} else { if (defined("STO_LOGIN") && STO_LOGIN && file_exists(ROOT_PATH . "/login_hook.php")) { require_once ROOT_PATH . "/login_hook.php"; } } if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "login") { require_once ROOT_PATH . "/accounts.php"; $user = trim($_REQUEST["login_user"]); $pass = trim($_REQUEST["login_pass"]); if (!isset($bb_accounts["users"][$user]) || $bb_accounts["users"][$user]["pass"] != sha1($user . ":" . $pass)) { echo "<span class=\"error\">Incorrect username or password.</span>"; exit; } BB_DeleteExpiredUserSessions(); if (isset($_REQUEST["login_reset"]) && $_REQUEST["login_reset"] == "yes") { BB_SetUserPassword($user, $pass); } require_once ROOT_PATH . "/" . SUPPORT_PATH . "/cookie.php"; $id = BB_NewUserSession($user, isset($_REQUEST["bbl"]) ? $_REQUEST["bbl"] : ""); if ($id === false) { $id = BB_NewUserSession($user, ""); } if ($id === false) { echo "<span class=\"error\">Unable to create session.</span>"; exit; } SetCookieFixDomain("bbl", $id, $bb_accounts["sessions"][$id]["expire"], ROOT_URL . "/", "", USE_HTTPS, true); SetCookieFixDomain("bbq", "1", $bb_accounts["sessions"][$id]["expire"], ROOT_URL . "/", ""); ?> <span class="success">Successfully logged in.</span><br /> <a href="<?php
BB_RunPluginAction("post_bb_main_edit_site_opt_view_translation_notifications"); } else { if ($_REQUEST["bb_action"] == "bb_main_edit_site_opt_profile_submit") { BB_RunPluginAction("pre_bb_main_edit_site_opt_profile_submit"); $pass = $_REQUEST["oldpass"]; if ($pass != "") { if ($bb_account["pass"] !== sha1($bb_account["user"] . ":" . $pass)) { BB_PropertyFormError("'Current Password' is incorrect."); } if ($_REQUEST["newpass"] === "") { BB_PropertyFormError("New password field not filled out."); } if ($_REQUEST["newpass"] !== $_REQUEST["newpass2"]) { BB_PropertyFormError("New password fields are not the same."); } BB_SetUserPassword($bb_account["user"], $_REQUEST["newpass"]); // BB_SetUserPassword wipes out the existing session. Create a new session. require_once ROOT_PATH . "/" . SUPPORT_PATH . "/cookie.php"; $id = BB_NewUserSession($bb_account["user"], $_REQUEST["bbl"]); if ($id === false) { $id = BB_NewUserSession($bb_account["user"], ""); } if ($id === false) { echo "<span class=\"error\">Unable to create session.</span>"; exit; } SetCookieFixDomain("bbl", $id, $bb_accounts["sessions"][$id]["expire"], ROOT_URL . "/", "", USE_HTTPS, true); unset($id); } ?> <div class="success"><?php