Vergleich inc/datahandlers/login.php - 1.8.6 - 1.8.26

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 163Zeile 163
		$plugins->run_hooks('datahandler_login_verify_password_start', $args);

$user = &$this->data;

		$plugins->run_hooks('datahandler_login_verify_password_start', $args);

$user = &$this->data;


$password = md5($user['password']);

 

if(!$this->login_data['uid'] || $this->login_data['uid'] && !$this->login_data['salt'] && $strict == false)


if(!$this->login_data['uid'] || $this->login_data['uid'] && !$this->login_data['salt'] && $strict == false)

		{

		{

			$this->invalid_combination();
}

			$this->invalid_combination();
}





		if($strict == true)
{
if(!$this->login_data['salt'])
{
// Generate a salt for this user and assume the password stored in db is a plain md5 password

		if($strict == true)
{
if(!$this->login_data['salt'])
{
// Generate a salt for this user and assume the password stored in db is a plain md5 password

				$this->login_data['salt'] = generate_salt();
$this->login_data['password'] = salt_password($this->login_data['password'], $this->login_data['salt']);

$sql_array = array(
"salt" => $this->login_data['salt'],
"password" => $this->login_data['password']
);

$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");

				$password_fields = create_password($this->login_data['password']);
$this->login_data = array_merge($this->login_data, $password_fields);
$db->update_query("users", $password_fields, "uid = '{$this->login_data['uid']}'");







			}

if(!$this->login_data['loginkey'])

			}

if(!$this->login_data['loginkey'])

Zeile 198Zeile 190
				$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");
}
}

				$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");
}
}


$salted_password = md5(md5($this->login_data['salt']).$password);

 

$plugins->run_hooks('datahandler_login_verify_password_end', $args);



$plugins->run_hooks('datahandler_login_verify_password_end', $args);


		if($salted_password !== $this->login_data['password'])

		if(!verify_user_password($this->login_data, $user['password']))

		{
$this->invalid_combination(true);
return false;

		{
$this->invalid_combination(true);
return false;

Zeile 228Zeile 218
		$login_text = '';
if($show_login_attempts)
{

		$login_text = '';
if($show_login_attempts)
{

			if($mybb->settings['failedlogincount'] != 0 && $mybb->settings['failedlogintext'] == 1)

			if($mybb->settings['failedlogincount'] != 0 && $mybb->settings['failedlogintext'] == 1 && $this->login_data['uid'] != 0)

			{

			{

				$logins = login_attempt_check(false) + 1;

				$logins = login_attempt_check($this->login_data['uid'], false) + 1;

				$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
}
}

switch($mybb->settings['username_method'])

				$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
}
}

switch($mybb->settings['username_method'])

		{

		{

			case 1:
$this->set_error('invalidpwordusernameemail', $login_text);
break;

			case 1:
$this->set_error('invalidpwordusernameemail', $login_text);
break;

Zeile 256Zeile 246
		$user = &$this->data;

$options = array(

		$user = &$this->data;

$options = array(

			'fields' => array('uid', 'username', 'password', 'salt', 'loginkey', 'coppauser', 'usergroup', 'loginattempts'),

			'fields' => '*',

			'username_method' => (int)$settings['username_method']
);


			'username_method' => (int)$settings['username_method']
);


Zeile 274Zeile 264
	function validate_login()
{
global $plugins, $mybb;

	function validate_login()
{
global $plugins, $mybb;


$user = &$this->data;


$user = &$this->data;


$plugins->run_hooks('datahandler_login_validate_start', $this);



$plugins->run_hooks('datahandler_login_validate_start', $this);


Zeile 313Zeile 303
		global $plugins, $db, $mybb, $session;

$user = &$this->login_data;

		global $plugins, $db, $mybb, $session;

$user = &$this->login_data;





		$plugins->run_hooks('datahandler_login_complete_start', $this);

// Login to MyBB
my_setcookie('loginattempts', 1);
my_setcookie("sid", $session->sid, -1, true);

		$plugins->run_hooks('datahandler_login_complete_start', $this);

// Login to MyBB
my_setcookie('loginattempts', 1);
my_setcookie("sid", $session->sid, -1, true);


$ip_address = $db->escape_binary($session->packedip);
$db->delete_query("sessions", "ip = {$ip_address} AND sid != '{$session->sid}'");

 

$newsession = array(
"uid" => $user['uid'],
);


$newsession = array(
"uid" => $user['uid'],
);





		$db->update_query("sessions", $newsession, "sid = '{$session->sid}'");
$db->update_query("users", array("loginattempts" => 1), "uid = '{$user['uid']}'");


		$db->update_query("sessions", $newsession, "sid = '{$session->sid}'");
$db->update_query("users", array("loginattempts" => 1), "uid = '{$user['uid']}'");


Zeile 336Zeile 323
			$remember = -1;
}


			$remember = -1;
}


		my_setcookie("mybbuser", $user['uid']."_".$user['loginkey'], $remember, true);


		my_setcookie("mybbuser", $user['uid']."_".$user['loginkey'], $remember, true, "lax");


		if($this->captcha !== false)
{
$this->captcha->invalidate_captcha();

		if($this->captcha !== false)
{
$this->captcha->invalidate_captcha();