function process_new_login($logintype, $cookieuser, $cssprefs) { global $vbulletin; $lang_info = array( 'lang_locale' => $vbulletin->userinfo['lang_locale'], 'lang_charset' => $vbulletin->userinfo['lang_charset'] ); $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "session WHERE sessionhash = '" . $vbulletin->db->escape_string($vbulletin->session->vars['dbsessionhash']) . "'"); if ($vbulletin->session->created == true AND $vbulletin->session->vars['userid'] == 0) { // if we just created a session on this page, there's no reason not to use it $newsession =& $vbulletin->session; } else { $newsession = new vB_Session($vbulletin, '', $vbulletin->userinfo['userid'], '', $vbulletin->session->vars['styleid'], $vbulletin->session->vars['languageid']); } $newsession->set('userid', $vbulletin->userinfo['userid']); $newsession->set('loggedin', 1); if ($logintype == 'cplogin') { $newsession->set('bypass', 1); } else { $newsession->set('bypass', 0); } $newsession->set_session_visibility(($vbulletin->superglobal_size['_COOKIE'] > 0)); $newsession->fetch_userinfo(); $vbulletin->session =& $newsession; $vbulletin->userinfo = $newsession->userinfo; $vbulletin->userinfo['lang_locale'] = $lang_info['lang_locale']; $vbulletin->userinfo['lang_charset'] = $lang_info['lang_charset']; // admin control panel or upgrade script login if ($logintype === 'cplogin') { $permissions = cache_permissions($vbulletin->userinfo, false); $vbulletin->userinfo['permissions'] =& $permissions; if ($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) { if ($cssprefs != '') { $admininfo = $vbulletin->db->query_first_slave("SELECT * FROM " . TABLE_PREFIX . "administrator WHERE userid = " . $vbulletin->userinfo['userid']); if ($admininfo) { $admindm =& datamanager_init('Admin', $vbulletin, ERRTYPE_SILENT); $admindm->set_existing($admininfo); $admindm->set('cssprefs', $vbulletin->GPC['cssprefs']); $admindm->save(); } } $cpsession = $vbulletin->session->fetch_sessionhash(); /*insert query*/ $vbulletin->db->query_write("INSERT INTO " . TABLE_PREFIX . "cpsession (userid, hash, dateline) VALUES (" . $vbulletin->userinfo['userid'] . ", '" . $vbulletin->db->escape_string($cpsession) . "', " . TIMENOW . ")"); vbsetcookie('cpsession', $cpsession, false, true, true); if (!$cookieuser AND empty($vbulletin->GPC[COOKIE_PREFIX . 'userid'])) { vbsetcookie('userid', $vbulletin->userinfo['userid'], false, true, true); vbsetcookie('password', md5($vbulletin->userinfo['password'] . COOKIE_SALT), false, true, true); } } } // moderator control panel login if ($logintype === 'modcplogin') { $permissions = cache_permissions($vbulletin->userinfo, false); $vbulletin->userinfo['permissions'] =& $permissions; require_once(DIR . '/includes/functions_calendar.php'); if (can_moderate() OR can_moderate_calendar()) { $cpsession = $vbulletin->session->fetch_sessionhash(); /*insert query*/ $vbulletin->db->query_write("INSERT INTO " . TABLE_PREFIX . "cpsession (userid, hash, dateline) VALUES (" . $vbulletin->userinfo['userid'] . ", '" . $vbulletin->db->escape_string($cpsession) . "', " . TIMENOW . ")"); vbsetcookie('cpsession', $cpsession, false, true, true); if (!$cookieuser AND empty($vbulletin->GPC[COOKIE_PREFIX . 'userid'])) { vbsetcookie('userid', $vbulletin->userinfo['userid'], false, true, true); vbsetcookie('password', md5($vbulletin->userinfo['password'] . COOKIE_SALT), false, true, true); } } } ($hook = vBulletinHook::fetch_hook('login_process')) ? eval($hook) : false; }
/** * Constructor - Checks for necessity of registry object * * Note that this method will accept only the $errtype parameter (via some magic checking of the parameters) * and this is the preferred way of calling the datamanager functions. The registry object is deprecated * and will be created internally for those managers that still need it. * * @param vB_Registry $registry -- Instance of the vBulletin data registry object - expected to have the * database object as one of its $this->db member. * @param integer $errtype --One of the ERRTYPE_x constants */ public function __construct($registry = NULL, $errtype = NULL) { if (is_object($registry)) { $this->registry =& $registry; } else { if ($this->needRegistry) { $this->registry = vB::get_registry(); } } if (is_int($registry) and $errtype === NULL) { //This allows us to function as either vb3/4 style with $vbulletin, // or vb5-style with no global variables $errtype = $registry; } else { if ($errtype === NULL) { $errtype = vB_DataManager_Constants::ERRTYPE_STANDARD; } } $this->assertor = vB::getDbAssertor(); $this->session = vB::getCurrentSession(); $this->userinfo = $this->session->fetch_userinfo(); $this->datastore = vB::getDatastore(); $this->options = $this->datastore->get_value('options'); $this->setErrorHandler($errtype); if (is_array($this->bitfields)) { foreach ($this->bitfields as $key => $val) { //set this to bitfields array directly and unset if bad. if we try to set this to a interim //variable we end up getting the references crossed so that every element of the array is //the same as the last value loaded (this is a bit of a problem). We could not use references //but I'd like to avoid copying static arrays more than I need to. $this->bitfields["{$key}"] = $this->datastore->get_value($val); if (!$this->bitfields["{$key}"]) { unset($this->bitfields["{$key}"]); trigger_error("Please check the <em>\$bitfields</em> array in the <strong>" . get_class($this) . "</strong> class definition - <em>\$vbulletin->{$val}</em> is not a valid bitfield.<br />", E_USER_ERROR); } } } /* Legacy Hook $this->hook_start Removed */ }
/** * * @param vB_Session $session */ public static function setCurrentSession(vB_Session $session) { if (self::$currentSession !== null) { //if we are changing to a new user, let's reload the permissions. It may be slower, but it should //be safer and shouldn't be that common. unset(self::$usercontexts[$session->get('userid')]); } self::$currentSession =& $session; // this should be the ONLY way of setting $vbulletin->session and $vbulletin->userinfo attributes // old code may set attributes inside session and userinfo, but as we have references the session object should be updated as well $vbulletin =& self::get_registry(); $vbulletin->session =& $session; $vbulletin->userinfo =& $session->fetch_userinfo(); }