//@todo: to remove this part for non-global approach define("iAUTH", substr(md5($userdata['user_password'] . USER_IP), 16, 16)); $aidlink = fusion_get_aidlink(); // Generate a session aid every turn $token_time = time(); $algo = fusion_get_settings('password_algorithm'); $key = $userdata['user_id'] . $token_time . iAUTH . SECRET_KEY; $salt = md5($userdata['user_admin_salt'] . SECRET_KEY_SALT); $_SESSION['aid'] = $userdata['user_id'] . "." . $token_time . "." . hash_hmac($algo, $key, $salt); } // PHP-Fusion user cookie functions if (!isset($_COOKIE[COOKIE_PREFIX . 'visited'])) { $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value=settings_value+1 WHERE settings_name='counter'"); setcookie(COOKIE_PREFIX . "visited", "yes", time() + 31536000, "/", "", "0"); } $lastvisited = Authenticate::setLastVisitCookie(); // Check file types of the uploaded file with known mime types list to prevent uploading unwanted files if enabled if ($settings['mime_check'] == "1") { if (isset($_FILES) && count($_FILES)) { require_once INCLUDES . "mimetypes_include.php"; $mime_types = mimeTypes(); foreach ($_FILES as $each) { if (isset($each['name']) && strlen($each['tmp_name'])) { $file_info = pathinfo($each['name']); $extension = $file_info['extension']; if (array_key_exists($extension, $mime_types)) { if (is_array($mime_types[$extension])) { $valid_mimetype = FALSE; foreach ($mime_types[$extension] as $each_mimetype) { if ($each_mimetype == $each['type']) { $valid_mimetype = TRUE;