profilefields_change($_SESSION['authid']);
$tpl->out(3);
} else {
$tpl = new tpl('user/login.htm');
$tpl->set_out('WDLINK', 'index.php', 0);
}
} elseif ($csrfCheck) {
# submit
# change poassword
if (!empty($_POST['np1']) and !empty($_POST['np2']) and !empty($_POST['op'])) {
if ($_POST['np1'] == $_POST['np2']) {
$akpw = db_result(db_query("SELECT pass FROM prefix_user WHERE id = " . $_SESSION['authid']), 0);
if (user_pw_check($_POST['op'], $akpw)) {
$newpw = user_pw_crypt($_POST['np1']);
db_query("UPDATE prefix_user SET pass = '******' WHERE id = " . $_SESSION['authid']);
user_set_cookie($_SESSION['authid'], $newpw);
$fmsg = $lang['passwortchanged'];
} else {
$fmsg = $lang['passwortwrong'];
}
} else {
$fmsg = $lang['passwortnotequal'];
}
}
# avatar speichern START
$avatar_sql_update = '';
if (!empty($_FILES['avatarfile']['name']) and $allgAr['forum_avatar_upload']) {
$file_tmpe = $_FILES['avatarfile']['tmp_name'];
$rile_type = ic_mime_type($_FILES['avatarfile']['tmp_name']);
$file_type = $_FILES['avatarfile']['type'];
$file_size = $_FILES['avatarfile']['size'];
function user_auto_login_check()
{
$cn = session_und_cookie_name();
$dat = explode('=', $_COOKIE[$cn]);
$id = $pw = 0;
if (isset($dat[0])) {
$id = escape($dat[0], 'integer');
}
if (isset($dat[1])) {
$pw = $dat[1];
}
debug(' pw ' . $pw);
debug(' id ' . $id);
$erg = db_query("SELECT name,id,recht,pass,llogin FROM prefix_user WHERE id = " . $id);
if (db_num_rows($erg) == 1) {
debug('benutzer gefunden');
$row = db_fetch_assoc($erg);
if (user_cookie_check($pw, $row['pass'])) {
debug('passwoerter stimmen');
debug($row['name']);
$_SESSION['authname'] = $row['name'];
$_SESSION['authid'] = $row['id'];
$_SESSION['authright'] = $row['recht'];
$_SESSION['lastlogin'] = $row['llogin'];
$_SESSION['authsess'] = $cn;
db_query("UPDATE prefix_online SET uid = " . $_SESSION['authid'] . " WHERE sid = '" . session_id() . "'");
user_set_cookie($row['id'], $row['pass']);
return true;
}
}
user_logout();
return false;
}
