| changeset 9 | a932ce8c4827 |
| parent 7 | 98bbc533541c |
| 8:8baccbad4a55 | 9:a932ce8c4827 |
|---|---|
88 |
88 |
89 ($hook = get_hook('fn_authenticate_user_start')) ? eval($hook) : null; |
89 ($hook = get_hook('fn_authenticate_user_start')) ? eval($hook) : null; |
90 |
90 |
91 // Check if there's a user matching $user and $password |
91 // Check if there's a user matching $user and $password |
92 $query = array( |
92 $query = array( |
93 'SELECT' => 'eu.username AS username_authoritative, u.*, u.username AS bla, g.*, o.logged, o.idle, o.csrf_token, o.prev_url', |
93 'SELECT' => 'u.*, eu.username, eu.user_id as id, g.*, o.logged, o.idle, o.csrf_token, o.prev_url', |
94 'FROM' => $pun_db->prefix . 'users AS u', |
94 'FROM' => $pun_db->prefix . 'users AS u', |
95 'JOINS' => array( |
95 'JOINS' => array( |
96 array( |
96 array( |
97 'LEFT JOIN' => table_prefix . 'users AS eu', |
97 'LEFT JOIN' => table_prefix . 'users AS eu', |
98 'ON' => 'eu.user_id = u.id' |
98 'ON' => 'eu.user_id = u.id' |
114 // Are we looking for a user ID or a username? |
114 // Are we looking for a user ID or a username? |
115 $query['WHERE'] = 'u.id=' . $session->user_id; |
115 $query['WHERE'] = 'u.id=' . $session->user_id; |
116 |
116 |
117 ($hook = get_hook('fn_qr_get_user')) ? eval($hook) : null; |
117 ($hook = get_hook('fn_qr_get_user')) ? eval($hook) : null; |
118 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
118 $result = $pun_db->query_build($query) or error(__FILE__, __LINE__); |
119 $count = $pun_db->num_rows($result); |
|
120 if ( $count < 1 ) |
|
121 { |
|
122 set_default_user(); |
|
123 return false; |
|
124 } |
|
119 $pun_user = $pun_db->fetch_assoc($result); |
125 $pun_user = $pun_db->fetch_assoc($result); |
120 $pun_user['username'] =& $pun_user['username_authoritative']; |
|
121 |
126 |
122 if (!$session->user_logged_in) |
127 if (!$session->user_logged_in) |
123 set_default_user(); |
128 set_default_user(); |
124 |
129 |
125 ($hook = get_hook('fn_authenticate_user_end')) ? eval($hook) : null; |
130 ($hook = get_hook('fn_authenticate_user_end')) ? eval($hook) : null; |
515 // Generate the "navigator" that appears at the top of every page |
520 // Generate the "navigator" that appears at the top of every page |
516 // |
521 // |
517 function generate_navlinks() |
522 function generate_navlinks() |
518 { |
523 { |
519 global $pun_config, $lang_common, $pun_url, $pun_user; |
524 global $pun_config, $lang_common, $pun_url, $pun_user; |
525 global $db, $session, $paths, $template, $plugins; // Common objects |
|
520 |
526 |
521 // Index should always be displayed |
527 // Index should always be displayed |
522 $links[] = '<li id="navindex"'.((PUN_PAGE == 'index') ? ' class="isactive"' : '').'><a href="'.pun_link($pun_url['index']).'"><span>'.$lang_common['Index'].'</span></a></li>'; |
528 $links[] = '<li id="navindex"'.((PUN_PAGE == 'index') ? ' class="isactive"' : '').'><a href="'.pun_link($pun_url['index']).'"><span>'.$lang_common['Index'].'</span></a></li>'; |
523 |
529 |
524 if ($pun_user['g_view_users'] == '1') |
530 if ($pun_user['g_view_users'] == '1') |
531 { |
537 { |
532 if ($pun_user['g_search'] == '1') |
538 if ($pun_user['g_search'] == '1') |
533 $links[] = '<li id="navsearch"'.((PUN_PAGE == 'search') ? ' class="isactive"' : '').'><a href="'.pun_link($pun_url['search']).'"><span>'.$lang_common['Search'].'</span></a></li>'; |
539 $links[] = '<li id="navsearch"'.((PUN_PAGE == 'search') ? ' class="isactive"' : '').'><a href="'.pun_link($pun_url['search']).'"><span>'.$lang_common['Search'].'</span></a></li>'; |
534 |
540 |
535 $links[] = '<li id="navregister"'.((PUN_PAGE == 'register') ? ' class="isactive"' : '').'><a href="'.pun_link($pun_url['register']).'"><span>'.$lang_common['Register'].'</span></a></li>'; |
541 $links[] = '<li id="navregister"'.((PUN_PAGE == 'register') ? ' class="isactive"' : '').'><a href="'.pun_link($pun_url['register']).'"><span>'.$lang_common['Register'].'</span></a></li>'; |
536 $links[] = '<li id="navlogin"'.((PUN_PAGE == 'login') ? ' class="isactive"' : '').'><a href="'.pun_link($pun_url['login']).'"><span>'.$lang_common['Login'].'</span></a></li>'; |
542 $links[] = '<li id="navlogin"'.((PUN_PAGE == 'login') ? ' class="isactive"' : '').'><a href="'.makeUrlNS('Special', 'Login/' . $paths->fullpage).'" onclick="ajaxStartLogin(); return false;"><span>'.$lang_common['Login'].'</span></a></li>'; |
537 } |
543 } |
538 else |
544 else |
539 { |
545 { |
540 if (!$pun_user['is_admmod']) |
546 if (!$pun_user['is_admmod']) |
541 { |
547 { |
1830 // Used when the CSRF token from the request does not match the token stored in the database. |
1836 // Used when the CSRF token from the request does not match the token stored in the database. |
1831 // |
1837 // |
1832 function csrf_confirm_form() |
1838 function csrf_confirm_form() |
1833 { |
1839 { |
1834 global $pun_db, $pun_url, $lang_common, $pun_config, $base_url, $pun_start, $tpl_main, $pun_user, $pun_page, $pun_updates; |
1840 global $pun_db, $pun_url, $lang_common, $pun_config, $base_url, $pun_start, $tpl_main, $pun_user, $pun_page, $pun_updates; |
1835 |
1841 |
1836 // User pressed the cancel button |
1842 // User pressed the cancel button |
1837 if (isset($_POST['confirm_cancel'])) |
1843 if (isset($_POST['confirm_cancel'])) |
1838 pun_redirect(htmlspecialchars($_POST['prev_url']), $lang_common['Cancel redirect']); |
1844 pun_redirect(htmlspecialchars($_POST['prev_url']), $lang_common['Cancel redirect']); |
1839 |
1845 |
1840 // |
1846 // |