Menu
▾
▴
[mxbb-commits] core27x common.php,1.4,1.5 login.php,1.2,1.3 mx_announce.php,1.2,1.3 mx_forum.php,1.3,1.4
|
From: Jon O. <jon...@us...> - 2005-12-05 22:25:27
|
Update of /cvsroot/mxbb/core27x In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32005/core27x Modified Files: common.php login.php mx_announce.php mx_forum.php Log Message: Updated - more is backported - some is fixed Index: login.php =================================================================== RCS file: /cvsroot/mxbb/core27x/login.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** login.php 30 Nov 2005 23:50:44 -0000 1.2 --- login.php 5 Dec 2005 22:25:12 -0000 1.3 *************** *** 1,23 **** <?php ! /*************************************************************************** ! * login.php ! * ------------------- ! * begin : Saturday, Feb 13, 2001 ! * copyright : (C) 2001 The phpBB Group ! * email : su...@ph... ! * ! * $Id$ ! * ! * ! ***************************************************************************/ ! /*************************************************************************** ! * ! * This program is free software; you can redistribute it and/or modify ! * it under the terms of the GNU General Public License as published by ! * the Free Software Foundation; either version 2 of the License, or ! * (at your option) any later version. ! * ! ***************************************************************************/ // --- 1,21 ---- <?php ! /** ------------------------------------------------------------------------ ! * Subject : mxBB - a fully modular portal and CMS (for phpBB) ! * Author : Jon Ohlsson and the mxBB Team ! * Credits : The phpBB Group & Marc Morisette ! * Copyright : (C) 2002-2005 mxBB Portal ! * Email : jo...@mx... ! * Project site : www.mxbb-portal.com ! * ------------------------------------------------------------------------- ! * ! * $Id$ ! */ ! /** ! * This program is free software; you can redistribute it and/or modify ! * it under the terms of the GNU General Public License as published by ! * the Free Software Foundation; either version 2 of the License, or ! * (at your option) any later version. ! */ // *************** *** 52,59 **** if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) ) ! { ! if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] ) { ! $username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : ''; $password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : ''; --- 50,57 ---- if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) ) ! { ! if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && (!$userdata['session_logged_in'] || isset($HTTP_POST_VARS['admin'])) ) { ! $username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : ''; $password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : ''; *************** *** 61,65 **** FROM " . USERS_TABLE . " WHERE username = '" . str_replace("\\'", "''", $username) . "'"; ! if ( !($result = $db->sql_query($sql)) ) { mx_message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql); --- 59,63 ---- FROM " . USERS_TABLE . " WHERE username = '" . str_replace("\\'", "''", $username) . "'"; ! if ( !($result = $db->sql_query($sql) ) ) { mx_message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql); *************** *** 78,82 **** $autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0; ! $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin); if( $session_id ) --- 76,81 ---- $autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0; ! $admin = (isset($HTTP_POST_VARS['admin'])) ? 1 : 0; ! $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin, $admin); if( $session_id ) *************** *** 130,134 **** } else if( ( isset($HTTP_GET_VARS['logout']) || isset($HTTP_POST_VARS['logout']) ) && $userdata['session_logged_in'] ) ! { // session id check // added in accordance with phpBB 2.0.18 --- 129,133 ---- } else if( ( isset($HTTP_GET_VARS['logout']) || isset($HTTP_POST_VARS['logout']) ) && $userdata['session_logged_in'] ) ! { // session id check // added in accordance with phpBB 2.0.18 *************** *** 137,141 **** message_die(GENERAL_ERROR, 'Invalid_session'); } ! if( $userdata['session_logged_in'] ) { --- 136,140 ---- message_die(GENERAL_ERROR, 'Invalid_session'); } ! if( $userdata['session_logged_in'] ) { *************** *** 161,170 **** } else ! { // // Do a full login page dohickey if // user not already logged in // ! if( !$userdata['session_logged_in'] ) { $page_title = $lang['Login']; --- 160,169 ---- } else ! { // // Do a full login page dohickey if // user not already logged in // ! if( !