if (!isset($THIS_BASEPATH) || empty($THIS_BASEPATH)) {
$THIS_BASEPATH = dirname(__FILE__);
}
require_once $THIS_BASEPATH . '/ipb/initdata.php';
require_once IPS_ROOT_PATH . 'sources/base/ipsRegistry.php';
require_once IPS_ROOT_PATH . 'sources/base/ipsController.php';
$registry = ipsRegistry::instance();
$registry->init();
$password = IPSText::parseCleanValue(urldecode(trim($pwd)));
$ipbhash = md5(md5($row["members_pass_salt"]) . md5($password));
$salt = pass_the_salt(5);
$rehash = md5(md5($salt) . md5($password));
IPSMember::save($row["ipb_fid"], array("members" => array("member_login_key" => "", "member_login_key_expire" => "0", "members_pass_hash" => "{$rehash}", "members_pass_salt" => "{$salt}")));
set_ipb_cookie($row["ipb_fid"]);
} else {
set_ipb_cookie($row["ipb_fid"]);
}
}
if (isset($_GET["returnto"])) {
$url = urldecode($_GET["returnto"]);
} else {
$url = "index.php";
}
//Invalid Login System Hack
if ($btit_settings["inv_login"] == true) {
dbconn();
global $TABLE_PREFIX;
mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}invalid_logins WHERE ip='" . sprintf("%u", ip2long($ip)) . "' LIMIT 1") or sqlerr();
}
//Invalid Login System Hack Stop
redirect($url);
$email = mysqli_real_escape_string($DBDT, $user->email);
$regex = "/^[_+a-z0-9-]+(\\.[_+a-z0-9-]+)*" . "@[a-z0-9-]+(\\.[a-z0-9-]{1,})*" . "\\.([a-z]{2,}){1}\$/i";
if (!preg_match($regex, $email)) {
stderr($language["SORRY"], "E-mail is not valid");
exit;
}
if ($btit_settings["fbadmin"]) {
$res2 = do_sqlquery("SELECT `ul`.`admin_access` FROM `{$TABLE_PREFIX}users` `u` INNER JOIN `{$TABLE_PREFIX}users_level` `ul` ON `u`.`id_level`=`ul`.`id` WHERE `u`.`email` ='" . $email . "'", true);
$row2 = mysqli_fetch_assoc($res2);
if ($row2["admin_access"] == "yes") {
stderr($language["SORRY"], "I'm sorry Staff are not allowed to log in this way");
exit;
}
}
$res = do_sqlquery("SELECT `u`.`salt`, `u`.`pass_type`, `u`.`username`, `u`.`id`, `u`.`random`, `u`.`password`" . (substr($FORUMLINK, 0, 3) == "smf" ? ", `u`.`smf_fid`, `s`.`passwd`" : ($FORUMLINK == "ipb" ? ", `u`.`ipb_fid`, `i`.`members_pass_hash`, `i`.`members_pass_salt`, `i`.`name`, `i`.`member_group_id`" : "")) . " FROM `{$TABLE_PREFIX}users` `u` " . (substr($FORUMLINK, 0, 3) == "smf" ? "LEFT JOIN `{$db_prefix}members` `s` ON `u`.`smf_fid`=`s`." . ($FORUMLINK == "smf" ? "`ID_MEMBER`" : "`id_member`") . "" : ($FORUMLINK == "ipb" ? "LEFT JOIN `{$ipb_prefix}members` `i` ON `u`.`ipb_fid`=`i`.`member_id`" : "")) . " WHERE `u`.`email` ='" . $email . "'", true);
$row = mysqli_fetch_assoc($res);
if (!$row) {
stderr($language["SORRY"], "You can not log in, your e-mail used with Facebook does not correspond with the e-mail you used here");
exit;
} else {
logoutcookie();
logincookie($row, $row["username"]);
if (substr($FORUMLINK, 0, 3) == "smf" && $email == $row["emailAddress"]) {
set_smf_cookie($row["smf_fid"], $row["passwd"], $row["passwordSalt"]);
} elseif ($FORUMLINK == "ipb") {
set_ipb_cookie($row["ipb_fid"], $row["name"], $row["member_group_id"]);
}
redirect($url);
die;
}
}