Vergleich admin/global.php - 1.2.0 - 1.2.3

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 6	Zeile 6
* Website: http://www.mybboard.com * License: http://www.mybboard.com/eula.html *	* Website: http://www.mybboard.com * License: http://www.mybboard.com/eula.html *
* $Id: global.php 2175 2006-08-31 04:27:16Z Tikitiki $	* $Id: global.php 2771 2007-02-11 16:42:08Z CraKteR $
*/ // Lets pretend we're a level higher	*/ // Lets pretend we're a level higher
Zeile 20	Zeile 20
$config['admin_dir'] = "admin"; }	$config['admin_dir'] = "admin"; }
require_once dirname(dirname(__FILE__))."/inc/init.php";	require_once "../inc/init.php";
define('MYBB_ADMIN_DIR', MYBB_ROOT.$config['admin_dir'].'/');	define('MYBB_ADMIN_DIR', MYBB_ROOT.$config['admin_dir'].'/');
Zeile 73	Zeile 73
if($user['uid']) {	if($user['uid']) {
	$sid = md5(uniqid(microtime()));
// Create a new admin session for this user $admin_session = array(	// Create a new admin session for this user $admin_session = array(
"sid" => md5(uniqid(microtime())),	"sid" => $sid,
"uid" => $user['uid'], "loginkey" => $user['loginkey'], "ip" => $db->escape_string(get_ip()),	"uid" => $user['uid'], "loginkey" => $user['loginkey'], "ip" => $db->escape_string(get_ip()),
Zeile 83	Zeile 85
"lastactive" => time() ); $db->insert_query(TABLE_PREFIX."adminsessions", $admin_session);	"lastactive" => time() ); $db->insert_query(TABLE_PREFIX."adminsessions", $admin_session);
	$url = "index.php?adminsid=$sid"; if($mybb->input['goto']) { $url .= "&goto=".urlencode($mybb->input['goto']); } header("Location: $url");
} } else if($mybb->input['action'] == "logout")	} } else if($mybb->input['action'] == "logout")
Zeile 100	Zeile 108
} // Otherwise, check admin session else	} // Otherwise, check admin session else
{	{
$query = $db->simple_select(TABLE_PREFIX."adminsessions", "*", "sid='".$db->escape_string($mybb->input['adminsid'])."'"); $admin_session = $db->fetch_array($query);	$query = $db->simple_select(TABLE_PREFIX."adminsessions", "*", "sid='".$db->escape_string($mybb->input['adminsid'])."'"); $admin_session = $db->fetch_array($query);

// No matching admin session found - show message on login screen if(!$admin_session['sid']) {	// No matching admin session found - show message on login screen if(!$admin_session['sid']) {
Zeile 117	Zeile 125
// Login key has changed - force logout if(!$user['uid'] && $user['loginkey'] != $admin_session['loginkey'])	// Login key has changed - force logout if(!$user['uid'] && $user['loginkey'] != $admin_session['loginkey'])
{	{
unset($user); } else	unset($user); } else
Zeile 169	Zeile 177
$groupscache = $cache->read("usergroups"); $admingroup = usergroup_permissions($mybbgroups);	$groupscache = $cache->read("usergroups"); $admingroup = usergroup_permissions($mybbgroups);

if($admingroup['cancp'] != "yes" \|\| !$user['uid']) { unset($user); }	if($admingroup['cancp'] != "yes" \|\| !$user['uid']) { unset($user); }

if($user['uid']) { $mybbadmin = $mybb->user = $user;	if($user['uid']) { $mybbadmin = $mybb->user = $user;
Zeile 185	Zeile 193
if($adminoptions['cpstyle'] && file_exists(MYBB_ADMIN_DIR."styles/{$adminoptions['cpstyle']}/stylesheet.css")) { $style = "./styles/{$adminoptions['cpstyle']}/stylesheet.css";	if($adminoptions['cpstyle'] && file_exists(MYBB_ADMIN_DIR."styles/{$adminoptions['cpstyle']}/stylesheet.css")) { $style = "./styles/{$adminoptions['cpstyle']}/stylesheet.css";
}	}
// Update the session information in the DB if($admin_session['sid']) {	// Update the session information in the DB if($admin_session['sid']) {
Zeile 221	Zeile 229
if(!empty($_SERVER['QUERY_STRING'])) { $goto .= '?'.$_SERVER['QUERY_STRING'];	if(!empty($_SERVER['QUERY_STRING'])) { $goto .= '?'.$_SERVER['QUERY_STRING'];
$goto = preg_replace('#(&?\|&?\|\??)adminsid=([a-zA-Z0-9]{1,32})#i', '', $goto);	if(strpos($goto, '&') !== false) { $goto = preg_replace('#(&?\|&?\|\??)adminsid=([a-zA-Z0-9]{1,32})(&?\|&?)#i', '\\1', $goto); } else { $goto = preg_replace('#\?adminsid=([a-zA-Z0-9]{1,32})#i', '', $goto); }
} } else	} } else