_match')); } else { if (false === ($db = gdo_db_instance($secret['host'], $secret['username'], $secret['password'], $secret['database']))) { die('Database error.'); } $db->setVerbose(false); $db->setLogging(false); $db->setEMailOnError(false); $query = "SELECT * FROM {$secret['database']}.{$secret['table_name']} WHERE username='$username' AND password='$password'"; if (false === ($result = ($db->queryFirst($query, false)))) { echo GWF_HTML::error(GWF_PAGE_TITLE, $chall->lang('on_login_fail')); } else { $user = isset($result['username']) ? $result['username'] : ''; $message = isset($result['message']) ? $result['message'] : ''; echo GWF_HTML::message(GWF_PAGE_TITLE, $chall->lang('on_logged_in', array(GWF_HTML::display($user), GWF_HTML::display($message)))); } } } ?>