--- a/punbb/login.php Wed Jul 11 21:28:39 2007 -0400
+++ b/punbb/login.php Thu Jul 12 01:04:01 2007 -0400
@@ -26,8 +26,11 @@
if (isset($_GET['action']))
define('PUN_QUIET_VISIT', 1);
-define('PUN_ROOT', './');
-require PUN_ROOT.'include/common.php';
+//define('PUN_ROOT', './');
+//require PUN_ROOT.'include/common.php';
+
+global $pun_db, $pun_user, $pun_config, $lang_common;
+
// Load the login.php language file
@@ -40,10 +43,10 @@
$form_username = trim($_POST['req_username']);
$form_password = trim($_POST['req_password']);
- $username_sql = ($db_type == 'mysql' || $db_type == 'mysqli') ? 'username=\''.$db->escape($form_username).'\'' : 'LOWER(username)=LOWER(\''.$db->escape($form_username).'\')';
+ $username_sql = ($db_type == 'mysql' || $db_type == 'mysqli') ? 'username=\''.$pun_db->escape($form_username).'\'' : 'LOWER(username)=LOWER(\''.$pun_db->escape($form_username).'\')';
- $result = $db->query('SELECT id, group_id, password, save_pass FROM '.$db->prefix.'users WHERE '.$username_sql) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
- list($user_id, $group_id, $db_password_hash, $save_pass) = $db->fetch_row($result);
+ $result = $pun_db->query('SELECT id, group_id, password, save_pass FROM '.$pun_db->prefix.'users WHERE '.$username_sql) or error('Unable to fetch user info', __FILE__, __LINE__, $pun_db->error());
+ list($user_id, $group_id, $db_password_hash, $save_pass) = $pun_db->fetch_row($result);
$authorized = false;
@@ -61,7 +64,7 @@
$authorized = true;
if ($sha1_available) // There's an MD5 hash in the database, but SHA1 hashing is available, so we update the DB
- $db->query('UPDATE '.$db->prefix.'users SET password=\''.$form_password_hash.'\' WHERE id='.$user_id) or error('Unable to update user password', __FILE__, __LINE__, $db->error());
+ $pun_db->query('UPDATE '.$pun_db->prefix.'users SET password=\''.$form_password_hash.'\' WHERE id='.$user_id) or error('Unable to update user password', __FILE__, __LINE__, $pun_db->error());
}
}
@@ -70,15 +73,15 @@
// Update the status if this is the first time the user logged in
if ($group_id == PUN_UNVERIFIED)
- $db->query('UPDATE '.$db->prefix.'users SET group_id='.$pun_config['o_default_user_group'].' WHERE id='.$user_id) or error('Unable to update user status', __FILE__, __LINE__, $db->error());
+ $pun_db->query('UPDATE '.$pun_db->prefix.'users SET group_id='.$pun_config['o_default_user_group'].' WHERE id='.$user_id) or error('Unable to update user status', __FILE__, __LINE__, $pun_db->error());
// Remove this users guest entry from the online list
- $db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape(get_remote_address()).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());
+ $pun_db->query('DELETE FROM '.$pun_db->prefix.'online WHERE ident=\''.$pun_db->escape(get_remote_address()).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $pun_db->error());
$expire = ($save_pass == '1') ? time() + 31536000 : 0;
pun_setcookie($user_id, $form_password_hash, $expire);
- redirect(htmlspecialchars($_POST['redirect_url']), $lang_login['Login redirect']);
+ pun_redirect(htmlspecialchars($_POST['redirect_url']), $lang_login['Login redirect']);
}
@@ -91,15 +94,15 @@
}
// Remove user from "users online" list.
- $db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$pun_user['id']) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());
+ $pun_db->query('DELETE FROM '.$pun_db->prefix.'online WHERE user_id='.$pun_user['id']) or error('Unable to delete from online list', __FILE__, __LINE__, $pun_db->error());
// Update last_visit (make sure there's something to update it with)
if (isset($pun_user['logged']))
- $db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error());
+ $pun_db->query('UPDATE '.$pun_db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $pun_db->error());
pun_setcookie(1, random_pass(8), time() + 31536000);
- redirect('index.php', $lang_login['Logout redirect']);
+ pun_redirect('index.php', $lang_login['Logout redirect']);
}
@@ -117,9 +120,9 @@
if (!is_valid_email($email))
message($lang_common['Invalid e-mail']);
- $result = $db->query('SELECT id, username FROM '.$db->prefix.'users WHERE email=\''.$db->escape($email).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
+ $result = $pun_db->query('SELECT id, username FROM '.$pun_db->prefix.'users WHERE email=\''.$pun_db->escape($email).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $pun_db->error());
- if ($db->num_rows($result))
+ if ($pun_db->num_rows($result))
{
// Load the "activate password" template
$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/activate_password.tpl'));
@@ -134,13 +137,13 @@
$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'].' '.$lang_common['Mailer'], $mail_message);
// Loop through users we found
- while ($cur_hit = $db->fetch_assoc($result))
+ while ($cur_hit = $pun_db->fetch_assoc($result))
{
// Generate a new password and a new password activation code
$new_password = random_pass(8);
$new_password_key = random_pass(8);
- $db->query('UPDATE '.$db->prefix.'users SET activate_string=\''.pun_hash($new_password).'\', activate_key=\''.$new_password_key.'\' WHERE id='.$cur_hit['id']) or error('Unable to update activation data', __FILE__, __LINE__, $db->error());
+ $pun_db->query('UPDATE '.$pun_db->prefix.'users SET activate_string=\''.pun_hash($new_password).'\', activate_key=\''.$new_password_key.'\' WHERE id='.$cur_hit['id']) or error('Unable to update activation data', __FILE__, __LINE__, $pun_db->error());
// Do the user specific replacements to the template
$cur_mail_message = str_replace('<username>', $cur_hit['username'], $mail_message);