<?php

/*-------------------------------------------------------+

| <span style="border-bottom: 1px dotted black;">PHP</span>-Fusion Content Management System

| Copyright (C) 2002 - 2010 Nick Jones

| <a href='http://www.php-fusion.co.uk/' target='_blank'><span style='color:005C5B'>http://www.php-fusion.co.uk/</span></a>

+--------------------------------------------------------+

| Filename: setuser.php

| Author: Nick Jones (Digitanium)

+--------------------------------------------------------+

| This program is released as free software under the

| Affero GPL license. You can redistribute it and/or

| modify it under the terms of this license which you

| can read by viewing the included agpl.txt or online

| at <a href='http://www.gnu.org/licenses/agpl.html.' target='_blank'><span style='color:005C5B'>www.gnu.org/licenses/agpl.html.</span></a> Removal of this

| copyright header is strictly prohibited without

| written permission from the original author(s).

+--------------------------------------------------------*/

require_once "maincore.php";

include THEME."theme.php";

 

 

$session_destroyed = false; $page_content = ""; $page_refresh = "3";

 

if (iMEMBER && (isset($_REQUEST['logout']) && $_REQUEST['logout'] == "yes")) {

	if ($settings['login_method'] == "cookies") {

		header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");

		setcookie(COOKIE_PREFIX."user", "", time() - 7200, "/", "", "0");

		setcookie(COOKIE_PREFIX."lastvisit", "", time() - 7200, "/", "", "0");

	} elseif ($settings['login_method'] == "sessions") {

		session_destroy();

		$session_destroyed = true;

	}

	$result = dbquery("DELETE FROM ".DB_ONLINE." WHERE online_ip='".USER_IP."'");

	$page_content .= "<strong>".$locale['global_192'].$userdata['user_name']."</strong><br /><br />\n";

} else {

	if (isset($_GET['error']) && $_GET['error'] == 1) {

		$id = ((isset($_GET['id']) && isnum($_GET['id'])) ? $_GET['id'] : "0");

		$data = dbarray(dbquery("SELECT suspend_reason FROM ".DB_SUSPENDS." WHERE suspended_user='".$id."' ORDER BY suspend_date DESC LIMIT 1"));

		$page_content .= "<strong>".$locale['global_406']."<br /><br />\n";

		$page_content .= $data['suspend_reason']."</strong><br /><br />\n";

		$page_refresh = "15";

	} elseif (isset($_GET['error']) && $_GET['error'] == 2) {

		$page_content .= "<strong>".$locale['global_195']."</strong><br /><br />\n";

	} elseif (isset($_GET['error']) && $_GET['error'] == 3) {

		$id = ((isset($_GET['id']) && isnum($_GET['id'])) ? $_GET['id'] : "0");

		$data = dbarray(dbquery("SELECT suspend_reason FROM ".DB_SUSPENDS." WHERE suspended_user='".$id."' ORDER BY suspend_date DESC LIMIT 1"));

		$data2 = dbarray(dbquery("SELECT user_actiontime FROM ".DB_USERS." WHERE user_id='".$id."'"));

		$page_content .= "<strong>".$locale['global_407'].showdate('shortdate', $data2['user_actiontime']).$locale['global_408']."<br /><br />\n";

		$page_content .= $data['suspend_reason']."</strong><br /><br />\n";

		$page_refresh = "15";

	} elseif (isset($_GET['error']) && $_GET['error'] == 4) {

		$page_content .= "<strong>".$locale['global_409']."<br /><br />\n";

		$page_content .= $locale['global_410'].$data['suspend_reason']."</strong><br /><br />\n";

	} elseif (isset($_GET['error']) && $_GET['error'] == 5) {

		$page_content .= "<strong>".$locale['global_411']."</strong><br /><br />\n";

	} elseif (isset($_GET['error']) && $_GET['error'] == 6) {

		$page_content .= "<strong>".$locale['global_412']."</strong><br /><br />\n";

		$page_refresh = "7";

	} elseif (isset($_GET['error']) && $_GET['error'] == 8) {

		$page_content .= "<strong>".$locale['global_196']."</strong><br /><br />\n";

	} else {

		if (($settings['login_method'] == "cookies" && isset($_COOKIE[COOKIE_PREFIX.'user'])) || ($settings['login_method'] == "sessions" && isset($_SESSION[COOKIE_PREFIX.'user_id']) && isset($_SESSION[COOKIE_PREFIX.'user_pass']))) {

			if ($settings['login_method'] == "cookies") {

				$cookie_vars = explode(".", $_COOKIE[COOKIE_PREFIX.'user']);

				$user_pass = preg_check("/^[0-9a-z]{32}$/", $cookie_vars['1']) ? $cookie_vars['1'] : "";

			} elseif ($settings['login_method'] == "sessions") {

				$user_pass = preg_check("/^[0-9a-z]{32}$/", $_SESSION[COOKIE_PREFIX.'user_pass']) ? $_SESSION[COOKIE_PREFIX.'user_pass'] : "";

			}

			$user_name = preg_replace(array("/\=/","/\#/","/\sOR\s/"), "", stripinput($_GET['user']));

			if (!dbcount("(user_id)", DB_USERS, "user_name='".$user_name."' AND user_password='".md5($user_pass)."'")) {

				$page_content .= "<strong>".$locale['global_196']."</strong><br /><br />\n";

			} else {

				$result = dbquery("DELETE FROM ".DB_ONLINE." WHERE online_user='0' AND online_ip='".USER_IP."'");

				$page_content .= "<strong>".$locale['global_193'].$_GET['user']."</strong><br /><br />";

$page_content .="<meta http-equiv='refresh' content='2; url=".BASEDIR."profilesssss.php".$data['user_id']."' />";

			}

		}

	}

}

header('Location: index.php');

 

if (ob_get_length() !== FALSE){

	ob_end_flush();

}

 

if ($settings['login_method'] == "sessions" && $session_destroyed == false) {

	session_write_close();

}

mysql_close($db_connect);

?>