function isKnownUser($username, $userpass = null)
{
global $db, $CNF;
// echo $username;
if (strlen($username) > 0) {
$db = new DBLayer($CNF["db_host"], $CNF["db_user"], $CNF["db_pass"], $CNF["db_name"]);
$db->query("SET NAMES utf8");
$sql_pass = $userpass != null ? "`status_id` !=4 AND `pass`='{$userpass}'" : '`status_id` !=4';
$query = $db->query("SELECT `uid`,`login`,`lastname`,`firstname`,`middlename` FROM users WHERE `login`='{$username}' AND {$sql_pass}");
if ($db->num_rows($query) > 0) {
$auth = $db->fetch_assoc($query);
return $auth;
}
}
return false;
}
require "subs.php";
require "conf.inc.php";
require "lib/dblayer.php";
$stage = isset($_REQUEST["stage"]) ? check_string($_REQUEST["stage"], "string") : null;
// Стадия
// Авторизация
global $CNF;
//echo $stage;
if ($stage == "auth") {
$db = new DBLayer($CNF["db_host"], $CNF["db_user"], $CNF["db_pass"], $CNF["db_name"]);
$db->query("SET NAMES utf8");
$login = check_string($_REQUEST["login"], "string");
$pass_hash = md5($_REQUEST["pass"]);
// echo "SELECT `uid` FROM users WHERE `login`='$login' AND `pass_hash`='$pass_hash'";
$query_auth = $db->query("SELECT `uid` FROM users WHERE `login`='{$login}' AND `pass_hash`='{$pass_hash}'");
$db->num_rows($query_auth);
if ($query_auth and $db->num_rows($query_auth) == 1) {
$admin_login = $db->fetch_assoc($query_auth);
// $hash = md5(microtime()); // Случайная строка-хеш (32-символа)
// $db -> query("UPDATE admins SET `hash`='".$hash."' WHERE `uid`='".$admin_login['uid']."'"); // Запись хеша в БД
# Печеньки:
$cookie_lifetime = isset($_REQUEST["remember"]) == "on" ? strtotime("+1 year") : 0;
// Время жизни: 1 год или 0 - до закрытия броузера
setcookie("user_id", $admin_login['uid'], $cookie_lifetime);
setcookie("hash", $pass_hash, $cookie_lifetime);
unset($stage, $_POST["name"], $_POST["pass"], $_REQUEST["stage"]);
header("Location: http://" . $_SERVER["HTTP_HOST"] . "/" . check_string($_SESSION["ref"], "string"));
} else {
$msg = "<div class='msg error'>Неверный логин или пароль</div>";
include "stat/forms/login.form";
}
break;
case 'pgsql':
// Make sure we are running at least PHP 4.3.0 (needed only for PostgreSQL)
if (version_compare(PHP_VERSION, '4.3.0', '<')) {
error('You are running PHP version ' . PHP_VERSION . '. PunBB requires at least PHP 4.3.0 to run properly when using PostgreSQL. You must upgrade your PHP installation or use a different database before you can continue.');
}
break;
case 'sqlite':
if (strtolower($db_prefix) == 'sqlite_') {
error('The table prefix \'sqlite_\' is reserved for use by the SQLite engine. Please choose a different prefix.');
}
break;
}
// Make sure PunBB isn't already installed
$result = $db->query('SELECT 1 FROM ' . $db_prefix . 'users WHERE id=1');
if ($db->num_rows($result)) {
error('A table called "' . $db_prefix . 'users" is already present in the database "' . $db_name . '". This could mean that PunBB is already installed or that another piece of software is installed and is occupying one or more of the table names PunBB requires. If you want to install multiple copies of PunBB in the same database, you must choose a different table prefix.');
}
// Create all tables
switch ($db_type) {
case 'mysql':
case 'mysqli':
$sql = 'CREATE TABLE ' . $db_prefix . "bans (\n\t\t\t\t\tid INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,\n\t\t\t\t\tusername VARCHAR(200),\n\t\t\t\t\tip VARCHAR(255),\n\t\t\t\t\temail VARCHAR(50),\n\t\t\t\t\tmessage VARCHAR(255),\n\t\t\t\t\texpire INT(10) UNSIGNED,\n\t\t\t\t\tPRIMARY KEY (id)\n\t\t\t\t\t) TYPE=MyISAM;";
break;
case 'pgsql':
$db->start_transaction();
$sql = 'CREATE TABLE ' . $db_prefix . "bans (\n\t\t\t\t\tid SERIAL,\n\t\t\t\t\tusername VARCHAR(200),\n\t\t\t\t\tip VARCHAR(255),\n\t\t\t\t\temail VARCHAR(50),\n\t\t\t\t\tmessage VARCHAR(255),\n\t\t\t\t\texpire INT,\n\t\t\t\t\tPRIMARY KEY (id)\n\t\t\t\t\t)";
