Zeile 174 | Zeile 174 |
---|
if(!$this->login_data['salt']) { // Generate a salt for this user and assume the password stored in db is a plain md5 password
|
if(!$this->login_data['salt']) { // Generate a salt for this user and assume the password stored in db is a plain md5 password
|
$this->login_data['salt'] = generate_salt(); $this->login_data['password'] = create_password_hash($this->login_data['password'], $this->login_data['salt']);
$sql_array = array( "salt" => $this->login_data['salt'], "password" => $this->login_data['password'] );
$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");
| $password_fields = create_password($this->login_data['password']); $this->login_data = array_merge($this->login_data, $password_fields); $db->update_query("users", $password_fields, "uid = '{$this->login_data['uid']}'");
|
}
if(!$this->login_data['loginkey'])
| }
if(!$this->login_data['loginkey'])
|
Zeile 196 | Zeile 190 |
---|
$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'"); } }
|
$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'"); } }
|
|
|
$plugins->run_hooks('datahandler_login_verify_password_end', $args);
if(!verify_user_password($this->login_data, $user['password']))
|
$plugins->run_hooks('datahandler_login_verify_password_end', $args);
if(!verify_user_password($this->login_data, $user['password']))
|
{
| {
|
$this->invalid_combination(true); return false; }
| $this->invalid_combination(true); return false; }
|
Zeile 224 | Zeile 218 |
---|
$login_text = ''; if($show_login_attempts) {
|
$login_text = ''; if($show_login_attempts) {
|
if($mybb->settings['failedlogincount'] != 0 && $mybb->settings['failedlogintext'] == 1)
| if($mybb->settings['failedlogincount'] != 0 && $mybb->settings['failedlogintext'] == 1 && $this->login_data['uid'] != 0)
|
{
|
{
|
$logins = login_attempt_check(false) + 1;
| $logins = login_attempt_check($this->login_data['uid'], false) + 1;
|
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins); } }
| $login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins); } }
|
Zeile 238 | Zeile 232 |
---|
break; case 2: $this->set_error('invalidpwordusernamecombo', $login_text);
|
break; case 2: $this->set_error('invalidpwordusernamecombo', $login_text);
|
break;
| break;
|
default: $this->set_error('invalidpwordusername', $login_text); break;
| default: $this->set_error('invalidpwordusername', $login_text); break;
|
Zeile 274 | Zeile 268 |
---|
$user = &$this->data;
$plugins->run_hooks('datahandler_login_validate_start', $this);
|
$user = &$this->data;
$plugins->run_hooks('datahandler_login_validate_start', $this);
|
|
|
if(!defined('IN_ADMINCP')) { $this->verify_attempts($mybb->settings['captchaimage']);
| if(!defined('IN_ADMINCP')) { $this->verify_attempts($mybb->settings['captchaimage']);
|
Zeile 315 | Zeile 309 |
---|
// Login to MyBB my_setcookie('loginattempts', 1); my_setcookie("sid", $session->sid, -1, true);
|
// Login to MyBB my_setcookie('loginattempts', 1); my_setcookie("sid", $session->sid, -1, true);
|
$ip_address = $db->escape_binary($session->packedip); $db->delete_query("sessions", "ip = {$ip_address} AND sid != '{$session->sid}'");
| |
$newsession = array( "uid" => $user['uid'], );
|
$newsession = array( "uid" => $user['uid'], );
|
|
|
$db->update_query("sessions", $newsession, "sid = '{$session->sid}'"); $db->update_query("users", array("loginattempts" => 1), "uid = '{$user['uid']}'");
| $db->update_query("sessions", $newsession, "sid = '{$session->sid}'"); $db->update_query("users", array("loginattempts" => 1), "uid = '{$user['uid']}'");
|
Zeile 332 | Zeile 323 |
---|
$remember = -1; }
|
$remember = -1; }
|
my_setcookie("mybbuser", $user['uid']."_".$user['loginkey'], $remember, true);
| my_setcookie("mybbuser", $user['uid']."_".$user['loginkey'], $remember, true, "lax");
|
if($this->captcha !== false) { $this->captcha->invalidate_captcha();
| if($this->captcha !== false) { $this->captcha->invalidate_captcha();
|