From: Hendrik B. <nh...@us...> - 2010-06-19 20:48:17
|
Update of /cvsroot/arianne/stendhal_website/scripts In directory sfp-cvsdas-4.v30.ch3.sourceforge.com:/tmp/cvs-serv21330/scripts Modified Files: account.php Log Message: code format Index: account.php =================================================================== RCS file: /cvsroot/arianne/stendhal_website/scripts/account.php,v retrieving revision 1.15 retrieving revision 1.16 diff -C2 -d -r1.15 -r1.16 *** account.php 19 Jun 2010 19:15:12 -0000 1.15 --- account.php 19 Jun 2010 20:48:09 -0000 1.16 *************** *** 58,106 **** */ function confirmUser($username, $password){ ! $conn=getGameDB(); ! /* Verify that user is in database */ ! $q = "select password from account where username = '".mysql_real_escape_string($username)."'"; ! $result = mysql_query($q,$conn); ! if(!$result || (mysql_numrows($result) < 1)){ ! return 1; //Indicates username failure ! } ! /* Retrieve password from result, strip slashes */ ! $dbarray = mysql_fetch_array($result); ! $dbarray['password'] = stripslashes($dbarray['password']); ! ! $password = stripslashes($password); ! /* Validate that password is correct */ ! if($password==$dbarray['password']){ ! return 0; //Success! Username and password confirmed ! } ! else{ ! return 2; //Indicates password failure ! } } function confirmValidStatus($username){ ! $conn=getGameDB(); ! /* Verify that user is in database */ ! $q = "select status from account where username = '".mysql_real_escape_string($username)."'"; ! $result = mysql_query($q,$conn); ! if(!$result || (mysql_numrows($result) < 1)){ ! return 1; //Indicates username failure ! } ! /* Retrieve password from result, strip slashes */ ! $dbarray = mysql_fetch_array($result); ! ! $status=$dbarray['status']; ! ! /* Validate that password is correct */ ! if($status=='active'){ ! return 0; //Success! ! } else { ! return 2; //Indicates account is blocked or inactive. ! } } --- 58,105 ---- */ function confirmUser($username, $password){ ! $conn=getGameDB(); ! /* Verify that user is in database */ ! $q = "select password from account where username = '".mysql_real_escape_string($username)."'"; ! $result = mysql_query($q,$conn); ! if (!$result || (mysql_numrows($result) < 1)){ ! return 1; //Indicates username failure ! } ! /* Retrieve password from result, strip slashes */ ! $dbarray = mysql_fetch_array($result); ! $dbarray['password'] = stripslashes($dbarray['password']); ! $password = stripslashes($password); ! ! /* Validate that password is correct */ ! if ($password==$dbarray['password']){ ! return 0; //Success! Username and password confirmed ! } else { ! return 2; //Indicates password failure ! } } function confirmValidStatus($username){ ! $conn=getGameDB(); ! /* Verify that user is in database */ ! $q = "select status from account where username = '".mysql_real_escape_string($username)."'"; ! $result = mysql_query($q,$conn); ! if (!$result || (mysql_numrows($result) < 1)){ ! return 1; //Indicates username failure ! } ! /* Retrieve password from result, strip slashes */ ! $dbarray = mysql_fetch_array($result); ! ! $status=$dbarray['status']; ! ! /* Validate that password is correct */ ! if($status=='active'){ ! return 0; //Success! ! } else { ! return 2; //Indicates account is blocked or inactive. ! } } *************** *** 112,122 **** */ function existsUser($email){ ! $conn=getGameDB(); ! /* Verify that user email is in database */ ! $q = "select * from account where email = '".mysql_real_escape_string($email)."'"; ! $result = mysql_query($q,$conn); ! ! return $result and mysql_numrows($result)==1; } --- 111,121 ---- */ function existsUser($email){ ! $conn=getGameDB(); ! /* Verify that user email is in database */ ! $q = "select * from account where email = '".mysql_real_escape_string($email)."'"; ! $result = mysql_query($q,$conn); ! ! return $result