break;
case 'sqlite':
$db->start_transaction();
$sql = 'CREATE TABLE ' . $db_prefix . "bans (\n\t\t\t\t\tid INTEGER NOT NULL,\n\t\t\t\t\tusername VARCHAR(200),\n\t\t\t\t\tip VARCHAR(255),\n\t\t\t\t\temail VARCHAR(50),\n\t\t\t\t\tmessage VARCHAR(255),\n\t\t\t\t\texpire INTEGER,\n\t\t\t\t\tPRIMARY KEY (id)\n\t\t\t\t\t)";
if (version_compare($mysql_info['version'], MIN_MYSQL_VERSION, '<')) {
error(sprintf($lang_install['Invalid MySQL version'], $mysql_version, MIN_MYSQL_VERSION));
}
}
// Validate prefix
if (strlen($db_prefix) > 0 && (!preg_match('/^[a-zA-Z_][a-zA-Z0-9_]*$/', $db_prefix) || strlen($db_prefix) > 40)) {
error(sprintf($lang_install['Invalid table prefix'], $db_prefix));
}
// Check SQLite prefix collision
if ($db_type == 'sqlite' && strtolower($db_prefix) == 'sqlite_') {
error($lang_install['SQLite prefix collision']);
}
// Make sure PunBB isn't already installed
$query = array('SELECT' => '1', 'FROM' => 'users', 'WHERE' => 'id = 1');
$result = $forum_db->query_build($query);
if ($forum_db->num_rows($result)) {
error(sprintf($lang_install['PunBB already installed'], $db_prefix, $db_name));
}
// Start a transaction
$forum_db->start_transaction();
// Create all tables
$schema = array('FIELDS' => array('id' => array('datatype' => 'SERIAL', 'allow_null' => false), 'username' => array('datatype' => 'VARCHAR(200)', 'allow_null' => true), 'ip' => array('datatype' => 'VARCHAR(255)', 'allow_null' => true), 'email' => array('datatype' => 'VARCHAR(80)', 'allow_null' => true), 'message' => array('datatype' => 'VARCHAR(255)', 'allow_null' => true), 'expire' => array('datatype' => 'INT(10) UNSIGNED', 'allow_null' => true), 'ban_creator' => array('datatype' => 'INT(10) UNSIGNED', 'allow_null' => false, 'default' => '0')), 'PRIMARY KEY' => array('id'));
$forum_db->create_table('bans', $schema);
$schema = array('FIELDS' => array('id' => array('datatype' => 'SERIAL', 'allow_null' => false), 'cat_name' => array('datatype' => 'VARCHAR(80)', 'allow_null' => false, 'default' => '\'New Category\''), 'disp_position' => array('datatype' => 'INT(10)', 'allow_null' => false, 'default' => '0')), 'PRIMARY KEY' => array('id'));
$forum_db->create_table('categories', $schema);
$schema = array('FIELDS' => array('id' => array('datatype' => 'SERIAL', 'allow_null' => false), 'search_for' => array('datatype' => 'VARCHAR(60)', 'allow_null' => false, 'default' => '\'\''), 'replace_with' => array('datatype' => 'VARCHAR(60)', 'allow_null' => false, 'default' => '\'\'')), 'PRIMARY KEY' => array('id'));
$forum_db->create_table('censoring', $schema);
$schema = array('FIELDS' => array('conf_name' => array('datatype' => 'VARCHAR(255)', 'allow_null' => false, 'default' => '\'\''), 'conf_value' => array('datatype' => 'TEXT', 'allow_null' => true)), 'PRIMARY KEY' => array('conf_name'));
$forum_db->create_table('config', $schema);
$schema = array('FIELDS' => array('id' => array('datatype' => 'VARCHAR(150)', 'allow_null' => false, 'default' => '\'\''), 'title' => array('datatype' => 'VARCHAR(255)', 'allow_null' => false, 'default' => '\'\''), 'version' => array('datatype' => 'VARCHAR(25)', 'allow_null' => false, 'default' => '\'\''), 'description' => array('datatype' => 'TEXT', 'allow_null' => true), 'author' => array('datatype' => 'VARCHAR(50)', 'allow_null' => false, 'default' => '\'\''), 'uninstall' => array('datatype' => 'TEXT', 'allow_null' => true), 'uninstall_note' => array('datatype' => 'TEXT', 'allow_null' => true), 'disabled' => array('datatype' => 'TINYINT(1)', 'allow_null' => false, 'default' => '0'), 'dependencies' => array('datatype' => 'VARCHAR(255)', 'allow_null' => false, 'default' => '\'\'')), 'PRIMARY KEY' => array('id'));
$forum_db->create_table('extensions', $schema);
