public function getContent($format = 'S', $c_type = 'T')
{
switch ($format) {
case 'S':
if ($c_type == 'H') {
return str_replace('{X_SITEURL}', ICMS_URL . '/', $this->getVar('content', 'n'));
} elseif ($c_type == 'P') {
ob_start();
echo eval($this->getVar('content', 'n'));
$content = ob_get_contents();
ob_end_clean();
return str_replace('{X_SITEURL}', ICMS_URL . '/', $content);
} elseif ($c_type == 'S') {
$myts =& icms_core_Textsanitizer::getInstance();
$content = str_replace('{X_SITEURL}', ICMS_URL . '/', $this->getVar('content', 'n'));
return $myts->displayTarea($content, 1, 1);
} else {
$content = str_replace('{X_SITEURL}', ICMS_URL . '/', $this->getVar('content', 'n'));
return icms_core_DataFilter::checkVar($content, 'text', 'output');
}
break;
case 'E':
return $this->getVar('content', 'e');
break;
default:
return $this->getVar('content', 'n');
break;
}
}
/**
* Render and output the custom tag
*/
public function render() {
$myts = icms_core_Textsanitizer::getInstance();
if (!$this->content) {
switch ($this->getVar('customtag_type')) {
case ICMS_CUSTOMTAG_TYPE_XCODES:
$ret = $this->getVar('customtag_content', 'N');
$ret = $myts->displayTarea($ret, 1, 1, 1, 1, 1);
break;
case ICMS_CUSTOMTAG_TYPE_HTML:
$ret = $this->getVar('customtag_content', 'N');
$ret = $myts->displayTarea($ret, 1, 1, 1, 1, 0);
break;
case ICMS_CUSTOMTAG_TYPE_PHP:
$ret = $this->renderWithPhp();
break;
default:
break;
}
$this->content = $ret;
}
return $this->content;
}
function setting_manager($post = false)
{
$this->sanitizer =& icms_core_Textsanitizer::getInstance();
if ($post) {
$this->readPost();
} else {
$this->database = 'mysql';
$this->dbhost = 'localhost';
$this->db_pconnect = 0;
$this->root_path = str_replace("\\", "/", getcwd());
// "
$this->root_path = str_replace("/install", "", $this->root_path);
$filepath = !empty($_SERVER['REQUEST_URI']) ? dirname($_SERVER['REQUEST_URI']) : dirname($_SERVER['SCRIPT_NAME']);
$filepath = str_replace("\\", "/", $filepath);
// "
$filepath = str_replace("/install", "", $filepath);
if (substr($filepath, 0, 1) == "/") {
$filepath = substr($filepath, 1);
}
if (substr($filepath, -1) == "/") {
$filepath = substr($filepath, 0, -1);
}
$protocol = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://';
$this->xoops_url = !empty($filepath) ? $protocol . $_SERVER['HTTP_HOST'] . "/" . $filepath : $protocol . $_SERVER['HTTP_HOST'];
$this->prefix = $this->generatePrefix();
}
}
function b_waiting_tutorials()
{
$block = array();
// tutorials
$myts =& icms_core_Textsanitizer::getInstance();
$result = icms::$xoopsDB->query("select count(*) from " . icms::$xoopsDB->prefix("tutorials") . " WHERE status=0 or status=2 order by date");
if ($result) {
$block['adminlink'] = ICMS_URL . "/modules/tutorials/admin/index.php";
list($block['pendingnum']) = icms::$xoopsDB->fetchRow($result);
$block['lang_linkname'] = _PI_WAITING_WAITINGS;
}
return $block;
}
/**
* Constructor for icms_ipf_Metagen
*
* @param string $title Page title
* @param string $keywords List of meta keywords
* @param string $description Meta description
* @param string $categoryPath
*
*/
public function __construct($title, $keywords = false, $description = false, $categoryPath = false)
{
$this->_myts = icms_core_Textsanitizer::GetInstance();
$this->setCategoryPath($categoryPath);
$this->setTitle($title);
$this->setDescription($description);
if (!$keywords) {
$keywords = $this->createMetaKeywords();
}
/* $myts = icms_core_Textsanitizer::getInstance();
if (method_exists($myts, 'formatForML')) {
$keywords = $myts->formatForML($keywords);
$description = $myts->formatForML($description);
