Temos pavadinimas: WordPress, Shopify ir PHPFusion programuotojų bendruomenė :: no more setuser.php

Parašė MAnjack· 2008 Sau. 16 16:01:08
#4

Redaguok šitą vietą:
if (isset($_POST['login'])) {
   $user_pass = md5($_POST['user_pass']);
   $user_name = preg_replace(array("/\=/","/\#/","/\sOR\s/"), "", stripinput($_POST['user_name']));
   $result = dbquery("SELECT * FROM ".$db_prefix."users WHERE user_name='$user_name' AND (user_password='".md5($user_pass)."' OR user_password='$user_pass')");
   if (dbrows($result) != 0) {
      $data = dbarray($result);
      if ($data['user_password'] == $user_pass) {
         $result = dbquery("UPDATE ".$db_prefix."users SET user_password='".md5($user_pass)."' WHERE user_id='".$data['user_id']."'");
      }
      $cookie_value = $data['user_id'].".".$user_pass;
      if ($data['user_status'] == 0) {   
         $cookie_exp = isset($_POST['remember_me']) ? time() + 3600*24*30 : time() + 3600*3;
         header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
         setcookie("fusion_user", $cookie_value, $cookie_exp, "/", "", "0");
         redirect(BASEDIR."index.php", "script");
         redirect(BASEDIR."setuser.php?user=".$data['user_name'], "script");
      } elseif ($data['user_status'] == 1) {
         redirect(BASEDIR."setuser.php?error=1", "script");
      } elseif ($data['user_status'] == 2) {
         redirect(BASEDIR."setuser.php?error=2", "script");
      }
   } else {
      redirect(BASEDIR."setuser.php?error=3");
   }
}