* @link http://pioder.gim2przemysl.int.pl/ * @license GNU GPL v3 **/ define('IN_uF', true); //include files include('./config.php'); include('./includes/constants.php'); include('./includes/db.php'); include('./includes/errors.php'); //connect to database DataBase::db_connect(); include('./includes/sessions.php'); include('./includes/classes/class_user.php'); include('./common.php'); include('./includes/emailer.php'); include('./includes/misc_functions.php'); $default_lang = DefaultLang(); include('./lngs/'.$default_lang.'/main.php'); include('./lngs/'.$default_lang.'/email.php'); include('./includes/classes/secure.php'); $start = TimeGeneration(); SessDelInvalid(); SessRegister(); SessDeleteOld(); foreach ($_POST as $name => $value) { if ($forum_config['use_censorlist']) { $_POST[$name] = Secure::UseCensorlist($value); } } if (isset($_GET['mode'])) { switch($_GET['mode']) { case 'logout': { if ($_SESSION['uid']==0) { header('Location: index.php'); } $uid = $_SESSION['uid']; $_SESSION['uid']=0; $_SESSION['sessionid']='0'; SessDelete($uid); $stop = TimeGeneration(); message_forum($lng['islogout'], 'index.php'); break; } case 'login': { $default_skin = ViewSkinName(); if ($_SESSION['uid']>0) { header('Location: index.php'); } if (isset($_POST['user'])) { $user = strip_tags(addslashes($_POST['user'])); $pass = md5(strip_tags($_POST['pass'])); $sql = "SELECT `u_id`, `nick`, `pass` FROM `".USERS_TABLE."` WHERE nick='$user'"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain user inforamtion'); $result = DataBase::fetch($query); $nick = $result['nick']; if ($result['nick']==$user) { if ($result['u_id']!='-1') { if($pass==$result['pass']) { $user_id = $result['u_id']; $sql = "DELETE FROM `".SESSIONS_TABLE."` WHERE `u_id`='$user_id'"; DataBase::sql_query($sql,GENERAL,'Could not delete session.'); if (User::UserInformation($user_id,'active')==0) { SessDelete($_SESSION['uid']); $_SESSION['uid']='0'; message_forum($lng['account_disabled'],'index.php'); } $ssid = md5(time().'donothackthiscriptplease!');//session identifier $_SESSION['uid']=$user_id; $_SESSION['sessionid']=$ssid; //session register $sql = "INSERT INTO `".SESSIONS_TABLE."` VALUES ('', '".$_COOKIE[SESS_NAME]."','$user_id','".time()."')";//query DataBase::sql_query($sql,GENERAL,'Could not add new session.');//run query //next... $sql = "UPDATE `".USERS_TABLE."` SET lastvisit='".time()."' WHERE u_id='$user_id'";//update lastvisit for user DataBase::sql_query($sql,GENERAL,'Could not update user lastvisit');//run query $msg = $lng['youareloggedas'].': '.$nick.'';// messaage "login as.." $skin['pa_link']=''; $stop = TimeGeneration();//generate generation's time message_forum($msg, 'index.php');//message and require to index.php } else { $msg = '
'.$lng['invalidpass'].'
'; } } else { message_forum('Access denied.','index.php'); } } else { $msg = '
'.$lng['invalidlogin'].'
'; } } else { $msg = ''; $_POST['user']=''; } $skin = array( 'lforumname' => $lng['forumname'], 'user' => $lng['user'], 'lpass' => $lng['lpassw'], 'lforgotpass' => $lng['lforgot_pass'], 'llog_in'=> $lng['llog_in'], 'msg' => $msg ); $skin = array_push_assoc($skin, GenerateHeader($lng['llogin'],'> '.$lng['llogin'])); include('./skins/'.$default_skin.'/overall_header.tpl'); include('./skins/'.$default_skin.'/login_body.tpl'); $skin['pa_link']=''; $stop = TimeGeneration(); $skin['queries'] = ShowQueries($start, $stop); include('./skins/'.$default_skin.'/overall_footer.tpl'); break; } case 'forgotpassword': { if ($_SESSION['uid']>0) { header('Location: index.php'); } $default_skin = ViewSkinName(); if (!$forum_config['allow_send_email']) { message_forum($lng['no_send_newpass'],'index.php'); } if (isset($_POST['username'])) { $uid = User::UserIdByNick(htmlspecialchars($_POST['username'])); if (User::UserInformation($uid,'email')!='') { $int_rand = rand(1, (strlen(PASSWD_HASH)-$forum_config['newpasswd_len'])); $newpass = substr(PASSWD_HASH, $int_rand, $forum_config['newpasswd_len']); User::UpdatePassword($uid, md5($newpass)); SendForgotPassEmail($newpass); message_forum($lng['pass_changed'],'index.php'); } else { message_forum($lng['no_user'],$_SERVER['REQUEST_URI']); } } $skin = array( 'user' => $lng['user'], 'lsave' => $lng['save'], 'pa_link'=>'' ); $skin = array_push_assoc($skin, GenerateHeader($lng['lforgot_pass2'], '> '.$lng['lforgot_pass2'])); include('./skins/'.$default_skin.'/overall_header.tpl'); include('./skins/'.$default_skin.'/newpass_body.tpl'); $stop = TimeGeneration(); $skin['queries'] = ShowQueries($start, $stop); include('./skins/'.$default_skin.'/overall_footer.tpl'); break; } default: { $stop = TimeGeneration(); message_forum($lng['invalidmode'], 'index.php'); } } } else { $stop = TimeGeneration(); message_forum($lng['invalidmode'], 'index.php'); } ?>