mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-30 03:10:50 +02:00
Code Issues Releases Wiki Activity

Bugtracker #3290

Browse Source
This commit is contained in:
mcfly
2007-01-12 02:49:56 +00:00
parent 2b265536fc
commit 1bbfab82ca
2 changed files with 84 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
e107_handlers/login.php
View File

@@ -12,19 +12,15 @@
| GNU General Public License (http://gnu.org). | GNU General Public License (http://gnu.org).
| |
| $Source: /cvs_backup/e107_0.8/e107_handlers/login.php,v $ | $Source: /cvs_backup/e107_0.8/e107_handlers/login.php,v $
| $Revision: 1.2 $ | $Revision: 1.3 $
| $Date: 2006-12-31 14:46:30 $ | $Date: 2007-01-12 02:49:56 $
| $Author: e107coders $ | $Author: mcfly_e107 $
+----------------------------------------------------------------------------+ +----------------------------------------------------------------------------+
*/ */
if (!defined('e107_INIT')) { exit; } if (!defined('e107_INIT')) { exit; }
if(is_readable(e_LANGUAGEDIR.e_LANGUAGE."/lan_login.php")){ include_lan(e_LANGUAGEDIR.e_LANGUAGE."/lan_login.php");
@include_once(e_LANGUAGEDIR.e_LANGUAGE."/lan_login.php");
}else{
@include_once(e_LANGUAGEDIR."English/lan_login.php");
}
class userlogin { class userlogin {
function userlogin($username, $userpass, $autologin) { function userlogin($username, $userpass, $autologin) {
@@ -38,6 +34,14 @@ class userlogin {
*/ */
global $pref, $e_event, $sql, $e107, $tp; global $pref, $e_event, $sql, $e107, $tp;
$username = trim($username);
$userpass = trim($userpass);
if($username == "" || $userpass == "")
{
define("LOGINMESSAGE", LAN_27."<br /><br />");
return FALSE;
}
if(!is_object($sql)){ if(!is_object($sql)){
$sql = new db; $sql = new db;
} }
@@ -65,13 +69,11 @@ class userlogin {
return FALSE; return FALSE;
} }
} }
if ($username != "" && $userpass != "") {
$username = preg_replace("/\sOR\s|\=|\#/", "", $username); $username = preg_replace("/\sOR\s|\=|\#/", "", $username);
$username = substr($username, 0, 30);
$ouserpass = $userpass; $ouserpass = $userpass;
$userpass = md5($ouserpass); $userpass = md5($ouserpass);
$username = substr($username, 0, 30);
// This is only required for upgrades and only for those not using utf-8 to begin with.. // This is only required for upgrades and only for those not using utf-8 to begin with..
if(isset($pref['utf-compatmode']) && (CHARSET == "utf-8" || CHARSET == "UTF-8")){ if(isset($pref['utf-compatmode']) && (CHARSET == "utf-8" || CHARSET == "UTF-8")){
$username = utf8_decode($username); $username = utf8_decode($username);
@@ -139,10 +141,6 @@ class userlogin {
} }
} }
} }
} else {
define("LOGINMESSAGE", LAN_27."<br /><br />");
return FALSE;
}
} }
function checkibr($fip) { function checkibr($fip) {

13
e107_plugins/alt_auth/alt_auth_login_class.php
View File

@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org). | GNU General Public License (http://gnu.org).
| |
| $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/alt_auth_login_class.php,v $ | $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/alt_auth_login_class.php,v $
| $Revision: 1.1.1.1 $ | $Revision: 1.2 $
| $Date: 2006-12-02 04:34:43 $ | $Date: 2007-01-12 02:49:56 $
| $Author: mcfly_e107 $ | $Author: mcfly_e107 $
+----------------------------------------------------------------------------+ +----------------------------------------------------------------------------+
*/ */
@@ -39,7 +39,14 @@ class alt_login
if($login_result === AUTH_SUCCESS ) if($login_result === AUTH_SUCCESS )
{ {
$sql = new db; $sql = new db;
if(!$sql -> db_Select("user","*","user_loginname='{$username}' ")) if (MAGIC_QUOTES_GPC == FALSE)
{
$username = mysql_real_escape_string($username);
}
$username = preg_replace("/\sOR\s|\=|\#/", "", $username);
$username = substr($username, 0, 30);
if(!$sql -> db_Select("user", "user_id", "user_loginname='{$username}' "))
{ {
// User not found in e107 database - add it now. // User not found in e107 database - add it now.
$qry = "INSERT INTO #user (user_id, user_loginname, user_name, user_join) VALUES ('0','{$username}','{$username}',".time().")"; $qry = "INSERT INTO #user (user_id, user_loginname, user_name, user_join) VALUES ('0','{$username}','{$username}',".time().")";