}
*/
$this->setKeywords($keywords);
}
/**
* The header
*
* Implements all functions that are executed within the header of the page
* (meta tags, header expiration, etc)
* It will all be echoed, so no return in this function
*
* @param bool $closehead close the <head> tag
*/
function xoops_header($closehead = true)
{
global $icmsConfig, $xoopsTheme, $icmsConfigPlugins, $icmsConfigMetaFooter;
$myts =& icms_core_Textsanitizer::getInstance();
if (!headers_sent()) {
header('Content-Type:text/html; charset=' . _CHARSET);
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header('Cache-Control: no-store, no-cache, max-age=1, s-maxage=1, must-revalidate, post-check=0, pre-check=0');
header("Pragma: no-cache");
}
echo "<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>";
echo '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="' . _LANGCODE . '" lang="' . _LANGCODE . '">
<head>
<meta http-equiv="content-type" content="text/html; charset=' . _CHARSET . '" />
<meta http-equiv="content-language" content="' . _LANGCODE . '" />
' . htmlspecialchars($icmsConfigMetaFooter['google_meta']) . '
<meta name="robots" content="' . htmlspecialchars($icmsConfigMetaFooter['meta_robots']) . '" />
<meta name="keywords" content="' . htmlspecialchars($icmsConfigMetaFooter['meta_keywords']) . '" />
<meta name="description" content="' . htmlspecialchars($icmsConfigMetaFooter['meta_description']) . '" />
<meta name="rating" content="' . htmlspecialchars($icmsConfigMetaFooter['meta_rating']) . '" />
<meta name="author" content="' . htmlspecialchars($icmsConfigMetaFooter['meta_author']) . '" />
<meta name="copyright" content="' . htmlspecialchars($icmsConfigMetaFooter['meta_copyright']) . '" />
<meta name="generator" content="ImpressCMS" />
<title>' . htmlspecialchars($icmsConfig['sitename']) . '</title>
<script type="text/javascript" src="' . ICMS_URL . '/include/xoops.js"></script>
<script type="text/javascript" src="' . ICMS_URL . '/include/linkexternal.js"></script>
<link rel="stylesheet" type="text/css" media="all" href="' . ICMS_URL . '/icms' . (defined('_ADM_USE_RTL') && _ADM_USE_RTL ? '_rtl' : '') . '.css" />';
$style_info = '';
if (!empty($icmsConfigPlugins['sanitizer_plugins'])) {
foreach ($icmsConfigPlugins['sanitizer_plugins'] as $key) {
if (empty($key)) {
continue;
}
if (file_exists(ICMS_ROOT_PATH . '/plugins/textsanitizer/' . $key . '/' . $key . '.css')) {
echo '<link rel="stylesheet" media="screen" href="' . ICMS_URL . '/plugins/textsanitizer/' . $key . '/' . $key . '.css" type="text/css" />';
} else {
$extension = (include_once ICMS_ROOT_PATH . '/plugins/textsanitizer/' . $key . '/' . $key . '.php');
$func = 'style_' . $key;
if (function_exists($func)) {
$style_info = $func();
if (!empty($style_info)) {
if (!file_exists(ICMS_ROOT_PATH . '/' . $style_info)) {
echo '<style media="screen" type="text/css">
' . $style_info . '
</style>';
} else {
echo '<link rel="stylesheet" media="screen" href="' . $style_info . '" type="text/css" />';
}
}
}
}
}
}
$themecss = xoops_getcss($icmsConfig['theme_set']);
if ($themecss) {
echo '<link rel="stylesheet" type="text/css" media="all" href="' . $themecss . '" />';
}
if ($closehead) {
echo '</head><body>';
}
}
/**
* Returns the bodytext in a certain format
*
* @param string $format
* @return string $bodytext
**/
function bodytext($format = 'Show')
{
$myts =& icms_core_Textsanitizer::getInstance();
$html = 1;
$smiley = 1;
$xcodes = 1;
if ($this->nohtml()) {
$html = 0;
}
if ($this->nosmiley()) {
$smiley = 0;
}
switch ($format) {
case 'Show':
$bodytext = $myts->displayTarea($this->bodytext, $html, $smiley, $xcodes);
