login.php
来自「sabreipb 2.1.6 utf-8中文版本!」· PHP 代码 · 共 859 行 · 第 1/2 页
PHP
859 行
{ $extra_form = $this->han_login->login_method['login_alt_login_html']; $show_form = 1; } else { $this->output .= $this->han_login->login_method['login_alt_login_html']; $show_form = 0; } } //----------------------------------------- // Continue... //----------------------------------------- if ( $show_form ) { if( !isset($_SERVER['HTTP_REFERER']) ) { // HTTP_REFERER isn't set when force_login is enabled // This method will piece together the base url, and the querystring arguments // This is not anymore secure/insecure than IPB, as IPB will have to process // those arguments whether force_login is enabled or not. $_SERVER['HTTP_REFERER'] = $this->ipsclass->base_url.@implode( "&", $_SERVER['argv'] ); } $this->output .= $this->ipsclass->compiled_templates['skin_login']->ShowForm( $this->ipsclass->lang['please_log_in'], htmlentities(urldecode($_SERVER['HTTP_REFERER'])), $extra_form ); } $this->nav = array( $this->ipsclass->lang['log_in'] ); $this->page_title = $this->ipsclass->lang['log_in']; $this->ipsclass->print->add_output("$this->output"); $this->ipsclass->print->do_output( array( 'TITLE' => $this->page_title, 'JS' => 0, NAV => $this->nav ) ); exit(); } /*-------------------------------------------------------------------------*/ // DO LOG IN /*-------------------------------------------------------------------------*/ function do_log_in() { //----------------------------------------- // INIT //----------------------------------------- $url = ""; $member = array(); //----------------------------------------- // Load handler... //----------------------------------------- require_once( ROOT_PATH.'sources/handlers/han_login.php' ); $this->han_login = new han_login(); $this->han_login->ipsclass =& $this->ipsclass; $this->han_login->init(); //----------------------------------------- // Make sure the username and password were entered //----------------------------------------- if ( $_POST['UserName'] == "" ) { $this->ipsclass->Error( array( 'LEVEL' => 1, 'MSG' => 'no_username' ) ); } if ( $_POST['PassWord'] == "" ) { $this->ipsclass->Error( array( 'LEVEL' => 1, 'MSG' => 'pass_blank' ) ); } //----------------------------------------- // Check for input length //----------------------------------------- if ( $this->ipsclass->vars['converge_login_method'] == 'username' ) { if ( $this->ipsclass->txt_mb_strlen( $_POST['UserName'] ) > 32 ) { $this->ipsclass->Error( array( LEVEL => 1, MSG => 'username_long' ) ); } $username = strtolower(str_replace( '|', '|', $this->ipsclass->input['UserName']) ); } else { $username = strtolower( trim( $this->ipsclass->input['UserName'] ) ); } if ( $this->ipsclass->txt_mb_strlen( $_POST['PassWord'] ) > 32) { $this->ipsclass->Error( array( LEVEL => 1, MSG => 'pass_too_long' ) ); } $password = md5( $this->ipsclass->input['PassWord'] ); //----------------------------------------- // Check auth //----------------------------------------- $this->han_login->login_authenticate( $username, $this->ipsclass->input['PassWord'] ); //----------------------------------------- // Check return code... //----------------------------------------- $member = $this->han_login->member; if ( ( ! $member['id'] ) or ( $this->han_login->return_code == 'NO_USER' ) ) { $this->log_in_form( 'wrong_name' ); } if ( $this->han_login->return_code != 'SUCCESS' ) { $this->log_in_form( 'wrong_auth' ); } //----------------------------------------- // Is this a partial member? // Not completed their sign in? //----------------------------------------- if ( $member['members_created_remote'] ) { $pmember = $this->ipsclass->DB->build_and_exec_query( array( 'select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id={$member['id']}" ) ); if ( $pmember['partial_member_id'] ) { $this->ipsclass->print->redirect_screen( $this->ipsclass->lang['partial_login'], 'act=reg&CODE=complete_login&mid='.$member['id'].'&key='.