login.php

来自「sabreipb 2.1.6 utf-8中文版本!」· PHP 代码 · 共 859 行 · 第 1/2 页

PHP
859
字号
			{				$extra_form = $this->han_login->login_method['login_alt_login_html'];				$show_form  = 1;			}			else			{				$this->output .= $this->han_login->login_method['login_alt_login_html'];				$show_form     = 0;			}		}				//-----------------------------------------		// Continue...		//-----------------------------------------				if ( $show_form )		{			if( !isset($_SERVER['HTTP_REFERER']) )			{				// HTTP_REFERER isn't set when force_login is enabled				// This method will piece together the base url, and the querystring arguments				// This is not anymore secure/insecure than IPB, as IPB will have to process				// those arguments whether force_login is enabled or not.								$_SERVER['HTTP_REFERER'] = $this->ipsclass->base_url.@implode( "&amp;", $_SERVER['argv'] );			}						$this->output .= $this->ipsclass->compiled_templates['skin_login']->ShowForm( $this->ipsclass->lang['please_log_in'], htmlentities(urldecode($_SERVER['HTTP_REFERER'])), $extra_form );		}				$this->nav        = array( $this->ipsclass->lang['log_in'] );	 	$this->page_title = $this->ipsclass->lang['log_in'];				$this->ipsclass->print->add_output("$this->output");        $this->ipsclass->print->do_output( array( 'TITLE' => $this->page_title, 'JS' => 0, NAV => $this->nav ) );                exit();    }        /*-------------------------------------------------------------------------*/    // DO LOG IN    /*-------------------------------------------------------------------------*/        function do_log_in()    {    	//-----------------------------------------    	// INIT    	//-----------------------------------------    	    	$url    = "";    	$member = array();    	    	//-----------------------------------------    	// Load handler...    	//-----------------------------------------    	    	require_once( ROOT_PATH.'sources/handlers/han_login.php' );    	$this->han_login           =  new han_login();    	$this->han_login->ipsclass =& $this->ipsclass;    	$this->han_login->init();    	    	//-----------------------------------------    	// Make sure the username and password were entered    	//-----------------------------------------    	    	if ( $_POST['UserName'] == "" )    	{    		$this->ipsclass->Error( array( 'LEVEL' => 1, 'MSG' => 'no_username' ) );    	}         	if ( $_POST['PassWord'] == "" )     	{    		$this->ipsclass->Error( array( 'LEVEL' => 1, 'MSG' => 'pass_blank' ) );    	}   				//-----------------------------------------		// Check for input length		//-----------------------------------------				if ( $this->ipsclass->vars['converge_login_method'] == 'username' )		{			if ( $this->ipsclass->txt_mb_strlen( $_POST['UserName'] ) > 32 )			{				$this->ipsclass->Error( array( LEVEL => 1, MSG => 'username_long' ) );			}						$username = strtolower(str_replace( '|', '&#124;', $this->ipsclass->input['UserName']) );		}		else		{			$username = strtolower( trim( $this->ipsclass->input['UserName'] ) );		}				if ( $this->ipsclass->txt_mb_strlen( $_POST['PassWord'] ) > 32)		{			$this->ipsclass->Error( array( LEVEL => 1, MSG => 'pass_too_long' ) );		}				$password = md5( $this->ipsclass->input['PassWord'] );				//-----------------------------------------		// Check auth		//-----------------------------------------				$this->han_login->login_authenticate( $username, $this->ipsclass->input['PassWord'] );				//-----------------------------------------		// Check return code...		//-----------------------------------------				$member = $this->han_login->member;				if ( ( ! $member['id'] ) or ( $this->han_login->return_code == 'NO_USER' ) )		{			$this->log_in_form( 'wrong_name' );		}				if ( $this->han_login->return_code != 'SUCCESS' )		{			$this->log_in_form( 'wrong_auth' );		}				//-----------------------------------------		// Is this a partial member?		// Not completed their sign in?		//-----------------------------------------				if ( $member['members_created_remote'] )		{			$pmember = $this->ipsclass->DB->build_and_exec_query( array( 'select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id={$member['id']}" ) );						if ( $pmember['partial_member_id'] )			{				$this->ipsclass->print->redirect_screen( $this->ipsclass->lang['partial_login'], 'act=reg&CODE=complete_login&mid='.$member['id'].'&key='.$pmember['partial_date'] );				exit();			}		}				//-----------------------------------------		// We in a validating group?		// still need this?		