break;
case 'Edit':
$bodytext = $myts - previewTarea($this->bodytext);
break;
case 'Preview':
$bodytext = $myts->previewTarea($this->bodytext, $html, $smiley, $xcodes);
break;
case 'InForm':
$bodytext = $myts->makeTareaData4PreviewInForm($this->bodytext);
break;
}
return $bodytext;
}
<?php
require_once dirname(dirname(__FILE__)) . '/class/gtickets.php';
$myts =& icms_core_Textsanitizer::getInstance();
$db =& icms_db_Factory::instance();
// GET vars
$pos = empty($_GET['pos']) ? 0 : intval($_GET['pos']);
$num = empty($_GET['num']) ? 20 : intval($_GET['num']);
// for RTL users
@define('_GLOBAL_LEFT', @_ADM_USE_RTL == 1 ? 'right' : 'left');
@define('_GLOBAL_RIGHT', @_ADM_USE_RTL == 1 ? 'left' : 'right');
// Table Name
$log_table = $db->prefix($mydirname . "_log");
// Protector object
require_once dirname(dirname(__FILE__)) . '/class/protector.php';
$db =& icms_db_Factory::instance();
$protector =& Protector::getInstance($db->conn);
$conf = $protector->getConf();
//
// transaction stage
//
if (!empty($_POST['action'])) {
// Ticket check
if (!$xoopsGTicket->check(true, 'protector_admin')) {
redirect_header(XOOPS_URL . '/', 3, $xoopsGTicket->getErrors());
}
if ($_POST['action'] == 'update_ips') {
$error_msg = '';
$lines = empty($_POST['bad_ips']) ? array() : explode("\n", trim($_POST['bad_ips']));
$bad_ips = array();
foreach ($lines as $line) {
/**
* Gets list of topics
* @return array $ret Array of topic id's, topic parentid's and topic titles
**/
function getTopicsList()
{
$result = $this->db->query('SELECT topic_id, topic_pid, topic_title FROM ' . $this->table);
$ret = array();
$myts =& icms_core_Textsanitizer::getInstance();
while ($myrow = $this->db->fetchArray($result)) {
$ret[$myrow['topic_id']] = array('title' => $myts->htmlspecialchars($myrow['topic_title']), 'pid' => $myrow['topic_pid']);
}
return $ret;
}
/**
* returns a specific variable for the object in a proper format
*
* We had to put this method in the icms_ipf_Object because the XOBJ_DTYPE_ARRAY does not work properly
* at least on PHP 5.1. So we have created a new type XOBJ_DTYPE_SIMPLE_ARRAY to handle 1 level array
* as a string separated by |
*
* @access public
* @param string $key key of the object's variable to be returned
* @param string $format format to use for the output
* @return mixed formatted value of the variable
*/
public function getVar($key, $format = 's')
{
global $myts;
$ret = $this->vars[$key]['value'];
switch ($this->vars[$key]['data_type']) {
case XOBJ_DTYPE_TXTBOX:
switch (strtolower($format)) {
case 's':
case 'show':
// ML Hack by marcan
$ret = icms_core_DataFilter::htmlSpecialChars($ret);
if (method_exists($myts, 'formatForML')) {
return $ts->formatForML($ret);
} else {
return $ret;
}
break 1;
// End of ML Hack by marcan
// End of ML Hack by marcan
case 'clean':
$ret = icms_html2text($ret);
$ret = icms_purifyText($ret);
return $ret;
break 1;
// End of ML Hack by marcan
// End of ML Hack by marcan
case 'e':
case 'edit':
return icms_core_DataFilter::htmlSpecialChars($ret);
break 1;
case 'p':
case 'preview':
case 'f':
case 'formpreview':
return icms_core_DataFilter::htmlSpecialChars(icms_core_DataFilter::stripSlashesGPC($ret));
break 1;
case 'n':
case 'none':
default:
break 1;
}
break;
case XOBJ_DTYPE_LTIME:
switch (strtolower($format)) {
case 's':
case 'show':
case 'p':
case 'preview':
case 'f':
case 'formpreview':
$ret = formatTimestamp($ret, _DATESTRING);
return $ret;
break 1;
case 'n':
case 'none':
case 'e':
case 'edit':
break 1;
default:
break 1;
}
break;
case XOBJ_DTYPE_STIME:
switch (strtolower($format)) {
case 's':
case 'show':
case 'p':
