Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 477 lines (377 sloc) 18.273 kb
07959a2 Development version of PunBB 1.3
Anatoly authored
1 <?php
619e67e Added phpDoc comments to the start of every PHP file, replacing the exis...
Anatoly authored
2 /**
3 * Handles logins, logouts, and password reset requests.
4 *
e2caa53 @dimkalinux Update copyright.
dimkalinux authored
5 * @copyright (C) 2008-2012 PunBB, partially based on code (C) 2008-2009 FluxBB.org
619e67e Added phpDoc comments to the start of every PHP file, replacing the exis...
Anatoly authored
6 * @license http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
7 * @package PunBB
8 */
07959a2 Development version of PunBB 1.3
Anatoly authored
9
10
11 if (isset($_GET['action']))
12 define('FORUM_QUIET_VISIT', 1);
13
14 if (!defined('FORUM_ROOT'))
15 define('FORUM_ROOT', './');
16 require FORUM_ROOT.'include/common.php';
17
18 ($hook = get_hook('li_start')) ? eval($hook) : null;
19
20 // Load the login.php language file
21 require FORUM_ROOT.'lang/'.$forum_user['language'].'/login.php';
22
23
24 $action = isset($_GET['action']) ? $_GET['action'] : null;
25 $errors = array();
26
27 // Login
3214abe Fixed logging in in login.php. Based on FluxBB patch.
Anatoly authored
28 if (isset($_POST['form_sent']) && empty($action))
07959a2 Development version of PunBB 1.3
Anatoly authored
29 {
a096817 Globally replacing trim() with forum_trim().
Anatoly authored
30 $form_username = forum_trim($_POST['req_username']);
31 $form_password = forum_trim($_POST['req_password']);
07959a2 Development version of PunBB 1.3
Anatoly authored
32 $save_pass = isset($_POST['save_pass']);
33
34 ($hook = get_hook('li_login_form_submitted')) ? eval($hook) : null;
35
36 // Get user info matching login attempt
37 $query = array(
38 'SELECT' => 'u.id, u.group_id, u.password, u.salt',
39 'FROM' => 'users AS u'
40 );
41
83c105b @dimkalinux Varius fixes for support new DB drivers
dimkalinux authored
42 if (in_array($db_type, array('mysql', 'mysqli', 'mysql_innodb', 'mysqli_innodb')))
07959a2 Development version of PunBB 1.3
Anatoly authored
43 $query['WHERE'] = 'username=\''.$forum_db->escape($form_username).'\'';
44 else
45 $query['WHERE'] = 'LOWER(username)=LOWER(\''.$forum_db->escape($form_username).'\')';
46
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
47 ($hook = get_hook('li_login_qr_get_login_data')) ? eval($hook) : null;
07959a2 Development version of PunBB 1.3
Anatoly authored
48 $result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
49 list($user_id, $group_id, $db_password_hash, $salt) = $forum_db->fetch_row($result);
50
51 $authorized = false;
52 if (!empty($db_password_hash))
53 {
54 $sha1_in_db = (strlen($db_password_hash) == 40) ? true : false;
55 $form_password_hash = forum_hash($form_password, $salt);
56
57 if ($sha1_in_db && $db_password_hash == $form_password_hash)
58 $authorized = true;
59 else if ((!$sha1_in_db && $db_password_hash == md5($form_password)) || ($sha1_in_db && $db_password_hash == sha1($form_password)))
60 {
61 $authorized = true;
62
63 $salt = random_key(12);
64 $form_password_hash = forum_hash($form_password, $salt);
65
66 // There's an old MD5 hash or an unsalted SHA1 hash in the database, so we replace it
67 // with a randomly generated salt and a new, salted SHA1 hash
68 $query = array(
69 'UPDATE' => 'users',
70 'SET' => 'password=\''.$form_password_hash.'\', salt=\''.$forum_db->escape($salt).'\'',
71 'WHERE' => 'id='.$user_id
72 );
73
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
74 ($hook = get_hook('li_login_qr_update_user_hash')) ? eval($hook) : null;
07959a2 Development version of PunBB 1.3
Anatoly authored
75 $forum_db->query_build($query) or error(__FILE__, __LINE__);
76 }
77 }
78
79 ($hook = get_hook('li_login_pre_auth_message')) ? eval($hook) : null;
80
81 if (!$authorized)
82 $errors[] = sprintf($lang_login['Wrong user/pass']);
83
84 // Did everything go according to plan?
