function logon_perform()
{
// Check to see if the user is logging in as a guest or a normal user.
if (isset($_POST['guest_logon'])) {
// Check the Guest account is enabled.
if (!user_guest_enabled()) {
return false;
}
// Initialise Guest user session.
session::start(0);
// Generate new CSRF token
session::refresh_csrf_token();
// Update the visitor log
session::update_visitor_log(0, true);
// Success
return true;
} else {
if (isset($_POST['user_logon']) && isset($_POST['user_password'])) {
// Extract the submitted username
$user_logon = $_POST['user_logon'];
// Extract the submitted password
$user_password = $_POST['user_password'];
// Try and login the user.
if (($uid = user_logon($user_logon, $user_password)) !== false) {
// Initialise a user session.
session::start($uid);
// Generate new CSRF token
session::refresh_csrf_token();
// Update User's last forum visit
forum_update_last_visit($uid);
// Update the visitor log
session::update_visitor_log($uid, true);
// Check if we should save a token to allow auto logon,
if (isset($_POST['user_remember']) && $_POST['user_remember'] == 'Y') {
// Get a token for the entered password.
$user_token = user_generate_token($uid);
// Set a cookie with the logon and the token.
html_set_cookie('user_logon', $user_logon, time() + YEAR_IN_SECONDS);
html_set_cookie('user_token', $user_token, time() + YEAR_IN_SECONDS);
} else {
// Remove the cookie.
html_set_cookie('user_logon', '', time() - YEAR_IN_SECONDS);
html_set_cookie('user_token', '', time() - YEAR_IN_SECONDS);
}
// Success
return true;
}
}
}
// Failed
return false;
}
$user_data = array('IPADDRESS' => get_ip_address(), 'REFERER' => session::get_http_referer(), 'LOGON' => $logon, 'NICKNAME' => $nickname, 'EMAIL' => $email);
if (ban_check($user_data)) {
$error_msg_array[] = gettext("The username or password you supplied is not valid.");
$valid = false;
}
}
if ($valid) {
if (($new_uid = user_create($logon, $password, $nickname, $email)) !== false) {
// Save the new user preferences
user_update_prefs($new_uid, $new_user_prefs);
// Save the new user signature
user_update_sig($new_uid, $sig_content, true);
// Initialise the new user session.
session::start($new_uid);
// Update User's last forum visit
forum_update_last_visit($new_uid);
// Update the visitor log
session::update_visitor_log($new_uid, true);
// Check to see if the user is going somewhere after they have registered.
$final_uri = isset($final_uri) ? rawurlencode($final_uri) : '';
// If User Confirmation is enabled send the forum owners an email.
if (forum_get_setting('require_user_approval', 'Y')) {
admin_send_user_approval_notification($new_uid);
}
// If New User Notification is enabled send the forum owners an email.
if (forum_get_setting('send_new_user_email', 'Y')) {
admin_send_new_user_notification($new_uid);
}
// Display final success / confirmation page.
if (forum_get_setting('require_email_confirmation', 'Y')) {
if (email_send_user_confirmation($new_uid)) {
require_once BH_INCLUDE_PATH . 'banned.inc.php';
require_once BH_INCLUDE_PATH . 'constants.inc.php';
require_once BH_INCLUDE_PATH . 'format.inc.php';
require_once BH_INCLUDE_PATH . 'header.inc.php';
require_once BH_INCLUDE_PATH . 'html.inc.php';
require_once BH_INCLUDE_PATH . 'lang.inc.php';
require_once BH_INCLUDE_PATH . 'session.inc.php';
// End Required includes
// Initialise the session
session::init();
// Populate the session store.
session::start($_SESSION['UID']);
// Perform ban check
ban_check($_SESSION);
// Update User's last forum visit
forum_update_last_visit($_SESSION['UID']);
// Update the visitor log
session::update_visitor_log($_SESSION['UID']);
// Initialise gettext
lang_init();
// Enable the word filter ob filter
ob_start('word_filter_ob_callback');
// Check to see if user account has been banned.
if (session::user_banned()) {
html_user_banned();
exit;
}
// Check to see if the user has been approved.
if (!session::user_approved()) {
html_user_require_approval();
exit;
public static function create($uid)
{
if (!($forum_fid = get_forum_fid())) {
$forum_fid = 0;
}
session::refresh($uid);
session::update_visitor_log($uid, $forum_fid);
forum_update_last_visit($uid);
}