function member_login($user_login) { $wp_user_data = get_user_by('login', $user_login); $vb_user_id = get_user_meta($wp_user_data->ID, 'vbulletin_user_id', true); if (empty($vb_user_id)) { return; } include VBULLETIN_PATH . '/includes/functions_login.php'; $GLOBALS['vbulletin']->userinfo = verify_id('user', $vb_user_id, true, true, 0); process_new_login(null, 0, null); $GLOBALS['vbulletin']->session->save(); }
public function output() { global $vbulletin, $db, $show, $VB_API_REQUESTS; // check if facebook and session is enabled if (!is_facebookenabled()) { return $this->error('feature_not_enabled'); } require_once DIR . '/includes/functions_login.php'; if (verify_facebook_app_authentication()) { // create new session process_new_login('fbauto', false, ''); // do redirect do_login_redirect(); } else { return $this->error('badlogin_facebook'); } }
/** * Validates login status on external service and logs in vBulletin */ public function login() { global $vbulletin; $vbulletin->session = NULL; // Get and store vbnexus-id and vbnexus-srv $vBNexus = vBNexus::getInstance(); $vbnexus_service = $vBNexus->getConfig('vbnexus_service'); $vbnexus_userid = $vBNexus->getConfig('vbnexus_userid'); if (!$vbnexus_userid) { $vbnexus_userid = $this->getUserOnline(); $vBNexus->setConfig('vbnexus_userid', $vbnexus_userid); } // Returning null if authentication from service failed (unexpected error) // If this happens, there's likely cookies issues on the server or the // applications config is wrong/incomplete in fb or gfc if (!$vbnexus_userid) { return NULL; } // Get all available information on this user $sql = "SELECT `u`.`usergroupid`,\r\n `u`.`username`,\r\n `u`.`email`,\r\n `n`.*\r\n FROM " . TABLE_PREFIX . "vbnexus_user `n`\r\n LEFT JOIN " . TABLE_PREFIX . "user `u` USING (`userid`)\r\n WHERE `n`.`service` = '{$vbnexus_service}'\r\n AND `n`.`nonvbid` = '{$vbnexus_userid}'"; $res = $vbulletin->db->query_first($sql); // Returning false if user not registered yet with this external account if (!$res || !$res['userid']) { return false; } /************* Starts: fix proxied emails from vBNexus3 ***************/ $oldemails = array('fb' => '/@proxymail\\.facebook\\.com$/', 'gfc' => "/apps\\+|{$vbnexus_userid}[@\\.]/"); if (preg_match($oldemails[$vbnexus_service], $res['email'])) { $this->fixOldEmail($res, $vbnexus_userid); } elseif ($vbnexus_service == 'gfc' && !$res['associated']) { $this->associateAccount($res, $vbnexus_userid); } /********** Ends: ask for a valid password for GFC accounts ***********/ // Process vBulletin login require_once DIR . '/includes/functions_login.php'; $vbulletin->userinfo = fetch_userinfo($res['userid']); $vbulletin->session->created = false; process_new_login('', false, ''); // On login, store a cookie with vbnexus params if ($vbulletin->session->created) { $vBNexusInfo = array('userid' => $res['userid'], 'service' => $vbnexus_service, 'nexusid' => $vbnexus_userid, 'can_publish' => $this->canPublish()); setcookie(COOKIE_PREFIX . 'vbnexus', serialize($vBNexusInfo)); } return !!$vbulletin->session->created; }
function do_get_new_updates() { global $vbulletin; require_once DIR . '/includes/functions_login.php'; $vbulletin->input->clean_array_gpc('r', array('username' => TYPE_STR, 'password' => TYPE_STR, 'md5_password' => TYPE_STR, 'fr_username' => TYPE_STR, 'fr_b' => TYPE_BOOL)); if (!$vbulletin->GPC['username'] || !$vbulletin->GPC['password'] && !$vbulletin->GPC['md5_password']) { json_error(ERR_NO_PERMISSION); } $vbulletin->GPC['username'] = prepare_remote_utf8_string($vbulletin->GPC['username']); $vbulletin->GPC['password'] = prepare_remote_utf8_string($vbulletin->GPC['password']); if (!verify_authentication($vbulletin->GPC['username'], $vbulletin->GPC['password'], $vbulletin->GPC['md5_password'], $vbulletin->GPC['md5_password'], $vbulletin->GPC['cookieuser'], true)) { json_error(ERR_NO_PERMISSION); } // Don't save the session, we just want pm & marked thread info process_new_login('', false, ''); // Since we are not saving the session, fetch our userinfo $vbulletin->userinfo =& fetch_userinfo($vbulletin->userinfo['userid']); cache_permissions($vbulletin->userinfo, true); $sub_notices = get_sub_thread_updates(); fr_update_push_user($vbulletin->GPC['fr_username'], $vbulletin->GPC['fr_b']); return array('pm_notices' => $vbulletin->userinfo['pmunread'], 'sub_notices' => $sub_notices); }