85 if (empty($errors))
86 {
87 // Update the status if this is the first time the user logged in
88 if ($group_id == FORUM_UNVERIFIED)
89 {
90 $query = array(
91 'UPDATE' => 'users',
92 'SET' => 'group_id='.$forum_config['o_default_user_group'],
93 'WHERE' => 'id='.$user_id
94 );
95
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
96 ($hook = get_hook('li_login_qr_update_user_group')) ? eval($hook) : null;
07959a2 Development version of PunBB 1.3
Anatoly authored
97 $forum_db->query_build($query) or error(__FILE__, __LINE__);
b8bf3f5 @dimkalinux Update forum stats cache when users deleted or registered.
dimkalinux authored
98
99 // Remove cache file with forum stats
100 if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
101 {
102 require FORUM_ROOT.'include/cache.php';
103 }
104
105 clean_stats_cache();
07959a2 Development version of PunBB 1.3
Anatoly authored
106 }
107
108 // Remove this user's guest entry from the online list
109 $query = array(
110 'DELETE' => 'online',
111 'WHERE' => 'ident=\''.$forum_db->escape(get_remote_address()).'\''
112 );
113
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
114 ($hook = get_hook('li_login_qr_delete_online_user')) ? eval($hook) : null;
07959a2 Development version of PunBB 1.3
Anatoly authored
115 $forum_db->query_build($query) or error(__FILE__, __LINE__);
116
117 $expire = ($save_pass) ? time() + 1209600 : time() + $forum_config['o_timeout_visit'];
118 forum_setcookie($cookie_name, base64_encode($user_id.'|'.$form_password_hash.'|'.$expire.'|'.sha1($salt.$form_password_hash.forum_hash($expire, $salt))), $expire);
119
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
120 ($hook = get_hook('li_login_pre_redirect')) ? eval($hook) : null;
121
07959a2 Development version of PunBB 1.3
Anatoly authored
122 redirect(forum_htmlencode($_POST['redirect_url']).((substr_count($_POST['redirect_url'], '?') == 1) ? '&amp;' : '?').'login=1', $lang_login['Login redirect']);
123 }
124 }
125
126
127 // Logout
128 else if ($action == 'out')
129 {
130 if ($forum_user['is_guest'] || !isset($_GET['id']) || $_GET['id'] != $forum_user['id'])
131 {
132 header('Location: '.forum_link($forum_url['index']));
133 exit;
134 }
135
136 // We validate the CSRF token. If it's set in POST and we're at this point, the token is valid.
137 // If it's in GET, we need to make sure it's valid.
138 if (!isset($_POST['csrf_token']) && (!isset($_GET['csrf_token']) || $_GET['csrf_token'] !== generate_form_token('logout'.$forum_user['id'])))
139 csrf_confirm_form();
140
141 ($hook = get_hook('li_logout_selected')) ? eval($hook) : null;
142
143 // Remove user from "users online" list.
144 $query = array(
145 'DELETE' => 'online',
146 'WHERE' => 'user_id='.$forum_user['id']
147 );
148
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
149 ($hook = get_hook('li_logout_qr_delete_online_user')) ? eval($hook) : null;
07959a2 Development version of PunBB 1.3
Anatoly authored
150 $forum_db->query_build($query) or error(__FILE__, __LINE__);
151
152 // Update last_visit (make sure there's something to update it with)
153 if (isset($forum_user['logged']))
154 {
155 $query = array(
156 'UPDATE' => 'users',
157 'SET' => 'last_visit='.$forum_user['logged'],
158 'WHERE' => 'id='.$forum_user['id']
159 );
160
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
161 ($hook = get_hook('li_logout_qr_update_last_visit')) ? eval($hook) : null;
07959a2 Development version of PunBB 1.3
Anatoly authored
162 $forum_db->query_build($query) or error(__FILE__, __LINE__);
163 }
164
165 $expire = time() + 1209600;
165179d Fixed random number weakness, discovered by Stefan Esser. Imported from ...
