cookies - Forum PHP.pl

Forum PHP.pl > Forum > Gotowe rozwiązania

cookies, kawalek kodu z cutenews

dabb Zobacz profil	30.03.2005, 13:01:53 Post #1
Grupa: Zarejestrowani Postów: 54 Pomógł: 0 Dołączył: 13.11.2003 Skąd: Poznań Ostrzeżenie: (30%)	Witam Mam taki maly problem: Mam taki kod: [PHP] pobierz, plaintext <?php //---------------------------------- // Check if the name is protected //---------------------------------- $is_member = FALSE; foreach($all_users as $member_db_line) { if(!eregi(\"<?\",$member_db_line) and $member_db_line != \"\"){ $user_arr = explode(\"\|\",$member_db_line); //if the name is protected if((strtolower($user_arr[2]) == strtolower($name) or strtolower($user_arr[4]) == strtolower($name)) and ($user_arr[3] != $CNpass and $user_arr[3] != md5($password)) and $name != \"\") if ($user_arr[1] == \"5\") { echo\"<div style=\"text-align: center;\">This name is banned from commenting.</div>\"; $CN_HALT = TRUE; break 2; } else { { //$comments = replace_comment(\"add\", $comments); //commented because will mess up the <br /> $comments = preg_replace(array(\"'\"'\", \"'''\", \"''\"), array(\""\", \"'\", \"\"), $comments); $name = replace_comment(\"add\", preg_replace(\"/n/\", \"\",$name)); $mail = replace_comment(\"add\", preg_replace(\"/n/\", \"\",$mail)); echo\" <h2>Logowanie</h2> <div class=\"lewo\"> </div> wprowadź hasło otrzymane podczas rejestracji<br /> <form name=\"passwordForm\" id=\"passwordForm\" method=\"post\" action=\"\"> <p><label for=\"login\">login:</label></p> <p><input tabindex=\"1\" type=\"text\" name=\"username\" value=\"\" style=\"width:134\"></p> <p><label for=\"haslo\">hasło:</label></p> <p><input tabindex=\"2\" type=\"password\" name=\"password\" size=\"35\" value=\"\" /></p> <input type=\"hidden\" name=\"name\" value=\"$name\" /> <input type=\"hidden\" name=\"comments\" value=\"$comments\" /> <input type=\"hidden\" name=\"mail\" value=\"$mail\" /> <input type=\"hidden\" name=\"ip\" value=\"$ip\" /> <input type=\"hidden\" name=\"subaction\" value=\"addcomment\" /> <input type=\"hidden\" name=\"show\" value=\"$show\" /> <input type=\"hidden\" name=\"ucat\" value=\"$ucat\" /> $user_post_query <input class=\"bezramki\" type=\"checkbox\" name=\"CNrememberPass\" value=\"1\" /> <div class=\"prawo\"> <p> </p> <p><input type=\"submit\" value=\"wchodzę\"tabindex=\"3\" /></p> </div> </form> \"; $CN_HALT = TRUE; break 2; } } ?> [PHP] pobierz, plaintext gdzie tutaj wstawic instrukcje ktora bedzie mi sprawdzala czy user jest zalogowany - sprawdzala czy jest ciasteczko. Bo jestem zalogowany tylko ze w tym kodzie nic tego nie sprawdza i jest ponowne pytanie o haslo. Poniezej daje fragment skryptu admin.php gdzie to jest rozwiazane ale ja nie wiem jak to umiescic w tym kodzie powyzej [PHP] pobierz, plaintext <?php error_reporting (E_ALL ^ E_NOTICE); require_once(\"./inc/functions.inc.php\"); //################# $PHP_SELF = \"admin.php\"; $cutepath = \".\"; $config_path_image_upload = \"./data/upimages\"; $config_use_cookies = TRUE; // Use Cookies When Checking Authorization $config_use_sessions = FALSE; // Use Sessions When Checking Authorization $config_check_referer = FALSE; // Set to TRUE for more seciruty //################# $Timer = new microTimer; $Timer->start(); // Check if CuteNews is not installed $all_users_db = file(\"./data/users.db.php\"); $check_users = $all_users_db; $check_users[1] = trim($check_users[1]); $check_users[2] = trim($check_users[2]); if((!$check_users[2] or $check_users[2] == \"\") and (!$check_users[1] or $check_users[1] == \"\")){ if(!file_exists(\"./inc/install.mdu\")){ die('<h2>Error!</h2>CuteNews detected that you do not have users in your users.db.php file and w nts to run the install module.