includes/sessions.php
changeset 568 3700f7124c2b
parent 557 26479224936a
child 570 4d0d5dae61e5
equal deleted inserted replaced
567:7f196509bf78 568:3700f7124c2b
   511         $this->password_hash = $userdata['password'];
   511         $this->password_hash = $userdata['password'];
   512         $this->user_level =    intval($userdata['user_level']);
   512         $this->user_level =    intval($userdata['user_level']);
   513         $this->real_name =     $userdata['real_name'];
   513         $this->real_name =     $userdata['real_name'];
   514         $this->email =         $userdata['email'];
   514         $this->email =         $userdata['email'];
   515         $this->unread_pms =    $userdata['num_pms'];
   515         $this->unread_pms =    $userdata['num_pms'];
   516         $this->user_title =    $userdata['user_title'];
   516         $this->user_title =    ( isset($userdata['user_title']) ) ? $userdata['user_title'] : null;
   517         if(!$this->compat)
   517         if(!$this->compat)
   518         {
   518         {
   519           $this->theme =         $userdata['theme'];
   519           $this->theme =         $userdata['theme'];
   520           $this->style =         $userdata['style'];
   520           $this->style =         $userdata['style'];
   521           $this->signature =     $userdata['signature'];
   521           $this->signature =     $userdata['signature'];
  1073         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'admin_auth_bad\', '.time().', \''.enano_date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', ' . intval($level) . ')');
  1073         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'admin_auth_bad\', '.time().', \''.enano_date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', ' . intval($level) . ')');
  1074       else
  1074       else
  1075         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary) VALUES(\'security\', \'auth_bad\', '.time().', \''.enano_date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\')');
  1075         $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary) VALUES(\'security\', \'auth_bad\', '.time().', \''.enano_date('d M Y h:i a').'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\')');
  1076         
  1076         
  1077       // Do we also need to increment the lockout countdown?
  1077       // Do we also need to increment the lockout countdown?
  1078       if ( $policy != 'disable' && !defined('IN_ENANO_INSTALL') )
  1078       if ( !defined('IN_ENANO_INSTALL') && $policy != 'disable' )
  1079       {
  1079       {
  1080         $ipaddr = $db->escape($_SERVER['REMOTE_ADDR']);
  1080         $ipaddr = $db->escape($_SERVER['REMOTE_ADDR']);
  1081         // increment fail count
  1081         // increment fail count
  1082         $this->sql('INSERT INTO '.table_prefix.'lockout(ipaddr, timestamp, action) VALUES(\'' . $ipaddr . '\', ' . time() . ', \'credential\');');
  1082         $this->sql('INSERT INTO '.table_prefix.'lockout(ipaddr, timestamp, action) VALUES(\'' . $ipaddr . '\', ' . time() . ', \'credential\');');
  1083         $fails++;
  1083         $fails++;
  1324       // Special exception for 1.1.x upgrade - the 1.1.3 upgrade changes the size of the column and this is what validate_session
  1324       // Special exception for 1.1.x upgrade - the 1.1.3 upgrade changes the size of the column and this is what validate_session
  1325       // expects, but if the column size hasn't changed yet just check the first 10 digits of the IP.
  1325       // expects, but if the column size hasn't changed yet just check the first 10 digits of the IP.
  1326       $fail = true;
  1326       $fail = true;
  1327       if ( defined('IN_ENANO_UPGRADE') )
  1327       if ( defined('IN_ENANO_UPGRADE') )
  1328       {
  1328       {
  1329         if ( installer_enano_version() == '1.1.3' && substr($ip, 0, 10) == substr($row['source_ip'], 0, 10) )
  1329         if ( substr($ip, 0, 10) == substr($row['source_ip'], 0, 10) )
  1330           $fail = false;
  1330           $fail = false;
  1331       }
  1331       }
  1332       // Failed IP address check
  1332       // Failed IP address check
  1333       // echo '(debug) $session->validate_session: IP address mismatch<br />';
  1333       // echo '(debug) $session->validate_session: IP address mismatch<br />';
  1334       if ( $fail )
  1334       if ( $fail )