$base_url_count--; } // New in SEO - disable TRUE_PHP_SELF and START_PAGE if (!defined("IN_PERMALINK")) { define("TRUE_PHP_SELF", $current_page); define("START_PAGE", substr(preg_replace("#(&|\\?)(s_action=edit&shout_id=)([0-9]+)#s", "", TRUE_PHP_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "")), 1)); } // Autenticate user require_once CLASSES . "Authenticate.class.php"; // Log in user if (isset($_POST['login']) && isset($_POST['user_name']) && isset($_POST['user_pass'])) { $auth = new Authenticate($_POST['user_name'], $_POST['user_pass'], isset($_POST['remember_me']) ? TRUE : FALSE); $userdata = $auth->getUserData(); unset($auth, $_POST['user_name'], $_POST['user_pass']); } elseif (isset($_GET['logout']) && $_GET['logout'] == "yes") { $userdata = Authenticate::logOut(); redirect(BASEDIR . "index.php"); } else { $userdata = Authenticate::validateAuthUser(); // ok userdata never add _1. } // User level, Admin Rights & User Group definitions define("iGUEST", $userdata['user_level'] == 0 ? 1 : 0); define("iMEMBER", $userdata['user_level'] >= 101 ? 1 : 0); define("iADMIN", $userdata['user_level'] >= 102 ? 1 : 0); define("iSUPERADMIN", $userdata['user_level'] == 103 ? 1 : 0); define("iUSER", $userdata['user_level']); define("iUSER_RIGHTS", $userdata['user_rights']); define("iUSER_GROUPS", substr($userdata['user_groups'], 1)); // check multilang tables function multilang_table($table)
public static function validateAuthUser($userCookie = true) { if (isset($_COOKIE[COOKIE_USER]) && $_COOKIE[COOKIE_USER] != "") { $cookieDataArr = explode(".", $_COOKIE[COOKIE_USER]); if (count($cookieDataArr) == 3) { list($userID, $cookieExpiration, $cookieHash) = $cookieDataArr; if ($cookieExpiration > time()) { $result = dbquery("SELECT * FROM " . DB_USERS . "\n\t\t\t\t\t\tWHERE user_id='" . (isnum($userID) ? $userID : 0) . "' AND user_status='0' AND user_actiontime='0'\n\t\t\t\t\t\tLIMIT 1"); if (dbrows($result) == 1) { $user = dbarray($result); Authenticate::_setUserTheme($user); $key = hash_hmac($user['user_algo'], $userID . $cookieExpiration, $user['user_salt']); $hash = hash_hmac($user['user_algo'], $userID . $cookieExpiration, $key); if ($cookieHash == $hash) { return $user; } else { // Cookie has been tampered with! return Authenticate::logOut(); } } else { // User id does not exist or user_status / user_actiontime != 0 return Authenticate::logOut(); } } else { // Cookie expired Authenticate::logOut(); redirect(Authenticate::getRedirectUrl(2)); } } else { // Missing arguments in cookie Authenticate::logOut(); redirect(Authenticate::getRedirectUrl(2)); } } else { return Authenticate::getEmptyUserData(); } }