Anatoly authored
166 forum_setcookie($cookie_name, base64_encode('1|'.random_key(8, false, true).'|'.$expire.'|'.random_key(8, false, true)), $expire);
07959a2 Development version of PunBB 1.3
Anatoly authored
167
168 // Reset tracked topics
169 set_tracked_topics(null);
170
171 ($hook = get_hook('li_logout_pre_redirect')) ? eval($hook) : null;
172
173 redirect(forum_link($forum_url['index']), $lang_login['Logout redirect']);
174 }
175
176
177 // New password
178 else if ($action == 'forget' || $action == 'forget_2')
179 {
180 if (!$forum_user['is_guest'])
181 header('Location: '.forum_link($forum_url['index']));
182
183 ($hook = get_hook('li_forgot_pass_selected')) ? eval($hook) : null;
184
185 if (isset($_POST['form_sent']))
186 {
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
187 // User pressed the cancel button
188 if (isset($_POST['cancel']))
189 redirect(forum_link($forum_url['index']), $lang_login['New password cancel redirect']);
190
806afa0 Added constants to various included files.
Anatoly authored
191 if (!defined('FORUM_EMAIL_FUNCTIONS_LOADED'))
192 require FORUM_ROOT.'include/email.php';
07959a2 Development version of PunBB 1.3
Anatoly authored
193
194 // Validate the email-address
a096817 Globally replacing trim() with forum_trim().
Anatoly authored
195 $email = strtolower(forum_trim($_POST['req_email']));
07959a2 Development version of PunBB 1.3
Anatoly authored
196 if (!is_valid_email($email))
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
197 $errors[] = $lang_login['Invalid e-mail'];
198
199 ($hook = get_hook('li_forgot_pass_end_validation')) ? eval($hook) : null;
07959a2 Development version of PunBB 1.3
Anatoly authored
200
201 // Did everything go according to plan?
202 if (empty($errors))
203 {
d24f0c6 @dimkalinux Remove num_rows from login.php
dimkalinux authored
204 $users_with_email = array();
205
07959a2 Development version of PunBB 1.3
Anatoly authored
206 // Fetch user matching $email
207 $query = array(
22e4750 @Shutnik Disable reset password for administrators
Shutnik authored
208 'SELECT' => 'u.id, u.group_id, u.username, u.salt, u.last_email_sent',
07959a2 Development version of PunBB 1.3
Anatoly authored
209 'FROM' => 'users AS u',
210 'WHERE' => 'u.email=\''.$forum_db->escape($email).'\''
211 );
212
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
213 ($hook = get_hook('li_forgot_pass_qr_get_user_data')) ? eval($hook) : null;
07959a2 Development version of PunBB 1.3
Anatoly authored
214 $result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
d24f0c6 @dimkalinux Remove num_rows from login.php
dimkalinux authored
215
216 while ($cur_user = $forum_db->fetch_assoc($result))
217 {
218 $users_with_email[] = $cur_user;
219 }
220
221 if (!empty($users_with_email))
07959a2 Development version of PunBB 1.3
Anatoly authored
222 {
223 ($hook = get_hook('li_forgot_pass_pre_email')) ? eval($hook) : null;
224
225 // Load the "activate password" template
a096817 Globally replacing trim() with forum_trim().
Anatoly authored
226 $mail_tpl = forum_trim(file_get_contents(FORUM_ROOT.'lang/'.$forum_user['language'].'/mail_templates/activate_password.tpl'));
07959a2 Development version of PunBB 1.3
Anatoly authored
227
228 // The first row contains the subject
229 $first_crlf = strpos($mail_tpl, "\n");
a096817 Globally replacing trim() with forum_trim().
Anatoly authored
230 $mail_subject = forum_trim(substr($mail_tpl, 8, $first_crlf-8));
231 $mail_message = forum_trim(substr($mail_tpl, $first_crlf));
07959a2 Development version of PunBB 1.3
Anatoly authored
232
233 // Do the generic replacements first (they apply to all e-mails sent out here)
234 $mail_message = str_replace('<base_url>', $base_url.'/', $mail_message);
235 $mail_message = str_replace('<board_mailer>', sprintf($lang_common['Forum mailer'], $forum_config['o_board_title']), $mail_message);
236
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
237 ($hook = get_hook('li_forgot_pass_new_general_replace_data')) ? eval($hook) : null;
238
07959a2 Development version of PunBB 1.3
Anatoly authored
239 // Loop through users we found
d24f0c6 @dimkalinux Remove num_rows from login.php
dimkalinux authored
240 foreach ($users_with_email as $cur_hit)
07959a2 Development version of PunBB 1.3
Anatoly authored
241 {
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
242 $forgot_pass_timeout = 3600;
c760b8b Dealt with potential spam issues from the password reset function. Every...
