Here is the original login.php:
Code: Select all
session_start();
require_once('./includes/incglobal.php');
function exec_redirect($header = 'Redirecting', $message = 'Please wait while we redirect you...', $delay = 5, $url = 'index.php')
{
global $config;
return "
<br />
<META HTTP-EQUIV=\"refresh\" content=\"{$delay};URL={$config['scripturl']}/{$url}\">
<table width=\"100%\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"1\" style=\"background-color:black;text-align:center;\">
<tr style=\"background-color:{$config['altcolora']};\">
<td width=\"100%\" valign=\"middle\" colspan=\"2\" style=\"background:url({$config['bg']});text-align:center;\">
<strong>{$header}</strong>
</td>
</tr>
<tr style=\"background-color:{$config['altcolorb']};\">
<td width=\"100%\" valign=\"middle\" style=\"text-align:center;\">
{$message}
</td>
</tr>
</table><br /><br /><br /><br />
";
}
/**
* randomString() - Generates a random string of an arbitrary length (default = 8); used in Hash and SessionID generations
*
* @param integer $length
* @return
*/
function randomString($length = 8)
{
$chars = "abcdefghijklmnopqrstuvwxyz0123456789";
srand((double)microtime()*1000000);
$i = 0;
$foo = '';
while ($i < $length)
{
$num = rand() % 33;
$tmp = substr($chars, $num, 1);
$foo = $foo . $tmp;
$i++;
}
return $foo;
}
switch($act)
{
case 'setlogin':
set($login);
break;
case 'logout':
logout();
break;
case 'forgotpw':
forgotpw($login);
break;
case 'sendpass':
sendpass();
break;
default:
login($mes);
break;
}
function login($mes)
{
global $config;
if (isset($_COOKIE['user']))
{
$out['body'] .= "
<br />
<table width=\"90%\" border=\"0\" cellspacing=\"1\" cellpadding=\"1\" style=\"background-color:black;text-align:center;\">
<tr style=\"background-color:{$config['altcolora']};\">
<td width=\"100%\" valign=\"middle\" colspan=\"2\" style=\"background:url({$config['bg']});text-align:center;\">
<strong>Login</strong>
</td>
</tr>
<tr style=\"background-color:{$config['altcolorb']};\">
<td width=\"100%\" valign=\"middle\" style=\"text-align:center;\">
<strong>You are already logged in!</strong>
</td>
</tr>
</table>
<br /><br /><br /><br />
";
}
else
{
$out['body'] .= "
<br />
<form method=\"post\" action=\"./login.php\">
<table align=\"center\" width=\"400\" border=\"0\" cellspacing=\"1\" style=\"background-color:black;\" cellpadding=\"1\">
<tr style=\"background-color:{$config['altcolor']};\">
<td style=\"background:url({$config['bg']});text-align:left;\" width=\"100%\" valign=\"middle\" colspan=\"2\">
<strong>Login</strong>
";
if(isset($mes))
{
$out['body'] .= "<span style=\"color:red;\">(Incorrect Login)</span>";
}
$out['body'] .= "
</td>
</tr>
<tr style=\"background-color:{$config['altcolorb']};\">
<td width=\"40%\" valign=\"middle\" style=\"text-align:left;\">
Username
</td>
<td width=\"60%\" valign=\"middle\" style=\"text-align:left;\">
<input type=\"text\" name=\"login[name]\" class=\"input\" value=\"{$login['name']}\" size=\"32\" maxlength=\"15\" />
</td>
</tr>
<tr style=\"background-color:{$config['altcolorb']};\">
<td width=\"40%\" valign=\"middle\" style=\"text-align:left;\">
Password
</td>
<td width=\"60%\" valign=\"middle\" style=\"text-align:left;\">
<input type=\"password\" class=\"input\" name=\"login[pass]\" value=\"\" size=\"32\" maxlength=\"20\" />
</td>
</tr>
<tr style=\"background-color:{$config['altcolorb']};\">
<td width=\"40%\" valign=\"middle\" style=\"text-align:left;\">Login Length</td>
<td width=\"60%\" valign=\"middle\" style=\"text-align:left;\">
<select class=\"button\" name=\"login[clength]\">
<option value=\"60\">1 Hour</option>
<option value=\"1440\">1 Day</option>