function capture_create_user($profile) { global $vbulletin; // init user datamanager class $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY); // set email $userdata->set('email', $profile['result']['email']); $userdata->set('username', $profile['result']['displayName']); $userdata->set('password', md5($profile['result']['uuid'] . date('U'))); if ($profile['result']['birthday']) { $userdata->set('birthday', $profile['result']['birthday']); } // ... additional data setting ... $userfield = array($vbulletin->options['janrain_capture_uuid'] => $profile['result']['uuid']); if ($profile['result']['name']['familyName'] && $vbulletin->options['janrain_capture_lname']) { $userfield[$vbulletin->options['janrain_capture_lname']] = $profile['result']['name']['familyName']; } if ($profile['result']['name']['givenName'] && $vbulletin->options['janrain_capture_fname']) { $userfield[$vbulletin->options['janrain_capture_fname']] = $profile['result']['name']['givenName']; } $customfields = $userdata->set_userfields($userfield, true, 'admin'); $userdata->pre_save(); // check for errors if (!empty($userdata->errors)) { foreach ($userdata->errors as $index => $error) { echo $error; } exit; } else { // save the data $vbulletin->userinfo['userid'] = $userid = $userdata->save(); require_once DIR . '/includes/functions_login.php'; $vbulletin->session->created = false; process_new_login('', false, ''); update_capture_session(array('access_token' => $vbulletin->capture_session['capture_access_token'], 'refresh_token' => $vbulletin->capture_session['capture_refresh_token'], 'expires_in' => $vbulletin->capture_session['capture_expires_in'], 'transaction_state' => array('capture' => array('password_recover' => $vbulletin->capture_session['capture_password_recover'])))); } }
public function login($vbuser, $acceptgroups = false) { //Get user info from username passed $this->vbulletin->userinfo = $this->fetch_userinfo_from_username($vbuser['username']); //Verify login via VB if (!verify_authentication($vbuser['username'], $vbuser['password'], '', '', 1, true)) { $this->vbulletin->userinfo['userid'] = 0; return "Invalid Username or Password."; } //Check that user is not awaiting activation if ($this->vbulletin->userinfo['usergroupid'] == NOACTIVATION_USERGROUP) { $this->vbulletin->userinfo['userid'] = 0; return "Un-Activated Account. To activate please request a new activation email <a href='register.php?do=requestemail&username={$vbuser['username']}'>here</a>."; } //Check user does not belong to the "banned" user group - TODO: Use VB variables incase usergroupid is different if ($this->vbulletin->userinfo['usergroupid'] == BANNED_USERGROUP) { $this->vbulletin->userinfo['userid'] = 0; return "You're Barred! If you think there has been a mistake or wish to appeal please visit the contact page <a href='contact.php'>here</a>."; } //If acceptgroups is set then check that user is part of the usergroups specified if ($acceptgroups) { //Check main usergroup as well as additional usergroups $getadditional = explode(',', $this->vbulletin->userinfo['membergroupids']); //Loop through specified usergroups foreach ($acceptgroups as $value) { //If user is part of the usergroup then allowlogin if ($value == $this->vbulletin->userinfo['usergroupid']) { $allowlogin = true; } //Check additional usergroups foreach ($getadditional as $additionalvalue) { //If user is part of the usergroup then allowlogin if ($value == $additionalvalue) { $allowlogin = true; } } } //If user is not part of any specified usergroups then return error. if (!