$userdata['session_logged_in'] || (isset($HTTP_GET_VARS['admin']) && $userdata['session_logged_in'] && $userdata['user_level'] == ADMIN)) { $page_title = $lang['Login']; *************** *** 177,181 **** // added in accordance with phpBB 2.0.18 $forward_page = ''; ! if( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) ) { --- 176,180 ---- // added in accordance with phpBB 2.0.18 $forward_page = ''; ! if( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) ) { *************** *** 189,192 **** --- 188,192 ---- if(count($forward_match) > 1) { + for($i = 1; $i < count($forward_match); $i++) { *************** *** 208,221 **** } } $username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : ''; $s_hidden_fields = '<input type="hidden" name="redirect" value="' . $forward_page . '" />'; ! make_jumpbox($phpbb_root_path . 'viewforum.'.$phpEx); $template->assign_vars(array( 'USERNAME' => $username, ! 'L_ENTER_PASSWORD' => $lang['Enter_password'], 'L_SEND_PASSWORD' => $lang['Forgotten_password'], --- 208,226 ---- } } + else + { + $forward_page = ''; + } $username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : ''; $s_hidden_fields = '<input type="hidden" name="redirect" value="' . $forward_page . '" />'; + $s_hidden_fields .= (isset($HTTP_GET_VARS['admin'])) ? '<input type="hidden" name="admin" value="1" />' : ''; ! make_jumpbox($phpbb_root_path . 'viewforum.'.$phpEx, $forum_id); $template->assign_vars(array( 'USERNAME' => $username, ! 'L_ENTER_PASSWORD' => (isset($HTTP_GET_VARS['admin'])) ? $lang['Admin_reauthenticate'] : $lang['Enter_password'], 'L_SEND_PASSWORD' => $lang['Forgotten_password'], Index: common.php =================================================================== RCS file: /cvsroot/mxbb/core27x/common.php,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** common.php 5 Dec 2005 19:25:26 -0000 1.4 --- common.php 5 Dec 2005 22:25:12 -0000 1.5 *************** *** 30,34 **** // ================================================================================ ! // The following code is based on common.php from phpBB 2.0.14 // ================================================================================ --- 30,34 ---- // ================================================================================ ! // The following code is based on common.php from phpBB // ================================================================================ *************** *** 189,193 **** str_replace("//", "/", $phpbb_root_path); - include_once($mx_root_path . 'config.' . $phpEx); include_once($phpbb_root_path . 'includes/constants.' . $phpEx); --- 189,192 ---- *************** *** 266,293 **** mx_session_start(); // Note: this needs $board_config populated! - - //++ MX System - // - // if ( $language ) - // { - // $board_config['default_lang'] = $language; - // setcookie('default_lang', $language, (time()+21600), $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); - // } - // elseif ( isset($HTTP_COOKIE_VARS['default_lang']) ) - // { - // $board_config['default_lang'] = $HTTP_COOKIE_VARS['default_lang']; - // } - // if ( $style ) - // { - // $board_config['default_style'] = $style; - // setcookie('default_style', $style, (time()+21600), $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']); - // } - // elseif ( isset($HTTP_COOKIE_VARS['default_style']) ) - // { - // $board_config['default_style'] = $HTTP_COOKIE_VARS['default_style']; - // } - // - //-- MX System - if( file_exists($phpbb_root_path . 'attach_mod') ) { --- 265,268 ---- Index: mx_announce.php =================================================================== RCS file: /cvsroot/mxbb/core27x/mx_announce.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** mx_announce.php 5 Dec 2005 19:25:26 -0000 1.2 --- mx_announce.php 5 Dec 2005 22:25:12 -0000 1.3 *************** *** 20,23 **** --- 20,28 ---- */ + if ( !defined('IN_PORTAL') ) + { + die("Hacking attempt"); + } + // // Read block Configuration Index: mx_forum.php =================================================================== RCS file: /cvsroot/mxbb/core27x/mx_forum.php,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** mx_forum.php 5 Dec 2005 19:25:26 -0000 1.3 --- mx_forum.php 5 Dec 2005 22:25:12 -0000 1.4 *************** *** 24,37 **** if ( !defined('IN_PORTAL') ) { ! define('IN_PORTAL', 1); ! $mx_root_path = '../../'; ! ! $include_page_tail = 1; ! ! include($mx_root_path . 'extension.inc'); ! include($mx_root_path . 'common.' . $phpEx); ! ! $userdata = session_pagestart($user_ip, PAGE_FORUM); ! mx_init_userprefs($userdata); } --- 24,28 ---- if ( !defined('IN_PORTAL') ) { ! die("Hacking attempt"); } |