<option value=\"10080\">1 Week</option>
<option value=\"43200\">1 Month</option>
<option value=\"83200\" selected=\"selected\">Forever</option>
</select>
</td>
</tr>
<tr style=\"background-color:{$config['altcolorb']};\">
<td>
<a href=\"./register.php\">Register Now!</a>
</td>
<td width=\"100%\" valign=\"top\" style=\"text-align:right;\">
<input type=\"hidden\" name=\"act\" value=\"setlogin\" />
<input type=\"submit\" class=\"button\" name=\"submit\" value=\"Login >>\" />
</td>
</tr>
</table>
</form><br /><br />
<form method=\"post\" action=\"./login.php\">
<table align=\"center\" width=\"400\" border=\"0\" cellspacing=\"1\" cellpadding=\"2\" style=\"background-color:black;text-align:center;\">
<tr style=\"background-color:{$config['altcolora']};\">
<td width=\"100%\" valign=\"middle\" colspan=\"2\" style=\"background:url({$config['bg']});text-align:left;\">
<strong>Forgot Password?</strong>
</td>
</tr>
<tr style=\"background-color:{$config['altcolorb']};\">
<td width=\"40%\" valign=\"middle\" style=\"text-align:left;\">
E-Mail
</td>
<td width=\"60%\" valign=\"middle\" style=\"text-align:center;\">
<input type=\"text\" name=\"login[email]\" class=\"input\" value=\"\" size=\"25\" maxlength=\"50\" />
</td>
</tr>
<tr style=\"background-color:{$config['altcolorb']};\">
<td width=\"40%\" valign=\"middle\" style=\"text-align:left;\">
<img src=\"./includes/captcha.php\" alt=\"Captcha!\" />
</td>
<td width=\"60%\" valign=\"middle\" style=\"text-align:center;\">
Enter the text you see in the image.<br />
<input class=\"input\" type=\"text\" name=\"login[capt]\" value=\"\" size=\"40\" maxlength=\"13\" />
</td>
</tr>
<tr style=\"background-color:{$config['altcolorb']};\">
<td width=\"100%\" valign=\"top\" style=\"text-align:right;\" colspan=\"2\">
<input type=\"hidden\" name=\"act\" value=\"forgotpw\" />
<input type=\"submit\" class=\"button\" name=\"submit\" value=\"Resend >>\" />
</td>
</tr>
</table>
</form><br /><br />
";
}
require_once($config['html']);
}
function set($login)
{
global $config;
$login['pass'] = md5(md5($login['pass']));
$foo = mysql_query("
SELECT id, act
FROM members
WHERE name = '{$login['name']}' AND password = '{$login['pass']}'
");
if(!mysql_num_rows($foo))
{
error('You have specified an Invalid Login ID and or Password!');
}
$bar = mysql_fetch_array($foo, MYSQL_ASSOC);
if(!$bar['act'])
{
error('Your account has not yet been activated. To activate your account, you must click the link provided in your welcome email.');
}
//Set Cookies
setcookie('tid', $bar['id'], time() + (60 * $login['clength']));
setcookie('user', $login['name'], time() + (60 * $login['clength']));
setcookie('pass', $login['pass'], time() + (60 * $login['clength']));
$out['body'] = exec_redirect('Login', 'Please wait while you are logged in', 0, 'index.php?action=myhome');
require_once($config['html']);
}
function logout()
{
global $config;
setcookie('tid', '', time() - (60 * 83200));
setcookie('user', '', time() - (60 * 83200));
setcookie('pass', '', time() - (60 * 83200));
$out['body'] = exec_redirect('Logout', 'You have been successfully logged out', 2, 'index.php');
require_once($config['html']);
}
function forgotpw($login)
{
global $config;
$members = mysql_query("SELECT id, name, password, email FROM members WHERE email='{$login['email']}'");
$member = mysql_fetch_array($members);
$code = md5(md5($member['password']));
if(!mysql_num_rows($members))
{
error('Unable to find member.');
}
if ($_SESSION['capt'] != $login['capt'])
{
error('The text you entered for verification was wrong.');
}
$email['body'] = "
Hello {$member['name']},\n
If you did not request your password, disregard this email.