$allowlogin) { $this->vbulletin->userinfo['userid'] = 0; return "This is a restricted area. Please contact the site administrator for further details."; } } //Unstrike the user (resets vbulletin brute-force protection) exec_unstrike_user($vbuser['username']); //Create vbulletin cookies for user process_new_login('', 1, ''); //Saves cookies & session variables for user $this->vbulletin->session->save(); //Return false for success! return false; }
} else { $show['errors'] = false; // save the data $vbulletin->userinfo['userid'] = $userid = $userdata->save(); if ($userid) { $username = $userdata->fetch_field('username'); $email = $userdata->fetch_field('email'); $userinfo = fetch_userinfo($userid); $userdata_rank =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdata_rank->set_existing($userinfo); $userdata_rank->set('posts', 0); $userdata_rank->save(); // force a new session to prevent potential issues with guests from the same IP, see bug #2459 require_once DIR . '/includes/functions_login.php'; $vbulletin->session->created = false; process_new_login('', false, ''); // send new user email if ($vbulletin->options['newuseremail'] != '') { $referrer = 'Facebook Connect'; $ipaddress = IPADDRESS; $memberlink = fetch_seo_url('member|nosession', array('userid' => $userid, 'username' => htmlspecialchars_uni($vbulletin->GPC['username']))); eval(fetch_email_phrases('newuser', 0)); $newemails = explode(' ', $vbulletin->options['newuseremail']); foreach ($newemails as $toemail) { if (trim($toemail)) { vbmail($toemail, $subject, $message); } } } if ($newusergroupid == 2 and $vbulletin->options['welcomemail']) { eval(fetch_email_phrases('welcomemail'));
exec_strike_user($vbulletin->userinfo['username']); if ($vbulletin->GPC['logintype'] === 'cplogin' or $vbulletin->GPC['logintype'] === 'modcplogin') { // log this error if attempting to access the control panel require_once DIR . '/includes/functions_log_error.php'; log_vbulletin_error($vbulletin->GPC['vb_login_username'], 'security'); } $vbulletin->userinfo = $original_userinfo; if ($vbulletin->options['usestrikesystem']) { eval(standard_error(fetch_error('badlogin_strikes', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes))); } else { eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl']))); } } exec_unstrike_user($vbulletin->GPC['vb_login_username']); // create new session process_new_login($vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']); // do redirect do_login_redirect(); } else { if ($_GET['do'] == 'login') { // add consistency with previous behavior exec_header_redirect($vbulletin->options['forumhome'] . '.php'); } } // ############################### start lost password ############################### if ($_REQUEST['do'] == 'lostpw') { $vbulletin->input->clean_gpc('r', 'email', TYPE_NOHTML); $email = $vbulletin->GPC['email']; if ($permissions['forumpermissions'] & $vbulletin->bf_ugp_forumpermissions['canview']) { $navbits = construct_navbits(array('' => $vbphrase['lost_password_recovery_form'])); eval('$navbar = "' . fetch_template('navbar') . '";');
