PageRenderTime 46ms CodeModel.GetById 24ms RepoModel.GetById 0ms app.codeStats 0ms

/public_html/phorum/login.php

https://gitlab.com/thejuskrishna/xmec
PHP | 229 lines | 174 code | 22 blank | 33 comment | 19 complexity | 7e9f29b69f09f15f526de9beabfc957d MD5 | raw file
  1. <?php
  2. ////////////////////////////////////////////////////////////////////////////////
  3. // //
  4. // Copyright (C) 2000 Phorum Development Team //
  5. // http://www.phorum.org //
  6. // //
  7. // This program is free software. You can redistribute it and/or modify //
  8. // it under the terms of either the current Phorum License (viewable at //
  9. // phorum.org) or the Phorum License that was distributed with this file //
  10. // //
  11. // This program is distributed in the hope that it will be useful, //
  12. // but WITHOUT ANY WARRANTY, without even the implied warranty of //
  13. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. //
  14. // //
  15. // You should have received a copy of the Phorum License //
  16. // along with this program. //
  17. ////////////////////////////////////////////////////////////////////////////////
  18. require "./common.php";
  19. settype($Error, "string");
  20. //Thats for all those ppl who likes to use different colors in different forums
  21. if($f>0){
  22. $table_width=$ForumTableWidth;
  23. $table_header_color=$ForumTableHeaderColor;
  24. $table_header_font_color=$ForumTableHeaderFontColor;
  25. $table_body_color_1=$ForumTableBodyColor1;
  26. $table_body_font_color_1=$ForumTableBodyFontColor1;
  27. $nav_color=$ForumNavColor;
  28. }
  29. else{
  30. $table_width=$default_table_width;
  31. $table_header_color=$default_table_header_color;
  32. $table_header_font_color=$default_table_header_font_color;
  33. $table_body_color_1=$default_table_body_color_1;
  34. $table_body_font_color_1=$default_table_body_font_color_1;
  35. $nav_color=$default_nav_color;
  36. }
  37. if(empty($target)){
  38. if(isset($HTTP_REFERER)){
  39. $target=$HTTP_REFERER;
  40. }
  41. else{
  42. $target="$forum_url/$forum_page.$ext";
  43. }
  44. }
  45. if (!$xmec_user->isLoggedIn()) {
  46. # added -jsh nov/25
  47. header("Location: ../login.php?xgetpage=$target");
  48. exit();
  49. if (!empty($lp)) {
  50. echo ' <HTML>',
  51. ' <BODY bgcolor="#FFFFFF" topmargin=0 leftmargin=0 marginheight = "0" marginwidth = "0">',
  52. ' <p><br>',
  53. 'Please login using your xmec username & password.<br>',
  54. /*
  55. 'Click <a href=', rawurlencode($target), '>here</a> to get the page, once logged in.',
  56. */
  57. '</body>';
  58. } else {
  59. echo ' <HTML>',
  60. ' <script language="JavaScript">',
  61. 'function loginpage() {',
  62. ' top.location.href="/xmec.php?target=', rawurlencode("/phorum/login.php?target=$target&lp=1"), '";',
  63. '}',
  64. '</script>',
  65. '<BODY bgcolor="#FFFFFF" topmargin=0 leftmargin=0 marginheight = "0" marginwidth = "0">',
  66. ' <p><br>',
  67. 'Please login first, using your xmec username & password to access this page.<br>',
  68. 'If you are not at the login page, click <a href=xx OnClick="JavaScript:loginpage();return false;">here</a> to get it.',
  69. '</body>';
  70. }
  71. exit();
  72. } else {
  73. header("Location: $target");
  74. exit();
  75. }
  76. // ******************************************************
  77. // ********** Nothing gets executed from here onwards..**
  78. // ******************************************************
  79. // initvar("phorum_auth");
  80. // $target=str_replace("phorum_auth=$phorum_auth", '', $target);
  81. if(isset($logout)){
  82. $SQL="update $pho_main"."_auth set sess_id='' where sess_id='$phorum_auth'";
  83. $q->query($DB, $SQL);
  84. unset($phorum_auth);
  85. SetCookie("phorum_auth",'');
  86. header("Location: $target");
  87. exit();
  88. }
  89. if(empty($forgotpass) && !empty($username) && !empty($password)){
  90. $uid=phorum_check_login($username, $password);
  91. if($uid){
  92. $sess_id=phorum_session_id($HTTP_POST_VARS['username'], $HTTP_POST_VARS["password"]);
  93. phorum_login_user($sess_id, $uid);
  94. if(!strstr($target, "?")){
  95. $target.="?f=0$GetVars";
  96. }
  97. else{
  98. $target.="$GetVars";
  99. }
  100. header("Location: $target");
  101. exit();
  102. }
  103. else{
  104. $Error=$lLoginError;
  105. }
  106. } elseif (!empty($forgotpass)) {
  107. $SQL="select username, email from $pho_main"."_auth where username='$lookup' or email='$lookup'";