A password reset has been requested for your account. To reset your password, click the following link.
{$config['sitelink']}/login.php?act=sendpass&id={$member['id']}&code={$code}
Thanks,
{$config['sitename']}
{$config['sitelink']}
";
$email = array(
'toname' => $member['name'],
'toemail' => $login['email'],
'subject' => "{$config['sitename']} Password Reset Request",
'fromname' => $config['sitename'],
'fromemail' => $config['sitemail'],
'replyname' => $member['name'],
'replyemail' => $member['email'],
'body' => str_replace("\t", "", ltrim($email['body'])),
);
email($email);
$out['body'] .= "
<br />
<table width=\"450\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"2\" style=\"background-color:black;text-align:center;\">
<tr style=\"background-color:{$config['altcolora']};\">
<td width=\"100%\" style=\"background:url({$config['bg']});text-align:center;\" valign=\"middle\" colspan=\"5\">
<b>{$config['sitename']} Forgot Password</b>
</td>
</tr>
<tr style=\"background-color:{$config['altcolor']};\">
<td width=\"100%\" style=\"background-color:{$config['tablex']};text-align:center;\" valign=\"middle\" colspan=\"5\">
Your password reset link has been sent to your email.
</td>
</tr>
</table>
<br /><br /><br />
";
require_once($config['html']);
}
function sendpass()
{
global $config, $id, $code;
$member = mysql_query("SELECT * FROM members WHERE id='{$id}'");
$member = mysql_fetch_array($member);
$oldpass = md5(md5($member['password']));
if($code != $oldpass)
{
error('Invalid Link');
}
$password = randomString();
$hash = md5(md5($password));
$update = mysql_query("UPDATE members SET password = '{$hash}' WHERE id = '{$id}'");
$email['body'] = "
Hello {$member['name']},\n
Your new password is as follows: {$password}
Please write it down or store it somewhere safe.\n
Thanks,
{$config['sitename']}
{$config['sitelink']}
";
$email = array(
'toname' => $member['name'],
'toemail' => $member['email'],
'subject' => "{$config['sitename']} New Password",
'fromname' => $config['sitename'],
'fromemail' => $config['sitemail'],
'replyname' => $member['name'],
'replyemail' => $member['email'],
'body' => str_replace("\t", "", ltrim($email['body'])),
);
email($email);
$out['body'] .= "
<br />
<table width=\"450\" border=\"0\" align=\"center\ cellspacing=\"1\" cellpadding=\"2\" style=\"background-color:black;text-align:center;\">
<tr style=\"background-color:{$config['altcolor']};\">
<td width=\"100%\" style=\"background:url({$config['bg']});text-align:center;\" valign=\"middle\" colspan=\"5\">
<strong>{$config['sitename']} Forgot Password</strong>
</td>
</tr>
<tr style=\"background-color:{$config['altcolor']};\">
<td width=\"100%\" style=\"background-color:{$config['tablex']};text-align:center;\" valign=\"middle\" colspan=\"5\">
Your password has been reset. Your new password is {$password}.
</td>
</tr>
</table><br /><br /><br />
";
require_once($config['html']);
}
?>Code: Select all
define( "IN_PHPBB", true );
$phpbb_root_path = './forum/';
$phpEx = substr( strrchr( __FILE__, "." ), 1 );
require($phpbb_root_path . "common." . $phpEx );
require($phpbb_root_path . "includes/functions_user." . $phpEx );
require($phpbb_root_path . "includes/functions_module." . $phpEx );
$user->session_begin();
$result = $auth->login( $login['name'], $login['pass']);
if ( $result[ "status" ] == LOGIN_SUCCESS )
{
// redirect
}