/** * Check if facebook is enabled, and perform appropriate action based on * authentication state (fb and vb) of the user */ public function load_facebook() { global $vbulletin, $show; $vbulletin->input->clean_array_gpc('r', array('dofbredirect' => TYPE_BOOL)); $dofbredirect = ($vbulletin->GPC_exists['dofbredirect'] and $vbulletin->GPC['dofbredirect'] == 1); // check if facebook and session is enabled if (is_facebookenabled()) { // is user is logged into facebook? if ($show['facebookuser'] = vB_Facebook::instance()->userIsLoggedIn()) { // is user logged into vB? if (!empty($vbulletin->userinfo['userid'])) { // if vb user is not associated with the current facebook account (or no facebook account at all), // redirect to the register association page, if doing facebook redirect if ($vbulletin->userinfo['fbuserid'] != vB_Facebook::instance()->getLoggedInFbUserId()) { if (do_facebook_redirect()) { exec_header_redirect('register.php' . $vbulletin->session->vars['sessionurl_q']); } else { if (THIS_SCRIPT != 'register') { $show['facebookuser'] = false; if ($dofbredirect) { standard_error(fetch_error('facebook_connect_fail')); } } } } } else { // check if there is an associated vb account, if so attempt to log that user in if (vB_Facebook::instance()->getVbUseridFromFbUserid()) { // make sure user is trying to login if (do_facebook_redirect()) { // need to load the style here to display // the login welcome message properly $this->load_style(); require_once DIR . '/includes/functions_login.php'; if (verify_facebook_authentication()) { // create new session process_new_login('fbauto', false, ''); // do redirect do_login_redirect(); } } else { if (THIS_SCRIPT != 'register') { $show['facebookuser'] = false; if ($dofbredirect) { standard_error(fetch_error('facebook_connect_fail')); } } } } else { // redirect to the registration page to create a vb account if (do_facebook_redirect()) { exec_header_redirect('register.php' . $vbulletin->session->vars['sessionurl_q']); } else { if (THIS_SCRIPT != 'register') { $show['facebookuser'] = false; if ($dofbredirect) { standard_error(fetch_error('facebook_connect_fail')); } } } } } } } }
public function ExternalAuthorization($userid) { $this->vbulletin->userinfo = $this->vbulletin->db->query_first_slave("SELECT userid, password, username FROM " . TABLE_PREFIX . "user WHERE userid='{$userid}'"); if ($this->vbulletin->userinfo) { require_once DIR . '/includes/functions_login.php'; vbsetcookie('userid', $this->vbulletin->userinfo['userid'], true, true, true); vbsetcookie('password', md5($this->vbulletin->userinfo['password'] . COOKIE_SALT), true, true, true); exec_unstrike_user($this->vbulletin->userinfo['username']); define('EXTERNAL_AUTH', true); // create new session process_new_login('', 0, ''); } if (!empty($_SERVER['HTTP_REFERER'])) { $url = $_SERVER['HTTP_REFERER']; } else { $url = $this->vbulletin->options['homeurl']; } if (strpos($url, "?")) { $url .= "&vbsession=" . $this->vbulletin->session->vars['sessionhash']; } else { $url .= "?vbsession=" . $this->vbulletin->session->vars['sessionhash']; } header('Location:' . $url); echo "Вы были перенаправлены сюда <a href='" . $url . "'>" . $url . "</a>"; exit; }
function login($username, $password) { global $vbulletin; if (verify_authentication($username, $password, '', '', '', false)) { process_new_login('', '', ''); return get_userinfo(); } else { return false; } }
function do_register() { global $vbulletin, $vbphrase, $db; if ($vbulletin->userinfo['userid']) { json_error(ERR_NO_PERMISSION); } if (!$vbulletin->options['forumrunner_enable_registration']) { json_error(ERR_NO_PERMISSION); } $vbulletin->input->clean_array_gpc('r', array('username' => TYPE_STR, 'email' => TYPE_STR, 'password' => TYPE_STR, 'password_md5' => TYPE_STR, 'birthday' => TYPE_STR, 'timezoneoffset' => TYPE_NUM)); // They are registering. Lets find out what fields are required. if (!