function logon_perform() { // Check to see if the user is logging in as a guest or a normal user. if (isset($_POST['guest_logon'])) { // Check the Guest account is enabled. if (!user_guest_enabled()) { return false; } // Initialise Guest user session. session::start(0); // Generate new CSRF token session::refresh_csrf_token(); // Update the visitor log session::update_visitor_log(0, true); // Success return true; } else { if (isset($_POST['user_logon']) && isset($_POST['user_password'])) { // Extract the submitted username $user_logon = $_POST['user_logon']; // Extract the submitted password $user_password = $_POST['user_password']; // Try and login the user. if (($uid = user_logon($user_logon, $user_password)) !== false) { // Initialise a user session. session::start($uid); // Generate new CSRF token session::refresh_csrf_token(); // Update User's last forum visit forum_update_last_visit($uid); // Update the visitor log session::update_visitor_log($uid, true); // Check if we should save a token to allow auto logon, if (isset($_POST['user_remember']) && $_POST['user_remember'] == 'Y') { // Get a token for the entered password. $user_token = user_generate_token($uid); // Set a cookie with the logon and the token. html_set_cookie('user_logon', $user_logon, time() + YEAR_IN_SECONDS); html_set_cookie('user_token', $user_token, time() + YEAR_IN_SECONDS); } else { // Remove the cookie. html_set_cookie('user_logon', '', time() - YEAR_IN_SECONDS); html_set_cookie('user_token', '', time() - YEAR_IN_SECONDS); } // Success return true; } } } // Failed return false; }
function logon_perform() { $webtag = get_webtag(); // Check to see if the user is logging in as a guest or a normal user. if (isset($_POST['guest_logon'])) { // Check the Guest account is enabled. if (!user_guest_enabled()) { return false; } // Initialise Guest user session. session::create(0); // Success return true; } else { if (isset($_POST['user_logon']) && isset($_POST['user_password'])) { // Extract the submitted username $user_logon = $_POST['user_logon']; // Extract the submitted password $user_password = $_POST['user_password']; // Try and login the user. if ($uid = user_logon($user_logon, $user_password)) { // Initialise a user session. session::create($uid); // Check if we should save a token to allow auto logon, if (isset($_POST['user_remember']) && $_POST['user_remember'] == 'Y') { // Get a token for the entered password. $user_token = user_generate_token($uid); // Set a cookie with the logon and the token. html_set_cookie('user_logon', $user_logon, time() + YEAR_IN_SECONDS); html_set_cookie('user_token', $user_token, time() + YEAR_IN_SECONDS); } else { // Remove the cookie. html_set_cookie('user_logon', '', time() - YEAR_IN_SECONDS); html_set_cookie('user_token', '', time() - YEAR_IN_SECONDS); } // Success return true; } } } // Failed return false; }
public static function restore() { if (!($user_logon = html_get_cookie('user_logon'))) { return false; } if (!($user_token = html_get_cookie('user_token'))) { return false; } if (!($uid = user_logon_token($user_logon, $user_token))) { return false; } $user_logon = session::$db->escape($user_logon); $user_token = session::$db->escape($user_token); $current_datetime = date(MYSQL_DATETIME, time()); $sql = "SELECT SESSIONS.ID FROM USER_TOKEN INNER JOIN USER ON (USER.UID = USER_TOKEN.UID) "; $sql .= "LEFT JOIN SESSIONS ON (SESSIONS.UID = USER_TOKEN.UID) WHERE USER.LOGON = '{$user_logon}'"; $sql .= "AND USER_TOKEN.TOKEN = '{$user_token}' AND USER_TOKEN.EXPIRES > '{$current_datetime}' "; $sql .= "AND USER.UID = '{$uid}' GROUP BY USER.UID"; if (!($result = session::$db->query($sql))) { return false; } if ($result->num_rows == 0) { return false; } list($id) = $result->fetch_row(); if (isset($id) && !is_null($id)) { html_set_cookie('user_logon', $user_logon, time() + YEAR_IN_SECONDS); html_set_cookie('user_token', $user_token, time() + YEAR_IN_SECONDS); return $id; } return false; }
function html_remove_all_cookies() { foreach (array_keys($_COOKIE) as $name) { html_set_cookie($name, '', time() - YEAR_IN_SECONDS); } }
