| changeset 406 | 7468a663315f |
| parent 402 | d907601ccad2 |
| child 411 | d1a95497b68f |
| 405:adb7f8de8ce1 | 406:7468a663315f |
|---|---|
368 |
368 |
369 function start() |
369 function start() |
370 { |
370 { |
371 global $db, $session, $paths, $template, $plugins; // Common objects |
371 global $db, $session, $paths, $template, $plugins; // Common objects |
372 global $lang; |
372 global $lang; |
373 global $timezone; |
|
373 if($this->started) return; |
374 if($this->started) return; |
374 $this->started = true; |
375 $this->started = true; |
375 $user = false; |
376 $user = false; |
376 if(isset($_COOKIE['sid'])) |
377 if(isset($_COOKIE['sid'])) |
377 { |
378 { |
389 |
390 |
390 if(!$this->compat && $userdata['account_active'] != 1 && $data[1] != 'Special' && $data[1] != 'Admin') |
391 if(!$this->compat && $userdata['account_active'] != 1 && $data[1] != 'Special' && $data[1] != 'Admin') |
391 { |
392 { |
392 $language = intval(getConfig('default_language')); |
393 $language = intval(getConfig('default_language')); |
393 $lang = new Language($language); |
394 $lang = new Language($language); |
395 @setlocale(LC_ALL, $lang->lang_code); |
|
394 |
396 |
395 $this->logout(); |
397 $this->logout(); |
396 $a = getConfig('account_activation'); |
398 $a = getConfig('account_activation'); |
397 switch($a) |
399 switch($a) |
398 { |
400 { |
488 $this->theme = $template->default_theme; |
490 $this->theme = $template->default_theme; |
489 $this->style = $template->default_style; |
491 $this->style = $template->default_style; |
490 } |
492 } |
491 } |
493 } |
492 $user = true; |
494 $user = true; |
495 $GLOBALS['timezone'] = $userdata['user_timezone']; |
|
493 |
496 |
494 // Set language |
497 // Set language |
495 if ( !defined('ENANO_ALLOW_LOAD_NOLANG') ) |
498 if ( !defined('ENANO_ALLOW_LOAD_NOLANG') ) |
496 { |
499 { |
497 $lang_id = intval($userdata['user_lang']); |
500 $lang_id = intval($userdata['user_lang']); |
498 $lang = new Language($lang_id); |
501 $lang = new Language($lang_id); |
502 @setlocale(LC_ALL, $lang->lang_code); |
|
499 } |
503 } |
500 |
504 |
501 if(isset($_REQUEST['auth']) && !$this->sid_super) |
505 if(isset($_REQUEST['auth']) && !$this->sid_super) |
502 { |
506 { |
503 // Now he thinks he's a moderator. Or maybe even an administrator. Let's find out if he's telling the truth. |
507 // Now he thinks he's a moderator. Or maybe even an administrator. Let's find out if he's telling the truth. |
1166 // This is a VERY special case we are allowing. It lets the installer create languages using the Enano API. |
1170 // This is a VERY special case we are allowing. It lets the installer create languages using the Enano API. |
1167 if ( !defined('ENANO_ALLOW_LOAD_NOLANG') ) |
1171 if ( !defined('ENANO_ALLOW_LOAD_NOLANG') ) |
1168 { |
1172 { |
1169 $language = ( isset($_GET['lang']) && preg_match('/^[a-z0-9_]+$/', @$_GET['lang']) ) ? $_GET['lang'] : intval(getConfig('default_language')); |
1173 $language = ( isset($_GET['lang']) && preg_match('/^[a-z0-9_]+$/', @$_GET['lang']) ) ? $_GET['lang'] : intval(getConfig('default_language')); |
1170 $lang = new Language($language); |
1174 $lang = new Language($language); |
1175 @setlocale(LC_ALL, $lang->lang_code); |
|
1171 } |
1176 } |
1172 } |
1177 } |
1173 |
1178 |
1174 /** |
1179 /** |
1175 * Validates a session key, and returns the userdata associated with the key or false |
1180 * Validates a session key, and returns the userdata associated with the key or false |
1199 $keyhash = md5($key); |
1204 $keyhash = md5($key); |
1200 $salt = $db->escape($keydata[3]); |
1205 $salt = $db->escape($keydata[3]); |
1201 // using a normal call to $db->sql_query to avoid failing on errors here |
1206 // using a normal call to $db->sql_query to avoid failing on errors here |
1202 $query = $db->sql_query('SELECT u.user_id AS uid,u.username,u.password,u.email,u.real_name,u.user_level,u.theme,u.style,u.signature,' . "\n" |
1207 $query = $db->sql_query('SELECT u.user_id AS uid,u.username,u.password,u.email,u.real_name,u.user_level,u.theme,u.style,u.signature,' . "\n" |
1203 . ' u.reg_time,u.account_active,u.activation_key,u.user_lang,k.source_ip,k.time,k.auth_level,COUNT(p.message_id) AS num_pms,' . "\n" |
1208 . ' u.reg_time,u.account_active,u.activation_key,u.user_lang,k.source_ip,k.time,k.auth_level,COUNT(p.message_id) AS num_pms,' . "\n" |
1204 . ' x.* FROM '.table_prefix.'session_keys AS k' . "\n" |
1209 . ' u.user_timezone, x.* FROM '.table_prefix.'session_keys AS k' . "\n" |
1205 . ' LEFT JOIN '.table_prefix.'users AS u' . "\n" |
