function dbCheckSession(&$session)
{
$rc = null;
$session->trace(TC_Db1, 'dbCheckSession');
if ($session->fSessionUser != null) {
$fields = dbSingleRecord($session, 'select name,locked,theme,width,height,maxhits,postingsperpage,' . 'threadsperpage,startpage from ' . dbTable($session, T_User) . ' where id=' . $session->fSessionUser);
if ($fields == null) {
$rc = 'Unbekannter Benutzer' . ($session->fSessionUser == null ? '!' : ':' . $session->fSessionUser);
} else {
if (false && dbStringToBool($session, $fields[1])) {
$rc = 'Benutzer ' . $session->fSessionUser . ' ist gesperrt';
} else {
# function setUserData ($id, $name, $theme, $width, $height,
# $maxhits, $postingsperpage, $threadsperpage, $startpage) {
$session->setUserData($session->fSessionUser, $fields[0], $fields[2], $fields[3], $fields[4], $fields[5], $fields[6], $fields[7], $fields[8]);
if (!empty($_SERVER['PATH_INFO'])) {
$session->setPageName(substr($_SERVER['PATH_INFO'], 1));
}
$rc = null;
}
}
}
$session->trace(TC_Db1, 'dbCheckSession: rc=' . ($rc == null ? 'null' : $rc));
return $rc;
}
function dbCheckSession(&$session)
{
global $session_id, $session_user;
global $REQUEST_URI, $SCRIPT_NAME, $SCRIPT_FILENAME, $PATH_INFO;
$session->trace(TC_Db1, 'dbCheckSession: ' . "REQEST_URI: {$REQUEST_URI} SCRIPT_NAME: {$SCRIPT_NAME}");
if (empty($session_user)) {
$fields = null;
} else {
$fields = dbSingleRecord($session, 'select name,rights,locked,theme,width,height,maxhits,postingsperpage,' . 'threadsperpage,startpage from ' . dbTable($session, "user") . " where id={$session_user};");
}
if ($fields == null) {
$rc = 'Unbekannter Benutzer: ' . $session_user;
} else {
if (false && dbStringToBool($session, $fields[2])) {
$rc = "Benutzer {$session_user} ist gesperrt";
} else {
$session->setUserData($session_user, $fields[0], $fields[1], $fields[3], $fields[4], $fields[5], $fields[6], $fields[7], $fields[8], $fields[9]);
$uri = substr($REQUEST_URI, strlen($SCRIPT_NAME) + 1);
while (strpos($uri, "index") == 0 && strpos($uri, '/') > 0) {
$uri = substr($uri, strpos($uri, "/") + 1);
}
$session->setScriptBase($REQUEST_URI, $SCRIPT_NAME, $SCRIPT_FILENAME);
$session->setPageName(substr($PATH_INFO, 1));
$session->setMacros();
$rc = false;
}
}
return $rc;
}
function guiLoginAnswer(&$session, &$message)
{
$session->trace(TC_Gui1, 'guiLoginAnswer; login_user: '******'login_user']);
$login_again = true;
$message = null;
$again = false;
$user = $_POST['login_user'];
$email = $_POST['login_email'];
$code = $_POST['login_code'];
if (isset($_POST['but_forget'])) {
if (empty($user)) {
$message = "+kein Benutzername angegeben";
} elseif (empty($email)) {
$message = "+keine EMail-Adresse angegeben";
} else {
$row = dbSingleRecord($session, 'select id,email from ' . dbTable($session, T_User) . ' where name=' . dbSqlString($session, $user));
if (!$row) {
$message = "+unbekannter Benutzer";
} elseif (empty($row[1])) {
$message = "+keine EMail-Adresse eingetragen";
} elseif (strcasecmp($row[1], $email) != 0) {
$message = "+EMail-Adresse ist nicht bekannt";
} else {
sendPassword($session, $row[0], $user, $email);
$message = 'Das Passwort wurde an ' . $email . ' verschickt';
}
}
$again = true;
} else {
$message = dbCheckUser($session, $user, $code);
if (!empty($message)) {
$again = true;
} else {
setLoginCookie($session, $user, $code);
$session->setPageName(P_Home);
$session->setSessionNo(1);
}
}
return $again;
}
function baseLoginAnswer(&$session)
{
$login_again = true;
$session->trace(TC_Gui1, 'baseLoginAnswer');
global $login_user, $login_code, $session_user, $but_forget, $login_email;
if (isset($but_forget)) {
$message = null;
if (empty($login_user)) {
$message = "+kein Benutzername angegeben";
} elseif (empty($login_email)) {
$message = "+keine EMail-Adresse angegeben";
} else {
$row = dbSingleRecord($session, 'select id,email from ' . dbTable($session, T_User) . ' where name=' . dbSqlString($session, $login_user));
if (!$row) {
$message = "+unbekannter Benutzer";
} elseif (empty($row[1])) {
$message = "+keine EMail-Adresse eingetragen";
} elseif (strcasecmp($row[1], $login_email) != 0) {
$message = "+EMail-Adresse ist nicht bekannt";
} else {
sendPassword($session, $row[0], $login_user, $login_email);
$message = 'Das Passwort wurde an ' . $login_email . ' verschickt';
}
}
guiLogin($session, $message);
} else {
$rc = dbCheckUser($session, $login_user, $login_code);
if (!empty($rc)) {
guiLogin($session, $rc);
} else {
setLoginCookie($session, $login_user, $login_code);
$session->setPageName(P_Start);
$login_again = false;
}
}
return $login_again;
}