$pmember['partial_date'] ); exit(); } } //----------------------------------------- // We in a validating group? // still need this? //----------------------------------------- if ($member['mgroup'] == $this->ipsclass->vars['auth_group']) { //$this->log_in_form( 'need_validation' ); } //----------------------------------------- // Generate a new log in key //----------------------------------------- if ( $this->ipsclass->vars['login_change_key'] OR ! $member['member_login_key'] ) { $member['member_login_key'] = $this->ipsclass->converge->generate_auto_log_in_key(); $this->ipsclass->DB->do_update( 'members', array( 'member_login_key' => $member['member_login_key'] ), 'id='.$member['id'] ); } //----------------------------------------- // Cookie me softly? //----------------------------------------- if ($this->ipsclass->input['CookieDate']) { $this->ipsclass->my_setcookie("member_id" , $member['id'] , 1); $this->ipsclass->my_setcookie("pass_hash" , $member['member_login_key'], 1); } //----------------------------------------- // Remove any COPPA cookies previously set //----------------------------------------- $this->ipsclass->my_setcookie("coppa", '0', 0); //----------------------------------------- // Update profile if IP addr missing //----------------------------------------- if ( $member['ip_address'] == "" OR $member['ip_address'] == '127.0.0.1' ) { $this->ipsclass->DB->simple_construct( array( 'update' => 'members', 'set' => "ip_address='{$this->ipsclass->ip_address}'", 'where' => "id={$member['id']}" ) ); $this->ipsclass->DB->simple_exec(); } //----------------------------------------- // Create / Update session //----------------------------------------- $poss_session_id = ""; if ( $cookie_id = $this->ipsclass->my_getcookie('session_id') ) { $poss_session_id = $this->ipsclass->my_getcookie('session_id'); } else if ( $this->ipsclass->input['s'] ) { $poss_session_id = $this->ipsclass->input['s']; } //----------------------------------------- // Clean... //----------------------------------------- $poss_session_id = preg_replace("/([^a-zA-Z0-9])/", "", $poss_session_id); if ($poss_session_id) { $session_id = $poss_session_id; //----------------------------------------- // Delete any old sessions with this users IP // addy that doesn't match our session ID. //----------------------------------------- $this->ipsclass->DB->simple_construct( array( 'delete' => 'sessions', 'where' => "ip_address='".$this->ipsclass->ip_address."' AND id <> '$session_id'" ) ); $this->ipsclass->DB->simple_shutdown_exec(); $this->ipsclass->DB->do_shutdown_update( 'sessions', array ( 'member_name' => $member['members_display_name'], 'member_id' => $member['id'], 'running_time' => time(), 'member_group' => $member['mgroup'], 'login_type' => $this->ipsclass->input['Privacy'] ? 1 : 0 ), "id='".$session_id."'" ); } else { $session_id = md5( uniqid(microtime()) ); //----------------------------------------- // Delete any old sessions with this users IP addy. //----------------------------------------- $this->ipsclass->DB->simple_construct( array( 'delete' => 'sessions', 'where' => "ip_address='".$this->ipsclass->ip_address."'" ) ); $this->ipsclass->DB->simple_shutdown_exec(); $this->ipsclass->DB->do_shutdown_insert( 'sessions', array ( 'id' => $session_id, 'member_name' => $member['members_display_name'], 'member_id' => $member['id'], 'running_time' => time(), 'member_group' => $member['mgroup'], 'ip_address' => $this->ipsclass->ip_address, 'browser' => substr($this->ipsclass->clean_value($_SERVER['HTTP_USER_AGENT']), 0, 50), 'login_type' => $this->ipsclass->input['Privacy'] ? 1 : 0 ) ); } $this->ipsclass->member = $member; $this->ipsclass->session_id = $session_id; if ($this->ipsclass->input['referer'] && ($this->ipsclass->input['act'] != 'Reg')) { $url = str_replace( '&', '&', $this->ipsclass->input['referer'] ); $url = str_replace( "{$this->ipsclass->vars['board_url']}/index.{$this->ipsclass->vars['php_ext']}", "", $url ); $url = preg_replace( "!^\?!" , "" , $url ); $url = preg_replace( "!s=(\w){32}!", "" , $url ); $url = preg_replace( "!act=(login|reg|lostpass)!i", "", $url ); } //----------------------------------------- // set our privacy status //----------------------------------------- $this->ipsclass->DB->simple_construct( array( 'update' => 'members', 'set' => "login_anonymous='".intval($this->ipsclass->input['Privacy'])."