Phpnuke module problim - please help

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
doggy
Forum Commoner
Posts: 80
Joined: Tue Dec 09, 2003 5:01 am
Location: South Africa

Phpnuke module problim - please help

Post by doggy »

The login function doesn`t work.
[syntax=php]<?php

/************************************************************************/
/* PHP-NUKE: Web Portal System */
/* =========================== */
/* */
/* Copyright (c) 2002 by Francisco Burzi */
/* http://phpnuke.org */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/

require_once("mainfile.php");
$module_name = basename(dirname(__FILE__));
get_lang($module_name);
$userpage = 1;

include("modules/$module_name/navbar.php");

function makepass() {
$cons = "bcdfghjklmnpqertvwyz";
$vocs = "aeiou";
for ($x=0; $x < 6; $x++) {
mt_srand ((double) microtime() * 1000000);
$con[$x] = substr($cons, mt_rand(0, strlen($cons)-1), 1);
$voc[$x] = substr($voc, mt_rand(0, strlen($voc)-1), 1);
}
$makepass = $con[0] . $voc[0] .$con[2] . $con[1] . $voc[1] . $con[3] . $voc[3] . $con[4];
return($makepass);
}

function main($user) {
global $stop, $module_name, $redirect;
if (!is_user($user)) {
include("header.php");
if ($stop) {
OpenTable();
echo "<center><font class=\"title\"><b>"._LOGINCOR."</b></font></center>\n";
CloseTable();
echo "<br>\n";
} else {
OpenTable();
echo "<center><font class=\"title\"><b>"._USERREGLOGIN."</b></font></center>\n";
CloseTable();
echo "<br>\n";
}
if (!is_user($user)) {
OpenTable();
echo "<form action=\"modules.php?name=$module_name\" method=\"post\">\n"
."<b>"._USERLOGIN."</b><br><br>\n"
."<table border=\"0\"><tr><td>\n"
.""._NICKNAME.":</td><td><input type=\"text\" name=\"username\" size=\"15\" maxlength=\"25\"></td></tr>\n"
."<tr><td>"._PASSWORD.":</td><td><input type=\"password\" name=\"password\" size=\"15\" maxlength=\"20\"></td></tr>\n"
."</table><input type=\"hidden\" name=\"redirect\" value=\"$redirect\">\n"
."<input type=\"hidden\" name=\"op\" value=\"login\">\n"
."<input type=\"submit\" value=\""._LOGIN."\"></form><br>\n\n"
."<center><font class=\"content\">[ <a href=\"modules.php?name=$module_name&op=pass_lost\">"._PASSWORDLOST."</a> ]"
."</font></center>\n";
CloseTable();
}
include("footer.php");
} elseif (is_user($user)) {
global $cookie;
cookiedecode($user);
userinfo($cookie[1]);
}
}

function pass_lost() {
global $user, $module_name;
if (!is_user($user)) {
include("header.php");
OpenTable();
echo "<center><font class=\"title\"><b>"._USERREGLOGIN."</b></font></center>";
CloseTable();
echo "<br>\n";
OpenTable();
echo "<b>"._PASSWORDLOST."<\b><br><br>\n"
.""._NOPROBLEM."<br><br>\n"
."<form action=\"modules.php?name=$module_name\" method=\"post\">\n"
."<table border=\"0\"><tr><td>\n"
.""._NICKNAME.":</td><td><input type=\"text\" name=\"username\" size=\"15\" maxlength=\"25\"></td></tr>\n"
."<input type=\"hidden\" name=\"op\" value=\"mailpasswd\">\n"
."<input type=\"submit\" value=\""._SENDPASSWORD."\"></form><br>\n\n"
."<center><font class=\"content\">[ <a href=\"modules.php?name=$module_name&op=pass_lost\">"._PASSWORDLOST."</a> ]"
."</font></center>\n";
CloseTable();
include("footer.php");
} elseif (is_user($user)) {
global $cookie;
cookiedecode($user);
userinfo($cookie[1]);
}
}