1210 . ' LEFT JOIN '.table_prefix.'users AS u' . "\n" |
1206 . ' ON ( u.user_id=k.user_id )' . "\n" |
1211 . ' ON ( u.user_id=k.user_id )' . "\n" |
1207 . ' LEFT JOIN '.table_prefix.'users_extra AS x' . "\n" |
1212 . ' LEFT JOIN '.table_prefix.'users_extra AS x' . "\n" |
1208 . ' ON ( u.user_id=x.user_id OR x.user_id IS NULL )' . "\n" |
1213 . ' ON ( u.user_id=x.user_id OR x.user_id IS NULL )' . "\n" |
1209 . ' LEFT JOIN '.table_prefix.'privmsgs AS p' . "\n" |
1214 . ' LEFT JOIN '.table_prefix.'privmsgs AS p' . "\n" |
1212 . ' AND k.salt=\''.$salt.'\'' . "\n" |
1217 . ' AND k.salt=\''.$salt.'\'' . "\n" |
1213 . ' GROUP BY u.user_id,u.username,u.password,u.email,u.real_name,u.user_level,u.theme,u.style,u.signature,u.reg_time,u.account_active,u.activation_key,u.user_lang,k.source_ip,k.time,k.auth_level,x.user_id, x.user_aim, x.user_yahoo, x.user_msn, x.user_xmpp, x.user_homepage, x.user_location, x.user_job, x.user_hobbies, x.email_public;'); |
1218 . ' GROUP BY u.user_id,u.username,u.password,u.email,u.real_name,u.user_level,u.theme,u.style,u.signature,u.reg_time,u.account_active,u.activation_key,u.user_lang,k.source_ip,k.time,k.auth_level,x.user_id, x.user_aim, x.user_yahoo, x.user_msn, x.user_xmpp, x.user_homepage, x.user_location, x.user_job, x.user_hobbies, x.email_public;'); |
1214 |
1219 |
1215 if ( !$query ) |
1220 if ( !$query ) |
1216 { |
1221 { |
1217 $query = $this->sql('SELECT u.user_id AS uid,u.username,u.password,u.email,u.real_name,u.user_level,u.theme,u.style,u.signature,u.reg_time,u.account_active,u.activation_key,k.source_ip,k.time,k.auth_level,COUNT(p.message_id) AS num_pms FROM '.table_prefix.'session_keys AS k |
1222 $query = $this->sql('SELECT u.user_id AS uid,u.username,u.password,u.email,u.real_name,u.user_level,u.theme,u.style,u.signature,u.reg_time,u.account_active,u.activation_key,k.source_ip,k.time,k.auth_level,COUNT(p.message_id) AS num_pms, 1440 AS user_timezone FROM '.table_prefix.'session_keys AS k |
1218 LEFT JOIN '.table_prefix.'users AS u |
1223 LEFT JOIN '.table_prefix.'users AS u |
1219 ON ( u.user_id=k.user_id ) |
1224 ON ( u.user_id=k.user_id ) |
1220 LEFT JOIN '.table_prefix.'privmsgs AS p |
1225 LEFT JOIN '.table_prefix.'privmsgs AS p |
1221 ON ( p.message_to=u.username AND p.message_read=0 ) |
1226 ON ( p.message_to=u.username AND p.message_read=0 ) |
1222 WHERE k.session_key=\''.$keyhash.'\' |
1227 WHERE k.session_key=\''.$keyhash.'\' |
1280 |
1285 |
1281 $this->user_extra = $user_extra; |
1286 $this->user_extra = $user_extra; |
1282 // Leave the rest to PHP's automatic garbage collector ;-) |
1287 // Leave the rest to PHP's automatic garbage collector ;-) |
1283 |
1288 |
1284 $row['password'] = md5($real_pass); |
1289 $row['password'] = md5($real_pass); |
1290 $row['user_timezone'] = intval($row['user_timezone']) - 1440; |
|
1285 |
1291 |
1286 profiler_log("SessionManager: finished session check"); |
1292 profiler_log("SessionManager: finished session check"); |
1287 |
1293 |
1288 return $row; |
1294 return $row; |
1289 } |
1295 } |
1297 function compat_validate_session($key) |
1303 function compat_validate_session($key) |
1298 { |
1304 { |
1299 global $db, $session, $paths, $template, $plugins; // Common objects |
1305 global $db, $session, $paths, $template, $plugins; // Common objects |
1300 $key = $db->escape($key); |
1306 $key = $db->escape($key); |
1301 |
1307 |
1302 $query = $this->sql('SELECT u.user_id,u.username,u.password,u.email,u.real_name,u.user_level,k.source_ip,k.salt,k.time,k.auth_level FROM '.table_prefix.'session_keys AS k |
1308 $query = $this->sql('SELECT u.user_id,u.username,u.password,u.email,u.real_name,u.user_level,k.source_ip,k.salt,k.time,k.auth_level,1440 AS user_timezone FROM '.table_prefix.'session_keys AS k |
1303 LEFT JOIN '.table_prefix.'users AS u |
1309 LEFT JOIN '.table_prefix.'users AS u |
1304 ON u.user_id=k.user_id |
1310 ON u.user_id=k.user_id |
1305 WHERE k.session_key=\''.$key.'\';'); |
1311 WHERE k.session_key=\''.$key.'\';'); |
1306 if($db->numrows() < 1) |
1312 if($db->numrows() < 1) |
1307 { |
1313 { |
1341 $this->sw_timed_out = true; |
1347 $this->sw_timed_out = true; |
1342 // Session timed out |
1348 // Session timed out |
1343 // echo '(debug) $session->validate_session: super session timed out<br />'; |
1349 // echo '(debug) $session->validate_session: super session timed out<br />'; |
1344 return false; |
1350 return false; |
1345 } |
1351 } |
1352 |
|
1353 $row['user_timezone'] = intval($row['user_timezone']) - 1440; |
|
1346 |
1354 |
1347 return $row; |
1355 return $row; |
1348 } |
1356 } |
1349 |
1357 |
1350 /** |
1358 /** |