  108. $q->query($DB, $SQL);
  109. $rec=$q->getrow();
  110. if(!empty($rec["username"])){
  111. $newpass=substr(md5($username.microtime()), 0, 8);
  112. $crypt_pass=md5($newpass);
  113. $SQL="update $pho_main"."_auth set password='$crypt_pass' where username='$rec[username]'";
  114. $q->query($DB, $SQL);
  115. mail($rec["email"], $lNewPassword, "$lNewPassBody:\n\n $lUserName: $rec[username]\n $lPassword: $newpass\n\n$lNewPassChange", "From: <$DefaultEmail>");
  116. $Error=$lNewPassMailed;
  117. } else {
  118. $Error=$lNewPassError;
  119. }
  120. }
  121. if(basename($PHP_SELF)=="login.$ext"){
  122. $title = " - $lLoginCaption";
  123. include phorum_get_file_name("header");
  124. }
  125. // hack
  126. $signup_page="register";
  127. //////////////////////////
  128. // START NAVIGATION //
  129. //////////////////////////
  130. $menu="";
  131. if($ActiveForums>1){
  132. addnav($menu, $lForumList, "$forum_page.$ext?f=0$GetVars");
  133. }
  134. addnav($menu, $lRegisterLink, "$signup_page.$ext?f=$f&target=$target$GetVars");
  135. $nav=getnav($menu);
  136. //////////////////////////
  137. // END NAVIGATION //
  138. //////////////////////////
  139. if($Error){
  140. echo "<p><b>$Error</b>";
  141. }
  142. ?>
  143. <form action="<?php echo "login.$ext"; ?>" method="post">
  144. <input type="hidden" name="f" value="<?php echo $f; ?>">
  145. <input type="hidden" name="target" value="<?php echo $target; ?>">
  146. <?php echo $PostVars; ?>
  147. <table cellspacing="0" cellpadding="0" border="0">
  148. <tr>
  149. <td <?php echo bgcolor($nav_color); ?>>
  150. <table cellspacing="0" cellpadding="2" border="0">
  151. <tr>
  152. <td><?php echo $nav; ?></td>
  153. </tr>
  154. </table>
  155. </td>
  156. </tr>
  157. <tr>
  158. <td <?php echo bgcolor($nav_color); ?>>
  159. <table class="PhorumListTable" cellspacing="0" cellpadding="2" border="0">
  160. <tr>
  161. <td height="21" colspan="2" <?php echo bgcolor($table_header_color); ?>><FONT color="<?php echo $table_header_font_color; ?>">&nbsp;<?php echo $lLoginCaption; ?></font></td>
  162. </tr>
  163. <tr>
  164. <td <?php echo bgcolor($table_body_color_1); ?> nowrap><font color="<?php echo $table_body_font_color_1; ?>">&nbsp;<?php echo $lUserName;?>:</font></td>
  165. <td <?php echo bgcolor($table_body_color_1); ?>><input type="Text" name="username" size="30" maxlength="50"></td>
  166. </tr>
  167. <tr>
  168. <td <?php echo bgcolor($table_body_color_1); ?> nowrap><font color="<?php echo $table_body_font_color_1; ?>">&nbsp;<?php echo $lPassword;?>:</font></td>
  169. <td <?php echo bgcolor($table_body_color_1); ?>><input type="Password" name="password" size="30" maxlength="20"></td>
  170. </tr>
  171. <tr>
  172. <td <?php echo bgcolor($table_body_color_1); ?> nowrap>&nbsp;</td>
  173. <td <?php echo bgcolor($table_body_color_1); ?>><input type="submit" value="<?php echo $lLogin; ?>">&nbsp;<br><img src="images/trans.gif" width=3 height=3 border=0></td>
  174. </tr>
  175. </table>
  176. </td>
  177. </tr>
  178. </table>
  179. </form>
  180. <form action="<?php echo "login.$ext"; ?>" method="post">
  181. <input type="hidden" name="f" value="<?php echo $f; ?>" />
  182. <input type="hidden" name="target" value="<?php echo $target; ?>" />
  183. <input type="hidden" name="forgotpass" value="1" />
  184. <?php echo $PostVars; ?>
  185. <table cellspacing="0" cellpadding="0" border="0">
  186. <tr>
  187. <td <?php echo bgcolor($default_nav_color); ?>>
  188. <table class="PhorumListTable" width="400" cellspacing="0" cellpadding="2" border="0">
  189. <tr>
  190. <td height="21" <?php echo bgcolor($default_table_header_color); ?>><FONT color="<?php echo $default_table_header_font_color; ?>">&nbsp;<?php echo $lForgotPass; ?></font></td>
  191. </tr>
  192. <tr>
  193. <td <?php echo bgcolor($default_table_body_color_1); ?>><font color="<?php echo $default_table_body_font_color_1; ?>"><?php echo $lLostPassExplain; ?></font></td>
  194. </tr>
  195. <tr>
  196. <td align="center" <?php echo bgcolor($default_table_body_color_1); ?>><input type="Text" name="lookup" size="30" maxlength="50"> <input type="submit" value="<?php echo $lSubmit; ?>"></td>
  197. </tr>
  198. </table>
  199. </td>
  200. </tr>
  201. </table>
  202. </form>
  203. <?php
  204. if(basename($PHP_SELF)=="login.$ext"){
  205. include phorum_get_file_name("footer");
  206. }
  207. ?>