$step = $_POST["step"];
}
if(count($_POST)){
// THIS IS THE WORK STEP
switch ($step){
case 5:
if(!empty($_POST["admin_user"]) && !empty($_POST["admin_pass"]) && !empty($_POST["admin_pass2"]) && !empty($_POST["admin_email"])){
if($_POST["admin_pass"]!=$_POST["admin_pass2"]){
echo "The password fields do not match<br />";
$step=4;
} elseif(phorum_user_check_login($_POST["admin_user"], $_POST["admin_pass"])){
if($PHORUM["user"]["admin"]){
echo "Admin user already exists and has permissions<br />";
} else {
echo "That user already exists but does not have admin permissions<br />";
$step=4;
}
} else {
// add the user
$user = array( "username"=>$_POST["admin_user"], "password"=>$_POST["admin_pass"], "email"=>$_POST["admin_email"], "active"=>1, "admin"=>1 );
if(!phorum_user_add($user)){
echo "There was an error adding the user.<br />";
$step=4;
}
// The user wants to login.
else {
// Check if the phorum_tmp_cookie was set. If not, the user's
// browser does not support cookies.
if($PHORUM["use_cookies"] && !isset($_COOKIE["phorum_tmp_cookie"])) {
$PHORUM["use_cookies"] = false;
}
$username = trim($_POST["username"]);
$password = trim($_POST["password"]);
// Check if the login credentials are right.
if (phorum_user_check_login($username, $password)) {
// Destroy the temporary cookie.
if(isset($_COOKIE["phorum_tmp_cookie"])){
setcookie( "phorum_tmp_cookie", "", 0, $PHORUM["session_path"], $PHORUM["session_domain"] );
}
// Create an URI session id if cookies are not used..
if(!$PHORUM["use_cookies"]) {
$uri_session_id = md5($_POST['username'].microtime().$_POST['password']);
$user = array(
'user_id' => $PHORUM['user']['user_id'],
'sessid_st'=> $uri_session_id
);
phorum_user_save_simple($user);
phorum_user_create_session(PHORUM_SESSION_LONG_TERM,true,$uri_session_id);
// it under the terms of either the current Phorum License (viewable at //
// phorum.org) or the Phorum License that was distributed with this file //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY, without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. //
// //
// You should have received a copy of the Phorum License //
// along with this program. //
////////////////////////////////////////////////////////////////////////////////
// don't allow this page to be loaded directly
if(!defined("PHORUM_ADMIN")) exit();
if(isset($_POST["username"]) && isset($_POST["password"])){
if(phorum_user_check_login($_POST["username"], $_POST["password"])!=0){
if($PHORUM["user"]["admin"]){
phorum_user_create_session(PHORUM_SESSION_ADMIN);
if(!empty($_POST["target"])){
phorum_redirect_by_url($_POST['target']);
} else {
phorum_redirect_by_url($_SERVER['PHP_SELF']);
}
exit();
}
}
}
include_once "./include/admin/PhorumInputForm.php";
$frm = new PhorumInputForm ("", "post");