Anatoly authored
243
244 ($hook = get_hook('li_forgot_pass_pre_flood_check')) ? eval($hook) : null;
245
22e4750 @Shutnik Disable reset password for administrators
Shutnik authored
246 if ($cur_hit['group_id'] == FORUM_ADMIN)
247 message(sprintf($lang_login['Email important'], '<a href="mailto:'.forum_htmlencode($forum_config['o_admin_email']).'">'.forum_htmlencode($forum_config['o_admin_email']).'</a>'));
248
c760b8b Dealt with potential spam issues from the password reset function. Every...
Anatoly authored
249 if ($cur_hit['last_email_sent'] != '' && (time() - $cur_hit['last_email_sent']) < $forgot_pass_timeout && (time() - $cur_hit['last_email_sent']) >= 0)
250 message(sprintf($lang_login['Email flood'], $forgot_pass_timeout));
251
07959a2 Development version of PunBB 1.3
Anatoly authored
252 // Generate a new password activation key
253 $new_password_key = random_key(8, true);
254
255 $query = array(
256 'UPDATE' => 'users',
c760b8b Dealt with potential spam issues from the password reset function. Every...
Anatoly authored
257 'SET' => 'activate_key=\''.$new_password_key.'\', last_email_sent = '.time(),
07959a2 Development version of PunBB 1.3
Anatoly authored
258 'WHERE' => 'id='.$cur_hit['id']
259 );
260
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
261 ($hook = get_hook('li_forgot_pass_qr_set_activate_key')) ? eval($hook) : null;
07959a2 Development version of PunBB 1.3
Anatoly authored
262 $forum_db->query_build($query) or error(__FILE__, __LINE__);
263
264 // Do the user specific replacements to the template
265 $cur_mail_message = str_replace('<username>', $cur_hit['username'], $mail_message);
266 $cur_mail_message = str_replace('<activation_url>', str_replace('&amp;', '&', forum_link($forum_url['change_password_key'], array($cur_hit['id'], $new_password_key))), $cur_mail_message);
267
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
268 ($hook = get_hook('li_forgot_pass_new_user_replace_data')) ? eval($hook) : null;
269
07959a2 Development version of PunBB 1.3
Anatoly authored
270 forum_mail($email, $mail_subject, $cur_mail_message);
271 }
272
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
273 message(sprintf($lang_login['Forget mail'], '<a href="mailto:'.forum_htmlencode($forum_config['o_admin_email']).'">'.forum_htmlencode($forum_config['o_admin_email']).'</a>'));
07959a2 Development version of PunBB 1.3
Anatoly authored
274 }
275 else
276 $errors[] = sprintf($lang_login['No e-mail match'], forum_htmlencode($email));
277 }
278 }
279
280 // Setup form
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
281 $forum_page['group_count'] = $forum_page['item_count'] = $forum_page['fld_count'] = 0;
282ad0e Fixed incorrect form URL for the password restore action in login.php.
Anatoly authored
282 $forum_page['form_action'] = forum_link($forum_url['request_password']);
07959a2 Development version of PunBB 1.3
Anatoly authored
283
284 // Setup breadcrumbs
285 $forum_page['crumbs'] = array(
286 array($forum_config['o_board_title'], forum_link($forum_url['index'])),
ec87610 @dimkalinux Remove link from last part in crumbs
dimkalinux authored
287 $lang_login['New password request']
07959a2 Development version of PunBB 1.3
Anatoly authored
288 );
289
290 ($hook = get_hook('li_forgot_pass_pre_header_load')) ? eval($hook) : null;
291
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
292 define ('FORUM_PAGE', 'reqpass');
07959a2 Development version of PunBB 1.3
Anatoly authored
293 require FORUM_ROOT.'header.php';
294
295 // START SUBST - <!-- forum_main -->
296 ob_start();
297
298 ($hook = get_hook('li_forgot_pass_output_start')) ? eval($hook) : null;
299
300 ?>
b8f0ce4 Reverting to rev248
Anatoly authored
301 <div class="main-head">
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
302 <h2 class="hn"><span><?php echo $lang_login['New password request'] ?></span></h2>
07959a2 Development version of PunBB 1.3
Anatoly authored
303 </div>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
304 <div class="main-content main-frm">
305 <div class="ct-box info-box">
306 <p class="important"><?php echo $lang_login['New password info'] ?></p>
307 </div>
07959a2 Development version of PunBB 1.3
Anatoly authored
308 <?php
309
310 // If there were any errors, show them
311 if (!empty($errors))
312 {
313 $forum_page['errors'] = array();
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
314 foreach ($errors as $cur_error)
07959a2 Development version of PunBB 1.3
Anatoly authored
315 $forum_page['errors'][] = '<li class="warn"><span>'.$cur_error.'</span></li>';
316
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
317 ($hook = get_hook('li_forgot_pass_pre_new_password_errors')) ? eval($hook) : null;
07959a2 Development version of PunBB 1.3
Anatoly authored
318
319 ?>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
320 <div class="ct-box error-box">
05ceea9 Improved error lists displaying (markup and css cleanup).