function logout() {
global $prefix, $db, $user, $cookie, $redirect;
cookiedecode($user);
$r_uid = $cookie[0];
$r_username = $cookie[1];
setcookie("user");
$db->sql_query("DELETE FROM ".$prefix."_session WHERE uname='$r_username'");
$user = "";
include("header.php");
OpenTable();
if ($redirect != "") {
echo "<META HTTP-EQUIV=\"refresh\" content=\"3;URL=modules.php?name=$redirect\">";
} else {
echo "<META HTTP-EQUIV=\"refresh\" content=\"3;URL=index.php\">";
}
echo "<center><font class=\"option\"><b>"._YOUARELOGGEDOUT."</b></font></center>";
CloseTable();
include("footer.php");
}

function mailpasswd($username) {
global $sitename, $adminmail, $nukeurl, $user_prefix, $db, $module_name;
$sql = "SELECT user_email, user_password FROM ".$user_prefix."_users WHERE username='$username'";
$result = $db->sql_query($sql);
if (!$result) {
include("header.php");
OpenTable();
echo "<center>"._SORRYNOUSERINFO."</center>";
CloseTable();
include("footer.php");
} else {
$host_name = $_SERVER["REMOTE_ADDR"];
$row = $db->sql_fetchrow($result);
$user_email = $row[user_email];
$newpass=makepass();
$message = ""._USERACCOUNT." '$username' "._AT." $sitename "._HASTHISEMAIL." "._AWEBUSERFROM." $host_name "._HASREQUESTED."\n\n"._YOURNEWPASSWORD." $newpass\n\n "._YOUCANCHANGE." $nukeurl/modules.php?name=$module_name\n\n"._IFYOUDIDNOTASK."";
$subject = ""._USERPASSWORD4." $username";
mail($user_email, $subject, $message, "From: $adminmail\nX-Mailer: PHP/" . phpversion());
$cryptpass = md5($newpass);
$query = "UPDATE ".$user_prefix."_users SET user_password='$cryptpass' WHERE username = '$username'";
if (!$db->sql_query($query)) {
echo ""._UPDATEFAILED."";
}
include("header.php");
OpenTable();
echo "<center>"._PASSWORD4." $username "._MAILED."<br><br>"._GOBACK."</center>";
CloseTable();
include("footer.php");
}
}

function decookie($setuid, $setusername, $setpass) {
$info = base64_encode("$setuid:$setusername:$setpass");
setcookie("user","$info",time()+600);
}

function login($username, $user_password, $redirect) {
global $setinfo, $user_prefix, $db, $module_name, $prefix;
include("config.php");
$sql = "SELECT user_password, user_id FROM ".$user_prefix."_users WHERE username='$username'";
$result = $db->sql_query($sql);
$setinfo = $db->sql_fetchrow($result);
if (($db->sql_numrows($result)==1) AND ($setinfo[user_id] != 1) AND ($setinfo[user_password] !="")) {
$non_crypt_pass = $user_password;
$old_crypt_pass = crypt($user_password,substr($dbpass,0,2));
$new_pass = md5($user_password);
if (($dbpass == $non_crypt_pass) OR ($dbpass == $old_crypt_pass)) {
$db->sql_query("UPDATE ".$user_prefix."_users SET user_password='$new_pass' WHERE username='$username'");
$sql = "SELECT user_password FROM ".$user_prefix."_users WHERE username='$username'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$dbpass = $row[user_password];
}
if ($dbpass != $newpass) {
Header("Location: modules.php?name=$module_name&stop=1");
return;
}
} else {
decookie($setinfo[user_id], $username, $new_pass);
$uname = $_SERVER["REMOTE_ADDR"];
$db->sql_query("DELETE FROM ".$prefix."_session WHERE uname='$uname' AND guest='1'");
}
if ($redirect == "") {
Header("Location: modules.php?name=$module_name&op=userinfo&bypass=1&username=$username");
} else {
Header("modules.php?name=$module_name&stop=1");
}
}

