[phpMP-CVS] CVS: phpMP/includes core.php,1.64,1.65 session.php,1.16,1.17

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/phpmp/phpMP/includes
In directory sc8-pr-cvs1:/tmp/cvs-serv31961/includes

Modified Files:
	core.php session.php 
Log Message:
A few small updates.

Index: core.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/core.php,v
retrieving revision 1.64
retrieving revision 1.65
diff -C2 -r1.64 -r1.65
*** core.php	30 Jun 2003 04:04:02 -0000	1.64
--- core.php	30 Jun 2003 23:13:47 -0000	1.65
***************
*** 66,81 ****
  			if (!empty($_POST))   { $_POST   = $this->strip_magic_quotes($_POST);   }
  			if (!empty($_COOKIE)) { $_COOKIE = $this->strip_magic_quotes($_COOKIE); }
- 		} 
- 
- 		// This code *should* be changed later.
- 		if( !defined("C_PHPMP_ROOT") )
- 		{
- 			define( 'C_PHPMP_ROOT', './' );
  		}

! 		//error_reporting(E_ALL);
! 		error_reporting(E_ERROR | E_WARNING | E_PARSE);

! 		include_once( C_PHPMP_ROOT . 'config.php' );

  		// Globalize all major class-containing variables.
--- 66,75 ----
  			if (!empty($_POST))   { $_POST   = $this->strip_magic_quotes($_POST);   }
  			if (!empty($_COOKIE)) { $_COOKIE = $this->strip_magic_quotes($_COOKIE); }
  		}

! 		error_reporting(E_ALL);
! 		//error_reporting(E_ERROR | E_WARNING | E_PARSE);

! 		$blah = include_once( C_PHPMP_ROOT . 'config.php' );

  		// Globalize all major class-containing variables.

Index: session.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/session.php,v
retrieving revision 1.16
retrieving revision 1.17
diff -C2 -r1.16 -r1.17
*** session.php	30 Jun 2003 03:43:42 -0000	1.16
--- session.php	30 Jun 2003 23:13:47 -0000	1.17
***************
*** 91,95 ****

  		// We are logging in.  Set up variables.
! 		$username = $_POST['login_username'];
  		$passwd_enc = md5($_POST['login_passwd']);
  		$auto_login_set = $_POST['autologin'];
--- 91,95 ----

  		// We are logging in.  Set up variables.
! 		$username = addslashes($_POST['login_username']);
  		$passwd_enc = md5($_POST['login_passwd']);
  		$auto_login_set = $_POST['autologin'];
***************
*** 97,102 ****

  		$sql = "SELECT * FROM " . DB_USERS_TABLE . "
! 					WHERE user_name='" . addslashes($username) . "'
! 					AND user_passwd='" . $passwd_enc . "'";

  		$result = $DB->query($sql);
--- 97,102 ----

  		$sql = "SELECT * FROM " . DB_USERS_TABLE . "
! 			WHERE user_name='" . $username . "'
! 			AND user_passwd='" . $passwd_enc . "'";

  		$result = $DB->query($sql);
***************
*** 133,137 ****
  		global $User, $DB, $Config, $SID;

! 		if( (isset($_POST['do_login'])) && ($_POST['do_login'] == true) )
  		{
  			$this->login();
--- 133,137 ----
  		global $User, $DB, $Config, $SID;

! 		if( isset($_POST['do_login']) && ($_POST['do_login'] == true) )
  		{
  			$this->login();