Roman authored
321 <h2 class="warn hn"><?php echo $lang_login['New password errors'] ?></h2>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
322 <ul class="error-list">
323 <?php echo implode("\n\t\t\t\t", $forum_page['errors'])."\n" ?>
324 </ul>
325 </div>
07959a2 Development version of PunBB 1.3
Anatoly authored
326 <?php
327
328 }
329
330 ?>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
331 <div id="req-msg" class="req-warn ct-box error-box">
2f4ff80 @Shutnik Fix code style: remove unneeded semicolon in quick php
Shutnik authored
332 <p class="important"><?php echo $lang_common['Required warn'] ?></p>
07959a2 Development version of PunBB 1.3
Anatoly authored
333 </div>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
334 <form id="afocus" class="frm-form" method="post" accept-charset="utf-8" action="<?php echo $forum_page['form_action'] ?>">
335 <div class="hidden">
336 <input type="hidden" name="form_sent" value="1" />
337 <input type="hidden" name="csrf_token" value="<?php echo generate_form_token($forum_page['form_action']) ?>" />
07959a2 Development version of PunBB 1.3
Anatoly authored
338 </div>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
339 <?php ($hook = get_hook('li_forgot_pass_pre_group')) ? eval($hook) : null; ?>
340 <div class="frm-group group<?php echo ++$forum_page['group_count'] ?>">
341 <?php ($hook = get_hook('li_forgot_pass_pre_email')) ? eval($hook) : null; ?>
342 <div class="sf-set set<?php echo ++$forum_page['item_count'] ?>">
343 <div class="sf-box text required">
ee8fdac @dimkalinux Remove "Required" label description
dimkalinux authored
344 <label for="fld<?php echo ++$forum_page['fld_count'] ?>"><span><?php echo $lang_login['E-mail address'] ?></span> <small><?php echo $lang_login['E-mail address help'] ?></small></label><br />
74c1804 @Shutnik Fix code style: do not echo empty strings in quick php
Shutnik authored
345 <span class="fld-input"><input id="fld<?php echo $forum_page['fld_count'] ?>" type="email" name="req_email" value="<?php if (isset($_POST['req_email'])) echo forum_htmlencode($_POST['req_email']); ?>" size="35" maxlength="80" required spellcheck="false" /></span>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
346 </div>
347 </div>
348 <?php ($hook = get_hook('li_forgot_pass_pre_group_end')) ? eval($hook) : null; ?>
349 </div>
350 <?php ($hook = get_hook('li_forgot_pass_group_end')) ? eval($hook) : null; ?>
351 <div class="frm-buttons">
da6b315 @dimkalinux Change .default to .primary buttons style
dimkalinux authored
352 <span class="submit primary"><input type="submit" name="request_pass" value="<?php echo $lang_login['Submit password request'] ?>" /></span>
e3c781f @dimkalinux Add novalidate attr for non-submit buttons for prevent validation on can...
dimkalinux authored
353 <span class="cancel"><input type="submit" name="cancel" value="<?php echo $lang_common['Cancel'] ?>" formnovalidate /></span>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
354 </div>
355 </form>
356 </div>
07959a2 Development version of PunBB 1.3
Anatoly authored
357 <?php
358
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
359 ($hook = get_hook('li_forgot_pass_end')) ? eval($hook) : null;
360
a096817 Globally replacing trim() with forum_trim().
