function checkuser($username, $password) { global $db_prefix; $blog = new boblog(); $password = md5($password); $username = mystrtolower($username); $userdetail = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE LOWER(username)='{$username}' AND `userpsw`='{$password}'"); if (!$userdetail) { return false; } else { if (file_exists("data/usergroup{$userdetail['usergroup']}.php")) { include "data/usergroup{$userdetail['usergroup']}.php"; } else { include "data/usergroup0.php"; } if ($permission['XMLRPC'] != 1) { return false; } else { return $userdetail; } } }
//2006-7-2 Seurity Fix, 2006-7-5 modified acceptcookie("userid,userpsw"); $userid = safe_convert($userid); $userpsw = safe_convert($userpsw); $blog = new boblog(); //Initialize Time Info $nowtime['timestamp'] = time(); $nowtime += array('year' => gmdate('Y', $nowtime['timestamp'] + 3600 * $config['timezone']), 'month' => gmdate('n', $nowtime['timestamp'] + 3600 * $config['timezone']), 'day' => gmdate('j', $nowtime['timestamp'] + 3600 * $config['timezone']), 'Ymd' => gmdate('Ymd', $nowtime['timestamp'] + 3600 * $config['timezone']), 'Ym' => gmdate('Ym', $nowtime['timestamp'] + 3600 * $config['timezone'])); //Sessions and Cookies $userdetail = array(); if (empty($userid) || empty($userpsw)) { $userdetail['usergroup'] = 0; $userdetail['userid'] = -1; $logstat = 0; } else { $userdetail = $blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE `userid`='{$userid}' AND `userpsw`='{$userpsw}'"); if (!$userdetail) { $userdetail['usergroup'] = 0; $userdetail['userid'] = -1; $logstat = 0; } else { $logstat = 1; } } if ($mbcon['enableopenid'] == '1') { $openidloginstat = $logstat == 0 && $_COOKIE['openid_url_id'] ? 1 : 0; } else { $openidloginstat = 0; } //Load User Group Permission Cache $permission = array();