diff options
Diffstat (limited to 'phpBB/functions')
| -rw-r--r-- | phpBB/functions/auth.php | 155 | ||||
| -rw-r--r-- | phpBB/functions/error.php | 4 |
2 files changed, 82 insertions, 77 deletions
diff --git a/phpBB/functions/auth.php b/phpBB/functions/auth.php index df4d99691d..6f355e2316 100644 --- a/phpBB/functions/auth.php +++ b/phpBB/functions/auth.php @@ -31,88 +31,89 @@ * TRUE if the user authorized * FALSE if the user is not */ -function auth($type, - $db, - $user_id = "", - $user_name = "", - $user_pass = "", - $user_level = "", - $session_id = "", - $user_ip = "", - $forum_id = "", - $topic_id = "", - $post_id = "") +function auth($type, $db, $id = "", $user_ip = "") { + global $userdata; switch($type) { case 'ip ban': - $sql = "DELETE FROM ".BANLIST_TABLE." - WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).") - AND (ban_end > 0)"; - $db->sql_query($sql); - $sql = "SELECT ban_ip FROM ".BANLIST_TABLE; - if($result = $db->sql_query($sql)) - { - if($totalrows = $db->sql_numrows()) - { - $iprow = $db->sql_fetchrowset($result); - for($x = 0; $x < $totalrows; $x++) - { - $ip = $iprow[$x]["ban_ip"]; - if($ip[strlen($ip) - 1] == ".") - { - $db_ip = explode(".", $ip); - $this_ip = explode(".", $user_ip); - - for($x = 0; $x < count($db_ip) - 1; $x++) - { - $my_ip .= $this_ip[$x] . "."; - } - - if($my_ip == $ip) - { - return(FALSE); - } - } - else - { - if($ipuser == $ip) - { - return(FALSE); - } - } - } - return(TRUE); - } - else - { - return(TRUE); - } - } - return(TRUE); - break; + $sql = "DELETE FROM ".BANLIST_TABLE." + WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).") + AND (ban_end > 0)"; + $db->sql_query($sql); + $sql = "SELECT ban_ip FROM ".BANLIST_TABLE; + if($result = $db->sql_query($sql)) + { + if($totalrows = $db->sql_numrows($result)) + { + $iprow = $db->sql_fetchrowset($result); + for($x = 0; $x < $totalrows; $x++) + { + $ip = $iprow[$x]["ban_ip"]; + if($ip[strlen($ip) - 1] == ".") + { + $db_ip = explode(".", $ip); + $this_ip = explode(".", $user_ip); + + for($x = 0; $x < count($db_ip) - 1; $x++) + { + $my_ip .= $this_ip[$x] . "."; + } + + if($my_ip == $ip) + { + return(FALSE); + } + } + else + { + if($ipuser == $ip) + { + return(FALSE); + } + } + } + return(TRUE); + } + else + { + return(TRUE); + } + } + return(TRUE); + break; case 'username ban': - $sql = "DELETE FROM ".BANLIST_TABLE." - WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).") - AND (ban_end > 0)"; - $db->sql_query($sql); - $sql = "SELECT ban_userid FROM ".BANLIST_TABLE." WHERE ban_userid = '$user_id'"; - if($result = $db->sql_query($sql)) - { - if($db->sql_numrows()) - { - return(FALSE); - } - else - { - return(TRUE); - } - } - else - { - return(TRUE); - } - break; + $sql = "DELETE FROM ".BANLIST_TABLE." + WHERE (ban_end < ". mktime(date("H"), date("i"), date("s"), date("m"), date("d"), date("Y")).") + AND (ban_end > 0)"; + $db->sql_query($sql); + $sql = "SELECT ban_userid FROM ".BANLIST_TABLE." WHERE ban_userid = '$user_id'"; + if($result = $db->sql_query($sql)) + { + if($db->sql_numrows($result)) + { + return(FALSE); + } + else + { + return(TRUE); + } + } + else + { + return(TRUE); + } + break; + case 'login': + global $password; + if($userdata["user_password"] != md5($password)) + { + return(FALSE); + } + else + { + return(TRUE); + } } } diff --git a/phpBB/functions/error.php b/phpBB/functions/error.php index 1b819f511b..1a21ab0023 100644 --- a/phpBB/functions/error.php +++ b/phpBB/functions/error.php @@ -56,6 +56,10 @@ function error_die($db, $error_code = "", $error_msg = "") break; case NO_POSTS: $error_msg = "There are no posts in this forum. Click on the 'Post New Topic' link on this page to post one."; + break; + case LOGIN_FAILED: + $error_msg = "Login Failed. You have specified an incorrect username or password, please go back and try again."; + break; } } if(DEBUG) |