LoginStatus = 3; $this->Message = "Not Logged In Yet"; } function Validate($LoginName, $LoginPassword) { // Login and set session info $LoginName = strtolower($LoginName); $this->LoginName = $LoginName; $query = "select b.password, s.passwd, s.passwordSalt, s.ID_MEMBER, s.memberName from blargle_core_user as b left join smfb_members as s on s.memberName = b.nick where b.email = '$LoginName' and b.active=1 and b.adminconfirm=1 and b.userconfirm=1"; if ( ($result = mysql_query($query)) && mysql_num_rows($result) ) { $line = mysql_fetch_array($result); // Should MD5 this ideally.... if (md5($LoginPassword) == $line['password']) { $this->LoginStatus = 0; $this->Message=""; $mytime = time(); $startTime = date("Y-m-d H:i:s",$mytime); $endTime = date("Y-m-d H:i:s",mktime((date("H")+3))); $randid = (rand(rand(10,50),rand(60,90)) + rand(200,700)); $sessionid = md5("$mytime$randid$LoginName"); $query = "update blargle_core_user set sessionid='$sessionid', sessionstart='$startTime', sessionend='$endTime' where email='$LoginName'"; $result = mysql_query($query); $cookiepath = "/"; $cookiedomain = ".blargle.co.uk"; $cookiename = "blargle_sessionid"; setcookie($cookiename, $sessionid, time()+((60*60)*3), $cookiepath, $cookiedomain, 0); if ($line['passwd'] != sha1($line['memberName'] . $LoginPassword)) { $passwordSalt = substr(md5(rand()), 0, 4); $sha1Password = sha1($line['memberName'] . $LoginPassword); $query = "update smfb_members set passwd='$sha1Password', passwordSalt='$passwordSalt' where memberName='" . $line['memberName'] . "'"; $result = mysql_query($query); } else { $passwordSalt = $line['passwordSalt']; $sha1Password = $line['passwd']; } $query = "update smfb_members set lastLogin='" . time() . "' where memberName='" . $line['memberName'] . "'"; $result = mysql_query($query); $data = serialize(array($line['ID_MEMBER'], sha1($sha1Password . $passwordSalt), time()+((60*60)*3))); setcookie("SMFCookie10", $data, time()+((60*60)*3), $cookiepath, ".blargle.co.uk", 0); $this->SessionId = $sessionid; } else { $this->LoginStatus = 1; $this->Message="The Password you have entered does not match what we have stored. Please check and try again."; } } else { $this->LoginStatus = 2; $this->Message="We could not find your User Name. Please check and try again."; } } function BlargleBar() { $query = "select b.text, b.url from blargle_bar as b where b.active = 1 order by b.order"; if ( ($result = mysql_query($query)) && mysql_num_rows($result) ) { $template = new Template($this->TemplatePath); $template->set_filenames(array('blarglebar' => 'blarglebar.tpl')); $template->assign_block_vars('blarglebar', array('B_TEXT' => "Login / Register", 'B_URL' => "http://login.blargle.co.uk/")); while ($line = mysql_fetch_array($result)) { $template->assign_block_vars('blarglebar', array('B_TEXT' => $line['text'], 'B_URL' => $line['url'])); } $template->pparse('blarglebar'); } } function LoginForm($Message) { if (trim($Message != "")) { $Message = "

" . $Message . "

"; } $PassError = "normal"; $UserError = "normal"; if ($this->LoginStatus == 1) { $PassError = "error"; } if ($this->LoginStatus == 2) { $UserError = "error"; } // Header $template = new Template($this->TemplatePath); $template->set_filenames(array('header' => 'header.tpl')); $template->pparse('header'); $this->BlargleBar(); $template = new Template($this->TemplatePath); $template->set_filenames(array('login' => 'login2.tpl')); $template->assign_vars(array('L_LOGIN' => $this->LoginName, 'L_MESSAGE' => $Message, 'L_USERCLASS' => $UserError, 'L_PASSCLASS' => $PassError)); $template->pparse('login'); $template = new Template($this->TemplatePath); $template->set_filenames(array('footer' => 'footer.tpl')); $template->pparse('footer'); } } ?>SessionStatus=7; $this->Message="Unvalidated"; } function Validate($SessionId) { $query = "select sessionid, sessionend, email from blargle_core_user where sessionid='$SessionId'"; if ($SessionId != "") { if ( ($result = mysql_query($query)) && mysql_num_rows($result) ) { $line = mysql_fetch_array($result); if ($line['sessionid'] == $SessionId) { $this->LoginName = $line['email']; $endtime = epoch($line['sessionend']); if ($endtime < time()) { $this->SessionStatus=4; $this->Message="Your session has expired. Please login again."; } else { $this->SessionStatus=0; $this->Message=""; $endtime = date("Y-m-d H:i:s",mktime((date("H")+3))); $query = "update blargle_core_user set sessionend='$endtime' where sessionid='$SessionId'"; $result = mysql_query($query); } } else { // Nomatch $this->SessionStatus=6; $this->Message="We cannot find your session information on file. Please login again."; } } else { // Nomatch $this->SessionStatus=6; $this->Message="We cannot find your session information on file. Please login again."; } } else { // Nomatch $this->SessionStatus=6; $this->Message="We cannot find your session information on file. Please login again."; } } function DestroySession($SessionId) { $query = "update blargle_core_user set sessionid = '' where sessionid='$SessionId'"; $result = mysql_query($query); //Set Cookie for Blargle when we want to remove PHPBB2 Compatibility $cookiepath = "/"; $cookiedomain = ".blargle.co.uk"; $cookiename = "blargle_sessionid"; setcookie($cookiename, $SessionId, time()-((60*60)*3), $cookiepath, $cookiedomain, 0); setcookie("SMFCookie10", "", time()+((60*60)*3), $cookiepath, ".blargle.co.uk", 0); $this->SessionStatus=7; $this->Message = "You are successfully logged out."; } } ?>