Vergleich admin/index.php - 1.8.10 - 1.8.11

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 22Zeile 22
send_page_headers();

header('X-Frame-Options: SAMEORIGIN');

send_page_headers();

header('X-Frame-Options: SAMEORIGIN');

 
header('Referrer-Policy: no-referrer');


if(!isset($config['admin_dir']) || !file_exists(MYBB_ROOT.$config['admin_dir']."/inc/class_page.php"))
{


if(!isset($config['admin_dir']) || !file_exists(MYBB_ROOT.$config['admin_dir']."/inc/class_page.php"))
{

Zeile 104Zeile 105
{
$user = array();
$error = '';

{
$user = array();
$error = '';

 

$plugins->run_hooks("admin_unlock_start");


	if($mybb->input['username'])
{
$user = get_user_by_username($mybb->input['username'], array('fields' => '*'));

	if($mybb->input['username'])
{
$user = get_user_by_username($mybb->input['username'], array('fields' => '*'));

Zeile 126Zeile 130
	if($mybb->input['token'] && $user['uid'])
{
$query = $db->simple_select("awaitingactivation", "COUNT(aid) AS num", "uid='".(int)$user['uid']."' AND code='".$db->escape_string($mybb->input['token'])."' AND type='l'");

	if($mybb->input['token'] && $user['uid'])
{
$query = $db->simple_select("awaitingactivation", "COUNT(aid) AS num", "uid='".(int)$user['uid']."' AND code='".$db->escape_string($mybb->input['token'])."' AND type='l'");

 

$plugins->run_hooks("admin_unlock_end");


// If we're good to go
if($db->fetch_field($query, "num") > 0)


// If we're good to go
if($db->fetch_field($query, "num") > 0)

Zeile 145Zeile 151
}
elseif($mybb->input['do'] == "login")
{

}
elseif($mybb->input['do'] == "login")
{

 
	$plugins->run_hooks("admin_login");


	// We have an adminsid cookie?
if(isset($mybb->cookies['adminsid']))
{

	// We have an adminsid cookie?
if(isset($mybb->cookies['adminsid']))
{

Zeile 182Zeile 190
	if(!empty($config['secret_pin']) && (empty($mybb->input['pin']) || $mybb->input['pin'] != $config['secret_pin']))
{
$login_user = get_user_by_username($mybb->input['username'], array('fields' => array('email', 'username')));

	if(!empty($config['secret_pin']) && (empty($mybb->input['pin']) || $mybb->input['pin'] != $config['secret_pin']))
{
$login_user = get_user_by_username($mybb->input['username'], array('fields' => array('email', 'username')));

 

$plugins->run_hooks("admin_login_incorrect_pin");


if($login_user['uid'] > 0)
{


if($login_user['uid'] > 0)
{

Zeile 254Zeile 264

$default_page->show_lockedout();
}


$default_page->show_lockedout();
}

 

$plugins->run_hooks("admin_login_success");


$db->delete_query("adminsessions", "uid='{$mybb->user['uid']}'");



$db->delete_query("adminsessions", "uid='{$mybb->user['uid']}'");


Zeile 330Zeile 342
	else
{
$login_user = get_user_by_username($mybb->input['username'], array('fields' => array('email', 'username')));

	else
{
$login_user = get_user_by_username($mybb->input['username'], array('fields' => array('email', 'username')));

 

$plugins->run_hooks("admin_login_fail");


if($login_user['uid'] > 0)
{


if($login_user['uid'] > 0)
{

Zeile 346Zeile 360
			{
$db->update_query("adminoptions", array("loginlockoutexpiry" => TIME_NOW+((int)$mybb->settings['loginattemptstimeout']*60)), "uid='".(int)$login_user['uid']."'");
}

			{
$db->update_query("adminoptions", array("loginlockoutexpiry" => TIME_NOW+((int)$mybb->settings['loginattemptstimeout']*60)), "uid='".(int)$login_user['uid']."'");
}

 

$plugins->run_hooks("admin_login_lockout");


// Did we hit lockout for the first time? Send the unlock email to the administrator
if($loginattempts['loginattempts'] == $mybb->settings['maxloginattempts'])


// Did we hit lockout for the first time? Send the unlock email to the administrator
if($loginattempts['loginattempts'] == $mybb->settings['maxloginattempts'])

Zeile 482Zeile 498

if($mybb->input['action'] == "logout" && $mybb->user)
{


if($mybb->input['action'] == "logout" && $mybb->user)
{

 
	$plugins->run_hooks("admin_logout");


	if(verify_post_check($mybb->input['my_post_key']))
{
$db->delete_query("adminsessions", "sid='".$db->escape_string($mybb->cookies['adminsid'])."'");

	if(verify_post_check($mybb->input['my_post_key']))
{
$db->delete_query("adminsessions", "sid='".$db->escape_string($mybb->cookies['adminsid'])."'");