//-----------------------------------------				if ($member['mgroup'] == $this->ipsclass->vars['auth_group'])		{			//$this->log_in_form( 'need_validation' );		}				//-----------------------------------------		// Generate a new log in key		//-----------------------------------------				if ( $this->ipsclass->vars['login_change_key'] OR ! $member['member_login_key'] )		{			$member['member_login_key'] = $this->ipsclass->converge->generate_auto_log_in_key();					$this->ipsclass->DB->do_update( 'members', array( 'member_login_key' => $member['member_login_key'] ), 'id='.$member['id'] );		}				//-----------------------------------------		// Cookie me softly?		//-----------------------------------------				if ($this->ipsclass->input['CookieDate'])		{			$this->ipsclass->my_setcookie("member_id"   , $member['id']              , 1);			$this->ipsclass->my_setcookie("pass_hash"   , $member['member_login_key'], 1);		}				//-----------------------------------------		// Remove any COPPA cookies previously set		//-----------------------------------------				$this->ipsclass->my_setcookie("coppa", '0', 0);				//-----------------------------------------		// Update profile if IP addr missing		//-----------------------------------------				if ( $member['ip_address'] == "" OR $member['ip_address'] == '127.0.0.1' )		{			$this->ipsclass->DB->simple_construct( array( 'update' => 'members',														  'set'    => "ip_address='{$this->ipsclass->ip_address}'",														  'where'  => "id={$member['id']}"												 )      );								 			$this->ipsclass->DB->simple_exec();		}				//-----------------------------------------		// Create / Update session		//-----------------------------------------				$poss_session_id = "";				if ( $cookie_id = $this->ipsclass->my_getcookie('session_id') )		{			$poss_session_id = $this->ipsclass->my_getcookie('session_id');		}		else if ( $this->ipsclass->input['s'] )		{			$poss_session_id = $this->ipsclass->input['s'];		}				//-----------------------------------------		// Clean...		//-----------------------------------------				$poss_session_id = preg_replace("/([^a-zA-Z0-9])/", "", $poss_session_id);				if ($poss_session_id)		{			$session_id = $poss_session_id;						//-----------------------------------------			// Delete any old sessions with this users IP			// addy that doesn't match our session ID.			//-----------------------------------------						$this->ipsclass->DB->simple_construct( array( 'delete' => 'sessions',														  'where'  => "ip_address='".$this->ipsclass->ip_address."' AND id <> '$session_id'"												 )      );								 			$this->ipsclass->DB->simple_shutdown_exec();									$this->ipsclass->DB->do_shutdown_update( 'sessions',													 array (															 'member_name'  => $member['members_display_name'],															 'member_id'    => $member['id'],															 'running_time' => time(),															 'member_group' => $member['mgroup'],															 'login_type'   => $this->ipsclass->input['Privacy'] ? 1 : 0														   ),													 "id='".$session_id."'"												 );		}		else		{			$session_id = md5( uniqid(microtime()) );						//-----------------------------------------			// Delete any old sessions with this users IP addy.			//-----------------------------------------						$this->ipsclass->DB->simple_construct( array( 'delete' => 'sessions',														  'where'  => "ip_address='".$this->ipsclass->ip_address."'"												 )      );								 			$this->ipsclass->DB->simple_shutdown_exec();						$this->ipsclass->DB->do_shutdown_insert( 'sessions',													 array (															 'id'           => $session_id,															 'member_name'  => $member['members_display_name'],															 'member_id'    => $member['id'],															 'running_time' => time(),															 'member_group' => $member['mgroup'],															 'ip_address'   => $this->ipsclass->ip_address,															 'browser'      => substr($this->ipsclass->clean_value($_SERVER['HTTP_USER_AGENT']), 0, 50),															 'login_type'   => $this->ipsclass->input['Privacy'] ? 1 : 0												  )       );		}				$this->ipsclass->member           = $member;		$this->ipsclass->session_id       = $session_id;				if ($this->ipsclass->input['referer'] && ($this->ipsclass->input['act'] != 'Reg'))		{			$url = str_replace( '&amp;', '&', $this->ipsclass->input['referer'] );			$url = str_replace( "{$this->ipsclass->vars['board_url']}/index.{$this->ipsclass->vars['php_ext']}", "", $url );			$url = preg_replace( "!^\?!"       , ""   , $url );			$url = preg_replace( "!s=(\w){32}!", ""   , $url );			$url = preg_replace( "!act=(login|reg|lostpass)!i", "", $url );		}				//-----------------------------------------		// set our privacy status		//-----------------------------------------				$this->ipsclass->DB->simple_construct( array( 'update' => 'members',													  'set'    => "login_anonymous='".intval($this->ipsclass->input['Privacy'])."&1'",													  'where'  => "id={$member['id']}"											 )      );							 		$this->ipsclass->DB->simple_shutdown_exec();					//-----------------------------------------		// Clear out any passy change stuff		//-----------------------------------------				$this->ipsclass->DB->simple_construct( array( 'delete' => 'validating',													  'where'  => "member_id={$this->ipsclass->member['id']} AND lost_pass=1"											 )      );							 		$this->ipsclass->DB->simple_shutdown_exec();				//-----------------------------------------		// Redirect them to either the board		// index, or where they came from		//-----------------------------------------				$this->ipsclass->my_setcookie("session_id", $this->ipsclass->session_id, -1);				$this->logged_in = 1;				if ( USE_MODULES == 1 )		{			$this->modules->register_class($this);			$this->modules->on_login($member);		}				if ( $this->ipsclass->input['return'] != "" )		{			$return = urldecode($this->ipsclass->input['return']);						if ( preg_match( "#^http://#", $return ) )			{				$this->ipsclass->boink_it($return);			}		}				//-----------------------------------------		// Check for dupemail		//-----------------------------------------				$member_extra = $this->ipsclass->DB->simple_exec_query( array( 'select' => 'bio', 'from' => 'member_extra', 'where' => 'id='.$member['id'] ) );				if ( $member_extra['bio'] == 'dupemail' )		{			$this->ipsclass->print->redirect_screen( "{$this->ipsclass->lang[thanks_for_login]} {$this->ipsclass->member['members_display_name']}", 'act=usercp' );		}		else		{			$this->ipsclass->print->redirect_screen( "{$this->ipsclass->lang[thanks_for_login]} {$this->ipsclass->member['members_display_name']}", $url );		}	}		/*-------------------------------------------------------------------------*/	// DO LOG OUT	/*-------------------------------------------------------------------------*/	function do_log_out( $return=1 )	{		//-----------------------------------------		// INIT		//-----------------------------------------				if ( $return )		{			$key = $this->ipsclass->input['k'];						# Check for funny business			if ( $key != $this->ipsclass->md5_check )			{				$this->ipsclass->Error( array( 'LEVEL' => 1, 'MSG' => 'no_permission' ) );			}		}				//-----------------------------------------		// Do it..		//-----------------------------------------				$this->ipsclass->DB->simple_construct( array( 'update' => 'sessions',													  'set'    => "member_name='',member_id='0',login_type='0',member_group={$this->ipsclass->vars['guest_group']}",													  'where'  => "id='". $this->ipsclass->sess->session_id ."'"											 )      );							 		$this->ipsclass->DB->simple_shutdown_exec();				list( $privacy, $loggedin ) = explode( '&', $this->ipsclass->member['login_anonymous'] );						$this->ipsclass->DB->simple_construct( array( 'update' => 'members',													  'set'    => "login_anonymous='{$privacy}&0', last_visit=".time().", last_activity=".time(),													  'where'  => "id=".$this->ipsclass->member['id']											 )      );							 		$this->ipsclass->DB->simple_shutdown_exec();				//-----------------------------------------		// Set some cookies		//-----------------------------------------				$this->ipsclass->my_setcookie( "member_id" , "0"  );		$this->ipsclass->my_setcookie( "pass_hash" , "0"  );		$this->ipsclass->my_setcookie( "anonlogin" , "-1" );				if ( is_array($_COOKIE) ) 		{ 			foreach( $_COOKIE as $cookie => $value ) 			{ 				if ( preg_match( "/^(".$this->ipsclass->vars['cookie_id']."ipbforumpass_.*$)/i", $cookie, $match) ) 				{ 					$this->ipsclass->my_setcookie( str_replace( $this->ipsclass->vars['cookie_id'], "", $match[0] ) , '-', -1 ); 				} 			} 		}				# Horrid hack: IPB 3.0: Separate out log out functions into class / function		if ( $return )		{			//-----------------------------------------			// Redirect...			//-----------------------------------------						$url = "";						if ( $this->ipsclass->input['return'] != "" )			{				$return = urldecode($this->ipsclass->input['return']);								if ( preg_match( "#^http://#", $return ) )				{					$this->ipsclass->boink_it($return);				}			}						$this->ipsclass->print->redirect_screen( $this->ipsclass->lang['thanks_for_logout'], "" );		}		else		{			return TRUE;		}	}}?>

⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?