and mysql_numrows($result)==1; } *************** *** 129,171 **** */ function checkLogin(){ ! /* Check if user has been remembered */ ! if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){ ! $_SESSION['username'] = $_COOKIE['cookname']; ! $_SESSION['password'] = $_COOKIE['cookpass']; ! } ! /* Username and password have been set */ ! if(isset($_SESSION['username']) && isset($_SESSION['password'])){ ! /* Confirm that username and password are valid */ ! if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){ ! /* Variables are incorrect, user not logged in */ ! unset($_SESSION['username']); ! unset($_SESSION['password']); ! return false; ! } ! return true; ! } ! /* User not logged in */ ! else{ ! return false; ! } } function getAdminLevel() { ! if(!checkLogin()) { ! return -1; ! } ! ! $result = mysql_query('select admin from character_stats where name="'.mysql_real_escape_string($_SESSION['username']).'"', getGameDB()); ! while($row=mysql_fetch_assoc($result)) { ! return (int)$row['admin']; ! } } function getUser($email) { ! $result = mysql_query('select username from account where email="'.mysql_real_escape_string($email).'"', getGameDB()); ! while($row=mysql_fetch_assoc($result)) { ! return $row['username']; ! } } --- 128,170 ---- */ function checkLogin(){ ! /* Check if user has been remembered */ ! if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){ ! $_SESSION['username'] = $_COOKIE['cookname']; ! $_SESSION['password'] = $_COOKIE['cookpass']; ! } ! /* Username and password have been set */ ! if (isset($_SESSION['username']) && isset($_SESSION['password'])){ ! /* Confirm that username and password are valid */ ! if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){ ! /* Variables are incorrect, user not logged in */ ! unset($_SESSION['username']); ! unset($_SESSION['password']); ! return false; ! } ! return true; ! } ! /* User not logged in */ ! else{ ! return false; ! } } function getAdminLevel() { ! if(!checkLogin()) { ! return -1; ! } ! ! $result = mysql_query('select admin from character_stats where name="'.mysql_real_escape_string($_SESSION['username']).'"', getGameDB()); ! while($row=mysql_fetch_assoc($result)) { ! return (int)$row['admin']; ! } } function getUser($email) { ! $result = mysql_query('select username from account where email="'.mysql_real_escape_string($email).'"', getGameDB()); ! while($row=mysql_fetch_assoc($result)) { ! return $row['username']; ! } } *************** *** 176,191 **** */ function displayLogin(){ ! if(checkLogin()){ ! echo 'Logged in as <b>'.$_SESSION['username'].'</b>. <a href="'.rewriteURL('/account/history.html').'">Login history</a>' ! .' - <a href="'.rewriteURL('/account/change-password.html').'">Change password</a>' ! .' - <a href="'.rewriteURL('/account/logout.html').'">Logout</a>'; ! } ! else{ ! echo '<a href="'.STENDHAL_LOGIN_TARGET.''.rewriteURL('/account/login.html').'">Login</a>'; ! /* TODO: Reenable when sending of emails is possible on the server. ! echo '<a href="'.STENDHAL_LOGIN_TARGET.'/?id=login/login">Login</a> - <a href="/?id=login/remind">Forgot your Password?</a>'; ! */ ! } ! } // Returns user id for username or false --- 175,189 ---- */ function displayLogin(){ ! if(checkLogin()){ ! echo 'Logged in as <b>'.$_SESSION['username'].'</b>. <a href="'.rewriteURL('/account/history.html').'">Login history</a>' ! .' - <a href="'.rewriteURL('/account/change-password.html').'">Change password</a>' ! .' - <a href="'.rewriteURL('/account/logout.html').'">Logout</a>'; ! } else{ ! echo '<a href="'.STENDHAL_LOGIN_TARGET.''.rewriteURL('/account/login.html').'">Login</a>'; ! /* TODO: Reenable when sending of emails is possible on the server. ! echo '<a href="'.STENDHAL_LOGIN_TARGET.'/?id=login/login">Login</a> - <a href="/?id=login/remind">Forgot your Password?</a>'; ! */ ! } ! } // Returns user id for username or false |