Zeile 6 | Zeile 6 |
---|
* Website: http://mybb.com * License: http://mybb.com/about/license *
|
* Website: http://mybb.com * License: http://mybb.com/about/license *
|
* $Id: index.php 5380 2011-02-21 12:04:43Z Tomm $
| * $Id: index.php 5621 2011-09-26 18:35:54Z ralgith $
|
*/
define("IN_MYBB", 1);
| */
define("IN_MYBB", 1);
|
Zeile 80 | Zeile 80 |
---|
$fail_check = 0; $post_verify = true;
|
$fail_check = 0; $post_verify = true;
|
if($mybb->input['action'] == "logout") { // Delete session from the database $db->delete_query("adminsessions", "sid='".$db->escape_string($mybb->cookies['adminsid'])."'"); my_setcookie("adminsid", ""); $logged_out = true; } elseif($mybb->input['action'] == "unlock")
| if($mybb->input['action'] == "unlock")
|
{ $user = array(); if($mybb->input['username'])
| { $user = array(); if($mybb->input['username'])
|
Zeile 134 | Zeile 127 |
---|
{ $user = validate_password_from_username($mybb->input['username'], $mybb->input['password']); if($user['uid'])
|
{ $user = validate_password_from_username($mybb->input['username'], $mybb->input['password']); if($user['uid'])
|
{
| {
|
$query = $db->simple_select("users", "*", "uid='".$user['uid']."'"); $mybb->user = $db->fetch_array($query); }
| $query = $db->simple_select("users", "*", "uid='".$user['uid']."'"); $mybb->user = $db->fetch_array($query); }
|
Zeile 167 | Zeile 160 |
---|
$post_verify = false; $mybb->request_method = "get";
|
$post_verify = false; $mybb->request_method = "get";
|
| if(!empty($mybb->input['module'])) { // $query_string should contain the module $query_string = '?module='.htmlspecialchars($mybb->input['module']); // Now we look for any paramters passed in $_SERVER['QUERY_STRING'] if($_SERVER['QUERY_STRING']) { $qstring = '?'.preg_replace('#adminsid=(.{32})#i', '', $_SERVER['QUERY_STRING']); $qstring = str_replace('action=logout', '', $qstring); $qstring = preg_replace('#&+#', '&', $qstring); $qstring = str_replace('?&', '?', $qstring); // So what do we do? We know that parameters are devided by ampersands // That means we must get to work! $parameters = explode('&', $qstring); // Remove our first member if it's for the module if(substr($parameters[0], 0, 8) == '?module=') { unset($parameters[0]); } foreach($parameters as $key => $param) { $params = explode("=", $param); $query_string .= '&'.htmlspecialchars($params[0])."=".htmlspecialchars($params[1]); } } admin_redirect("index.php".$query_string); }
|
} else {
| } else {
|
Zeile 207 | Zeile 234 |
---|
} $default_page->show_lockedout();
|
} $default_page->show_lockedout();
|
}
| }
|
$fail_check = 1; }
| $fail_check = 1; }
|
Zeile 281 | Zeile 308 |
---|
} } }
|
} } }
|
| } }
if($mybb->input['action'] == "logout" && $mybb->user) { if(verify_post_check($mybb->input['my_post_key'])) { $db->delete_query("adminsessions", "sid='".$db->escape_string($mybb->cookies['adminsid'])."'"); my_setcookie("adminsid", ""); $logged_out = true;
|
} }
| } }
|
Zeile 416 | Zeile 453 |
---|
} }
|
} }
|
$plugins->run_hooks_by_ref("admin_tabs", $modules);
| $modules = $plugins->run_hooks("admin_tabs", $modules);
|
closedir($dir);
| closedir($dir);
|