profilefields_change($_SESSION['authid']); $tpl->out(3); } else { $tpl = new tpl('user/login.htm'); $tpl->set_out('WDLINK', 'index.php', 0); } } elseif ($csrfCheck) { # submit # change poassword if (!empty($_POST['np1']) and !empty($_POST['np2']) and !empty($_POST['op'])) { if ($_POST['np1'] == $_POST['np2']) { $akpw = db_result(db_query("SELECT pass FROM prefix_user WHERE id = " . $_SESSION['authid']), 0); if (user_pw_check($_POST['op'], $akpw)) { $newpw = user_pw_crypt($_POST['np1']); db_query("UPDATE prefix_user SET pass = '******' WHERE id = " . $_SESSION['authid']); user_set_cookie($_SESSION['authid'], $newpw); $fmsg = $lang['passwortchanged']; } else { $fmsg = $lang['passwortwrong']; } } else { $fmsg = $lang['passwortnotequal']; } } # avatar speichern START $avatar_sql_update = ''; if (!empty($_FILES['avatarfile']['name']) and $allgAr['forum_avatar_upload']) { $file_tmpe = $_FILES['avatarfile']['tmp_name']; $rile_type = ic_mime_type($_FILES['avatarfile']['tmp_name']); $file_type = $_FILES['avatarfile']['type']; $file_size = $_FILES['avatarfile']['size'];
function user_auto_login_check() { $cn = session_und_cookie_name(); $dat = explode('=', $_COOKIE[$cn]); $id = $pw = 0; if (isset($dat[0])) { $id = escape($dat[0], 'integer'); } if (isset($dat[1])) { $pw = $dat[1]; } debug(' pw ' . $pw); debug(' id ' . $id); $erg = db_query("SELECT name,id,recht,pass,llogin FROM prefix_user WHERE id = " . $id); if (db_num_rows($erg) == 1) { debug('benutzer gefunden'); $row = db_fetch_assoc($erg); if (user_cookie_check($pw, $row['pass'])) { debug('passwoerter stimmen'); debug($row['name']); $_SESSION['authname'] = $row['name']; $_SESSION['authid'] = $row['id']; $_SESSION['authright'] = $row['recht']; $_SESSION['lastlogin'] = $row['llogin']; $_SESSION['authsess'] = $cn; db_query("UPDATE prefix_online SET uid = " . $_SESSION['authid'] . " WHERE sid = '" . session_id() . "'"); user_set_cookie($row['id'], $row['pass']); return true; } } user_logout(); return false; }