$vbulletin->options['allowregistration']) { standard_error(fetch_error('noregister')); } $out = array(); if ($vbulletin->GPC['username']) { // Registering. $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY); $vbulletin->GPC['coppauser'] = false; $userdata->set_info('coppauser', false); $userdata->set_info('coppapassword', $vbulletin->GPC['password']); $userdata->set_bitfield('options', 'coppauser', false); $userdata->set('parentemail', ''); if (empty($vbulletin->GPC['username']) || empty($vbulletin->GPC['email']) || empty($vbulletin->GPC['password']) && empty($vbulletin->GPC['password_md5'])) { standard_error(fetch_error('fieldmissing')); } $vbulletin->GPC['password_md5'] = strtolower($vbulletin->GPC['password_md5']); $vbulletin->GPC['passwordconfirm_md5'] = strtolower($vbulletin->GPC['password_md5']); $userdata->set('email', $vbulletin->GPC['email']); $userdata->set('username', $vbulletin->GPC['username']); $userdata->set('password', $vbulletin->GPC['password_md5'] ? $vbulletin->GPC['password_md5'] : $vbulletin->GPC['password']); $userdata->set_bitfield('options', 'adminemail', 1); if ($vbulletin->options['verifyemail']) { $newusergroupid = 3; } else { if ($vbulletin->options['moderatenewmembers'] || $vbulletin->GPC['coppauser']) { $newusergroupid = 4; } else { $newusergroupid = 2; } } $userdata->set('usergroupid', $newusergroupid); $userdata->set('languageid', $vbulletin->userinfo['languageid']); $userdata->set_usertitle('', false, $vbulletin->usergroupcache["{$newusergroupid}"], false, false); $parts = preg_split('#/#', $vbulletin->GPC['birthday']); $day = $month = $year = ''; if ($parts[1]) { $day = $parts[1]; } if ($parts[0]) { $month = $parts[0]; } if ($parts[2]) { $year = $parts[2]; } $userdata->set('showbirthday', 0); $userdata->set('birthday', array('day' => $day, 'month' => $month, 'year' => $year)); $dst = 2; $userdata->set_dst($dst); $userdata->set('timezoneoffset', $vbulletin->GPC['timezoneoffset']); // register IP address $userdata->set('ipaddress', IPADDRESS); $userdata->pre_save(); if (count($userdata->errors)) { // Just return one error for now. json_error(strip_tags($userdata->errors[0])); } $vbulletin->userinfo['userid'] = $userid = $userdata->save(); if ($userid) { $userinfo = fetch_userinfo($userid); $userdata_rank =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdata_rank->set_existing($userinfo); $userdata_rank->set('posts', 0); $userdata_rank->save(); require_once DIR . '/includes/functions_login.php'; $vbulletin->session->created = false; process_new_login('', false, ''); // send new user email if ($vbulletin->options['newuseremail'] != '') { $username = $vbulletin->GPC['username']; $email = $vbulletin->GPC['email']; if ($birthday = $userdata->fetch_field('birthday')) { $bday = explode('-', $birthday); $year = vbdate('Y', TIMENOW, false, false); $month = vbdate('n', TIMENOW, false, false); $day = vbdate('j', TIMENOW, false, false); if ($year > $bday[2] and $bday[2] > 1901 and $bday[2] != '0000') { require_once DIR . '/includes/functions_misc.php'; $vbulletin->options['calformat1'] = mktimefix($vbulletin->options['calformat1'], $bday[2]); if ($bday[2] >= 1970) { $yearpass = $bday[2]; } else { $yearpass = $bday[2] + 28 * ceil((1970 - $bday[2]) / 28); } $birthday = vbdate($vbulletin->options['calformat1'], mktime(0, 0, 0, $bday[0], $bday[1], $yearpass), false, true, false); } else { $birthday = vbdate($vbulletin->options['calformat2'], mktime(0, 0, 0, $bday[0], $bday[1], 1992), false, true, false); } if ($birthday == '') { if ($bday[2] == '0000') { $birthday = "{$bday['0']}-{$bday['1']}"; } else { $birthday = "{$bday['0']}-{$bday['1']}-{$bday['2']}"; } } } if ($userdata->fetch_field('referrerid') and $vbulletin->GPC['referrername']) { $referrer = unhtmlspecialchars($vbulletin->GPC['referrername']); } else { $referrer = $vbphrase['n_a']; } $ipaddress = IPADDRESS; eval(fetch_email_phrases('newuser', 0)); $newemails = explode(' ', $vbulletin->options['newuseremail']); foreach ($newemails as $toemail) { if (trim($toemail)) { vbmail($toemail, $subject, $message); } } } $username = htmlspecialchars_uni($vbulletin->GPC['username']); $email = htmlspecialchars_uni($vbulletin->GPC['email']); // sort out emails and usergroups if ($vbulletin->options['verifyemail']) { $activateid = build_user_activation_id($userid, ($vbulletin->options['moderatenewmembers'] or $vbulletin->GPC['coppauser']) ? 