} else {
if (defined("STO_LOGIN") && STO_LOGIN && file_exists(ROOT_PATH . "/login_hook.php")) {
require_once ROOT_PATH . "/login_hook.php";
}
}
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "login") {
require_once ROOT_PATH . "/accounts.php";
$user = trim($_REQUEST["login_user"]);
$pass = trim($_REQUEST["login_pass"]);
if (!isset($bb_accounts["users"][$user]) || $bb_accounts["users"][$user]["pass"] != sha1($user . ":" . $pass)) {
echo "<span class=\"error\">Incorrect username or password.</span>";
exit;
}
BB_DeleteExpiredUserSessions();
if (isset($_REQUEST["login_reset"]) && $_REQUEST["login_reset"] == "yes") {
BB_SetUserPassword($user, $pass);
}
require_once ROOT_PATH . "/" . SUPPORT_PATH . "/cookie.php";
$id = BB_NewUserSession($user, isset($_REQUEST["bbl"]) ? $_REQUEST["bbl"] : "");
if ($id === false) {
$id = BB_NewUserSession($user, "");
}
if ($id === false) {
echo "<span class=\"error\">Unable to create session.</span>";
exit;
}
SetCookieFixDomain("bbl", $id, $bb_accounts["sessions"][$id]["expire"], ROOT_URL . "/", "", USE_HTTPS, true);
SetCookieFixDomain("bbq", "1", $bb_accounts["sessions"][$id]["expire"], ROOT_URL . "/", "");
?>
<span class="success">Successfully logged in.</span><br />
<a href="<?php
BB_RunPluginAction("post_bb_main_edit_site_opt_view_translation_notifications");
} else {
if ($_REQUEST["bb_action"] == "bb_main_edit_site_opt_profile_submit") {
BB_RunPluginAction("pre_bb_main_edit_site_opt_profile_submit");
$pass = $_REQUEST["oldpass"];
if ($pass != "") {
if ($bb_account["pass"] !== sha1($bb_account["user"] . ":" . $pass)) {
BB_PropertyFormError("'Current Password' is incorrect.");
}
if ($_REQUEST["newpass"] === "") {
BB_PropertyFormError("New password field not filled out.");
}
if ($_REQUEST["newpass"] !== $_REQUEST["newpass2"]) {
BB_PropertyFormError("New password fields are not the same.");
}
BB_SetUserPassword($bb_account["user"], $_REQUEST["newpass"]);
// BB_SetUserPassword wipes out the existing session. Create a new session.
require_once ROOT_PATH . "/" . SUPPORT_PATH . "/cookie.php";
$id = BB_NewUserSession($bb_account["user"], $_REQUEST["bbl"]);
if ($id === false) {
$id = BB_NewUserSession($bb_account["user"], "");
}
if ($id === false) {
echo "<span class=\"error\">Unable to create session.</span>";
exit;
}
SetCookieFixDomain("bbl", $id, $bb_accounts["sessions"][$id]["expire"], ROOT_URL . "/", "", USE_HTTPS, true);
unset($id);
}
?>
<div class="success"><?php