case 'preview':
case 'f':
case 'formpreview':
$ret = formatTimestamp($ret, _SHORTDATESTRING);
return $ret;
break 1;
case 'n':
case 'none':
case 'e':
case 'edit':
break 1;
default:
break 1;
}
break;
case XOBJ_DTYPE_TIME_ONLY:
switch (strtolower($format)) {
case 's':
case 'show':
case 'p':
case 'preview':
case 'f':
case 'formpreview':
$ret = formatTimestamp($ret, 'G:i');
return $ret;
break 1;
case 'n':
case 'none':
case 'e':
case 'edit':
break 1;
default:
break 1;
}
break;
case XOBJ_DTYPE_CURRENCY:
$decimal_section_original = strstr($ret, '.');
$decimal_section = $decimal_section_original;
if ($decimal_section) {
if (strlen($decimal_section) == 1) {
$decimal_section = '.00';
} elseif (strlen($decimal_section) == 2) {
$decimal_section = $decimal_section . '0';
}
$ret = str_replace($decimal_section_original, $decimal_section, $ret);
} else {
$ret = $ret . '.00';
}
break;
case XOBJ_DTYPE_TXTAREA:
switch (strtolower($format)) {
case 's':
case 'show':
$ts = icms_core_Textsanitizer::getInstance();
$html = !empty($this->vars['dohtml']['value']) ? 1 : 0;
$xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0;
$smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0;
$image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0;
$br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0;
if (defined('XOOPS_EDITOR_IS_HTML')) {
$br = false;
}
if ($html) {
return $ts->displayTarea($ret, $html, $smiley, $xcode, $image, $br);
} else {
return icms_core_DataFilter::checkVar($ret, 'text', 'output');
}
break 1;
case 'e':
case 'edit':
return htmlspecialchars($ret, ENT_QUOTES);
break 1;
case 'p':
case 'preview':
$ts = icms_core_Textsanitizer::getInstance();
$html = !empty($this->vars['dohtml']['value']) ? 1 : 0;
$xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0;
$smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0;
$image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0;
$br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0;
if ($html) {
return $ts->previewTarea($ret, $html, $smiley, $xcode, $image, $br);
} else {
return icms_core_DataFilter::checkVar($ret, 'text', 'output');
}
break 1;
case 'f':
case 'formpreview':
return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES);
break 1;
case 'n':
case 'none':
default:
break 1;
}
break;
case XOBJ_DTYPE_SIMPLE_ARRAY:
$ret =& explode('|', $ret);
break;
case XOBJ_DTYPE_ARRAY:
$ret =& unserialize($ret);
break;
case XOBJ_DTYPE_SOURCE:
switch (strtolower($format)) {
case 's':
case 'show':
break 1;
case 'e':
case 'edit':
return htmlspecialchars($ret, ENT_QUOTES);
break 1;
case 'p':
case 'preview':
return icms_core_DataFilter::stripSlashesGPC($ret);
break 1;
case 'f':
case 'formpreview':
return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES);
break 1;
case 'n':
case 'none':
default:
break 1;
}
break;
default:
if ($this->vars[$key]['options'] != '' && $ret != '') {
switch (strtolower($format)) {
case 's':
case 'show':
$selected = explode('|', $ret);
$options = explode('|', $this->vars[$key]['options']);
$i = 1;
$ret = array();
foreach ($options as $op) {
if (in_array($i, $selected)) {
$ret[] = $op;
}
$i++;
}
return implode(', ', $ret);
case 'e':
case 'edit':
$ret = explode('|', $ret);
break 1;
default:
break 1;
}
}
break;
}
return $ret;
}
/**
*
*
* @param unknown_type $key
* @param unknown_type $editor
*/
public function getValueFor($key, $editor = true)
{
global $icmsModuleConfig;
$ret = $this->getVar($key, 'n');
$myts = icms_core_Textsanitizer::getInstance();
$control = isset($this->controls[$key]) ? $this->controls[$key] : false;
$form_editor = isset($control['form_editor']) ? $control['form_editor'] : 'textarea';