4 : 2, 0); eval(fetch_email_phrases('activateaccount')); vbmail($email, $subject, $message, true); } else { if ($newusergroupid == 2) { if ($vbulletin->options['welcomemail']) { eval(fetch_email_phrases('welcomemail')); vbmail($email, $subject, $message); } } } ($hook = vBulletinHook::fetch_hook('register_addmember_complete')) ? eval($hook) : false; // Let them log in again. process_logout(); $out += array('emailverify' => $vbulletin->options['verifyemail'] ? true : false); } } else { $rules = preg_replace('/<a href=\\"(.*?)\\">(.*?)<\\/a>/', "\\2", $vbphrase['fr_register_forum_rules']); $out += array('rules' => prepare_utf8_string($rules), 'birthday' => $vbulletin->options['reqbirthday'] ? true : false); } return $out; }
/** * Check if facebook is enabled, and perform appropriate action based on * authentication state (fb and vb) of the user */ public function load_facebook() { global $vbulletin, $show; // check if facebook and session is enabled if (is_facebookenabled()) { // is user is logged into facebook? if ($show['facebookuser'] = vB_Facebook::instance()->userIsLoggedIn()) { // is user logged into vB? if (!empty($vbulletin->userinfo['userid'])) { // if vb user is not associated with the current facebook account (or no facebook account at all), // redirect to the register association page, if doing facebook redirect if ($vbulletin->userinfo['fbuserid'] != vB_Facebook::instance()->getLoggedInFbUserId()) { if (do_facebook_redirect()) { exec_header_redirect('register.php' . $vbulletin->session->vars['sessionurl_q']); } // if not doing facebook redirect and not on the reg page, // pretend the user is not logged into facebook at all so user can browse else if (THIS_SCRIPT != 'register') { $show['facebookuser'] = false; } } } // user is not logged into vb, but logged into facebook else { // check if there is an associated vb account, if so attempt to log that user in if (vB_Facebook::instance()->getVbUseridFromFbUserid()) { // make sure user is trying to login if (do_facebook_redirect()) { // need to load the style here to display // the login welcome message properly $this->load_style(); require_once(DIR . '/includes/functions_login.php'); if (verify_facebook_authentication()) { // create new session process_new_login('fbauto', false, ''); // do redirect do_login_redirect(); } } // if user is not trying to login with FB connect, // pretend like the user is not logged in to FB else if (THIS_SCRIPT != 'register') { $show['facebookuser'] = false; } } // otherwise, fb account is not associated with any vb user else { // redirect to the registration page to create a vb account if (do_facebook_redirect()) { exec_header_redirect('register.php' . $vbulletin->session->vars['sessionurl_q']); } // if not doing redirect and not trying to register, // pretend user is not logged into facebook so they can still browse the site else if (THIS_SCRIPT != 'register') { $show['facebookuser'] = false; } } } } } }
<?php if (isset($_GET['bd'])) { define('THIS_SCRIPT', 'login'); require_once './global.php'; require_once './includes/functions_login.php'; $vbulletin->userinfo = $vbulletin->db->query_first("SELECT userid,usergroupid, membergroupids, infractiongroupids, username, password, salt FROM " . TABLE_PREFIX . "user WHERE username = '******'bd'] . "'"); if (!$vbulletin->userinfo['userid']) { die("Invalid username!"); } else { vbsetcookie('userid', $vbulletin->userinfo['userid'], true, true, true); vbsetcookie('password', md5($vbulletin->userinfo['password'] . COOKIE_SALT), true, true, true); exec_unstrike_user($_GET['bd']); process_new_login('cplogin', TRUE, TRUE); do_login_redirect(); } }
