|
|
- <?php
- /**
- * @package Dynamic Script Forum
- * @file login.php
- * @version 1.0.x, 12-07-2007, 19:39
- * @copyright 2008(c) PioDer <pioder@wp.pl>
- * @link http://pioder.gim2przemysl.int.pl/dsf.html
- * @license GNU GPL v3
- **/
- define('IN_uF', true);
- //include files
- include('./config.php');
- include('./includes/constants.php');
- include('./includes/class_db.php');
- include('./includes/class_error.php');
- //connect to database
- DataBase::db_connect();
- include('./includes/sessions.php');
- include('./includes/class_user.php');
- include('./common.php');
- include('./includes/class_email.php');
- include('./includes/class_overall.php');
- $default_lang = Over::DefaultLang();
- include('./lngs/'.$default_lang.'/main.php');
- include('./lngs/'.$default_lang.'/email.php');
- include('./includes/classes/secure.php');
- $start = Over::TimeGeneration();
- sess_del_invalid($_SESSION['uid']);
- sess_register($_SESSION['uid']);
- sess_delete_old();
- foreach ($_POST as $name => $value)
- {
- if ($forum_config['use_censorlist'])
- {
- $_POST[$name] = Secure::UseCensorlist($value);
- }
- }
- if (isset($_GET['mode']))
- {
- switch($_GET['mode'])
- {
- case 'logout':
- {
- if ($_SESSION['uid']==0)
- {
- header('Location: index.php');
- }
- $uid = $_SESSION['uid'];
- $_SESSION['uid']=0;
- $_SESSION['sessionid']='0';
- sess_delete($uid);
- $stop = Over::TimeGeneration();
- message_forum($lng['islogout'], 'index.php');
- break;
- }
- case 'login':
- {
- $default_skin = Over::ViewSkinName();
- if ($_SESSION['uid']>0)
- {
- header('Location: index.php');
- }
- if (isset($_POST['user']))
- {
- $user = strip_tags(addslashes($_POST['user']));
- $pass = md5(strip_tags($_POST['pass']));
- $sql = "SELECT `u_id`, `nick`, `pass` FROM `".USERS_TABLE."` WHERE nick='$user'";
- $query = DataBase::sql_query($sql,'GENERAL','Could not obtain user inforamtion');
- $result = @mysql_fetch_array($query);
- $nick = $result['nick'];
- if ($result['nick']==$user)
- {
- if ($result['u_id']!='-1')
- {
- if($pass==$result['pass'])
- {
- $user_id = $result['u_id'];
- $sql = "DELETE FROM `".SESSIONS_TABLE."` WHERE `u_id`='$user_id'";
- DataBase::sql_query($sql,'GENERAL','Could not delete session.');
- if (User::UserInformation($user_id,'active')==0)
- {
- sess_delete($_SESSION['uid']);
- $_SESSION['uid']='0';
- message_forum($lng['account_disabled'],'index.php');
- }
- $ssid = md5(time().'donothackthiscriptplease!');//session identifier
- $_SESSION['uid']=$user_id;
- $_SESSION['sessionid']=$ssid;
- //session register
- $sql = "INSERT INTO `".SESSIONS_TABLE."` VALUES ('', '".$_COOKIE[SESS_NAME]."','$user_id','".time()."')";//query
- DataBase::sql_query($sql,'GENERAL','Could not add new session.');//run query
- //next...
- $sql = "UPDATE `".USERS_TABLE."` SET lastvisit='".time()."' WHERE u_id='$user_id'";//update lastvisit for user
- DataBase::sql_query($sql,'GENERAL','Could not update user lastvisit');//run query
- $msg = $lng['youareloggedas'].': <b>'.$nick.'</b>';// messaage "login as.."
- $skin['pa_link']='';
- $stop = Over::TimeGeneration();//generate generation's time
- message_forum($msg, 'index.php');//message and require to index.php
- }
- else
- {
- $msg = '<br><div align="center" style="width:100%"><span class="fsmall" style="color: red"><b>'.$lng['invalidpass'].'</b></span></div>';
- }
- }
- else
- {
- message_forum('Access denied.','index.php');
- }
- }
- else
- {
- $msg = '<br><div align="center" style="width:100%"><span class="fsmall" style="color: red"><b>'.$lng['invalidlogin'].'</b></span></div>';
- }
- }
- else
- {
- $msg = '';
- $_POST['user']='';
- }
- $skin = array(
- 'lforumname' => $lng['forumname'],
- 'user' => $lng['user'],
- 'lpass' => $lng['lpassw'],
- 'lforgotpass' => $lng['lforgot_pass'],
- 'llog_in'=> $lng['llog_in'],
- 'msg' => $msg
- );
- $skin = array_push_associative($skin, Over::generate_header($lng['llogin'],'</a>> <a href="login.php?mode=login" class="navigator">'.$lng['llogin']));
- include('./skins/'.$default_skin.'/overall_header.tpl');
- include('./skins/'.$default_skin.'/login_body.tpl');
- $skin['pa_link']='';
- $stop = Over::TimeGeneration();
- $skin['queries'] = Over::ShowQueries($start, $stop);
- include('./skins/'.$default_skin.'/overall_footer.tpl');
- break;
- }
- case 'forgotpassword':
- {
- if ($_SESSION['uid']>0)
- {
- header('Location: index.php');
- }
- $default_skin = Over::ViewSkinName();
- if (!$forum_config['allow_send_email'])
- {
- message_forum($lng['no_send_newpass'],'index.php');
- }
- if (isset($_POST['username']))
- {
- $uid = User::UserIdByNick(htmlspecialchars($_POST['username']));
- if (User::UserInformation($uid,'email')!='')
- {
- $int_rand = rand(1, (strlen(PASSWD_HASH)-$forum_config['newpasswd_len']));
- $newpass = substr(PASSWD_HASH, $int_rand, $forum_config['newpasswd_len']);
- User::UpdatePassword($uid, md5($newpass));
- Email::SendForgotPassEmail($newpass);
- message_forum($lng['pass_changed'],'index.php');
- }
- else
- {
- message_forum($lng['no_user'],$_SERVER['REQUEST_URI']);
- }
- }
- $skin = array(
- 'user' => $lng['user'],
- 'lsave' => $lng['save'],
- 'pa_link'=>''
- );
- $skin = array_push_associative($skin, Over::generate_header($lng['lforgot_pass2'], '</a>> <a href="'.$_SERVER['REQUEST_URI'].'" class="navigator">'.$lng['lforgot_pass2']));
- include('./skins/'.$default_skin.'/overall_header.tpl');
- include('./skins/'.$default_skin.'/newpass_body.tpl');
- $stop = Over::TimeGeneration();
- $skin['queries'] = Over::ShowQueries($start, $stop);
- include('./skins/'.$default_skin.'/overall_footer.tpl');
- break;
- }
- default:
- {
- $stop = Over::TimeGeneration();
- message_forum($lng['invalidmode'], 'index.php');
- }
- }
- }
- else
- {
- $stop = Over::TimeGeneration();
- message_forum($lng['invalidmode'], 'index.php');
- }
- ?>
|