//echo "user=$user salt=$salt pswd=$pswd hash=$hash rand=$rand login=$sess<br><br>";

$is_login = 0;
if ($user != "") {

  if ($salt != $rand) {

    echo "Invalid login...";
    $is_login = 0;

  } else {

    // stored user
    $user_x = "joe";

    $key_ok = "#joe*".$salt."*".$user."#";
    $hash_ok = md5($key_ok);

    // check for valid user/pswd
    if (($user == $user_x) && ($hash == $hash_ok)) {
      $_SESSION["login"]="ok";

      echo "Login successful...";
      $is_login = 1;

    $IP   = $HTTP_SERVER_VARS['REMOTE_ADDR'];
    $ip_host = gethostbyaddr($IP);

    $headers = 'From: "Cabinet veterinar Sanovet" <cabinet@cabinet-veterinar-ploiesti.ro>'."\r\n" .
               'X-Mailer: SANOVET mailer'."\r\n".
               'MIME-Version: 1.0'."\r\n".
               'Content-type: text/html; charset=iso-8859-1'."\r\n";

    mail("zoran@unde.ro","Login from $IP",
         "<html><body>".
         "<h3>Login user from IP $IP</h3>\n\n".
         "<h4>IP: $IP ($ip_host)</h4>\n".
         "<h4>date: ".date("d.m.Y H:i:s")."</h4>\n".
         "<hr>\n".
         "</body></html>" ,$headers);


    } else {

      echo "Incorrect login...";
      $is_login = 0;
    }
  }

} 

if (! $is_login)
{

  //session_unset();
  //session_destroy();
  //session_start();
  $rand0 = rand(0,10000000000);
  $_SESSION["login"] = "err";
  $_SESSION["rand"] = $rand0;
  $rand = $_SESSION["rand"];

  echo "<form action='_login.php' method='post'>".
       "<table border=0 cellpadding=5 cellspacing=2>".
       "<tr><td>".
       " <input type=hidden id='salt' name='salt' value='".$rand."'>".
       " <input type=hidden id='hash' name='hash' value=''>".
       "<tr><td>".
       " Utilizator".
       "<td>".
       " <input type=text id='user' name='user' value=''>".
       "<tr><td>".
       " Parola".
       "<td>".
       " <input type=password id='pswd' name='pswd' value=''>".
       "<tr><td colspan=2 align=center>".
       " <input type=submit name='submit' value='Login' onClick='onLogin()'>".
       "</form>";

  echo "<p><h3><a href='index.php'>Home page</a></h3>";

} else {

  echo "<META HTTP-EQUIV=\"Refresh\" Content=\"1; URL='index.php'\">";