along with Beehive; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ======================================================================*/ // Bootstrap require_once 'boot.php'; // Includes required by this page. require_once BH_INCLUDE_PATH . 'constants.inc.php'; require_once BH_INCLUDE_PATH . 'form.inc.php'; require_once BH_INCLUDE_PATH . 'format.inc.php'; require_once BH_INCLUDE_PATH . 'header.inc.php'; require_once BH_INCLUDE_PATH . 'html.inc.php'; require_once BH_INCLUDE_PATH . 'session.inc.php'; require_once BH_INCLUDE_PATH . 'user.inc.php'; require_once BH_INCLUDE_PATH . 'word_filter.inc.php'; // Default final URI if one isn't specified. $final_uri = '&final_uri=logon.php%3Fwebtag%3D$webtag%26logout_success%3Dtrue'; if (isset($_REQUEST['final_uri']) && strlen(trim($_REQUEST['final_uri'])) > 0) { $available_files_preg = implode("|^", array_map('preg_quote_callback', get_available_files())); if (preg_match("/^{$available_files_preg}/u", trim($_REQUEST['final_uri'])) > 0) { $final_uri = sprintf('&final_uri=%s', rawurlencode(href_cleanup_query_keys($_REQUEST['final_uri']))); } } session::end(); if (isset($_REQUEST['register'])) { $final_uri = rawurlencode("register.php?webtag={$webtag}{$final_uri}"); header_redirect("index.php?webtag={$webtag}&final_uri={$final_uri}"); exit; } html_set_cookie("user_logon", "", time() - YEAR_IN_SECONDS); header_redirect("index.php?webtag={$webtag}{$final_uri}");
} else { $user_prefs['START_PAGE'] = 0; } if (isset($_POST['start_page_global'])) { $user_prefs_global['START_PAGE'] = $_POST['start_page_global'] == "Y" ? true : false; } else { $user_prefs_global['START_PAGE'] = false; } if (isset($_POST['sig_toggle']) && $_POST['sig_toggle'] == "Y") { $user_prefs['POST_PAGE'] = $user_prefs['POST_PAGE'] | POST_SIGNATURE_DISPLAY; } else { $user_prefs['POST_PAGE'] = $user_prefs['POST_PAGE'] & ~POST_SIGNATURE_DISPLAY; } // Update USER_PREFS if (user_update_prefs($uid, $user_prefs, $user_prefs_global)) { html_set_cookie("forum_style", $user_prefs['STYLE'], time() + YEAR_IN_SECONDS); header_redirect("forum_options.php?webtag={$webtag}&updated=true", gettext("Preferences were successfully updated.")); exit; } else { $error_msg_array[] = gettext("Some or all of your user account details could not be updated. Please try again later."); $valid = false; } } // Check to see if we should show the set for all forums checkboxes $show_set_all = forums_get_available_count() > 1 ? true : false; // Start output here html_draw_top(sprintf('title=%s', gettext("My Controls - Forum Options")), "emoticons.js", 'forum_options.js', 'class=window_title'); echo "<h1>", gettext("Forum Options"), "</h1>\n"; if (isset($error_msg_array) && sizeof($error_msg_array) > 0) { html_display_error_array($error_msg_array, '600', 'left'); } else {
function html_remove_all_cookies() { if (isset($_SERVER['HTTP_COOKIE'])) { $cookies = array_map('trim', explode(';', $_SERVER['HTTP_COOKIE'])); foreach ($cookies as $key => $cookie) { list($cookies[$key]) = explode('=', $cookie, 2); } } else { $cookies = array_keys($_COOKIE); } foreach ($cookies as $cookie) { html_set_cookie($cookie, '', time() - YEAR_IN_SECONDS); html_set_cookie($cookie, '', time() - YEAR_IN_SECONDS, '/'); } }
require_once BH_INCLUDE_PATH . 'messages.inc.php'; require_once BH_INCLUDE_PATH . 'pm.inc.php'; require_once BH_INCLUDE_PATH . 'server.inc.php'; require_once BH_INCLUDE_PATH . 'session.inc.php'; require_once BH_INCLUDE_PATH . 'thread.inc.php'; require_once BH_INCLUDE_PATH . 'threads.inc.php'; require_once BH_INCLUDE_PATH . 'user.inc.php'; // End Required includes // Don't cache this page cache_disable(); if (isset($_GET['view']) && $_GET['view'] == 'full') { html_set_cookie('view', 'full'); header_redirect('index.php'); } else { if (isset($_GET['view']) && $_GET['view'] == 'mobile') { html_set_cookie('view', 'mobile'); header_redirect('index.php'); } } $top_html = html_get_top_page(); $hide_navigation = false; if (!browser_mobile() && !session::is_search_engine()) { if (isset($_GET['final_uri']) && strlen(trim($_GET['final_uri'])) > 0) { $available_files_preg = implode("|^", array_map('preg_quote_callback', get_available_files())); $available_admin_files_preg = implode("|^", array_map('preg_quote_callback', get_available_admin_files())); $my_controls_preg = implode("|^", array_map('preg_quote_callback', get_available_user_files())); if (preg_match("/^{$available_files_preg}/u", trim($_GET['final_uri'])) > 0) { $final_uri = href_cleanup_query_keys($_GET['final_uri']); if (preg_match("/^logon.php/u", $final_uri) > 0) { $hide_navigation = true; } else {
public static function end() { session_destroy(); html_set_cookie('sess_uid', '', time() - YEAR_IN_SECONDS); }