" . LA_ALREADY_LOGGED . "
"; echo LA_ALREADY_LOGGED_DESC . "

"; include("footer_inc.php"); exit; } if (empty($set_outer_color)) { $set_outer_color = "#A9B8D1"; } if (empty($set_inner_color)) { $set_inner_color = "#FFFFFF"; } if (empty($set_descr_color)) { $set_descr_color = "#FFFFFF"; } if (getParamInt("resend","")) { $lUserID=getParamInt("resend",""); $lSql = "select user_status,user_verify_code,user_approved,user_id,user_name,user_email,user_pass_plain from $usr_tbl where user_id = '" . strToDb($lUserID) . "' AND (user_pass_plain <> '' AND user_pass_plain is not null)"; $lResult = q($lSql); $lRow=mysql_fetch_array($lResult); $lName=$lRow["user_name"]; $lEmail=$lRow["user_email"]; $lPassPlain=$lRow["user_pass_plain"]; $lVerifyCode=$lRow["user_verify_code"]; if ($lVerifyCode && $lName && $lEmail) { $lNewUserVerifyArray=array("$lName","$lEmail","$lPassPlain","$set_sitename","".getRemoteIp()."","http://$set_url/member_login.php","http://$set_url/verify.php?verify=$lVerifyCode"); $lSubject = formatString(LA_MAIL_VAL_SUBJECT, $lNewUserVerifyArray); $lBody = formatString(LA_MAIL_VAL_BODY, $lNewUserVerifyArray); sendEmail($lEmail, $set_webmaster_address, $lSubject, $lBody); $msg="

 

".LA_VALIDATION_CODE_RESENT; } else echo "ERROR"; } if (isset($_POST["submit"]) AND !isset($_REQUEST["forgot"])) { $username=""; $password=""; $username=trim(strtolower(getParam("username",""))); $password=trim(getParam("password","")); $sql = "select user_status,user_verify_code,user_approved,user_id,user_name,user_email from $usr_tbl where user_email = '" . strToDb($username) . "' AND user_pass_md5 = md5('" . strToDb($password) . "')"; $result = q($sql); $num_check = mysql_num_rows($result); if ($set_phpbb_activate) { if ($num_check==0) { $lResBoard=doAuthphpBB($username,$password); if ($lResBoard) { $sql = "select user_status,user_verify_code,user_approved,user_id,user_name,user_email from $usr_tbl where user_email = '$username' AND user_pass_md5 = md5('$password')"; //echo $sql; $result = q($sql); $num_check = mysql_num_rows($result); //echo $num_check; } } } if ($num_check==1) { $row_line = mysql_fetch_array($result); $status = $row_line["user_status"]; $verify_code = $row_line["user_verify_code"]; $approve = $row_line["user_approved"]; $user_id = $row_line["user_id"]; $user_email = $row_line["user_email"]; $name = $row_line["user_name"]; $lRemoteIp=getRemoteIp(); $lSplit=split("@",$user_email); if (count($lSplit>0)) $lDomain=$lSplit[1]; $lHostName=gethostbyaddr($lRemoteIp); if (!$lHostName) $lHostName='Not defined'; $lSql="select bl_id,bl_reason from $block_tbl where bl_email like '%$user_email%' OR bl_email='$lDomain' OR bl_ip='$lRemoteIp' OR bl_ip like '%$lHostName%' limit 1"; $lNumBannedCheck=q($lSql); $lRowBanned=mysql_fetch_array($lNumBannedCheck); if (mysql_num_rows($lNumBannedCheck)>0) { $msg="" . LA_BLOCKED_LOGIN . "
" . $lRowBanned["bl_reason"]; addToHistory(13,"","","Blocked user $user_email tried login"); q("update $block_tbl set bl_num_attempt=bl_num_attempt+1 where bl_id=" . $lRowBanned["bl_id"]); } elseif ($status == 1) $msg = LA_BLOCKED_LOGIN; elseif ($verify_code AND $set_opt_verify) { $msg.="

 

"; $msg.= "

" . LA_NEED_TO . "

"; $msg.="

 

"; $msg.=LA_RESEND_VALIDATION_CODE; $msg.="

 

"; $msg.="

" . LA_RESEND_VALIDATION_MORE ."

"; } elseif ($set_approve_mem AND !$approve) $msg = LA_WAIT_APP; else { $_SESSION["valid_user"] = $user_id; $_SESSION["user_name"] = $name; $_SESSION["user_email"] = strtolower($user_email); addLoginItem($user_id); addToHistory(1,$user_id,"",""); // Redirect user to correct page if (!empty($_REQUEST["redirect_to"])) redirect($_REQUEST["redirect_to"]); else redirect("member.php"); } } else { // Failed login //$msg = writeHeadLine(LA_WARNING,"red"); $msg = $msg . LA_NOT_AUTHORIZED; addToHistory(13,"","","$username"); } } elseif (isset($_REQUEST["forgot"]) AND isset($_POST["email"])) { $lEmail = strip_tags(strToDb($_POST["email"])); $lPassOne = generatePassword(5); if (($lEmail)) { $result = q ("select user_email,user_name from $usr_tbl where user_email = '$lEmail'"); $count_results = mysql_num_rows($result); if ($count_results>0) { $lRow=mysql_fetch_array($result); $lName=$lRow["user_name"]; $sql="update $usr_tbl set user_pass_md5 = md5('$lPassOne') where user_email = '$lEmail'"; $res = q ($sql); $msg = writeHeadLine(LA_SUCCESS,"black"); $msg = $msg . formatString(LA_FORGOT_SENT_MSG,array("$lEmail")); addToHistory(14,"","","$username"); $lNewUserArray=array("$lName","$lEmail","$lPassOne","$set_sitename","".getRemoteIp()."","http://$set_url/member_login.php"); $lSubject = formatString(LA_MAIL_NEWUSER_SUBJECT, $lNewUserArray); $lBody = formatString(LA_MAIL_NEWUSER_BODY, $lNewUserArray); //echo "SUBJECT: " . $lSubject . "

BODY: " . $lBody; sendEmail($lEmail,$set_webmaster_address, $lSubject, $lBody); } else { $msg = writeHeadLine(LA_WARNING,"red"); $msg = $msg . formatString(LA_FORGOT_NOTF,array("$lEmail")); } } else { $msg = writeHeadLine(LA_WARNING,"red"); $msg = $msg . LA_ERROR_MSG21; } } if (isset($_REQUEST["logout"])) { $msg = $la_session_remove; } check_valid_user("$msg"); require("footer_inc.php"); ?>