Vergleich inc/datahandlers/login.php - 1.8.0 - 1.8.1

Zeile 44	Zeile 44
public $captcha_verified = true; private $captcha = false;	public $captcha_verified = true; private $captcha = false;
	public $username_method = null;
function verify_attempts($check_captcha = 0) {	function verify_attempts($check_captcha = 0) {
Zeile 105	Zeile 107
} function verify_username()	} function verify_username()
{ global $db, $mybb; $user = &$this->data; $username = $db->escape_string(my_strtolower($user['username'])); $query = $db->simple_select("users", "COUNT(*) as user", "LOWER(username) = '{$username}' OR LOWER(email) = '{$username}'", array('limit' => 1)); if($db->fetch_field($query, 'user') != 1) { $this->invalid_combination(); return false; } // Add username to data $this->login_data['username'] = $username;	{ $this->get_login_data(); if(!$this->login_data['uid']) { $this->invalid_combination(); return false; }
} function verify_password($strict = true) { global $db, $mybb;	} function verify_password($strict = true) { global $db, $mybb;
	$this->get_login_data();
if(empty($this->login_data['username'])) { // Username must be validated to apply a password to	if(empty($this->login_data['username'])) { // Username must be validated to apply a password to
$this->invalid_combination(); return false; }	$this->invalid_combination(); return false; } $user = &$this->data;

$user = &$this->data;
$password = md5($user['password']);	$password = md5($user['password']);
$username = $this->login_data['username']; $options = array( 'fields' => array('username', 'password', 'salt', 'loginkey', 'coppauser', 'usergroup') ); $this->login_data = get_user_by_username($username, $options);
if(!$this->login_data['uid'] \|\| $this->login_data['uid'] && !$this->login_data['salt'] && $strict == false)	if(!$this->login_data['uid'] \|\| $this->login_data['uid'] && !$this->login_data['salt'] && $strict == false)
{	{
$this->invalid_combination(); }	$this->invalid_combination(); }
Zeile 155	Zeile 145
{ // Generate a salt for this user and assume the password stored in db is a plain md5 password $this->login_data['salt'] = generate_salt();	{ // Generate a salt for this user and assume the password stored in db is a plain md5 password $this->login_data['salt'] = generate_salt();
$this->login_data['password'] = salt_password($this->login_data['password'], $this->login_data['salt']); $sql_array = array(	$this->login_data['password'] = salt_password($this->login_data['password'], $this->login_data['salt']); $sql_array = array(
"salt" => $this->login_data['salt'], "password" => $this->login_data['password']	"salt" => $this->login_data['salt'], "password" => $this->login_data['password']
); $db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'"); }	); $db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'"); }
if(!$this->login_data['loginkey']) { $this->login_data['loginkey'] = generate_loginkey();	if(!$this->login_data['loginkey']) { $this->login_data['loginkey'] = generate_loginkey();
Zeile 174	Zeile 164
); $db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");	); $db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");
} }	} }
$salted_password = md5(md5($this->login_data['salt']).$password); if($salted_password != $this->login_data['password'])	$salted_password = md5(md5($this->login_data['salt']).$password); if($salted_password != $this->login_data['password'])
Zeile 218	Zeile 208
$this->set_error('invalidpwordusername', $login_text); break; }	$this->set_error('invalidpwordusername', $login_text); break; }
	} function get_login_data() { global $db, $settings; $user = &$this->data; $options = array( 'fields' => array('uid', 'username', 'password', 'salt', 'loginkey', 'coppauser', 'usergroup', 'loginattempts'), 'username_method' => (int)$settings['username_method'] ); if($this->username_method !== null) { $options['username_method'] = (int)$this->username_method; } $this->login_data = get_user_by_username($user['username'], $options);
} function validate_login()	} function validate_login()