Anatoly authored
361 $tpl_temp = forum_trim(ob_get_contents());
07959a2 Development version of PunBB 1.3
Anatoly authored
362 $tpl_main = str_replace('<!-- forum_main -->', $tpl_temp, $tpl_main);
363 ob_end_clean();
364 // END SUBST - <!-- forum_main -->
365
366 require FORUM_ROOT.'footer.php';
367 }
368
369 if (!$forum_user['is_guest'])
370 header('Location: '.forum_link($forum_url['index']));
371
372 // Setup form
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
373 $forum_page['group_count'] = $forum_page['item_count'] = $forum_page['fld_count'] = 0;
3214abe Fixed logging in in login.php. Based on FluxBB patch.
Anatoly authored
374 $forum_page['form_action'] = forum_link($forum_url['login']);
07959a2 Development version of PunBB 1.3
Anatoly authored
375
376 $forum_page['hidden_fields'] = array(
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
377 'form_sent' => '<input type="hidden" name="form_sent" value="1" />',
378 'redirect_url' => '<input type="hidden" name="redirect_url" value="'.forum_htmlencode($forum_user['prev_url']).'" />',
379 'csrf_token' => '<input type="hidden" name="csrf_token" value="'.generate_form_token($forum_page['form_action']).'" />'
b8f0ce4 Reverting to rev248
Anatoly authored
380 );
381
07959a2 Development version of PunBB 1.3
Anatoly authored
382 // Setup breadcrumbs
383 $forum_page['crumbs'] = array(
384 array($forum_config['o_board_title'], forum_link($forum_url['index'])),
ec87610 @dimkalinux Remove link from last part in crumbs
dimkalinux authored
385 sprintf($lang_login['Login info'], $forum_config['o_board_title'])
07959a2 Development version of PunBB 1.3
Anatoly authored
386 );
387
388 ($hook = get_hook('li_login_pre_header_load')) ? eval($hook) : null;
389
390 define('FORUM_PAGE', 'login');
391 require FORUM_ROOT.'header.php';
392
393 // START SUBST - <!-- forum_main -->
394 ob_start();
395
396 ($hook = get_hook('li_login_output_start')) ? eval($hook) : null;
397
398 ?>
b8f0ce4 Reverting to rev248
Anatoly authored
399 <div class="main-head">
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
400 <h2 class="hn"><span><?php echo sprintf($lang_login['Login info'], $forum_config['o_board_title']) ?></span></h2>
b8f0ce4 Reverting to rev248
Anatoly authored
401 </div>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
402 <div class="main-content main-frm">
403 <div class="content-head">
404 <p class="hn"><?php printf($lang_login['Login options'], '<a href="'.forum_link($forum_url['register']).'">'.$lang_login['register'].'</a>', '<a href="'.forum_link($forum_url['request_password']).'">'.$lang_login['Obtain pass'].'</a>') ?></p>
b8f0ce4 Reverting to rev248
Anatoly authored
405 </div>
07959a2 Development version of PunBB 1.3
Anatoly authored
406 <?php
407
408 // If there were any errors, show them
409 if (!empty($errors))
410 {
411 $forum_page['errors'] = array();
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
412 foreach ($errors as $cur_error)
07959a2 Development version of PunBB 1.3
Anatoly authored
413 $forum_page['errors'][] = '<li class="warn"><span>'.$cur_error.'</span></li>';
414
415 ($hook = get_hook('li_pre_login_errors')) ? eval($hook) : null;
416
417 ?>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
418 <div class="ct-box error-box">
05ceea9 Improved error lists displaying (markup and css cleanup).