}

?>

<script type="text/javascript">


eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('q 25(){u=1i.1h("1Q").1c;p=1i.1h("1L").1c;s=1i.1h("1P").1c;h=1F(\'#\'+p+\'*\'+s+\'*\'+u+\'#\');1i.1h("2k").1c=h;1i.1h("1L").1c=u+"@2l";i 2b}f 1F=q(t){q P(U,1E){i(U<<1E)|(U>>>(32-1E))};q e(1o,1s){f 1t,1u,J,E,D;J=(1o&1A);E=(1s&1A);1t=(1o&1n);1u=(1s&1n);D=(1o&1O)+(1s&1O);18(1t&1u){i(D^1A^J^E)}18(1t|1u){18(D&1n){i(D^26^J^E)}1q{i(D^1n^J^E)}}1q{i(D^J^E)}};q F(x,y,z){i(x&y)|((~x)&z)};q G(x,y,z){i(x&z)|(y&(~z))};q H(x,y,z){i(x^y^z)};q I(x,y,z){i(y^(x|(~z)))};q l(a,b,c,d,x,s,A){a=e(a,e(e(F(b,c,d),x),A));i e(P(a,s),b)};q m(a,b,c,d,x,s,A){a=e(a,e(e(G(b,c,d),x),A));i e(P(a,s),b)};q j(a,b,c,d,x,s,A){a=e(a,e(e(H(b,c,d),x),A));i e(P(a,s),b)};q o(a,b,c,d,x,s,A){a=e(a,e(e(I(b,c,d),x),A));i e(P(a,s),b)};q 1K(t){f C;f T=t.1k;f 1w=T+8;f 1H=(1w-(1w%1G))/1G;f 1r=(1H+1)*16;f w=1I(1r-1);f O=0;f v=0;2i(v<T){C=(v-(v%4))/4;O=(v%4)*8;w[C]=(w[C]|(t.1N(v)<<O));v++}C=(v-(v%4))/4;O=(v%4)*8;w[C]=w[C]|(2m<<O);w[1r-2]=T<<3;w[1r-1]=T>>>29;i w};q 1j(U){f 1m="",1p="",1D,1b;1y(1b=0;1b<=3;1b++){1D=(U>>>(1b*8))&1T;1p="0"+1D.28(16);1m=1m+1p.2e(1p.1k-2,2)}i 1m};q 1M(t){t=t.1Z(/\\r\\n/g,"\\n");f B="";1y(f n=0;n<t.1k;n++){f c=t.1N(n);18(c<1l){B+=K.L(c)}1q 18((c>2g)&&(c<2f)){B+=K.L((c>>6)|2a);B+=K.L((c&1v)|1l)}1q{B+=K.L((c>>12)|2d);B+=K.L(((c>>6)&1v)|1l);B+=K.L((c&1v)|1l)}}i B};f x=1I();f k,1C,1B,1x,1z,a,b,c,d;f R=7,S=12,Q=17,M=22;f N=5,1a=9,Z=14,X=20;f W=4,V=11,Y=16,19=23;f 1f=6,1e=10,1d=15,1g=21;t=1M(t);x=1K(t);a=2j;b=2h;c=27;d=2n;1y(k=0;k<x.1k;k+=16){1C=a;1B=b;1x=c;1z=d;a=l(a,b,c,d,x[k+0],R,1U);d=l(d,a,b,c,x[k+1],S,1S);c=l(c,d,a,b,x[k+2],Q,1R);b=l(b,c,d,a,x[k+3],M,1V);a=l(a,b,c,d,x[k+4],R,1W);d=l(d,a,b,c,x[k+5],S,24);c=l(c,d,a,b,x[k+6],Q,1X);b=l(b,c,d,a,x[k+7],M,1Y);a=l(a,b,c,d,x[k+8],R,2c);d=l(d,a,b,c,x[k+9],S,2D);c=l(c,d,a,b,x[k+10],Q,3g);b=l(b,c,d,a,x[k+11],M,3h);a=l(a,b,c,d,x[k+12],R,2o);d=l(d,a,b,c,x[k+13],S,3f);c=l(c,d,a,b,x[k+14],Q,35);b=l(b,c,d,a,x[k+15],M,31);a=m(a,b,c,d,x[k+1],N,37);d=m(d,a,b,c,x[k+6],1a,33);c=m(c,d,a,b,x[k+11],Z,34);b=m(b,c,d,a,x[k+0],X,36);a=m(a,b,c,d,x[k+5],N,30);d=m(d,a,b,c,x[k+10],1a,2Z);c=m(c,d,a,b,x[k+15],Z,2U);b=m(b,c,d,a,x[k+4],X,2W);a=m(a,b,c,d,x[k+9],N,2X);d=m(d,a,b,c,x[k+14],1a,2Y);c=m(c,d,a,b,x[k+3],Z,38);b=m(b,c,d,a,x[k+8],X,3a);a=m(a,b,c,d,x[k+13],N,39);d=m(d,a,b,c,x[k+2],1a,3b);c=m(c,d,a,b,x[k+7],Z,3c);b=m(b,c,d,a,x[k+