Esempio n. 1
0
 function check_session()
 {
     if (!@$_COOKIE[cfg('auth_int_cookie_name')]) {
         return false;
     }
     $cd = explode(':', @base64_decode($_COOKIE[cfg('auth_int_cookie_name')]));
     if (!@$cd[0] || !@$cd[1]) {
         return false;
     }
     $uid = intval($cd[0]);
     $kid = base64_decode($cd[1]);
     # Check session...
     $data = ldb_select('user', '*', '`id`=\'' . $uid . '\' AND `login_key`=\'' . md5($kid) . '\' LIMIT 1');
     if (!$data) {
         return false;
     }
     # Login ok!
     $data = $data[0];
     # Check status
     if ($data['status'] != 'ACTIVE') {
         return false;
     }
     # Update DB
     ldb_update_by_id('user', $data['id'], array('last_login' => time(), 'last_ip' => ip2long($_SERVER['REMOTE_ADDR'])));
     # Update cookie
     setcookie(cfg('auth_int_cookie_name'), $_COOKIE[cfg('auth_int_cookie_name')], time() + intval(cfg('auth_int_session_time')), '/', COOKIE_DOMAIN);
     # Set global user data
     $GLOBALS['user'] = array();
     $GLOBALS['user']['id'] = $data['id'];
     $GLOBALS['user']['name'] = $data['name'];
     $GLOBALS['user']['login'] = $data['mail'];
     $GLOBALS['user']['logged'] = true;
     $GLOBALS['user']['is_admin'] = @$data['is_admin'];
     $GLOBALS['user']['adm_pages'] = @$data['adm_pages'] == 'Y';
     $GLOBALS['user']['adm_users'] = @$data['adm_users'] == 'Y';
     $GLOBALS['user']['adm_faq'] = @$data['adm_faq'] == 'Y';
     $GLOBALS['user']['tmz'] = @$data['tmz'];
     $GLOBALS['user']['lk'] = md5($_COOKIE[cfg('auth_int_cookie_name')]);
     $GLOBALS['user']['max_file'] = intval(@$data['max_file']);
     $GLOBALS['user']['max_total'] = intval(@$data['max_total']);
 }
Esempio n. 2
0
 function get_final()
 {
     # Okay, remove th SID
     @unlink(ROOT_PATH . '/tmp/sid/' . md5($this->sid));
     # Check upload data
     $u_data = ldb_select_one('upload', '*', $this->sid, 'code');
     if (!$u_data || $u_data['uid'] != user('id')) {
         return core_error_404();
     }
     include_once CORE_PATH . '/ttl.php';
     $ttl = @$_POST['files_ttl'];
     if (!isset($GLOBALS['ttl'][$ttl])) {
         $ttl = $GLOBALS['ttl_def'];
     }
     $tms_del = $u_data['tms_last'] + $ttl;
     $ttl_p = @$_POST['files_ttl_prol'] ? 'Y' : 'N';
     # Update TTL
     ldb_update_by_id('upload', $u_data['id'], array('tms_delete' => $tms_del, 'ttl' => $ttl, 'prolong' => $ttl_p, 'comment' => @$_POST['files_descr']));
     ldb_query('UPDATE `upload` SET `file_count`=(SELECT COUNT(*) FROM `file` WHERE `file`.`upid`=`upload`.`id`),`file_size`=(SELECT SUM(`file_size`) FROM `file` WHERE `file`.`upid`=`upload`.`id`) WHERE `id`=' . $u_data['id']);
     # Redirect to the file control...
     @header('Location: ' . URL . '/f/' . $this->sid . '/');
 }
Esempio n. 3
0
 function edit($data)
 {
     include_once CORE_PATH . '/ttl.php';
     $ttl = @$_POST['files_ttl'];
     if (!isset($GLOBALS['ttl'][$ttl])) {
         $ttl = $GLOBALS['ttl_def'];
     }
     $db_data = array();
     if (@$_POST['files_ttl_prol']) {
         $db_data['prolong'] = 'Y';
         $db_data['tms_delete'] = $data['tms_last'] + $ttl;
     } else {
         $db_data['prolong'] = 'N';
         $db_data['tms_delete'] = $data['tms_upload'] + $ttl;
     }
     $db_data['ttl'] = $ttl;
     $db_data['comment'] = @$_POST['files_descr'];
     ldb_update_by_id('upload', $data['id'], $db_data);
     redirect_msg(URL . '/f/' . $data['code'] . '/?', lang('save_ok'));
     exit;
 }
Esempio n. 4
0
 function create_session($uid)
 {
     $data = ldb_select_one('user', '*', $uid);
     $lk = sha1(md5($_SERVER['HTTP_USER_AGENT']) . mt_rand() . md5($data['mail']) . time() . mt_rand(), true);
     $c_data = base64_encode($uid . ':' . base64_encode($lk));
     setcookie(cfg('auth_int_cookie_name'), $c_data, time() + intval(cfg('auth_int_session_time')), '/', COOKIE_DOMAIN);
     ldb_update_by_id('user', $uid, array('login_key' => md5($lk), 'last_login' => time(), 'last_ip' => $_SERVER['REMOTE_ADDR']));
 }