-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
121 lines (94 loc) · 4.39 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<?php
/*******************************************************************\
# @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ #
# @ ArBB V 1.0.0 Beta 1 @ #
# @ All Copyrights are saved Arabian bulletin board team @ #
# @ Copyright © 2009 ArBB Team @ #
# @ ArBB Is Free Bulletin Board and not for sale @ #
# @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ #
\*******************************************************************/
#
# Login File started
#
/*
File name -> login.php
File Version -> 1.0.0 Beta 1
File Programmer -> Thaer
File type -> file
*/
$templatelist = 'lostpassword';
$phrasearray = array('login');
require('global.php');
if(empty($arbb->input['do']))
{
if($local['userid']>0)
{
header('location:index.php');
}
else
{
error_permission();
}
}
elseif($arbb->input['do']=='login')
{
$username = addslashes($arbb->input['username']);
$password = $bbcode->clearhtml(md5($arbb->input['password']));
$uid = verify_login($username,$password);
if(!$uid)
{
error_message($lang['login_error']);
}
else
{
newcookie('userid',$uid);
newcookie('password',$password);
$url = ($arbb->input['url'])? $arbb->input['url'] : $HTTP_SERVER_VARS['HTTP_REFERER'];
$url=$bbcode->clearhtml(urldecode($url));
$url = ($url)?$url:'index.php?';
redirect($lang['logined_succefully'],$url);
}
}
elseif($arbb->input['do']=='logout')
{
$cookies=array('userid','password');
unsetcookie($cookies);
$url = ($arbb->input['url'])? $arbb->input['url'] : $HTTP_SERVER_VARS['HTTP_REFERER'];
$url = $bbcode->clearhtml(urldecode($url));
$url = ($url)?$url:'index.php?';
redirect($lang['logged_out_succefully'],$url);
}
elseif($arbb->input['do']=='lostpass')
{
build_nav_location($lang['restore_password'],"login.php?do=lostpass","add",1);
$titleetc=$lang['restore_password'].' - ';
$TP->webtemp('lostpassword');
}
elseif($arbb->input['do']=='do_lost')
{
build_nav_location($lang['restore_password'],'#','add',1);
$titleetc=$lang['restore_password'].' - ';
$email=$bbcode->clearhtml(addslashes($arbb->input['email']));
$error=1;
$qu = $DB->query("select * from "._PREFIX_."users where email='$email'");
while($u = $DB->fetch_array($qu))
{
$error=0;
$dateline=TIMENOW;
$randomcode = random_string(10);
$newpass = random_string(6);
eval("\$message=\"".$lang['message_restore_password']."\";");
$DB->query("insert into "._PREFIX_."verification (userid,code,query,dateline,addition) values ('$u[userid]','$randomcode','users set password=\'$newpass\' where userid=\'$u[userid]\'','$dateline','$newpass')");
sendmail($u['email'], $lang['password_change_verification'], $message,$options['webmasteremail'], $options['sitetitle']);
}
if($error==1)
{
error_message($lang['restore_email_invalid']);
}
else
{
redirect($lang['restore_message_sent'],$options['forumhome'].'.php');
}
}
print_page();
?>