function check_auth($type, $username, $password) { global $bhconfig, $bhcurrent, $bhsession; $bhcurrent['in_webdav'] = 1; if (bh_authenticate($username, $password) == false) { $bhcurrent['username'] = "******"; $bhsession['username'] = "******"; $bhcurrent['usertype'] = "guest"; return false; } else { $bhcurrent['username'] = $username; $bhsession['username'] = $username; $bhcurrent['userobj'] = new bhuser($username); $bhcurrent['usertype'] = $bhcurrent['userobj']->type; return true; } }
# Bandwidth functions require "../includes/misc.inc.php"; # Miscellaneous functions require "../includes/email.inc.php"; # Email functions require "../includes/filelink.inc.php"; # FileLink/FileMail functions $bhsession = bh_session(); # Start session with auth module bh_updatemoduledb(); # Add any new modules bh_purge_old(); # Purge old requests for things # See if we need to login if (!empty($_POST['login_username'])) { $loggedin = bh_authenticate($_POST['login_username'], $_POST['login_password']); if ($loggedin == TRUE) { bh_log(str_replace("#USER#", $_POST['login_username'], $bhlang['notice:logged_in_as_#USER#']), "BH_NOTICE"); bh_log(str_replace("#USER#", $_POST['login_username'], $bhlang['log:successful_login_#USER#']), "BH_LOGIN_SUCCESS"); $bhsession = bh_session_create($_POST['login_username']); # Start a session for the user. } else { bh_log($bhlang['notice:login_failed'], "BH_NOTICE"); bh_log(str_replace("#USER#", $_POST['login_username'], $bhlang['log:failed_login_#USER#']), "BH_LOGIN_FAILURE"); $_GET['page'] = "login"; } } # See if we need to log out if (!empty($_GET['logout']) || $_GET['page'] == "logout") { bh_log($bhlang['notice:logged_out'], "BH_NOTICE"); bh_log(str_replace("#USER#", $bhsession['username'], $bhlang['log:#USER#_logged_out']), "BH_LOGOUT");
* $Id: options.inc.php,v 1.2 2005/07/26 21:55:09 andrewgodwin Exp $ * */ #name Options Form #author Andrew Godwin #description Lets users change options # Test for include status if (IN_BH != 1) { header("Location: ../index.php"); die; } # See if there's an incoming password change if (!empty($_POST['changepass'])) { $changepass = $_POST['changepass']; # Check the old password is correct $oldcheck = bh_authenticate($bhsession['username'], $changepass['old']); if ($oldcheck == TRUE) { # See if the two new passwords match if ($changepass['new'] == $changepass['new2']) { # If they're using a blank password, warn them, but don't stop them empty($changepass['new']) ? bh_log($bhlang['warning:blank_password'], "BH_WARNING") : null; # OK, update their password. # (That's 5 Es, btw. Got to make this a bit more challenging. Wait till I use MD5sums as names) $reeeeesult = bh_auth_set_password($bhsession['username'], $changepass['new']); # And give them heaps of praise. Or tell them bad things have happened. if ($reeeeesult == TRUE) { bh_log($bhlang['notice:password_changed'], "BH_NOTICE"); } else { bh_log($bhlang['error:unknown'], "BH_NOTICE"); } } else {