function edituser() {
global $user, $userinfo, $cookie, $module_name, $bgcolor2, $bgcolor3;
getuserinfo($user);
if (($userinfo[username] != $cookie[1]) AND ($userinfo[user_password] != $cookie[2])) {
include("header.php");
OpenTable();
echo "<center><font class=\"title\"><b>"._PERSONALINFO."</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
nav();
CloseTable();
echo "<br>";
OpenTable();
echo "<table cellpadding=\"3\" border=\"0\" width=\"100%\">"
."<tr><td bgcolor='$bgcolor2'>"
."<form name=\"Register\" action=\"modules.php?name=$module_name\" method=\"post\">"
."<b>"._USRACCOUNT."</b>:"
."</td><td bgcolor='$bgcolor3'>"
."<b>$userinfo[username]</b>"
."</td></tr><tr>"
."<td bgcolor='$bgcolor2'><b>"._USRNAME."</b>:<br>"._REQUIRED."</td>"
."<td><input type=\"text\" name=\"name\" value=\"$userinfo[name]\" size=\"50\" maxlength=\"50\"></td>"
."<td bgcolor='$bgcolor2'><b>"._USRSURNAME."</b>:<br>"._REQUIRED."</td>"
."<td><input type=\"text\" name=\"surname\" value=\"$userinfo[surname]\" size=\"50\" maxlength=\"50\"></td>"
."<td bgcolor='$bgcolor2'><b>"._USREMAIL."</b>:<br>"._OPTIONAL."</td>"
."<td><input type=\"text\" name=\"email\" value=\"$userinfo[email]\" size=\"50\" maxlength=\"50\"></td>"
."<td bgcolor='$bgcolor2'><b>"._USRHOMEA."</b>:<br>"._REQUIRED."</td>"
."<td><input type=\"text\" name=\"homea\" value=\"$userinfo[homea]\" size=\"50\" maxlength=\"50\"></td>"
."<td bgcolor='$bgcolor2'><b>"._USRHOMET."</b>:<br>"._REQUIRED."</td>"
."<td><input type=\"text\" name=\"homet\" value=\"$userinfo[homet]\" size=\"50\" maxlength=\"50\"></td>"
."<td bgcolor='$bgcolor2'><b>"._USRWORKA."</b>:<br>"._OPTIONAL."</td>"
."<td><input type=\"text\" name=\"worka\" value=\"$userinfo[worka]\" size=\"50\" maxlength=\"50\"></td>"
."<td bgcolor='$bgcolor2'><b>"._USRWORKT."</b>:<br>"._OPTIONAL."</td>"
."<td><input type=\"text\" name=\"workt\" value=\"$userinfo[workt]\" size=\"50\" maxlength=\"50\"></td>"
."<td bgcolor='$bgcolor2'><b>"._USRPOSTA."</b>:<br>"._REQUIRED."</td>"
."<td><input type=\"text\" name=\"posta\" value=\"$userinfo[posta]\" size=\"50\" maxlength=\"50\"></td>"
."<td bgcolor='$bgcolor2'><b>"._USRIDNB."</b>:<br>"._REQUIRED."</td>"
."<td><input type=\"text\" name=\"idnb\" value=\"$userinfo[idnb]\" size=\"50\" maxlength=\"50\"></td>"
."<td bgcolor='$bgcolor2'><b>"._USRPASSWORD."</b>:<br>"._TYPENEWPASS."</td>"
."<td><input type=\"password\" name=\"user_password\" size=\"20\" maxlength=\"20\">&nbsp;&nbsp;&nbsp;<input type=\"password\" name=\"vpass\" size=\"20\" maxlength=\"20\"></td>"
."<input type=\"hidden\" name=\"username\" value=\"$userinfo[username]\">"
."<input type=\"hidden\" name=\"user_id\" value=\"$userinfo[user_id]\">"
."<input type=\"hidden\" name=\"op\" value=\"saveuser\">"
."<input type=\"submit\" value=\""._SAVECHANGES."\">"
."</form></td></tr></table>";
CloseTable();
include("footer.php");
} else {
main($user);
}
}