&1'", 'where' => "id={$member['id']}" ) ); $this->ipsclass->DB->simple_shutdown_exec(); //----------------------------------------- // Clear out any passy change stuff //----------------------------------------- $this->ipsclass->DB->simple_construct( array( 'delete' => 'validating', 'where' => "member_id={$this->ipsclass->member['id']} AND lost_pass=1" ) ); $this->ipsclass->DB->simple_shutdown_exec(); //----------------------------------------- // Redirect them to either the board // index, or where they came from //----------------------------------------- $this->ipsclass->my_setcookie("session_id", $this->ipsclass->session_id, -1); $this->logged_in = 1; if ( USE_MODULES == 1 ) { $this->modules->register_class($this); $this->modules->on_login($member); } if ( $this->ipsclass->input['return'] != "" ) { $return = urldecode($this->ipsclass->input['return']); if ( preg_match( "#^http://#", $return ) ) { $this->ipsclass->boink_it($return); } } //----------------------------------------- // Check for dupemail //----------------------------------------- $member_extra = $this->ipsclass->DB->simple_exec_query( array( 'select' => 'bio', 'from' => 'member_extra', 'where' => 'id='.$member['id'] ) ); if ( $member_extra['bio'] == 'dupemail' ) { $this->ipsclass->print->redirect_screen( "{$this->ipsclass->lang[thanks_for_login]} {$this->ipsclass->member['members_display_name']}", 'act=usercp' ); } else { $this->ipsclass->print->redirect_screen( "{$this->ipsclass->lang[thanks_for_login]} {$this->ipsclass->member['members_display_name']}", $url ); } } /*-------------------------------------------------------------------------*/ // DO LOG OUT /*-------------------------------------------------------------------------*/ function do_log_out( $return=1 ) { //----------------------------------------- // INIT //----------------------------------------- if ( $return ) { $key = $this->ipsclass->input['k']; # Check for funny business if ( $key != $this->ipsclass->md5_check ) { $this->ipsclass->Error( array( 'LEVEL' => 1, 'MSG' => 'no_permission' ) ); } } //----------------------------------------- // Do it.. //----------------------------------------- $this->ipsclass->DB->simple_construct( array( 'update' => 'sessions', 'set' => "member_name='',member_id='0',login_type='0',member_group={$this->ipsclass->vars['guest_group']}", 'where' => "id='". $this->ipsclass->sess->session_id ."'" ) ); $this->ipsclass->DB->simple_shutdown_exec(); list( $privacy, $loggedin ) = explode( '&', $this->ipsclass->member['login_anonymous'] ); $this->ipsclass->DB->simple_construct( array( 'update' => 'members', 'set' => "login_anonymous='{$privacy}&0', last_visit=".time().", last_activity=".time(), 'where' => "id=".$this->ipsclass->member['id'] ) ); $this->ipsclass->DB->simple_shutdown_exec(); //----------------------------------------- // Set some cookies //----------------------------------------- $this->ipsclass->my_setcookie( "member_id" , "0" ); $this->ipsclass->my_setcookie( "pass_hash" , "0" ); $this->ipsclass->my_setcookie( "anonlogin" , "-1" ); if ( is_array($_COOKIE) ) { foreach( $_COOKIE as $cookie => $value ) { if ( preg_match( "/^(".$this->ipsclass->vars['cookie_id']."ipbforumpass_.*$)/i", $cookie, $match) ) { $this->ipsclass->my_setcookie( str_replace( $this->ipsclass->vars['cookie_id'], "", $match[0] ) , '-', -1 ); } } } # Horrid hack: IPB 3.0: Separate out log out functions into class / function if ( $return ) { //----------------------------------------- // Redirect... //----------------------------------------- $url = ""; if ( $this->ipsclass->input['return'] != "" ) { $return = urldecode($this->ipsclass->input['return']); if ( preg_match( "#^http://#", $return ) ) { $this->ipsclass->boink_it($return); } } $this->ipsclass->print->redirect_screen( $this->ipsclass->lang['thanks_for_logout'], "" ); } else { return TRUE; } }}?>
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?