Vergleich inc/datahandlers/login.php - 1.8.1 - 1.8.12

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 41Zeile 41
	 */
public $login_data = array();


	 */
public $login_data = array();


 
	/**
* @var bool
*/

	public $captcha_verified = true;

	public $captcha_verified = true;

	





/**
* @var bool|captcha
*/

	private $captcha = false;

	private $captcha = false;







/**
* @var int
*/

	public $username_method = null;


	public $username_method = null;


 
	/**
* @param int $check_captcha
*/

	function verify_attempts($check_captcha = 0)
{
global $db, $mybb;

$user = &$this->data;

	function verify_attempts($check_captcha = 0)
{
global $db, $mybb;

$user = &$this->data;





		if($check_captcha)
{
if(!isset($mybb->cookies['loginattempts']))

		if($check_captcha)
{
if(!isset($mybb->cookies['loginattempts']))

Zeile 63Zeile 75
			{
$this->captcha_verified = false;
$this->verify_captcha();

			{
$this->captcha_verified = false;
$this->verify_captcha();

			}
}
}





			}
}
}

/**
* @return bool
*/

	function verify_captcha()
{
global $db, $mybb;

$user = &$this->data;

	function verify_captcha()
{
global $db, $mybb;

$user = &$this->data;





		if($user['imagestring'] || $mybb->settings['captchaimage'] != 1)
{
// Check their current captcha input - if correct, hide the captcha input area

		if($user['imagestring'] || $mybb->settings['captchaimage'] != 1)
{
// Check their current captcha input - if correct, hide the captcha input area

Zeile 89Zeile 104
				return false;
}
else

				return false;
}
else

			{

			{

				$this->captcha_verified = true;
return true;
}

				$this->captcha_verified = true;
return true;
}

Zeile 97Zeile 112
		else if($mybb->input['quick_login'] == 1 && $mybb->input['quick_password'] && $mybb->input['quick_username'])
{
$this->set_error('regimagerequired');

		else if($mybb->input['quick_login'] == 1 && $mybb->input['quick_password'] && $mybb->input['quick_username'])
{
$this->set_error('regimagerequired');

			return false;

			return false;

		}
else
{

		}
else
{

Zeile 105Zeile 120
			return false;
}
}

			return false;
}
}







/**
* @return bool
*/

	function verify_username()
{
$this->get_login_data();

if(!$this->login_data['uid'])

	function verify_username()
{
$this->get_login_data();

if(!$this->login_data['uid'])

		{
$this->invalid_combination();

		{
$this->invalid_combination();

			return false;
}

			return false;
}

 

return true;

	}


	}


 
	/**
* @param bool $strict
*
* @return bool
*/

	function verify_password($strict = true)
{

	function verify_password($strict = true)
{

		global $db, $mybb;

$this->get_login_data();

		global $db, $mybb, $plugins;

$this->get_login_data();


if(empty($this->login_data['username']))
{


if(empty($this->login_data['username']))
{

Zeile 129Zeile 154
			$this->invalid_combination();
return false;
}

			$this->invalid_combination();
return false;
}

 

$args = array(
'this' => &$this,
'strict' => &$strict,
);

$plugins->run_hooks('datahandler_login_verify_password_start', $args);


$user = &$this->data;


$user = &$this->data;


$password = md5($user['password']);

 

if(!$this->login_data['uid'] || $this->login_data['uid'] && !$this->login_data['salt'] && $strict == false)
{


if(!$this->login_data['uid'] || $this->login_data['uid'] && !$this->login_data['salt'] && $strict == false)
{

Zeile 144Zeile 174
			if(!$this->login_data['salt'])
{
// Generate a salt for this user and assume the password stored in db is a plain md5 password

			if(!$this->login_data['salt'])
{
// Generate a salt for this user and assume the password stored in db is a plain md5 password

				$this->login_data['salt'] = generate_salt();
$this->login_data['password'] = salt_password($this->login_data['password'], $this->login_data['salt']);

$sql_array = array(
"salt" => $this->login_data['salt'],
"password" => $this->login_data['password']
);

$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");
}


				$password_fields = create_password($this->login_data['password']);
$this->login_data = array_merge($this->login_data, $password_fields);
$db->update_query("users", $password_fields, "uid = '{$this->login_data['uid']}'");
}








			if(!$this->login_data['loginkey'])
{
$this->login_data['loginkey'] = generate_loginkey();

			if(!$this->login_data['loginkey'])
{
$this->login_data['loginkey'] = generate_loginkey();





				$sql_array = array(
"loginkey" => $this->login_data['loginkey']
);

$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");

				$sql_array = array(
"loginkey" => $this->login_data['loginkey']
);

$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");

			}
}

$salted_password = md5(md5($this->login_data['salt']).$password);

			}
}

$plugins->run_hooks('datahandler_login_verify_password_end', $args);





		if($salted_password != $this->login_data['password'])

		if(!verify_user_password($this->login_data, $user['password']))

		{
$this->invalid_combination(true);
return false;
}

		{
$this->invalid_combination(true);
return false;
}

 

return true;

	}


	}


 
	/**
* @param bool $show_login_attempts
*/

	function invalid_combination($show_login_attempts = false)
{
global $db, $lang, $mybb;

	function invalid_combination($show_login_attempts = false)
{
global $db, $lang, $mybb;

Zeile 217Zeile 246
		$user = &$this->data;

$options = array(

		$user = &$this->data;

$options = array(

			'fields' => array('uid', 'username', 'password', 'salt', 'loginkey', 'coppauser', 'usergroup', 'loginattempts'),

			'fields' => '*',

			'username_method' => (int)$settings['username_method']
);


			'username_method' => (int)$settings['username_method']
);


Zeile 229Zeile 258
		$this->login_data = get_user_by_username($user['username'], $options);
}


		$this->login_data = get_user_by_username($user['username'], $options);
}


 
	/**
* @return bool
*/

	function validate_login()
{
global $plugins, $mybb;

	function validate_login()
{
global $plugins, $mybb;

Zeile 237Zeile 269

$plugins->run_hooks('datahandler_login_validate_start', $this);



$plugins->run_hooks('datahandler_login_validate_start', $this);


		$this->verify_attempts($mybb->settings['captchaimage']);




		if(!defined('IN_ADMINCP'))
{
$this->verify_attempts($mybb->settings['captchaimage']);
}


if(array_key_exists('username', $user))
{


if(array_key_exists('username', $user))
{

Zeile 260Zeile 295
		return true;
}


		return true;
}


 
	/**
* @return bool true
*/

	function complete_login()
{
global $plugins, $db, $mybb, $session;

	function complete_login()
{
global $plugins, $db, $mybb, $session;