1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
<?php
/***************************************************************************
* login.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_LOGIN', true);
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
//
// Set page ID for session management
//
$userdata = $session->start();
$acl = new acl($userdata);
$session->configure($userdata);
//
// End session management
//
//
// This appears to work for IIS5 CGI under Win2K. Uses getenv since this doesn't exist for
// ISAPI mode and therefore the normal Location redirector is used in preference
//
$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
extract($HTTP_GET_VARS);
extract($HTTP_POST_VARS);
$redirect = ( !empty($redirect) ) ? $HTTP_SERVER_VARS['QUERY_STRING'] : '';
//
// Do the login/logout/form/whatever
//
if ( isset($login) || isset($logout) )
{
if ( isset($login) && $userdata['user_id'] == ANONYMOUS )
{
$autologin = ( !empty($autologin) ) ? true : false;
//
// Is the board disabled? Are we an admin? No, then back to the index we go
//
if ( $board_config['board_disable'] && !$acl->get_acl_admin() )
{
header($header_location . "index.$phpEx$SID");
exit;
}
if ( new login($username, $password, $autologin) )
{
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="3;url=' . "login.$phpEx$SID&redirect=$redirect" . '">')
);
$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], '<a href="' . "login.$phpEx$SID&redirect=$redirect" . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . "index.$phpEx$SID" . '">', '</a>');
message_die(MESSAGE, $message);
}
}
else if ( $userdata['user_id'] != ANONYMOUS )
{
$session->destroy($userdata);
}
//
// Redirect to wherever we're supposed to go ...
//
$redirect_url = ( $redirect ) ? preg_replace('/^.*?redirect=(.*?)&(.*?)$/', '\\1' . $SID . '&\\2', $redirect) : 'index.'.$phpEx;
header($header_location . $redirect_url);
exit;
}
if ( $userdata['user_id'] == ANONYMOUS )
{
$template->assign_vars(array(
'L_ENTER_PASSWORD' => $lang['Enter_password'],
'L_SEND_PASSWORD' => $lang['Forgotten_password'],
'U_SEND_PASSWORD' => "profile.$phpEx$SID&mode=sendpassword",
'S_HIDDEN_FIELDS' => '<input type="hidden" name="redirect" value="' . $redirect . '" />')
);
$page_title = $lang['Login'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'login_body.html')
);
make_jumpbox('viewforum.'.$phpEx, $forum_id);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
else
{
header($header_location . "index.$phpEx$SID");
exit;
}
?>
|
