}
$_DSESSION['dateformat'] = empty($_DSESSION['dateformat']) ? $_CHOBITS['settings']['dateformat'] : $_DSESSION['dateformat'];
$_DSESSION['timeformat'] = empty($_DSESSION['timeformat']) ? $_CHOBITS['settings']['timeformat'] : ($_DSESSION['timeformat'] == 1 ? 'h:i A' : 'H:i');
$_DSESSION['timeoffset'] = isset($_DSESSION['timeoffset']) && $_DSESSION['timeoffset'] != 9999 ? $_DSESSION['timeoffset'] : $_CHOBITS['settings']['timeoffset'];
$membertablefields = '';
@extract($_DSESSION);
$lastvisit = empty($lastvisit) ? $timestamp - 86400 : $lastvisit;
$timenow = array('time' => gmdate("{$dateformat} {$timeformat}", $timestamp + 3600 * $timeoffset), 'offset' => $timeoffset >= 0 ? $timeoffset == 0 ? '' : '+' . $timeoffset : $timeoffset);
if (PHP_VERSION > '5.1') {
@date_default_timezone_set('Etc/GMT' . ($timeoffset > 0 ? '-' : '+') . abs($timeoffset));
}
if (empty($nw_uid) || empty($nw_user)) {
$show_cloud = 0;
$nw_user = $nw_nick = '';
$nw_uid = $adminid = 0;
$groupid = empty($groupid) || $groupid != 6 ? 7 : 6;
} else {
$nw_userss = $nw_user;
$nw_user = addslashes($nw_user);
$nw_nick = addslashes($nw_nick);
}
if ($errorreport == 2 || $errorreport == 1 && $adminid > 0) {
error_reporting(E_ERROR | E_WARNING | E_PARSE);
}
define('FORMHASH', GlobalCore::formhash());
$rsshead = $navtitle = $navigation = '';
$_DSESSION['groupid'] = $groupid = empty($ipbanned) ? empty($groupid) ? 7 : intval($groupid) : 6;
if (empty($_DCOOKIE['sid']) || $sid != $_DCOOKIE['sid']) {
GlobalCore::chobits_setcookie('sid', $sid, 604800);
}
}
public static function clearcookies()
{
global $nw_uid, $nw_user, $nw_pw, $adminid, $credits;
GlobalCore::chobits_setcookie('sid', '', -86400 * 365);
GlobalCore::chobits_setcookie('auth', '', -86400 * 365);
GlobalCore::chobits_setcookie('visitedfid', '', -86400 * 365);
GlobalCore::chobits_setcookie('onlinedetail', '', -86400 * 365, 0);
$nw_uid = $adminid = $credits = 0;
$nw_user = $nw_pw = '';
}
} else {
$md5_password = md5($password);
$password = preg_replace("/^(.{" . round(strlen($password) / 4) . "})(.+?)(.{" . round(strlen($password) / 6) . "})\$/s", "\\1***\\3", $password);
}
if (preg_match("%^[A-Za-z][A-Za-z0-9]*_?[A-Za-z0-9]*\$%i", $email)) {
$where = "m.username = '******'";
} else {
$where = "m.email = '{$email}'";
}
$query = $db->query("SELECT m.uid AS nw_uid, m.username AS nw_user, m.nickname AS nw_nick,m.password AS nw_pw,\r\n\t\t\t\t\tm.adminid, m.groupid, m.lastvisit\r\n\t\t\t\t\tFROM {$tablepre}members m\r\n\t\t\t\t\tWHERE {$where}");
$member = $db->fetch_array($query);
if ($member['nw_uid'] && $member['nw_pw'] == $md5_password) {
extract($member);
$nw_userss = $nw_user;
$nw_user = addslashes($nw_user);
$nw_nick = addslashes($nw_nick);
$styleid = 1;
$cookietime = intval(isset($_POST['cookietime']) ? $_POST['cookietime'] : ($_DCOOKIE['cookietime'] ? $_DCOOKIE['cookietime'] : 0));
GlobalCore::chobits_setcookie('cookietime', $cookietime, 31536000);
GlobalCore::chobits_setcookie('auth', GlobalCore::authcode("{$nw_pw}\t{$nw_uid}", 'ENCODE'), $cookietime);
$sessionexists = 0;
GlobalCore::showmessage('login_succeed', NWDIR, 'DONE');
}
$errorlog = GlobalCore::nwHtmlspecialchars($timestamp . "\t" . ($member['nw_user'] ? $member['nw_user'] : stripslashes($username)) . "\t" . $password . "\t" . $onlineip);
GlobalCore::writelog('illegallog', $errorlog);
GlobalCore::loginfailed($loginperm);
GlobalCore::showmessage('login_invalid', NWDIR . '/login', 'HALTED');
}
} else {
GlobalCore::showmessage('undefined_action');
}