$html = isset($this->vars['dohtml']) ? $this->getVar('dohtml') : true;
$smiley = true;
$xcode = true;
$image = true;
$br = isset($this->vars['dobr']) ? $this->getVar('dobr') : true;
$formatML = true;
if ($form_editor == 'default') {
global $icmsModuleConfig;
$form_editor = isset($icmsModuleConfig['default_editor']) ? $icmsModuleConfig['default_editor'] : 'textarea';
}
if ($editor) {
if (defined('XOOPS_EDITOR_IS_HTML') && !in_array($form_editor, array('formtextarea', 'textarea', 'dhtmltextarea'))) {
$br = false;
$formatML = !$editor;
} else {
return htmlspecialchars($ret, ENT_QUOTES);
}
}
if (method_exists($myts, 'formatForML')) {
return $myts->displayTarea($ret, $html, $smiley, $xcode, $image, $br, $formatML);
} else {
if ($html) {
if ($br) {
return icms_core_DataFilter::filterHTMLdisplay($ret, $xcode, $br);
} else {
return icms_core_DataFilter::checkVar($ret, 'html', 'output');
}
} else {
return icms_core_DataFilter::checkVar($ret, 'text', 'output');
}
}
}
/**
* returns a specific variable for the object in a proper format
*
* @access public
* @param string $key key of the object's variable to be returned
* @param string $format format to use for the output
* @return mixed formatted value of the variable
*/
public function getVar($key, $format = 's')
{
$ret = $this->vars[$key]['value'];
switch ($this->vars[$key]['data_type']) {
case XOBJ_DTYPE_TXTBOX:
switch (strtolower($format)) {
case 's':
case 'show':
case 'e':
case 'edit':
return icms_core_DataFilter::htmlSpecialchars($ret);
break 1;
case 'p':
case 'preview':
case 'f':
case 'formpreview':
return icms_core_DataFilter::htmlSpecialchars(icms_core_DataFilter::stripSlashesGPC($ret));
break 1;
case 'n':
case 'none':
default:
break 1;
}
break;
case XOBJ_DTYPE_TXTAREA:
switch (strtolower($format)) {
case 's':
case 'show':
$ts =& icms_core_Textsanitizer::getInstance();
$html = !empty($this->vars['dohtml']['value']) ? 1 : 0;
$xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0;
$smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0;
$image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0;
$br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0;
if ($html) {
return $ts->displayTarea($ret, $html, $smiley, $xcode, $image, $br);
} else {
return icms_core_DataFilter::checkVar($ret, 'text', 'output');
}
break 1;
case 'e':
case 'edit':
return htmlspecialchars($ret, ENT_QUOTES);
break 1;
case 'p':
case 'preview':
$ts =& icms_core_Textsanitizer::getInstance();
$html = !empty($this->vars['dohtml']['value']) ? 1 : 0;
$xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0;
$smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0;
$image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0;
$br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0;
if ($html) {
return $ts->previewTarea($ret, $html, $smiley, $xcode, $image, $br);
} else {
return icms_core_DataFilter::checkVar($ret, 'text', 'output');
}
break 1;
case 'f':
case 'formpreview':
return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES);
break 1;
case 'n':
case 'none':
default:
break 1;
}
break;
case XOBJ_DTYPE_ARRAY:
$ret =& unserialize($ret);
break;
case XOBJ_DTYPE_SOURCE:
switch (strtolower($format)) {
case 's':
case 'show':
break 1;
case 'e':
case 'edit':
return htmlspecialchars($ret, ENT_QUOTES);
break 1;
case 'p':
case 'preview':
return icms_core_DataFilter::stripSlashesGPC($ret);
break 1;
case 'f':
case 'formpreview':
return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES);
break 1;
case 'n':
case 'none':
default:
break 1;
}
break;
default:
if ($this->vars[$key]['options'] != '' && $ret != '') {