function saveuser($name, $surname, $email, $homea, $homet, $worka, $workt, $posta, $idnb, $user_password, $vpass, $username, $user_id) {
Global $user, $cookie, $userinfo, $user_prefix, $db, $module_name, $minpass;
cookiedecode($user);
$check = $cookie[1];
$check2 = $cookie[2];
$sql = "SELECT user_id, user_password FROM ".$user_prefix."_users WHERE username='$check'";
$result = $db->sql_query($sql);
$row = $db->sql_fetch($result);
$vuid = $row[user_id];
$ccpass = $row[user_password];
$atl_name = "$name";
$atl_surname = "$surname";
$atl_email = "$email";
$atl_homea = "$homea";
$atl_homet = "$homet";
$atl_worka = "$worka";
$atl_workt = "$workt";
$atl_posta = "$posta";
$atl_idnb = "$idnb";
if ((isset($user_password)) && ("$user_pass" != "$vpass")) {
echo "<center>"._PASSDIFFERENT."</center>";
} elseif (($user_password != "") && (strlen($user_password) < $minpass)) {
echo "<center>"._YOUPASSMUSTBE."<b>$minpass</b>"._CHARLONG."</center>";
} else {
if ($user_password != "") {
cookiedecode($user);
$db->sql_query("LOCK TABLES ".$user_prefix."_users WRITE");
$user_password = md5($user_password);
$db->sql_query("UPDATE ".$user_prefix."_users SET name='$atl_name', surname='$atl_surname', email='$atl_email', homea='$atl_homea', homet='$atl_homet', worka='$atl_worka', workt='$atl_workt', posta='$atl_posta', idnb='$atl_idnb',user_password='$user_password' WHERE user_id='$user_id'");
$sql = "SELECT user_id, username, user_password FROM ".$user_prefix."_users WHERE username='$username' AND user_password='$user_password'";
$result = $db->sql_query($sql);
if ($db->sql_numrows($result) == 1) {
$userinfo = $db->sql_fetch(result);
decookie($userinfo[user_id],$userinfo[username],$userinfo[user_password]);
} else {
echo "<center>"._SOMETHIGNWRONG."</center><br>";
}
$db->sql_query("UNLOCK TABLES");
} else {
$db->sql_query("UPDATE ".$user_prefix."_users SET name='$atl_name', surname='$atl_surname', email='$atl_email', homea='$atl_homea', homet='$atl_homet', worka='$atl_worka', workt='$atl_workt', posta='$atl_posta', idnb='$atl_idnb',user_password='$user_password' WHERE user_id='$user_id'");
}
Header("Location: modules.php?name=$module_name");
}
}

switch($op) {
case "logout":
logout();
break;

case "lost_pass":
lost_pass();
break;

case "mailpasswd":
mailpasswd($username);
break;

case "login":
login($username, $user_password, $dedirect);
break;

case "edituser":
edituser();
break;

case "saveuser":
saveuser($name, $surname, $email, $homea, $homet, $worka, $workt, $posta, $idnb, $user_password, $vpass, $username, $user_id);
break;

case "pass_lost":
pass_lost();
break;

default:
main($user);
break;
}

?>[/syntax]
Last edited by doggy on Mon Jan 19, 2004 7:10 am, edited 1 time in total.
User avatar
DuFF
Forum Contributor
Posts: 495
Joined: Tue Jun 24, 2003 7:49 pm
Location: USA

Post by DuFF »

It would be nice to know whats wrong with it . . .
User avatar
doggy
Forum Commoner
Posts: 80
Joined: Tue Dec 09, 2003 5:01 am
Location: South Africa

Post by doggy »

I made a user from the administrator site and that user cant login .. and i have no idea what can be wrong .
User avatar
DuFF
Forum Contributor
Posts: 495
Joined: Tue Jun 24, 2003 7:49 pm
Location: USA

Post by DuFF »

#1. Check the database, was his username even entered into it?

#2. Try creating it again.

#3. If his username is in the database, and this didn't work for a second time, try creating a test user.

Use the signup form to make a user with username: ADMIN and password: ADMIN (thats just an example, try using a different username and password). Then find the MD5 of the password and check it with what you have in your database.

I also forgot to ask, what is the error saying? "Incorrect Password" or something?
User avatar
doggy
Forum Commoner
Posts: 80
Joined: Tue Dec 09, 2003 5:01 am
Location: South Africa

Post by doggy »

Straterra
Forum Regular
Posts: 527
Joined: Mon Nov 24, 2003 8:46 am
Location: Indianapolis, Indiana
Contact:

Post by Straterra »

You see, this is why I wrote my own portal. I would suggest everyone to do the same. When you write your own, it integrates perfectly into any website because you made it. Also, you can only put into the portal what you need, not a bunch of extra crap...just a thought.
Post Reply