function check_login() { global $PHP_SELF, $PHORUM, $q, $DB; $success = false; if (isset($_GET["logout"])) { setcookie("phorum_admin_session", ""); $success = true; header("Location: {$PHP_SELF}"); exit; } if (isset($_COOKIE["phorum_admin_session"])) { $SQL = "Select * from {$PHORUM['auth_table']} where sess_id='{$_COOKIE['phorum_admin_session']}'"; $q->query($DB, $SQL); $PHORUM["admin_user"] = $q->getrow(); if ($PHORUM["admin_user"]["id"]) { $SQL = "Select forum_id from {$PHORUM['mod_table']} where user_id=" . $PHORUM["admin_user"]["id"]; $q->query($DB, $SQL); while ($rec = $q->getrow()) { $PHORUM["admin_user"]["forums"][$rec["forum_id"]] = true; } if (is_array($PHORUM["admin_user"]["forums"])) { $success = true; } } } if (!$success && isset($_POST["login"]) && isset($_POST["passwd"])) { $id = phorum_check_login($_POST['login'], $_POST["passwd"]); if ($id) { $sess_id = phorum_session_id($_POST['login'], $_POST["passwd"]); setcookie("phorum_admin_session", "{$sess_id}"); phorum_login_user($sess_id, $id); header("Location: {$PHP_SELF}"); exit; } } if (!$success) { $SQL = "select user_id from {$PHORUM['mod_table']} where forum_id=0 limit 1"; $q->query($DB, $SQL); if ($q->numrows() > 0) { show_login(); exit; } else { // create temporary user $PHORUM["admin_user"]["name"] = "Temporary User"; $PHORUM["admin_user"]["forums"][0] = true; } } }
} else { $target = "{$forum_url}/{$forum_page}.{$ext}"; } } initvar("phorum_auth"); // $target=str_replace("phorum_auth=$phorum_auth", '', $target); if (isset($logout)) { $SQL = "update {$pho_main}" . "_auth set sess_id='' where sess_id='{$phorum_auth}'"; $q->query($DB, $SQL); unset($phorum_auth); SetCookie("phorum_auth", ''); header("Location: {$target}"); exit; } if (empty($forgotpass) && !empty($username) && !empty($password)) { $uid = phorum_check_login($username, $password); if ($uid) { $sess_id = phorum_session_id($_POST['username'], $_POST["password"]); phorum_login_user($sess_id, $uid); if (!strstr($target, "?")) { $target .= "?f=0{$GetVars}"; } else { $target .= "{$GetVars}"; } header("Location: {$target}"); exit; } else { $Error = $lLoginError; } } if (basename($PHP_SELF) == "login.{$ext}") {