aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/functions/auth.php
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/functions/auth.php')
-rw-r--r--phpBB/functions/auth.php229
1 files changed, 116 insertions, 113 deletions
diff --git a/phpBB/functions/auth.php b/phpBB/functions/auth.php
index 6f355e2316..9de568bcc9 100644
--- a/phpBB/functions/auth.php
+++ b/phpBB/functions/auth.php
@@ -33,88 +33,91 @@
*/
function auth($type, $db, $id = "", $user_ip = "")
{
- global $userdata;
- switch($type)
- {
- case 'ip ban':
- $sql = "DELETE FROM ".BANLIST_TABLE."
- WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).")
- AND (ban_end > 0)";
- $db->sql_query($sql);
- $sql = "SELECT ban_ip FROM ".BANLIST_TABLE;
- if($result = $db->sql_query($sql))
- {
- if($totalrows = $db->sql_numrows($result))
- {
- $iprow = $db->sql_fetchrowset($result);
- for($x = 0; $x < $totalrows; $x++)
- {
- $ip = $iprow[$x]["ban_ip"];
- if($ip[strlen($ip) - 1] == ".")
- {
- $db_ip = explode(".", $ip);
- $this_ip = explode(".", $user_ip);
-
- for($x = 0; $x < count($db_ip) - 1; $x++)
- {
- $my_ip .= $this_ip[$x] . ".";
- }
-
- if($my_ip == $ip)
- {
- return(FALSE);
- }
- }
- else
- {
- if($ipuser == $ip)
- {
- return(FALSE);
- }
- }
- }
- return(TRUE);
- }
- else
- {
- return(TRUE);
- }
- }
- return(TRUE);
- break;
- case 'username ban':
- $sql = "DELETE FROM ".BANLIST_TABLE."
- WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).")
- AND (ban_end > 0)";
- $db->sql_query($sql);
- $sql = "SELECT ban_userid FROM ".BANLIST_TABLE." WHERE ban_userid = '$user_id'";
- if($result = $db->sql_query($sql))
- {
- if($db->sql_numrows($result))
- {
- return(FALSE);
- }
- else
- {
- return(TRUE);
- }
- }
- else
- {
- return(TRUE);
- }
- break;
- case 'login':
- global $password;
- if($userdata["user_password"] != md5($password))
- {
- return(FALSE);
- }
- else
- {
- return(TRUE);
- }
- }
+ global $userdata;
+ switch($type)
+ {
+ case 'ip ban':
+ $sql = "DELETE FROM ".BANLIST_TABLE."
+ WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).")
+ AND (ban_end > 0)";
+ $db->sql_query($sql);
+ $sql = "SELECT ban_ip FROM ".BANLIST_TABLE;
+ if($result = $db->sql_query($sql))
+ {
+ if($totalrows = $db->sql_numrows($result))
+ {
+ $iprow = $db->sql_fetchrowset($result);
+ for($x = 0; $x < $totalrows; $x++)
+ {
+ $ip = $iprow[$x]["ban_ip"];
+ if($ip[strlen($ip) - 1] == ".")
+ {
+ $db_ip = explode(".", $ip);
+ $this_ip = explode(".", $user_ip);
+
+ for($x = 0; $x < count($db_ip) - 1; $x++)
+ {
+ $my_ip .= $this_ip[$x] . ".";
+ }
+ if($my_ip == $ip)
+ {
+ return(FALSE);
+ }
+ }
+ else
+ {
+ if($ipuser == $ip)
+ {
+ return(FALSE);
+ }
+ }
+ }
+ return(TRUE);
+ }
+ else
+ {
+ return(TRUE);
+ }
+ }
+ return(TRUE);
+ break;
+ case 'username ban':
+ $sql = "DELETE FROM ".BANLIST_TABLE."
+ WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).")
+ AND (ban_end > 0)";
+ $db->sql_query($sql);
+ $sql = "SELECT ban_userid FROM ".BANLIST_TABLE." WHERE ban_userid = '$user_id'";
+ if($result = $db->sql_query($sql))
+ {
+ if($db->sql_numrows($result))
+ {
+ return(FALSE);
+ }
+ else
+ {
+ return(TRUE);
+ }
+ }
+ else
+ {
+ return(TRUE);
+ }
+ break;
+ case 'login':
+ global $password;
+ if($userdata["user_password"] != md5($password))
+ {
+ return(FALSE);
+ }
+ else if($userdata["user_active"] == 0)
+ {
+ return(FALSE);
+ }
+ else
+ {
+ return(TRUE);
+ }
+ }
}
@@ -124,41 +127,41 @@ function auth($type, $db, $id = "", $user_ip = "")
function get_userdata_from_id($userid, $db)
{
- $sql = "SELECT * FROM ".USERS_TABLE." WHERE user_id = $userid";
- if(!$result = $db->sql_query($sql))
- {
- $userdata = array("error" => "1");
- return ($userdata);
- }
- if($db->sql_numrows($result))
- {
- $myrow = $db->sql_fetchrowset($result);
- return($myrow[0]);
- }
- else
- {
- $userdata = array("error" => "1");
- return ($userdata);
- }
+ $sql = "SELECT * FROM ".USERS_TABLE." WHERE user_id = $userid";
+ if(!$result = $db->sql_query($sql))
+ {
+ $userdata = array("error" => "1");
+ return ($userdata);
+ }
+ if($db->sql_numrows($result))
+ {
+ $myrow = $db->sql_fetchrowset($result);
+ return($myrow[0]);
+ }
+ else
+ {
+ $userdata = array("error" => "1");
+ return ($userdata);
+ }
}
function get_userdata($username, $db) {
- $sql = "SELECT * FROM ".USERS_TABLE." WHERE username = '$username' AND user_level != ".DELETED;
- if(!$result = $db->sql_query($sql))
- {
- $userdata = array("error" => "1");
- }
+ $sql = "SELECT * FROM ".USERS_TABLE." WHERE username = '$username' AND user_level != ".DELETED;
+ if(!$result = $db->sql_query($sql))
+ {
+ $userdata = array("error" => "1");
+ }
- if($db->sql_numrows($result))
- {
- $myrow = $db->sql_fetchrowset($result);
- return($myrow[0]);
- }
- else
- {
- $userdata = array("error" => "1");
- return ($userdata);
- }
+ if($db->sql_numrows($result))
+ {
+ $myrow = $db->sql_fetchrowset($result);
+ return($myrow[0]);
+ }
+ else
+ {
+ $userdata = array("error" => "1");
+ return ($userdata);
+ }
}
?>
generated by cgit v1.2.1 (git 2.21.0) at 2025-03-21 13:37:55 +0000