diff options
| author | James Atkinson <thefinn@users.sourceforge.net> | 2001-02-25 22:24:17 +0000 |
|---|---|---|
| committer | James Atkinson <thefinn@users.sourceforge.net> | 2001-02-25 22:24:17 +0000 |
| commit | 83b6163b4b75b7d06178dbf43719dbb1be1392d1 (patch) | |
| tree | d9282fe685e4576ca054db212ec6bedfa90e2ed1 | |
| parent | 9bb944225afee2a39eb03827d805df17acfc77ec (diff) | |
| download | forums-83b6163b4b75b7d06178dbf43719dbb1be1392d1.tar forums-83b6163b4b75b7d06178dbf43719dbb1be1392d1.tar.gz forums-83b6163b4b75b7d06178dbf43719dbb1be1392d1.tar.bz2 forums-83b6163b4b75b7d06178dbf43719dbb1be1392d1.tar.xz forums-83b6163b4b75b7d06178dbf43719dbb1be1392d1.zip | |
Added login/logout file and logic to login a user
git-svn-id: file:///svn/phpbb/trunk@65 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/common.php | 4 | ||||
| -rw-r--r-- | phpBB/functions/auth.php | 155 | ||||
| -rw-r--r-- | phpBB/functions/error.php | 4 | ||||
| -rw-r--r-- | phpBB/login.php | 57 |
4 files changed, 141 insertions, 79 deletions
diff --git a/phpBB/common.php b/phpBB/common.php index 55e9e2da3d..79d64b2403 100644 --- a/phpBB/common.php +++ b/phpBB/common.php @@ -70,7 +70,7 @@ else } // Check if user is banned -if(!auth("ip ban", $db, "", "", "", "", "", USER_IP, "", "", "")) +if(!auth("ip ban", $db, "", USER_IP)) { error_die($db, BANNED); } @@ -85,7 +85,7 @@ if(isset($HTTP_COOKIE_VARS[$session_cookie])) $user_logged_in = 1; update_session_time($sessid, $db); - if(!auth("username ban", $db, $userid, "", "", "", "", "", "", "", "")) + if(!auth("username ban", $db, $userid)) { error_die($db, BANNED); } diff --git a/phpBB/functions/auth.php b/phpBB/functions/auth.php index df4d99691d..6f355e2316 100644 --- a/phpBB/functions/auth.php +++ b/phpBB/functions/auth.php @@ -31,88 +31,89 @@ * TRUE if the user authorized * FALSE if the user is not */ -function auth($type, - $db, - $user_id = "", - $user_name = "", - $user_pass = "", - $user_level = "", - $session_id = "", - $user_ip = "", - $forum_id = "", - $topic_id = "", - $post_id = "") +function auth($type, $db, $id = "", $user_ip = "") { + global $userdata; switch($type) { case 'ip ban': - $sql = "DELETE FROM ".BANLIST_TABLE." - WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).") - AND (ban_end > 0)"; - $db->sql_query($sql); - $sql = "SELECT ban_ip FROM ".BANLIST_TABLE; - if($result = $db->sql_query($sql)) - { - if($totalrows = $db->sql_numrows()) - { - $iprow = $db->sql_fetchrowset($result); - for($x = 0; $x < $totalrows; $x++) - { - $ip = $iprow[$x]["ban_ip"]; - if($ip[strlen($ip) - 1] == ".") - { - $db_ip = explode(".", $ip); - $this_ip = explode(".", $user_ip); - - for($x = 0; $x < count($db_ip) - 1; $x++) - { - $my_ip .= $this_ip[$x] . "."; - } - - if($my_ip == $ip) - { - return(FALSE); - } - } - else - { - if($ipuser == $ip) - { - return(FALSE); - } - } - } - return(TRUE); - } - else - { - return(TRUE); - } - } - return(TRUE); - break; + $sql = "DELETE FROM ".BANLIST_TABLE." + WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).") + AND (ban_end > 0)"; + $db->sql_query($sql); + $sql = "SELECT ban_ip FROM ".BANLIST_TABLE; + if($result = $db->sql_query($sql)) + { + if($totalrows = $db->sql_numrows($result)) + { + $iprow = $db->sql_fetchrowset($result); + for($x = 0; $x < $totalrows; $x++) + { + $ip = $iprow[$x]["ban_ip"]; + if($ip[strlen($ip) - 1] == ".") + { + $db_ip = explode(".", $ip); + $this_ip = explode(".", $user_ip); + + for($x = 0; $x < count($db_ip) - 1; $x++) + { + $my_ip .