1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
<?php
/***************************************************************************
* login.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_LOGIN', true);
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
// Set page ID for session management
$user->start();
$user->setup();
$auth->acl($user->data);
// End session management
$redirect = $username = $password = '';
extract($_GET);
extract($_POST);
// Do the login/logout/form/whatever
if (isset($login) || isset($logout))
{
if (isset($login) && $user->data['user_id'] == ANONYMOUS)
{
$autologin = (!empty($autologin)) ? true : false;
$viewonline = (!empty($viewonline)) ? 0 : 1;
// Is the board disabled? Are we an admin? No, then back to the index we go
if (!empty($config['board_disable']) && !$auth->acl_get('a_'))
{
redirect("index.$phpEx$SID");
}
if (($result = $auth->login($username, $password, $autologin, $viewonline)) !== true)
{
// If we get a non-numeric (e.g. string) value we output an error
if (!is_numeric($result))
{
trigger_error($result, E_USER_ERROR);
}
// If we get an integer zero then we are inactive, else the username/password is wrong
$message = ($result === 0) ? $user->lang['ACTIVE_ERROR'] : $user->lang['LOGIN_ERROR'];
$message .= '<br /><br />' . sprintf($user->lang['RETURN_LOGIN'], '<a href="' . "login.$phpEx$SID&redirect=$redirect" . '">', '</a>') . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . "index.$phpEx$SID" . '">', '</a>');
trigger_error($message);
}
}
else if ($user->data['user_id'] != ANONYMOUS)
{
$user->destroy();
}
// Redirect to wherever we're supposed to go ...
$redirect_url = (preg_match('#^redirect=(.*?)$#', $redirect)) ? preg_replace('#^redirect=(.*?)&(.*?)$#', '\1.' . $phpEx . $SID . '&\2', $redirect) : 'index.'.$phpEx . $SID;
redirect($redirect_url);
}
if ($user->data['user_id'] == ANONYMOUS)
{
$redirect = (!empty($_SERVER['QUERY_STRING'])) ? preg_replace('#^sid=[a-z0-9]*?&?(redirect=.*?)$#', '\1', $_SERVER['QUERY_STRING']) : '';
$template->assign_vars(array(
'U_SEND_PASSWORD' => "ucp.$phpEx$SID&mode=sendpassword",
'U_TERMS_USE' => "ucp.$phpEx$SID&mode=terms",
'U_PRIVACY' => "ucp.$phpEx$SID&mode=privacy",
'S_HIDDEN_FIELDS' => '<input type="hidden" name="redirect" value="' . $redirect . '" />')
);
$page_title = $user->lang['LOGIN'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'body' => 'login_body.html')
);
make_jumpbox('viewforum.'.$phpEx, $forum_id);
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
else
{
redirect("index.$phpEx$SID");
}
?>
|