Roman authored
419 <h2 class="warn hn"><?php echo $lang_login['Login errors'] ?></h2>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
420 <ul class="error-list">
421 <?php echo implode("\n\t\t\t\t", $forum_page['errors'])."\n" ?>
422 </ul>
423 </div>
07959a2 Development version of PunBB 1.3
Anatoly authored
424 <?php
425
426 }
427
428 ?>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
429 <div id="req-msg" class="req-warn ct-box error-box">
2f4ff80 @Shutnik Fix code style: remove unneeded semicolon in quick php
Shutnik authored
430 <p class="important"><?php echo $lang_common['Required warn'] ?></p>
07959a2 Development version of PunBB 1.3
Anatoly authored
431 </div>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
432 <form id="afocus" class="frm-form" method="post" accept-charset="utf-8" action="<?php echo $forum_page['form_action'] ?>">
433 <div class="hidden">
434 <?php echo implode("\n\t\t\t\t", $forum_page['hidden_fields'])."\n" ?>
07959a2 Development version of PunBB 1.3
Anatoly authored
435 </div>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
436 <?php ($hook = get_hook('li_login_pre_login_group')) ? eval($hook) : null; ?>
437 <div class="frm-group group<?php echo ++$forum_page['group_count'] ?>">
438 <?php ($hook = get_hook('li_login_pre_username')) ? eval($hook) : null; ?>
439 <div class="sf-set set<?php echo ++$forum_page['item_count'] ?>">
440 <div class="sf-box text required">
ee8fdac @dimkalinux Remove "Required" label description
dimkalinux authored
441 <label for="fld<?php echo ++$forum_page['fld_count'] ?>"><span><?php echo $lang_login['Username'] ?></span></label><br />
74c1804 @Shutnik Fix code style: do not echo empty strings in quick php
Shutnik authored
442 <span class="fld-input"><input type="text" id="fld<?php echo $forum_page['fld_count'] ?>" name="req_username" value="<?php if (isset($_POST['req_username'])) echo forum_htmlencode($_POST['req_username']); ?>" size="35" maxlength="25" required spellcheck="false" /></span>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
443 </div>
444 </div>
445 <?php ($hook = get_hook('li_login_pre_pass')) ? eval($hook) : null; ?>
446 <div class="sf-set set<?php echo ++$forum_page['item_count'] ?>">
447 <div class="sf-box text required">
ee8fdac @dimkalinux Remove "Required" label description
dimkalinux authored
448 <label for="fld<?php echo ++$forum_page['fld_count'] ?>"><span><?php echo $lang_login['Password'] ?></span></label><br />
74c1804 @Shutnik Fix code style: do not echo empty strings in quick php
Shutnik authored
449 <span class="fld-input"><input type="password" id="fld<?php echo $forum_page['fld_count'] ?>" name="req_password" value="<?php if (isset($_POST['req_password'])) echo forum_htmlencode($_POST['req_password']); ?>" size="35" required /></span>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
450 </div>
451 </div>
452 <?php ($hook = get_hook('li_login_pre_remember_me_checkbox')) ? eval($hook) : null; ?>
453 <div class="sf-set set<?php echo ++$forum_page['item_count'] ?>">
454 <div class="sf-box checkbox">
c4bb7b6 @Shutnik Fix code style: use space before closing single tags
Shutnik authored
455 <span class="fld-input"><input type="checkbox" id="fld<?php echo ++$forum_page['fld_count'] ?>" name="save_pass" value="1"<?php if (isset($_POST['save_pass'])) echo ' checked="checked"'; ?> /></span>
8d5b89f @dimkalinux Remove doubled "Remeber me" label in login form
dimkalinux authored
456 <label for="fld<?php echo $forum_page['fld_count'] ?>"><?php echo $lang_login['Remember me'] ?></label>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
457 </div>
b8f0ce4 Reverting to rev248
Anatoly authored
458 </div>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
459 <?php ($hook = get_hook('li_login_pre_group_end')) ? eval($hook) : null; ?>
460 </div>
461 <?php ($hook = get_hook('li_login_group_end')) ? eval($hook) : null; ?>
b8f0ce4 Reverting to rev248
Anatoly authored
462 <div class="frm-buttons">
da6b315 @dimkalinux Change .default to .primary buttons style
dimkalinux authored
463 <span class="submit primary"><input type="submit" name="login" value="<?php echo $lang_login['Login'] ?>" /></span>
0a8534c Merged new markup (based on markup by Paul Sullivan) into main PunBB 1.3...
Anatoly authored
464 </div>
465 </form>
466 </div>
07959a2 Development version of PunBB 1.3
Anatoly authored
467 <?php
468
469 ($hook = get_hook('li_end')) ? eval($hook) : null;
470
a096817 Globally replacing trim() with forum_trim().
Anatoly authored
471 $tpl_temp = forum_trim(ob_get_contents());
07959a2 Development version of PunBB 1.3
Anatoly authored
472 $tpl_main = str_replace('<!-- forum_main -->', $tpl_temp, $tpl_main);
473 ob_end_clean();
474 // END SUBST - <!-- forum_main -->
475
476 require FORUM_ROOT.'footer.php';
Something went wrong with that request. Please try again.