Vergleich admin/index.php - 1.6.11 - 1.6.18

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 149Zeile 149
}
elseif($mybb->input['do'] == "login")
{

}
elseif($mybb->input['do'] == "login")
{

 
	// We have an adminsid cookie?
if(isset($mybb->cookies['adminsid']))
{
// Check admin session
$query = $db->simple_select("adminsessions", "sid", "sid='".$db->escape_string($mybb->cookies['adminsid'])."'");
$admin_session = $db->fetch_field($query, 'sid');

// Session found: redirect to index
if($admin_session)
{
admin_redirect("index.php");
}
}


	$user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if($user['uid'])
{

	$user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if($user['uid'])
{

Zeile 179Zeile 193
		);
$db->insert_query("adminsessions", $admin_session);
$admin_session['data'] = array();

		);
$db->insert_query("adminsessions", $admin_session);
$admin_session['data'] = array();

		$db->update_query("adminoptions", array("loginattempts" => 0, "loginlockoutexpiry" => 0), "uid='".intval($mybb->user['uid'])."'", 1);
my_setcookie("adminsid", $sid);

		$db->update_query("adminoptions", array("loginattempts" => 0, "loginlockoutexpiry" => 0), "uid='".intval($mybb->user['uid'])."'");
my_setcookie("adminsid", $sid, '', true);

		my_setcookie('acploginattempts', 0);
$post_verify = false;


		my_setcookie('acploginattempts', 0);
$post_verify = false;


Zeile 226Zeile 240
		switch($mybb->settings['username_method'])
{
case 0:

		switch($mybb->settings['username_method'])
{
case 0:

				$query = $db->simple_select("users", "uid,email", "LOWER(username)='".$username."'", array('limit' => 1));

				$query = $db->simple_select("users", "uid,email", "LOWER(username)='".$username."'", array('limit' => 1));

				break;
case 1:
$query = $db->simple_select("users", "uid,email", "LOWER(email)='".$username."'", array('limit' => 1));

				break;
case 1:
$query = $db->simple_select("users", "uid,email", "LOWER(email)='".$username."'", array('limit' => 1));

Zeile 242Zeile 256

if($login_user['uid'] > 0)
{


if($login_user['uid'] > 0)
{

			$db->update_query("adminoptions", array("loginattempts" => "loginattempts+1"), "uid='".intval($login_user['uid'])."'", 1, true);

			$db->update_query("adminoptions", array("loginattempts" => "loginattempts+1"), "uid='".intval($login_user['uid'])."'", '', true);

		}

$loginattempts = login_attempt_check_acp($login_user['uid'], true);

		}

$loginattempts = login_attempt_check_acp($login_user['uid'], true);

Zeile 253Zeile 267
			// Have we set an expiry yet?
if($loginattempts['loginlockoutexpiry'] == 0)
{

			// Have we set an expiry yet?
if($loginattempts['loginlockoutexpiry'] == 0)
{

				$db->update_query("adminoptions", array("loginlockoutexpiry" => TIME_NOW+(intval($mybb->settings['loginattemptstimeout'])*60)), "uid='".intval($login_user['uid'])."'", 1);

				$db->update_query("adminoptions", array("loginlockoutexpiry" => TIME_NOW+(intval($mybb->settings['loginattemptstimeout'])*60)), "uid='".intval($login_user['uid'])."'");

			}

// Did we hit lockout for the first time? Send the unlock email to the administrator

			}

// Did we hit lockout for the first time? Send the unlock email to the administrator

Zeile 304Zeile 318
			// Fetch the user from the admin session
$query = $db->simple_select("users", "*", "uid='{$admin_session['uid']}'");
$mybb->user = $db->fetch_array($query);

			// Fetch the user from the admin session
$query = $db->simple_select("users", "*", "uid='{$admin_session['uid']}'");
$mybb->user = $db->fetch_array($query);





			// Login key has changed - force logout
if(!$mybb->user['uid'] || $mybb->user['loginkey'] != $admin_session['loginkey'])
{

			// Login key has changed - force logout
if(!$mybb->user['uid'] || $mybb->user['loginkey'] != $admin_session['loginkey'])
{

Zeile 371Zeile 385
}
$mybb->usergroup = usergroup_permissions($mybbgroups);


}
$mybb->usergroup = usergroup_permissions($mybbgroups);


if($mybb->usergroup['cancp'] != 1 || !$mybb->user['uid'])



$is_super_admin = is_super_admin($mybb->user['uid']);

if($mybb->usergroup['cancp'] != 1 && !$is_super_admin || !$mybb->user['uid'])

{
$uid = 0;
if(isset($mybb->user['uid']))

{
$uid = 0;
if(isset($mybb->user['uid']))

Zeile 381Zeile 397
	$db->delete_query("adminsessions", "uid = '{$uid}'");
unset($mybb->user);
my_unsetcookie('adminsid');

	$db->delete_query("adminsessions", "uid = '{$uid}'");
unset($mybb->user);
my_unsetcookie('adminsid');

}

}


if($mybb->user['uid'])
{


if($mybb->user['uid'])
{

Zeile 391Zeile 407
	if(!empty($admin_options['cpstyle']) && file_exists(MYBB_ADMIN_DIR."/styles/{$admin_options['cpstyle']}/main.css"))
{
$cp_style = $admin_options['cpstyle'];

	if(!empty($admin_options['cpstyle']) && file_exists(MYBB_ADMIN_DIR."/styles/{$admin_options['cpstyle']}/main.css"))
{
$cp_style = $admin_options['cpstyle'];

	}

	}


// Update the session information in the DB
if($admin_session['sid'])


// Update the session information in the DB
if($admin_session['sid'])

Zeile 419Zeile 435
	"FormContainer" => "DefaultFormContainer"
);
foreach($classes as $style_name => $default_name)

	"FormContainer" => "DefaultFormContainer"
);
foreach($classes as $style_name => $default_name)

{

{

	// Style does not have this layout generation class, create it
if(!class_exists($style_name))
{

	// Style does not have this layout generation class, create it
if(!class_exists($style_name))
{

Zeile 428Zeile 444
}

$page = new Page;

}

$page = new Page;

$page->style = $cp_style;

$page->style = $cp_style;


// Do not have a valid Admin user, throw back to login page.
if(!isset($mybb->user['uid']) || $logged_out == true)


// Do not have a valid Admin user, throw back to login page.
if(!isset($mybb->user['uid']) || $logged_out == true)

Zeile 456Zeile 472
$page->add_breadcrumb_item($lang->home, "index.php");

// Begin dealing with the modules

$page->add_breadcrumb_item($lang->home, "index.php");

// Begin dealing with the modules

$is_super_admin = is_super_admin($mybb->user['uid']);


 
$modules_dir = MYBB_ADMIN_DIR."modules";
$dir = opendir($modules_dir);
while(($module = readdir($dir)) !== false)

$modules_dir = MYBB_ADMIN_DIR."modules";
$dir = opendir($modules_dir);
while(($module = readdir($dir)) !== false)