* @link http://pioder.gim2przemysl.int.pl/
* @license GNU GPL v3
**/
define('IN_uF', true);
//include files
include('./config.php');
include('./includes/constants.php');
include('./includes/class_db.php');
include('./includes/class_error.php');
//connect to database
DataBase::db_connect();
include('./includes/sessions.php');
include('./includes/class_user.php');
include('./common.php');
include('./includes/class_email.php');
include('./includes/class_overall.php');
$default_lang = Over::DefaultLang();
include('./lngs/'.$default_lang.'/main.php');
include('./lngs/'.$default_lang.'/email.php');
include('./includes/classes/secure.php');
$start = Over::TimeGeneration();
sess_del_invalid($_SESSION['uid']);
sess_register($_SESSION['uid']);
sess_delete_old();
foreach ($_POST as $name => $value)
{
if ($forum_config['use_censorlist'])
{
$_POST[$name] = Secure::UseCensorlist($value);
}
}
if (isset($_GET['mode']))
{
switch($_GET['mode'])
{
case 'logout':
{
if ($_SESSION['uid']==0)
{
header('Location: index.php');
}
$uid = $_SESSION['uid'];
$_SESSION['uid']=0;
$_SESSION['sessionid']='0';
sess_delete($uid);
$stop = Over::TimeGeneration();
message_forum($lng['islogout'], 'index.php');
break;
}
case 'login':
{
$default_skin = Over::ViewSkinName();
if ($_SESSION['uid']>0)
{
header('Location: index.php');
}
if (isset($_POST['user']))
{
$user = strip_tags(addslashes($_POST['user']));
$pass = md5(strip_tags($_POST['pass']));
$sql = "SELECT `u_id`, `nick`, `pass` FROM `".USERS_TABLE."` WHERE nick='$user'";
$query = DataBase::sql_query($sql,'GENERAL','Could not obtain user inforamtion');
$result = @mysql_fetch_array($query);
$nick = $result['nick'];
if ($result['nick']==$user)
{
if ($result['u_id']!='-1')
{
if($pass==$result['pass'])
{
$user_id = $result['u_id'];
$sql = "DELETE FROM `".SESSIONS_TABLE."` WHERE `u_id`='$user_id'";
DataBase::sql_query($sql,'GENERAL','Could not delete session.');
if (User::UserInformation($user_id,'active')==0)
{
sess_delete($_SESSION['uid']);
$_SESSION['uid']='0';
message_forum($lng['account_disabled'],'index.php');
}
$ssid = md5(time().'donothackthiscriptplease!');//session identifier
$_SESSION['uid']=$user_id;
$_SESSION['sessionid']=$ssid;
//session register
$sql = "INSERT INTO `".SESSIONS_TABLE."` VALUES ('', '".$_COOKIE[SESS_NAME]."','$user_id','".time()."')";//query
DataBase::sql_query($sql,'GENERAL','Could not add new session.');//run query
//next...
$sql = "UPDATE `".USERS_TABLE."` SET lastvisit='".time()."' WHERE u_id='$user_id'";//update lastvisit for user
DataBase::sql_query($sql,'GENERAL','Could not update user lastvisit');//run query
$msg = $lng['youareloggedas'].': '.$nick.'';// messaage "login as.."
$skin['pa_link']='';
$stop = Over::TimeGeneration();//generate generation's time
message_forum($msg, 'index.php');//message and require to index.php
}
else
{
$msg = '