function logon_perform()
{
// Check to see if the user is logging in as a guest or a normal user.
if (isset($_POST['guest_logon'])) {
// Check the Guest account is enabled.
if (!user_guest_enabled()) {
return false;
}
// Initialise Guest user session.
session::start(0);
// Generate new CSRF token
session::refresh_csrf_token();
// Update the visitor log
session::update_visitor_log(0, true);
// Success
return true;
} else {
if (isset($_POST['user_logon']) && isset($_POST['user_password'])) {
// Extract the submitted username
$user_logon = $_POST['user_logon'];
// Extract the submitted password
$user_password = $_POST['user_password'];
// Try and login the user.
if (($uid = user_logon($user_logon, $user_password)) !== false) {
// Initialise a user session.
session::start($uid);
// Generate new CSRF token
session::refresh_csrf_token();
// Update User's last forum visit
forum_update_last_visit($uid);
// Update the visitor log
session::update_visitor_log($uid, true);
// Check if we should save a token to allow auto logon,
if (isset($_POST['user_remember']) && $_POST['user_remember'] == 'Y') {
// Get a token for the entered password.
$user_token = user_generate_token($uid);
// Set a cookie with the logon and the token.
html_set_cookie('user_logon', $user_logon, time() + YEAR_IN_SECONDS);
html_set_cookie('user_token', $user_token, time() + YEAR_IN_SECONDS);
} else {
// Remove the cookie.
html_set_cookie('user_logon', '', time() - YEAR_IN_SECONDS);
html_set_cookie('user_token', '', time() - YEAR_IN_SECONDS);
}
// Success
return true;
}
}
}
// Failed
return false;
}
function logon_perform()
{
$webtag = get_webtag();
// Check to see if the user is logging in as a guest or a normal user.
if (isset($_POST['guest_logon'])) {
// Check the Guest account is enabled.
if (!user_guest_enabled()) {
return false;
}
// Initialise Guest user session.
session::create(0);
// Success
return true;
} else {
if (isset($_POST['user_logon']) && isset($_POST['user_password'])) {
// Extract the submitted username
$user_logon = $_POST['user_logon'];
// Extract the submitted password
$user_password = $_POST['user_password'];
// Try and login the user.
if ($uid = user_logon($user_logon, $user_password)) {
// Initialise a user session.
session::create($uid);
// Check if we should save a token to allow auto logon,
if (isset($_POST['user_remember']) && $_POST['user_remember'] == 'Y') {
// Get a token for the entered password.
$user_token = user_generate_token($uid);
// Set a cookie with the logon and the token.
html_set_cookie('user_logon', $user_logon, time() + YEAR_IN_SECONDS);
html_set_cookie('user_token', $user_token, time() + YEAR_IN_SECONDS);
} else {
// Remove the cookie.
html_set_cookie('user_logon', '', time() - YEAR_IN_SECONDS);
html_set_cookie('user_token', '', time() - YEAR_IN_SECONDS);
}
// Success
return true;
}
}
}
// Failed
return false;
}
public static function restore()
{
if (!($user_logon = html_get_cookie('user_logon'))) {
return false;
}
if (!($user_token = html_get_cookie('user_token'))) {
return false;
}
if (!($uid = user_logon_token($user_logon, $user_token))) {
return false;
}
$user_logon = session::$db->escape($user_logon);
$user_token = session::$db->escape($user_token);
$current_datetime = date(MYSQL_DATETIME, time());
$sql = "SELECT SESSIONS.ID FROM USER_TOKEN INNER JOIN USER ON (USER.UID = USER_TOKEN.UID) ";
$sql .= "LEFT JOIN SESSIONS ON (SESSIONS.UID = USER_TOKEN.UID) WHERE USER.LOGON = '{$user_logon}'";
$sql .= "AND USER_TOKEN.TOKEN = '{$user_token}' AND USER_TOKEN.EXPIRES > '{$current_datetime}' ";
$sql .= "AND USER.UID = '{$uid}' GROUP BY USER.UID";
if (!($result = session::$db->query($sql))) {
return false;
}
if ($result->num_rows == 0) {
return false;
}
list($id) = $result->fetch_row();
if (isset($id) && !is_null($id)) {
html_set_cookie('user_logon', $user_logon, time() + YEAR_IN_SECONDS);
html_set_cookie('user_token', $user_token, time() + YEAR_IN_SECONDS);
return $id;
}
return false;
}
function html_remove_all_cookies()
{
foreach (array_keys($_COOKIE) as $name) {
html_set_cookie($name, '', time() - YEAR_IN_SECONDS);
}
}
along with Beehive; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
USA
======================================================================*/
// Bootstrap
require_once 'boot.php';
// Includes required by this page.
require_once BH_INCLUDE_PATH . 'constants.inc.php';
require_once BH_INCLUDE_PATH . 'form.inc.php';
require_once BH_INCLUDE_PATH . 'format.inc.php';
require_once BH_INCLUDE_PATH . 'header.inc.php';
require_once BH_INCLUDE_PATH . 'html.inc.php';
require_once BH_INCLUDE_PATH . 'session.inc.php';
require_once BH_INCLUDE_PATH . 'user.inc.php';
require_once BH_INCLUDE_PATH . 'word_filter.inc.php';
// Default final URI if one isn't specified.
