diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2003-03-09 16:09:37 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2003-03-09 16:09:37 +0000 |
| commit | cd9b3af2b5e76ee12651c17316ae9d0d9e84130f (patch) | |
| tree | 2d11f8ffb8251dd61cbd7f0462e52d086fe9ba8f /phpBB/includes/auth/auth_db.php | |
| parent | aa718d4a027259997f7a5732d8a0fdd328315bd7 (diff) | |
| download | forums-cd9b3af2b5e76ee12651c17316ae9d0d9e84130f.tar forums-cd9b3af2b5e76ee12651c17316ae9d0d9e84130f.tar.gz forums-cd9b3af2b5e76ee12651c17316ae9d0d9e84130f.tar.bz2 forums-cd9b3af2b5e76ee12651c17316ae9d0d9e84130f.tar.xz forums-cd9b3af2b5e76ee12651c17316ae9d0d9e84130f.zip | |
Some changes to the returned data format + cleanups
git-svn-id: file:///svn/phpbb/trunk@3622 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/auth/auth_db.php')
| -rw-r--r-- | phpBB/includes/auth/auth_db.php | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php index d91655ff04..3666eeb105 100644 --- a/phpBB/includes/auth/auth_db.php +++ b/phpBB/includes/auth/auth_db.php @@ -1,24 +1,27 @@ <?php +// Authentication plug-ins is largely down to Sergey Kanareykin, our thanks to him. // -// Authentication plug-ins is largely down to -// Sergey Kanareykin, our thanks to him. +// This is for authentication via the integrated user table // +// You can do any kind of checking you like here ... the return data format is +// either the resulting row of user information, an integer zero (indicating an +// inactive user) or some error string function login_db(&$username, &$password) { - global $db, $board_config; + global $db, $config; $sql = "SELECT user_id, username, user_password, user_email, user_active FROM " . USERS_TABLE . " - WHERE username = '" . str_replace("\'", "''", $username) . "'"; + WHERE username = '" . $db->sql_escape($username) . "'"; $result = $db->sql_query($sql); - if ( $row = $db->sql_fetchrow($result) ) + if ($row = $db->sql_fetchrow($result)) { $db->sql_freeresult($result); - if ( md5($password) == $row['user_password'] && $row['user_active'] ) + if (md5($password) == $row['user_password']) { - return $row; + return (empty($row['user_active'])) ? 0 : $row; } } |