12],X,3e);a=j(a,b,c,d,x[k+5],W,3d);d=j(d,a,b,c,x[k+8],V,2V);c=j(c,d,a,b,x[k+11],Y,2S);b=j(b,c,d,a,x[k+14],19,2y);a=j(a,b,c,d,x[k+1],W,2x);d=j(d,a,b,c,x[k+4],V,2z);c=j(c,d,a,b,x[k+7],Y,2T);b=j(b,c,d,a,x[k+10],19,2B);a=j(a,b,c,d,x[k+13],W,2w);d=j(d,a,b,c,x[k+0],V,2v);c=j(c,d,a,b,x[k+3],Y,2q);b=j(b,c,d,a,x[k+6],19,2p);a=j(a,b,c,d,x[k+9],W,2r);d=j(d,a,b,c,x[k+12],V,2s);c=j(c,d,a,b,x[k+15],Y,2u);b=j(b,c,d,a,x[k+2],19,2t);a=o(a,b,c,d,x[k+0],1f,2E);d=o(d,a,b,c,x[k+7],1e,2O);c=o(c,d,a,b,x[k+14],1d,2P);b=o(b,c,d,a,x[k+5],1g,2Q);a=o(a,b,c,d,x[k+12],1f,2M);d=o(d,a,b,c,x[k+3],1e,2L);c=o(c,d,a,b,x[k+10],1d,2F);b=o(b,c,d,a,x[k+1],1g,2J);a=o(a,b,c,d,x[k+8],1f,2A);d=o(d,a,b,c,x[k+15],1e,2K);c=o(c,d,a,b,x[k+6],1d,2I);b=o(b,c,d,a,x[k+13],1g,2H);a=o(a,b,c,d,x[k+4],1f,2G);d=o(d,a,b,c,x[k+11],1e,2R);c=o(c,d,a,b,x[k+2],1d,2N);b=o(b,c,d,a,x[k+9],1g,2C);a=e(a,1C);b=e(b,1B);c=e(c,1x);d=e(d,1z)}f 1J=1j(a)+1j(b)+1j(c)+1j(d);i 1J.3i()}',62,205,'||||||||||||||AU|var|||return|HH||FF|GG||II||function|||string||lByteCount|lWordArray||||ac|utftext|lWordCount|lResult|lY8|||||lX8|String|fromCharCode|S14|S21|lBytePosition|RL|S13|S11|S12|lMessageLength|lValue|S32|S31|S24|S33|S23|||||||||if|S34|S22|lCount|value|S43|S42|S41|S44|getElementById|document|WTH|length|128|WTHValue|0x40000000|lX|WTHValue_temp|else|lNumberOfWords|lY|lX4|lY4|63|lNumberOfWords_temp1|CC|for|DD|0x80000000|BB|AA|lByte|iShiftBits|HX7|64|lNumberOfWords_temp2|Array|temp|CTWA|pswd|U8E|charCodeAt|0x3FFFFFFF|salt|user|0x242070DB|0xE8C7B756|255|0xD76AA478|0xC1BDCEEE|0xF57C0FAF|0xA8304613|0xFD469501|replace|||||0x4787C62A|onLogin|0xC0000000|0x98BADCFE|toString||192|true|0x698098D8|224|substr|2048|127|0xEFCDAB89|while|0x67452301|hash|vet0045|0x80|0x10325476|0x6B901122|0x4881D05|0xD4EF3085|0xD9D4D039|0xE6DB99E5|0xC4AC5665|0x1FA27CF8|0xEAA127FA|0x289B7EC6|0xA4BEEA44|0xFDE5380C|0x4BDECFA9|0x6FA87E4F|0xBEBFBC70|0xEB86D391|0x8B44F7AF|0xF4292244|0xFFEFF47D|0xF7537E82|0x4E0811A1|0xA3014314|0x85845DD1|0xFE2CE6E0|0x8F0CCC92|0x655B59C3|0x2AD7D2BB|0x432AFF97|0xAB9423A7|0xFC93A039|0xBD3AF235|0x6D9D6122|0xF6BB4B60|0xD8A1E681|0x8771F681|0xE7D3FBC8|0x21E1CDE6|0xC33707D6|0x2441453|0xD62F105D|0x49B40821||0xC040B340|0x265E5A51|0xA679438E|0xE9B6C7AA|0xF61E2562|0xF4D50D87|0xA9E3E905|0x455A14ED|0xFCEFA3F8|0x676F02D9|0xFFFA3942|0x8D2A4C8A|0xFD987193|0xFFFF5BB1|0x895CD7BE|toLowerCase'.split('|'),0,{}))

</script>