changeset 700 | 491314c44d23 |
parent 697 | 8e9ba8b131fa |
child 711 | f70d764aab33 |
699:c7d737202d59 | 700:491314c44d23 |
---|---|
884 * @return bool |
884 * @return bool |
885 */ |
885 */ |
886 |
886 |
887 function register_session($user_id, $username, $password, $level = USER_LEVEL_MEMBER, $remember = false) |
887 function register_session($user_id, $username, $password, $level = USER_LEVEL_MEMBER, $remember = false) |
888 { |
888 { |
889 global $db, $session, $paths, $template, $plugins; // Common objects |
|
890 |
|
889 // Random key identifier |
891 // Random key identifier |
890 $salt = md5(microtime() . mt_rand()); |
892 $salt = md5(microtime() . mt_rand()); |
891 |
893 |
892 // SHA1 hash of password, stored in the key |
894 // SHA1 hash of password, stored in the key |
893 $passha1 = sha1($password); |
895 $passha1 = sha1($password); |
931 die('Somehow an SQL injection attempt crawled into our session registrar! (1)'); |
933 die('Somehow an SQL injection attempt crawled into our session registrar! (1)'); |
932 if(!is_int($level)) |
934 if(!is_int($level)) |
933 die('Somehow an SQL injection attempt crawled into our session registrar! (2)'); |
935 die('Somehow an SQL injection attempt crawled into our session registrar! (2)'); |
934 |
936 |
935 // All done! |
937 // All done! |
936 $query = $this->sql('INSERT INTO '.table_prefix.'session_keys(session_key, salt, user_id, auth_level, source_ip, time, key_type) VALUES(\''.$keyhash.'\', \''.$salt.'\', '.$user_id.', '.$level.', \''.$ip.'\', '.$time.', ' . $key_type . ');'); |
938 $query = $db->sql_query('INSERT INTO '.table_prefix.'session_keys(session_key, salt, user_id, auth_level, source_ip, time, key_type) VALUES(\''.$keyhash.'\', \''.$salt.'\', '.$user_id.', '.$level.', \''.$ip.'\', '.$time.', ' . $key_type . ');'); |
939 if ( !$query && defined('IN_ENANO_UPGRADE') ) |
|
940 // we're trying to upgrade so the key_type column is probably missing - try it again without specifying the key type |
|
941 $this->sql('INSERT INTO '.table_prefix.'session_keys(session_key, salt, user_id, auth_level, source_ip, time) VALUES(\''.$keyhash.'\', \''.$salt.'\', '.$user_id.', '.$level.', \''.$ip.'\', '.$time.');'); |
|
942 |
|
937 return true; |
943 return true; |
938 } |
944 } |
939 |
945 |
940 /** |
946 /** |
941 * Identical to register_session in nature, but uses the old login/table structure. DO NOT use this except in the upgrade script under very controlled circumstances. |
947 * Identical to register_session in nature, but uses the old login/table structure. DO NOT use this except in the upgrade script under very controlled circumstances. |