$final_uri = '&final_uri=logon.php%3Fwebtag%3D$webtag%26logout_success%3Dtrue';
if (isset($_REQUEST['final_uri']) && strlen(trim($_REQUEST['final_uri'])) > 0) {
$available_files_preg = implode("|^", array_map('preg_quote_callback', get_available_files()));
if (preg_match("/^{$available_files_preg}/u", trim($_REQUEST['final_uri'])) > 0) {
$final_uri = sprintf('&final_uri=%s', rawurlencode(href_cleanup_query_keys($_REQUEST['final_uri'])));
}
}
session::end();
if (isset($_REQUEST['register'])) {
$final_uri = rawurlencode("register.php?webtag={$webtag}{$final_uri}");
header_redirect("index.php?webtag={$webtag}&final_uri={$final_uri}");
exit;
}
html_set_cookie("user_logon", "", time() - YEAR_IN_SECONDS);
header_redirect("index.php?webtag={$webtag}{$final_uri}");
} else {
$user_prefs['START_PAGE'] = 0;
}
if (isset($_POST['start_page_global'])) {
$user_prefs_global['START_PAGE'] = $_POST['start_page_global'] == "Y" ? true : false;
} else {
$user_prefs_global['START_PAGE'] = false;
}
if (isset($_POST['sig_toggle']) && $_POST['sig_toggle'] == "Y") {
$user_prefs['POST_PAGE'] = $user_prefs['POST_PAGE'] | POST_SIGNATURE_DISPLAY;
} else {
$user_prefs['POST_PAGE'] = $user_prefs['POST_PAGE'] & ~POST_SIGNATURE_DISPLAY;
}
// Update USER_PREFS
if (user_update_prefs($uid, $user_prefs, $user_prefs_global)) {
html_set_cookie("forum_style", $user_prefs['STYLE'], time() + YEAR_IN_SECONDS);
header_redirect("forum_options.php?webtag={$webtag}&updated=true", gettext("Preferences were successfully updated."));
exit;
} else {
$error_msg_array[] = gettext("Some or all of your user account details could not be updated. Please try again later.");
$valid = false;
}
}
// Check to see if we should show the set for all forums checkboxes
$show_set_all = forums_get_available_count() > 1 ? true : false;
// Start output here
html_draw_top(sprintf('title=%s', gettext("My Controls - Forum Options")), "emoticons.js", 'forum_options.js', 'class=window_title');
echo "<h1>", gettext("Forum Options"), "</h1>\n";
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
html_display_error_array($error_msg_array, '600', 'left');
} else {
function html_remove_all_cookies()
{
if (isset($_SERVER['HTTP_COOKIE'])) {
$cookies = array_map('trim', explode(';', $_SERVER['HTTP_COOKIE']));
foreach ($cookies as $key => $cookie) {
list($cookies[$key]) = explode('=', $cookie, 2);
}
} else {
$cookies = array_keys($_COOKIE);
}
foreach ($cookies as $cookie) {
html_set_cookie($cookie, '', time() - YEAR_IN_SECONDS);
html_set_cookie($cookie, '', time() - YEAR_IN_SECONDS, '/');
}
}
require_once BH_INCLUDE_PATH . 'messages.inc.php';
require_once BH_INCLUDE_PATH . 'pm.inc.php';
require_once BH_INCLUDE_PATH . 'server.inc.php';
require_once BH_INCLUDE_PATH . 'session.inc.php';
require_once BH_INCLUDE_PATH . 'thread.inc.php';
require_once BH_INCLUDE_PATH . 'threads.inc.php';
require_once BH_INCLUDE_PATH . 'user.inc.php';
// End Required includes
// Don't cache this page
cache_disable();
if (isset($_GET['view']) && $_GET['view'] == 'full') {
html_set_cookie('view', 'full');
header_redirect('index.php');
} else {
if (isset($_GET['view']) && $_GET['view'] == 'mobile') {
html_set_cookie('view', 'mobile');
header_redirect('index.php');
}
}
$top_html = html_get_top_page();
$hide_navigation = false;
if (!browser_mobile() && !session::is_search_engine()) {
if (isset($_GET['final_uri']) && strlen(trim($_GET['final_uri'])) > 0) {
$available_files_preg = implode("|^", array_map('preg_quote_callback', get_available_files()));
$available_admin_files_preg = implode("|^", array_map('preg_quote_callback', get_available_admin_files()));
$my_controls_preg = implode("|^", array_map('preg_quote_callback', get_available_user_files()));
if (preg_match("/^{$available_files_preg}/u", trim($_GET['final_uri'])) > 0) {
$final_uri = href_cleanup_query_keys($_GET['final_uri']);
if (preg_match("/^logon.php/u", $final_uri) > 0) {
$hide_navigation = true;
} else {
public static function end()
{
session_destroy();
html_set_cookie('sess_uid', '', time() - YEAR_IN_SECONDS);
}