= $this_ip[$x] . "."; + } + + if($my_ip == $ip) + { + return(FALSE); + } + } + else + { + if($ipuser == $ip) + { + return(FALSE); + } + } + } + return(TRUE); + } + else + { + return(TRUE); + } + } + return(TRUE); + break; case 'username ban': - $sql = "DELETE FROM ".BANLIST_TABLE." - WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).") - AND (ban_end > 0)"; - $db->sql_query($sql); - $sql = "SELECT ban_userid FROM ".BANLIST_TABLE." WHERE ban_userid = '$user_id'"; - if($result = $db->sql_query($sql)) - { - if($db->sql_numrows()) - { - return(FALSE); - } - else - { - return(TRUE); - } - } - else - { - return(TRUE); - } - break; + $sql = "DELETE FROM ".BANLIST_TABLE." + WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).") + AND (ban_end > 0)"; + $db->sql_query($sql); + $sql = "SELECT ban_userid FROM ".BANLIST_TABLE." WHERE ban_userid = '$user_id'"; + if($result = $db->sql_query($sql)) + { + if($db->sql_numrows($result)) + { + return(FALSE); + } + else + { + return(TRUE); + } + } + else + { + return(TRUE); + } + break; + case 'login': + global $password; + if($userdata["user_password"] != md5($password)) + { + return(FALSE); + } + else + { + return(TRUE); + } } } diff --git a/phpBB/functions/error.php b/phpBB/functions/error.php index 1b819f511b..1a21ab0023 100644 --- a/phpBB/functions/error.php +++ b/phpBB/functions/error.php @@ -56,6 +56,10 @@ function error_die($db, $error_code = "", $error_msg = "") break; case NO_POSTS: $error_msg = "There are no posts in this forum. Click on the 'Post New Topic' link on this page to post one."; + break; + case LOGIN_FAILED: + $error_msg = "Login Failed. You have specified an incorrect username or password, please go back and try again."; + break; } } if(DEBUG) diff --git a/phpBB/login.php b/phpBB/login.php new file mode 100644 index 0000000000..801782941f --- /dev/null +++ b/phpBB/login.php @@ -0,0 +1,57 @@ +<?php +/*************************************************************************** + * login.php + * ------------------- + * begin : Saturday, Feb 13, 2001 + * copyright : (C) 2001 The phpBB Group + * email : support@phpbb.com + * + * $Id$ + * + * + ***************************************************************************/ + + +/*************************************************************************** + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * + ***************************************************************************/ +include('extension.inc'); +include('common.'.$phpEx); + +if($submit) +{ + $userdata = get_userdata($username, $db); + if($userdata["error"]) + { + error_die($db, LOGIN_FAILED); + } + else + { + if(!auth("login", $db)) + { + error_die($db, LOGIN_FAILED); + } + else + { + $sessid = new_session($userdata[user_id], USER_IP, $session_cookie_time, $db); + set_session_cookie($sessid, $session_cookie_time, $session_cookie, "", "", 0); + header("Location: index.$phpEx"); + } + } +} +else if($logout) +{ + if($user_logged_in) + { + end_user_session($userdata["user_id"], $db); + } + header("Location: index.$phpEx"); +} + +?> |