<br> However, the install module (<b>./inc/install.mdu</b>) can not be located, please reupload this file and make sure you set the proper permissions so the i stallation can continue.'); } require(\"./inc/install.mdu\"); die(); } require_once(\"./data/config.php\"); if(isset($config_skin) and $config_skin != \"\" and file_exists(\"./skins/${config_skin}.skin.php\")){ require_once(\"./skins/${config_skin}.skin.php\"); }else{ $using_safe_skin = true; require_once(\"./skins/default.skin.php\"); } b64dck(); if($config_use_sessions){ @session_start(); @header(\"Cache-control: private\"); } if($action == \"logout\") { setcookie(\"md5_password\",\"\"); setcookie(\"username\",\"\"); setcookie(\"login_referer\",\"\"); // ------------------------------------------------ // Set the file to 0 // ------------------------------------------------ $check_file = fopen(\"./_check.php\", \"wr\"); fwrite($check_file, \"\" ); fclose($check_file); // ------------------------------------------------ if($config_use_sessions){ @session_destroy(); @session_unset(); setcookie(session_name(),\"\"); } msg(\"info\", \"Logout\", \"You are now logged out, <a href=\"$PHP_SELF\">login</a><br /><br>\"); } $is_loged_in = FALSE; $cookie_logged = FALSE; $session_logged = FALSE; $temp_arr = explode(\"?\", $HTTP_REFERER); $HTTP_REFERER = $temp_arr[0]; if(substr($HTTP_REFERER, -1) == \"/\"){ $HTTP_REFERER.= \"admin.php\"; } // Check if The User is Identified if($config_use_cookies == TRUE){ /* Login Authorization using COOKIES / if(isset($username)) { if(isset($HTTP_COOKIE_VARS[\"md5_password\"])){ $cmd5_password = $HTTP_COOKIE_VARS[\"md5_password\"]; } elseif(isset($_COOKIE[\"md5_password\"])){ $cmd5_password = $_COOKIE[\"md5_password\"]; } else{ $cmd5_password = md5($password); } if(check_login($username, $cmd5_password)) { $cookie_logged = TRUE; setcookie(\"lastusername\", $username, time()+1012324305); setcookie(\"username\", $username); setcookie(\"md5_password\", $cmd5_password); // ------------------------------------------------ // Write username to a file when logged in // ------------------------------------------------ $check_file = fopen(\"./_check.php\", \"w\"); fwrite($check_file, $username); fclose($check_file); // ------------------------------------------------ }else{ $result = \"<font color=red>Wrong username or password</font>\"; $cookie_logged = FALSE; } } / END Login Authorization using COOKIES / } if($config_use_sessions == TRUE){ / Login Authorization using SESSIONS / if(isset($HTTP_X_FORWARDED_FOR)){ $ip = $HTTP_X_FORWARDED_FOR; } elseif(isset($HTTP_CLIENT_IP)) { $ip = $HTTP_CLIENT_IP; } if($ip == \"\") { $ip = $REMOTE_ADDR; } if($ip == \"\") { $ip = \"not detected\";} if($action == \"dologin\") { $md5_password = md5($password); if(check_login($username, $md5_password)){ $session_logged = TRUE; @session_register('username'); @session_register('md5_password'); @session_register('ip'); @session_register('login_referer'); $_SESSION['username'] = \"$username\"; $_SESSION['md5_password'] = \"$md5_password\"; $_SESSION['ip'] = \"$ip\"; $_SESSION['login_referer'] = \"$HTTP_REFERER\"; }else{ $result = \"<font color=red>Wrong username and/or password</font>\"; $session_logged = FALSE; } }elseif(isset($_SESSION['username'])){ // Check the if member is using valid username/password if(check_login($_SESSION['username'], $_SESSION['md5_password'])){ if($_SESSION['ip'] != $ip){ $session_logged = FALSE; $result = \"The IP in the session doesn not match with your IP\"; } else{ $session_logged = TRUE; } }else{ $result = \"<font color=red>Wrong username and/or password !!!</font>\"; $session_logged = FALSE; } } if(!$username){ $username = $_SESSION['username]; } / END Login Authorization using SESSIONS */ } ?> [PHP] pobierz, plaintext -------------------- Remember to brush your teeth ! biedziak.com biuro rachunkowe w rozsądnej cenie.

« Następny starszy · Gotowe rozwiązania · Następny nowszy »

1 Użytkowników czyta ten temat (1 Gości i 0 Anonimowych użytkowników)

0 Zarejestrowanych:

Tryb wyświetlania: Przełącz na: Standardowy · Linearny+ · Przełącz na: Drzewo

Śledź ten temat · Wyślij temat na e-mail · Wydrukuj ten temat · Subskrybuj to forum

Wersja Lo-Fi

Aktualny czas: 19.07.2025 - 18:36

Hosting zapewnia