Mercurial Mercurial > repos > enano-1.1 / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
includes/sessions.php
changeset 568 3700f7124c2b
parent 557 26479224936a
child 570 4d0d5dae61e5
equal deleted inserted replaced
567:7f196509bf78 568:3700f7124c2b 
   511         $this->password_hash = $userdata['password'];
 
   511         $this->password_hash = $userdata['password'];
 
   512         $this->user_level =    intval($userdata['user_level']);
 
   512         $this->user_level =    intval($userdata['user_level']);
 
   513         $this->real_name =     $userdata['real_name'];
 
   513         $this->real_name =     $userdata['real_name'];
 
   514         $this->email =         $userdata['email'];
 
   514         $this->email =         $userdata['email'];
 
   515         $this->unread_pms =    $userdata['num_pms'];
 
   515         $this->unread_pms =    $userdata['num_pms'];
 
   516         $this->user_title =    $userdata['user_title'];
 
   516         $this->user_title =    ( isset($userdata['user_title']) ) ? $userdata['user_title'] : null;
 
   517         if(!$this->compat)
 
   517         if(!$this->compat)
 
   518         {
 
   518         {
 
   519           $this->theme =         $userdata['theme'];
 
   519           $this->theme =         $userdata['theme'];
 
   520           $this->style =         $userdata['style'];
 
   520           $this->style =         $userdata['style'];
 
   521           $this->signature =     $userdata['signature'];
 
   521           $this->signature =     $userdata['signature'];
 
  1073         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'admin_auth_bad\', '.time().', \''.enano_date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', ' . intval($level) . ')');
 
  1073         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'admin_auth_bad\', '.time().', \''.enano_date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', ' . intval($level) . ')');
 
  1074       else
 
  1074       else
 
  1075         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary) VALUES(\'security\', \'auth_bad\', '.time().', \''.enano_date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\')');
 
  1075         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary) VALUES(\'security\', \'auth_bad\', '.time().', \''.enano_date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\')');
 
  1076         
  1076         
  1077       // Do we also need to increment the lockout countdown?
 
  1077       // Do we also need to increment the lockout countdown?
 
  1078       if ( $policy != 'disable' && !defined('IN_ENANO_INSTALL') )
 
  1078       if ( !defined('IN_ENANO_INSTALL') && $policy != 'disable' )
 
  1079       {
 
  1079       {
 
  1080         $ipaddr = $db->escape($_SERVER['REMOTE_ADDR']);
 
  1080         $ipaddr = $db->escape($_SERVER['REMOTE_ADDR']);
 
  1081         // increment fail count
 
  1081         // increment fail count
 
  1082         $this->sql('INSERT INTO '.table_prefix.'lockout(ipaddr, timestamp, action) VALUES(\'' . $ipaddr . '\', ' . time() . ', \'credential\');');
 
  1082         $this->sql('INSERT INTO '.table_prefix.'lockout(ipaddr, timestamp, action) VALUES(\'' . $ipaddr . '\', ' . time() . ', \'credential\');');
 
  1083         $fails++;
 
  1083         $fails++;
 
  1324       // Special exception for 1.1.x upgrade - the 1.1.3 upgrade changes the size of the column and this is what validate_session
 
  1324       // Special exception for 1.1.x upgrade - the 1.1.3 upgrade changes the size of the column and this is what validate_session
 
  1325       // expects, but if the column size hasn't changed yet just check the first 10 digits of the IP.
 
  1325       // expects, but if the column size hasn't changed yet just check the first 10 digits of the IP.
 
  1326       $fail = true;
 
  1326       $fail = true;
 
  1327       if ( defined('IN_ENANO_UPGRADE') )
 
  1327       if ( defined('IN_ENANO_UPGRADE') )
 
  1328       {
 
  1328       {
 
  1329         if ( installer_enano_version() == '1.1.3' && substr($ip, 0, 10) == substr($row['source_ip'], 0, 10) )
 
  1329         if ( substr($ip, 0, 10) == substr($row['source_ip'], 0, 10) )
 
  1330           $fail = false;
 
  1330           $fail = false;
 
  1331       }
 
  1331       }
 
  1332       // Failed IP address check
 
  1332       // Failed IP address check
 
  1333       // echo '(debug) $session->validate_session: IP address mismatch<br />';
 
  1333       // echo '(debug) $session->validate_session: IP address mismatch<br />';
 
  1334       if ( $fail )
 
  1334       if ( $fail )
Enano CMS (1.1.x)