} else {
$banned_ips = array();
}
$mn_users = load_basic_data('users');
$post = get_post_data($_POST['post_id']);
$mn_redir = isset($_POST['redir']) && !empty($_POST['redir']) ? $_POST['redir'] : str_replace('&mn_msg=c_added', '', $_SERVER['HTTP_REFERER']);
$conf['comments_antiflood'] = isset($conf['comments_antiflood']) && is_numeric($conf['comments_antiflood']) ? $conf['comments_antiflood'] : '30';
if (isset($_SESSION['mn_logged']) && $_SESSION['mn_logged'] && !check_hash()) {
session_destroy();
$url_data = explode('/', $conf['admin_url']);
setcookie('mn_user_hash', '', time() - 3600, '/', $_SERVER['SERVER_NAME']);
setcookie('mn_logged', '', time() - 3600, '/', $_SERVER['SERVER_NAME']);
header('location: ' . $mn_redir . '#mn-comment-form');
exit;
} elseif (isset($_SESSION['mn_logged']) && !$_SESSION['mn_logged'] && isset($_COOKIE['mn_user_name']) && isset($_COOKIE['mn_user_hash']) && $conf['users_perm_login']) {
permanent_login();
} elseif (in_array(@$_POST['comment_author'], $mn_users) || isset($_POST['comment_pass']) && !empty($_POST['comment_pass'])) {
do_login($_POST['comment_author'], $_POST['comment_pass'], false);
}
if ($post['comments'] == '1' && ($conf['comments'] === true || $conf['comments'] >= 1) && !check_ip_ban($_SERVER['REMOTE_ADDR'], $banned_ips)) {
// Check for correct captcha code
if ((!isset($_SESSION['mn_logged']) || !$_SESSION['mn_logged']) && isset($conf['comments_captcha']) && $conf['comments_captcha']) {
require_once './stuff/inc/recaptchalib.php';
$captcha = recaptcha_check_answer('6LfnaQoAAAAAAPi1X1HiWwEWBnCmJ7jLUc5biRpE', $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
}
if (isset($_POST['preview']) && isset($_POST['comment_text']) && !empty($_POST['comment_text'])) {
$preview = true;
} elseif ((!isset($_SESSION['mn_logged']) || !$_SESSION['mn_logged']) && in_array($_POST['comment_author'], $mn_users)) {
$error_msg = $lang['comm_msg_password'];
} elseif (isset($_SESSION['mn_comm_time']) && $_SESSION['mn_comm_time'] + $conf['comments_antiflood'] > time()) {
$error_msg = $lang['comm_msg_flood'];
function user_session()
{
global $file, $conf;
if (isset($_SESSION['mn_logged']) && $_SESSION['mn_logged'] == true && isset($_SESSION['mn_check_hash']) && $_SESSION['mn_check_hash'] == md5(__FILE__)) {
if (isset($_SESSION['mn_user_time']) && $_SESSION['mn_user_time'] + MAX_LOGGED_TIME * 60 >= time()) {
$_SESSION['mn_user_time'] = time();
setcookie('mn_logged', true, time() + 60 * 60 * (MAX_LOGGED_TIME - 5), '/', $_SERVER['SERVER_NAME']);
return true;
} elseif (isset($_COOKIE['mn_user_name']) && isset($_COOKIE['mn_user_hash']) && $conf['users_perm_login']) {
permanent_login();
} else {
@session_destroy();
header('Location: ./mn-login.php?back=auto-loggedout');
exit;
}
} elseif (isset($_COOKIE['mn_user_name']) && isset($_COOKIE['mn_user_hash']) && $conf['users_perm_login']) {
permanent_login();
} else {
@session_destroy();
header('Location: ./mn-login.php');
exit;
}
}
