<?php
/*-------------------------------------------------------+
| <span style="border-bottom: 1px dotted black;">PHP</span>-Fusion Content Management System
| Copyright (C) 2002 - 2010 Nick Jones
| <a href='http://www.php-fusion.co.uk/' target='_blank'><span style='color:005C5B'>http://www.php-fusion.co.uk/</span></a>
+--------------------------------------------------------+
| Filename: setuser.php
| Author: Nick Jones (Digitanium)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at <a href='http://www.gnu.org/licenses/agpl.html.' target='_blank'><span style='color:005C5B'>www.gnu.org/licenses/agpl.html.</span></a> Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "maincore.php";
include THEME."theme.php";
$session_destroyed = false; $page_content = ""; $page_refresh = "3";
if (iMEMBER && (isset($_REQUEST['logout']) && $_REQUEST['logout'] == "yes")) {
if ($settings['login_method'] == "cookies") {
header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'");
setcookie(COOKIE_PREFIX."user", "", time() - 7200, "/", "", "0");
setcookie(COOKIE_PREFIX."lastvisit", "", time() - 7200, "/", "", "0");
} elseif ($settings['login_method'] == "sessions") {
session_destroy();
$session_destroyed = true;
}
$result = dbquery("DELETE FROM ".DB_ONLINE." WHERE online_ip='".USER_IP."'");
$page_content .= "<strong>".$locale['global_192'].$userdata['user_name']."</strong><br /><br />\n";
} else {
if (isset($_GET['error']) && $_GET['error'] == 1) {
$id = ((isset($_GET['id']) && isnum($_GET['id'])) ? $_GET['id'] : "0");
$data = dbarray(dbquery("SELECT suspend_reason FROM ".DB_SUSPENDS." WHERE suspended_user='".$id."' ORDER BY suspend_date DESC LIMIT 1"));
$page_content .= "<strong>".$locale['global_406']."<br /><br />\n";
$page_content .= $data['suspend_reason']."</strong><br /><br />\n";
$page_refresh = "15";
} elseif (isset($_GET['error']) && $_GET['error'] == 2) {
$page_content .= "<strong>".$locale['global_195']."</strong><br /><br />\n";
} elseif (isset($_GET['error']) && $_GET['error'] == 3) {
$id = ((isset($_GET['id']) && isnum($_GET['id'])) ? $_GET['id'] : "0");
$data = dbarray(dbquery("SELECT suspend_reason FROM ".DB_SUSPENDS." WHERE suspended_user='".$id."' ORDER BY suspend_date DESC LIMIT 1"));
$data2 = dbarray(dbquery("SELECT user_actiontime FROM ".DB_USERS." WHERE user_id='".$id."'"));
$page_content .= "<strong>".$locale['global_407'].showdate('shortdate', $data2['user_actiontime']).$locale['global_408']."<br /><br />\n";
$page_content .= $data['suspend_reason']."</strong><br /><br />\n";
$page_refresh = "15";
} elseif (isset($_GET['error']) && $_GET['error'] == 4) {
$page_content .= "<strong>".$locale['global_409']."<br /><br />\n";
$page_content .= $locale['global_410'].$data['suspend_reason']."</strong><br /><br />\n";
} elseif (isset($_GET['error']) && $_GET['error'] == 5) {
$page_content .= "<strong>".$locale['global_411']."</strong><br /><br />\n";
} elseif (isset($_GET['error']) && $_GET['error'] == 6) {
$page_content .= "<strong>".$locale['global_412']."</strong><br /><br />\n";
$page_refresh = "7";
} elseif (isset($_GET['error']) && $_GET['error'] == 8) {
$page_content .= "<strong>".$locale['global_196']."</strong><br /><br />\n";
} else {
if (($settings['login_method'] == "cookies" && isset($_COOKIE[COOKIE_PREFIX.'user'])) || ($settings['login_method'] == "sessions" && isset($_SESSION[COOKIE_PREFIX.'user_id']) && isset($_SESSION[COOKIE_PREFIX.'user_pass']))) {
if ($settings['login_method'] == "cookies") {
$cookie_vars = explode(".", $_COOKIE[COOKIE_PREFIX.'user']);
$user_pass = preg_check("/^[0-9a-z]{32}$/", $cookie_vars['1']) ? $cookie_vars['1'] : "";
} elseif ($settings['login_method'] == "sessions") {
$user_pass = preg_check("/^[0-9a-z]{32}$/", $_SESSION[COOKIE_PREFIX.'user_pass']) ? $_SESSION[COOKIE_PREFIX.'user_pass'] : "";
}
$user_name = preg_replace(array("/\=/","/\#/","/\sOR\s/"), "", stripinput($_GET['user']));
if (!dbcount("(user_id)", DB_USERS, "user_name='".$user_name."' AND user_password='".md5($user_pass)."'")) {
$page_content .= "<strong>".$locale['global_196']."</strong><br /><br />\n";
} else {
$result = dbquery("DELETE FROM ".DB_ONLINE." WHERE online_user='0' AND online_ip='".USER_IP."'");
$page_content .= "<strong>".$locale['global_193'].$_GET['user']."</strong><br /><br />";
$page_content .="<meta http-equiv='refresh' content='2; url=".BASEDIR."profilesssss.php".$data['user_id']."' />";
}
}
}
}
header('Location: index.php');
if (ob_get_length() !== FALSE){
ob_end_flush();
}
if ($settings['login_method'] == "sessions" && $session_destroyed == false) {
session_write_close();
}
mysql_close($db_connect);
?>