function _checkFrontendUserAutoLogin()
{
if (!_getFeUserLoginStatus() && session_id() && !empty($_COOKIE['phpwcmsFeLoginRemember']) && !isset($_POST['phpwcmsFeLoginRemember']) && !isset($_GET['phpwcmsFeLoginRemember'])) {
$_loginData = explode('##-|-##', $_COOKIE['phpwcmsFeLoginRemember']);
if (!empty($_loginData[0]) && !empty($_loginData[1])) {
$_loginData['validate_db']['userdetail'] = empty($_loginData[2]) ? 0 : 1;
$_loginData['validate_db']['backenduser'] = empty($_loginData[3]) ? 0 : 1;
$_loginData['query_result'] = _checkFrontendUserLogin($_loginData[0], $_loginData[1], $_loginData['validate_db']);
if ($_loginData['query_result'] !== false && is_array($_loginData['query_result']) && count($_loginData['query_result'])) {
if (isset($_loginData['query_result']['usr_login'])) {
$_SESSION[session_id()] = $_loginData['query_result']['usr_login'];
} elseif ($_loginData['query_result']['detail_login']) {
$_SESSION[session_id()] = $_loginData['query_result']['detail_login'];
}
$_SESSION[session_id() . '_userdata'] = _getFrontendUserBaseData($_loginData['query_result']);
} else {
unset($_COOKIE['phpwcmsFeLoginRemember']);
}
}
}
// logout
if (session_id() && (isset($_POST['feLogout']) || isset($_GET['feLogout']))) {
unset($_SESSION[session_id()]);
setcookie('phpwcmsFeLoginRemember', '', time() - 3600, '/', getCookieDomain());
}
define('FEUSER_LOGIN_STATUS', _getFeUserLoginStatus());
}
// first check
if (isset($_GET['u']) && $_GET['u'] == PHPWCMS_USER_KEY) {
$ads_id = intval($_GET['adclickval']);
$sql = 'SELECT * FROM ' . DB_PREPEND . 'phpwcms_ads_campaign ';
$sql .= 'WHERE adcampaign_id=' . $ads_id . ' AND adcampaign_status=1 LIMIT 1';
$ad_data = _dbQuery($sql);
if (!empty($ad_data[0]['adcampaign_data'])) {
$ad_data = @unserialize($ad_data[0]['adcampaign_data']);
$ads_userip = getRemoteIP();
$ads_useragent = $_SERVER['HTTP_USER_AGENT'];
$ads_ref = isset($_GET['r']) ? trim($_GET['r']) : '';
$ads_cat = empty($_GET['c']) ? 0 : intval($_GET['c']);
$ads_article = empty($_GET['a']) ? 0 : intval($_GET['a']);
if (empty($_COOKIE['phpwcmsAdsUserId']) || !preg_match('/^[0-9a-f]{32}$/', $ads_userid = $_COOKIE['phpwcmsAdsUserId'])) {
$ads_userid = md5($ads_userip . microtime());
setcookie('phpwcmsAdsUserId', $ads_userid, time() + 63072000, '/', getCookieDomain());
}
$sql = 'INSERT DELAYED INTO ' . DB_PREPEND . 'phpwcms_ads_tracking (';
$sql .= 'adtracking_created, adtracking_campaignid, adtracking_ip, adtracking_cookieid, ';
$sql .= 'adtracking_countclick, adtracking_countview, adtracking_useragent, adtracking_ref, ';
$sql .= 'adtracking_catid, adtracking_articleid) VALUES (';
$sql .= "NOW(), " . $ads_id . ", " . _dbEscape($ads_userip) . ", " . _dbEscape($ads_userid) . ", ";
$sql .= "1, 0, " . _dbEscape($ads_useragent) . ", " . _dbEscape($ads_ref) . ", " . $ads_cat . ", " . $ads_article . ")";
@_dbQuery($sql, 'INSERT');
$sql = 'UPDATE LOW_PRIORITY ' . DB_PREPEND . 'phpwcms_ads_campaign SET ';
$sql .= 'adcampaign_curclick=adcampaign_curclick+1 WHERE adcampaign_id=' . $ads_id;
@_dbQuery($sql, 'UPDATE');
headerRedirect($ad_data['url']);
}
}
headerRedirect(PHPWCMS_URL);
function setItemsPerPage($default = 25)
{
if (isset($_GET['showipp'])) {
$ipp = intval(is_numeric($_GET['showipp']) ? $_GET['showipp'] : $default);
setcookie('phpwcmsBEItemsPerPage', $ipp, time() + 157680000, '/', getCookieDomain());
} elseif (isset($_SESSION['PAGE_FILTER'])) {
$ipp = $_SESSION['PAGE_FILTER']['IPP'];
} elseif (isset($_COOKIE['phpwcmsBEItemsPerPage'])) {
$ipp = intval($_COOKIE['phpwcmsBEItemsPerPage']);
} else {
$ipp = $default;
}
if (!isset($_SESSION['PAGE_FILTER'])) {
$_SESSION['PAGE_FILTER'] = array();
}
$_SESSION['PAGE_FILTER']['IPP'] = $ipp;
return $ipp;
}
$_loginData['felogin_profile_registration'] = empty($_loginData['felogin_profile_registration']) ? 0 : 1;
$_loginData['felogin_profile_manage'] = empty($_loginData['felogin_profile_manage']) ? 0 : 1;
$_loginData['validate_db']['userdetail'] = empty($_loginData['felogin_validate_userdetail']) ? 0 : 1;
$_loginData['validate_db']['backenduser'] = empty($_loginData['felogin_validate_backenduser']) ? 0 : 1;
// handle Login
if (isset($_POST['feLogin'])) {
$_loginData['login'] = slweg($_POST['feLogin']);
$_loginData['password'] = slweg($_POST['fePassword']);
$_loginData['remember'] = empty($_POST['feRemember']) ? 0 : 1;
$_loginData['query_result'] = _checkFrontendUserLogin($_loginData['login'], md5($_loginData['password']), $_loginData['validate_db']);
// ok, and now check if we got valid login data
if ($_loginData['query_result'] !== false && is_array($_loginData['query_result']) && count($_loginData['query_result'])) {
$_SESSION[$_loginData['session_key']] = $_loginData['login'];
$_SESSION[$_loginData['session_key'] . '_userdata'] = _getFrontendUserBaseData($_loginData['query_result']);
if ($_loginData['remember'] && !empty($_loginData['felogin_cookie_expire'])) {
setcookie('phpwcmsFeLoginRemember', $_loginData['login'] . '##-|-##' . md5($_loginData['password']) . '##-|-##' . $_loginData['validate_db']['userdetail'] . '##-|-##' . $_loginData['validate_db']['backenduser'], time() + $_loginData['felogin_cookie_expire'], '/', getCookieDomain());
}
} else {
$_loginData['error'] = true;
}
} elseif (isset($_POST['feReminder'])) {
$_loginData['remind_data'] = slweg($_POST['feReminder']);
// check if valid email - send login
if ($_loginData['remind_data'] && is_valid_email($_loginData['remind_data'])) {
if ($_loginData['validate_db']['userdetail']) {
$sql = 'SELECT detail_login AS LOGIN, detail_email AS EMAIL FROM ' . DB_PREPEND . "phpwcms_userdetail WHERE LOWER(detail_email)=";
$sql .= _dbEscape(strtolower($_loginData['remind_data'])) . " LIMIT 1";
$result = _dbQuery($sql);
}
// hm, seems no user found - OK test against cms users
if ($_loginData['validate_db']['backenduser'] && !isset($result[0])) {