switch (strtolower($format)) {
case 's':
case 'show':
$selected = explode('|', $ret);
$options = explode('|', $this->vars[$key]['options']);
$i = 1;
$ret = array();
foreach ($options as $op) {
if (in_array($i, $selected)) {
$ret[] = $op;
}
$i++;
}
return implode(', ', $ret);
case 'e':
case 'edit':
$ret = explode('|', $ret);
break 1;
default:
break 1;
}
}
break;
}
return $ret;
}
public function __construct()
{
parent::getInstance();
$this->_deprecated = icms_core_Debug::setDeprecated('icms_core_DataFilter', sprintf(_CORE_REMOVE_IN_VERSION, '1.4'));
}
static public function sessionAutologin($autologinName, $autologinPass) {
// autologin V2 GIJ
if (!empty($_POST)) {
$_SESSION['AUTOLOGIN_POST'] = $_POST;
$_SESSION['AUTOLOGIN_REQUEST_URI'] = $_SERVER['REQUEST_URI'];
redirect_header(ICMS_URL . '/session_confirm.php', 0, ' ');
} elseif (!empty($_SERVER['QUERY_STRING']) && substr($_SERVER['SCRIPT_NAME'], -19) != 'session_confirm.php') {
$_SESSION['AUTOLOGIN_REQUEST_URI'] = $_SERVER['REQUEST_URI'];
redirect_header(ICMS_URL . '/session_confirm.php', 0, ' ');
}
// end of autologin V2
// redirect to ICMS_URL/ when query string exists (anti-CSRF) V1 code
/* if (! empty($_SERVER['QUERY_STRING'])) {
redirect_header(ICMS_URL . '/' , 0 , 'Now, logging in automatically') ;
exit ;
}*/
$myts = icms_core_Textsanitizer::getInstance();
$uname = $myts->stripSlashesGPC($autologinName);
$pass = $myts->stripSlashesGPC($autologinPass);
if (empty($uname) || is_numeric($pass)) {
$user = false ;
} else {
// V3
$uname4sql = addslashes($uname);
$criteria = new icms_db_criteria_Compo(new icms_db_criteria_Item('uname', $uname4sql));
$user_handler = icms::handler('icms_member_user');
$users = $user_handler->getObjects($criteria, false);
if (empty($users) || count($users) != 1) {
$user = false ;
} else {
// V3.1 begin
$user = $users[0] ;
$old_limit = time() - (defined('ICMS_AUTOLOGIN_LIFETIME') ? ICMS_AUTOLOGIN_LIFETIME : 604800);
list($old_Ynj, $old_encpass) = explode(':', $pass);
if (strtotime($old_Ynj) < $old_limit || md5($user->getVar('pass') .
ICMS_DB_PASS . ICMS_DB_PREFIX . $old_Ynj) != $old_encpass)
{
$user = false;
}
// V3.1 end
}
unset($users);
}
$icms_cookie_path = defined('ICMS_COOKIE_PATH') ? ICMS_COOKIE_PATH
: preg_replace('?http://[^/]+(/.*)$?', "$1", ICMS_URL);
if ($icms_cookie_path == ICMS_URL) {
$icms_cookie_path = '/';
}
if (false != $user && $user->getVar('level') > 0) {
// update time of last login
$user->setVar('last_login', time());
if (!icms::handler('icms_member')->insertUser($user, true)) {
}
//$_SESSION = array();
$_SESSION['xoopsUserId'] = $user->getVar('uid');
$_SESSION['xoopsUserGroups'] = $user->getGroups();
global $icmsConfig;
$user_theme = $user->getVar('theme');
$user_language = $user->getVar('language');
if (in_array($user_theme, $icmsConfig['theme_set_allowed'])) {
$_SESSION['xoopsUserTheme'] = $user_theme;
}
$_SESSION['UserLanguage'] = $user_language;
// update autologin cookies
// we need to secure cookie when using SSL
$secure = substr(ICMS_URL, 0, 5) == 'https' ? 1 : 0;
// 1 week default
$expire = time()
+ (defined('ICMS_AUTOLOGIN_LIFETIME') ? ICMS_AUTOLOGIN_LIFETIME : 604800);
setcookie('autologin_uname', $uname, $expire, $icms_cookie_path, '', $secure, 1);
// V3.1
$Ynj = date('Y-n-j');
setcookie(
'autologin_pass', $Ynj . ':' . md5($user->getVar('pass') . ICMS_DB_PASS . ICMS_DB_PREFIX . $Ynj),
$expire, $icms_cookie_path, '', $secure, 1
);
} else {
setcookie('autologin_uname', '', time() - 3600, $icms_cookie_path, '', 0, 0);
setcookie('autologin_pass', '', time() - 3600, $icms_cookie_path, '', 0, 0);
}
}