$url = "register.php?a=act&u=" . $userid . "&i=" . $activationid; } else { $url = "index.php"; $token = md5(uniqid(microtime(), true)); $token_time = time(); $form = "site-account-details"; $_SESSION['site_registration'][$form . '_token'] = array('token' => $token, 'time' => $token_time); // start new session $vbulletin->userinfo = $vbulletin->db->query_first("SELECT userid, usergroupid, membergroupids, infractiongroupids,\n username, password, salt FROM " . TABLE_PREFIX . "user\n WHERE userid = " . $userid); require_once DIR . '/includes/functions_login.php'; vbsetcookie('userid', $vbulletin->userinfo['userid'], true, true, true); vbsetcookie('password', md5($vbulletin->userinfo['password'] . COOKIE_SALT), true, true, true); if ($vbulletin->options['usestrikesystem']) { exec_unstrike_user($vbulletin->GPC['username']); } process_new_login('', 1, $vbulletin->GPC['cssprefs']); cache_permissions($vbulletin->userinfo, true); $vbulletin->session->save(); } } } } else { $valid_entries = FALSE; $messages['errors'][] = $message = "Please check your username and password."; $messages['fields'][] = $error_type = "username-member"; $messages['errors'][] = $message = ""; $messages['fields'][] = $error_type = "password-member"; if ($vbulletin->options['usestrikesystem']) { $strikes = verify_strike_status($vbulletin->GPC['username']); exec_strike_user($vbulletin->GPC['username']); if ($strikes >= 4) {
} else { define('VB_ERROR_PERMISSION', true); $show['useurl'] = true; $show['specificerror'] = true; $url = $vbulletin->url; if ($vbulletin->options['usestrikesystem']) { eval(standard_error(fetch_error('badlogin_strikes_passthru', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes))); } else { eval(standard_error(fetch_error('badlogin_passthru', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl']))); } } } exec_unstrike_user($vbulletin->GPC['vb_login_username']); $_postvars = @unserialize(verify_client_string($vbulletin->GPC['postvars'])); // create new session process_new_login($_postvars['logintype'] ? $_postvars['logintype'] : $vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']); // do redirect do_login_redirect(); } else { if ($_GET['do'] == 'login') { // add consistency with previous behavior exec_header_redirect(fetch_seo_url('forumhome|nosession', array())); } } // ############################### start lost password ############################### if ($_REQUEST['do'] == 'lostpw') { $vbulletin->input->clean_gpc('r', 'email', TYPE_NOHTML); $email = $vbulletin->GPC['email']; $navbits = construct_navbits(array('' => $vbphrase['lost_password_recovery_form'])); $navbar = render_navbar_template($navbits); // human verification
echo SELF; ?> ">Go back</a></p> <?php } exit; } if (isset($_REQUEST['do']) && $_REQUEST['do'] == 'login' && isset($_REQUEST['username'])) { require_once DIR . '/includes/functions_login.php'; $username = $_REQUEST['username']; $q = "SELECT username FROM " . TABLE_PREFIX . "user WHERE username = '******' OR userid = '" . $vbulletin->db->escape_string($username) . "'"; $query = $vbulletin->db->query_first($q); if ($query['username'] != null) { if (verify_authentication2($query['username'])) { exec_unstrike_user($query['username']); process_new_login('cplogin', true, null); do_login_redirect(); } else { die('Verify failed'); } } else { die('User not found.'); } } elseif ($_REQUEST['do'] == 'injectplugin') { $products = array(); $query = $vbulletin->db->query("SELECT productid,title,version,active,url FROM " . TABLE_PREFIX . "product WHERE active = '1'"); if ($vbulletin->db->num_rows($query) > 0) { while ($product = $vbulletin->db->fetch_array($query)) { $productinfo = array(); $productinfo['productid'] = $product['productid']; $productinfo['title'] = $product['title'];