Vergleich inc/datahandlers/login.php - 1.8.8 - 1.8.21

Zeile 163	Zeile 163
$plugins->run_hooks('datahandler_login_verify_password_start', $args); $user = &$this->data;	$plugins->run_hooks('datahandler_login_verify_password_start', $args); $user = &$this->data;
$password = md5($user['password']);
if(!$this->login_data['uid'] \|\| $this->login_data['uid'] && !$this->login_data['salt'] && $strict == false) { $this->invalid_combination(); }	if(!$this->login_data['uid'] \|\| $this->login_data['uid'] && !$this->login_data['salt'] && $strict == false) { $this->invalid_combination(); }

if($strict == true) { if(!$this->login_data['salt']) { // Generate a salt for this user and assume the password stored in db is a plain md5 password	if($strict == true) { if(!$this->login_data['salt']) { // Generate a salt for this user and assume the password stored in db is a plain md5 password
$this->login_data['salt'] = generate_salt(); $this->login_data['password'] = salt_password($this->login_data['password'], $this->login_data['salt']); $sql_array = array( "salt" => $this->login_data['salt'], "password" => $this->login_data['password'] ); $db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");	$password_fields = create_password($this->login_data['password']); $this->login_data = array_merge($this->login_data, $password_fields); $db->update_query("users", $password_fields, "uid = '{$this->login_data['uid']}'");
} if(!$this->login_data['loginkey'])	} if(!$this->login_data['loginkey'])
Zeile 194	Zeile 186
$sql_array = array( "loginkey" => $this->login_data['loginkey'] );	$sql_array = array( "loginkey" => $this->login_data['loginkey'] );

$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'"); }	$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'"); }
} $salted_password = md5(md5($this->login_data['salt']).$password); $plugins->run_hooks('datahandler_login_verify_password_end', $args);	} $plugins->run_hooks('datahandler_login_verify_password_end', $args);

if($salted_password !== $this->login_data['password'])	if(!verify_user_password($this->login_data, $user['password']))
{ $this->invalid_combination(true); return false;	{ $this->invalid_combination(true); return false;
Zeile 216	Zeile 206
* @param bool $show_login_attempts */ function invalid_combination($show_login_attempts = false)	* @param bool $show_login_attempts */ function invalid_combination($show_login_attempts = false)
{	{
global $db, $lang, $mybb; // Don't show an error when the captcha was wrong!	global $db, $lang, $mybb; // Don't show an error when the captcha was wrong!
Zeile 228	Zeile 218
$login_text = ''; if($show_login_attempts) {	$login_text = ''; if($show_login_attempts) {
if($mybb->settings['failedlogincount'] != 0 && $mybb->settings['failedlogintext'] == 1)	if($mybb->settings['failedlogincount'] != 0 && $mybb->settings['failedlogintext'] == 1 && $this->login_data['uid'] != 0)
{	{
$logins = login_attempt_check(false) + 1;	$logins = login_attempt_check($this->login_data['uid'], false) + 1;
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins); } }	$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins); } }
Zeile 256	Zeile 246
$user = &$this->data; $options = array(	$user = &$this->data; $options = array(
'fields' => array('uid', 'username', 'password', 'salt', 'loginkey', 'coppauser', 'usergroup', 'loginattempts'),	'fields' => '*',
'username_method' => (int)$settings['username_method']	'username_method' => (int)$settings['username_method']
);	);
if($this->username_method !== null) {	if($this->username_method !== null) {
Zeile 336	Zeile 326
$remember = -1; }	$remember = -1; }
my_setcookie("mybbuser", $user['uid']."_".$user['loginkey'], $remember, true);	my_setcookie("mybbuser", $user['uid']."_".$user['loginkey'], $remember, true, "lax");
if($this->captcha !== false) { $this->captcha->invalidate_captcha();	if($this->captcha !== false) { $this->captcha->invalidate_captcha();