From e90aaffbd551a2e80b67cb67362519b16ee61203 Mon Sep 17 00:00:00 2001 From: rvelices Date: Tue, 23 Jan 2007 01:22:52 +0000 Subject: - revert feature 564: log the login of each user; but add the possibility to be done by a plugin - create a "standard" way to define PHP functions that we use but might not be available in the current php version - when a comment is rejected (spam, anti-flood etc), put the content back to the browser in case there is a real user behind it - now a comment can be entered only if the page was retrieved between 2 seconds ago and 1 hour ago git-svn-id: http://piwigo.org/svn/trunk@1744 68402e56-0260-453c-a942-63ccdbb3a9ee --- identification.php | 19 ++----------------- 1 file changed, 2 insertions(+), 17 deletions(-) (limited to 'identification.php') diff --git a/identification.php b/identification.php index f78849690..e1edceb1d 100644 --- a/identification.php +++ b/identification.php @@ -45,24 +45,9 @@ if ( !empty($_GET['redirect']) ) if (isset($_POST['login'])) { $redirect_to = isset($_POST['redirect']) ? $_POST['redirect'] : ''; - $username = mysql_escape_string($_POST['username']); - // retrieving the encrypted password of the login submitted - $query = ' -SELECT '.$conf['user_fields']['id'].' AS id, - '.$conf['user_fields']['password'].' AS password - FROM '.USERS_TABLE.' - WHERE '.$conf['user_fields']['username'].' = \''.$username.'\' -;'; - $row = mysql_fetch_array(pwg_query($query)); - if ($row['password'] == $conf['pass_convert']($_POST['password'])) + $remember_me = isset($_POST['remember_me']) and $_POST['remember_me']==1; + if ( try_log_user($_POST['username'], $_POST['password'], $remember_me) ) { - $remember_me = false; - if (isset($_POST['remember_me']) - and $_POST['remember_me'] == 1) - { - $remember_me = true; - } - log_user($row['id'], $remember_me); redirect(empty($redirect_to) ? make_index_url() : $redirect_to); } else -- cgit v1.2.3