if ($vbulletin->{$_COOKIE}[COOKIE_PREFIX . 'userid'] and $_COOKIE[COOKIE_PREFIX . 'userid'] != $vbulletin->userinfo['userid']) { // If there is cookie from other user, delete it vbsetcookie('userid', ''); vbsetcookie('password', ''); } } } else { FatalError("Erroneous or empty query result: " . "SELECT userid, usergroupid, membergroupids, username, password, salt FROM " . TABLE_PREFIX . "user WHERE username = '******'"); } // Create new session $vbulletin->db->query_write("DELETE FROM " . TABLE_PREFIX . "session \n\t\t\t\t\t\t\t WHERE sessionhash = '" . $vbulletin->db->escape_string($vbulletin->session->vars['dbsessionhash']) . "'"); if ($vbulletin->session->created == true and $vbulletin->session->vars['userid'] == 0) { $newsession =& $vbulletin->session; } else { $newsession =& new vB_Session($vbulletin, '', $vbulletin->userinfo['userid'], '', $vbulletin->session->vars['styleid']); } $newsession->set('userid', $vbulletin->userinfo['userid']); $newsession->set('loggedin', 1); $newsession->set('bypass', 0); // bypass = 0, because we are not logging in to the control panel $newsession->set('loggedin', 2); $newsession->set_session_visibility($vbulletin->superglobal_size['_COOKIE'] > 0); $vbulletin->session =& $newsession; $vbulletin->session->save(); $vbulletin->url = $vbulletin->options['forumhome'] . '.php' . $vbulletin->session->vars['sessionurl_q']; $phrase = $LoginMessage . ' ' . $vbulletin->userinfo['username']; if ($RedirectMethod == 'SubmitForm') { standard_redirect($phrase, 1); } else { standard_redirect($phrase, 0); }
/** * Returns eval()-able code to initiate a standard redirect * * The global variable $url should contain the URL target for the redirect * * @param mixed Name of redirect phrase, or array if constructing a phrase. * @param boolean If false, use the name of redirect phrase as the phrase text itself * @param boolean Whether or not to force a redirect message to be shown * @param integer Language ID to fetch the phrase from (-1 uses the page-wide default) * @param bool Force bypass of domain whitelist check * * @return none (the session is re-directed). */ function print_standard_redirect($redir_phrase, $isphrase = true, $forceredirect = false, $languageid = -1, $bypasswhitelist = false) { if (!VB_API) { if ($isphrase) { if (!function_exists('fetch_phrase')) { require_once DIR . '/includes/functions_misc.php'; } if (is_array($redir_phrase)) { // array element 0 is the phrase name, convert it to the phrase, and then run it through construct. $redir_phrase[0] = fetch_phrase($redir_phrase[0], 'frontredirect', 'redirect_', false, false, $languageid); $phrase = construct_phrase($redir_phrase); // Build final output. } else { $phrase = fetch_phrase($redir_phrase, 'frontredirect', 'redirect_', true, false, $languageid, false); } } else { $phrase = addslashes($redir_phrase); } } else { $phrase = $redir_phrase; } return standard_redirect($phrase, $forceredirect, $bypasswhitelist); }