mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-25 17:01:43 +02:00
Code Issues Releases Wiki Activity

Bugtracker #3290

Browse Source
This commit is contained in:
mcfly
2007-01-12 02:49:56 +00:00
parent 2b265536fc
commit 1bbfab82ca
2 changed files with 84 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
e107_handlers/login.php
View File

@@ -12,19 +12,15 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_handlers/login.php,v $
| $Revision: 1.2 $
| $Date: 2006-12-31 14:46:30 $
| $Author: e107coders $
| $Revision: 1.3 $
| $Date: 2007-01-12 02:49:56 $
| $Author: mcfly_e107 $
+----------------------------------------------------------------------------+
*/
if (!defined('e107_INIT')) { exit; }
if(is_readable(e_LANGUAGEDIR.e_LANGUAGE."/lan_login.php")){
@include_once(e_LANGUAGEDIR.e_LANGUAGE."/lan_login.php");
}else{
@include_once(e_LANGUAGEDIR."English/lan_login.php");
}
include_lan(e_LANGUAGEDIR.e_LANGUAGE."/lan_login.php");
class userlogin {
function userlogin($username, $userpass, $autologin) {
@@ -38,6 +34,14 @@ class userlogin {
*/
global $pref, $e_event, $sql, $e107, $tp;
$username = trim($username);
$userpass = trim($userpass);
if($username == "" || $userpass == "")
{
define("LOGINMESSAGE", LAN_27."<br /><br />");
return FALSE;
}
if(!is_object($sql)){
$sql = new db;
}
@@ -65,13 +69,11 @@ class userlogin {
return FALSE;
}
}
if ($username != "" && $userpass != "") {
$username = preg_replace("/\sOR\s|\=|\#/", "", $username);
$username = substr($username, 0, 30);
$ouserpass = $userpass;
$userpass = md5($ouserpass);
$username = substr($username, 0, 30);
// This is only required for upgrades and only for those not using utf-8 to begin with..
if(isset($pref['utf-compatmode']) && (CHARSET == "utf-8" || CHARSET == "UTF-8")){
$username = utf8_decode($username);
@@ -139,10 +141,6 @@ class userlogin {
}
}
}
} else {
define("LOGINMESSAGE", LAN_27."<br /><br />");
return FALSE;
}
}
function checkibr($fip) {

13
e107_plugins/alt_auth/alt_auth_login_class.php
View File

@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_plugins/alt_auth/alt_auth_login_class.php,v $
| $Revision: 1.1.1.1 $
| $Date: 2006-12-02 04:34:43 $
| $Revision: 1.2 $
| $Date: 2007-01-12 02:49:56 $
| $Author: mcfly_e107 $
+----------------------------------------------------------------------------+
*/
@@ -39,7 +39,14 @@ class alt_login
if($login_result === AUTH_SUCCESS )
{
$sql = new db;
if(!$sql -> db_Select("user","*","user_loginname='{$username}' "))
if (MAGIC_QUOTES_GPC == FALSE)
{
$username = mysql_real_escape_string($username);
}
$username = preg_replace("/\sOR\s|\=|\#/", "", $username);
$username = substr($username, 0, 30);
if(!$sql -> db_Select("user", "user_id", "user_loginname='{$username}' "))
{
// User not found in e107 database - add it now.
$qry = "INSERT INTO #user (user_id, user_loginname, user_name, user_join) VALUES ('0','{$username}','{$username}',".time().")";