Contents of /trunk/vhcs2/patches/vhcs2-2.4.7.1-security-fix-RS-2006-1.patch
Parent Directory | Revision Log
Revision 267 -
(show annotations)
(download)
Mon Jul 16 17:07:58 2007 UTC (17 years, 2 months ago) by niro
File size: 35768 byte(s)
Mon Jul 16 17:07:58 2007 UTC (17 years, 2 months ago) by niro
File size: 35768 byte(s)
-several fixes for vhcs2-2.4.7.1-r1
1 | diff -Naur vhcs2-2.4.7.1/gui/include/login.php vhcs2-2.4.7.1-magellan/gui/include/login.php |
2 | --- vhcs2-2.4.7.1/gui/include/login.php 2005-12-31 12:09:05.000000000 +0100 |
3 | +++ vhcs2-2.4.7.1-magellan/gui/include/login.php 2007-07-16 17:09:03.000000000 +0200 |
4 | @@ -1,710 +1,718 @@ |
5 | -<?php |
6 | -// ------------------------------------------------------------------------------- |
7 | -// | VHCS(tm) - Virtual Hosting Control System | |
8 | -// | Copyright (c) 2001-2004 be moleSoftware | |
9 | -// | http://vhcs.net | http://www.molesoftware.com | |
10 | -// | | |
11 | -// | This program is free software; you can redistribute it and/or | |
12 | -// | modify it under the terms of the MPL General Public License | |
13 | -// | as published by the Free Software Foundation; either version 1.1 | |
14 | -// | of the License, or (at your option) any later version. | |
15 | -// | | |
16 | -// | You should have received a copy of the MPL Mozilla Public License | |
17 | -// | along with this program; if not, write to the Open Source Initiative (OSI) | |
18 | -// | http://opensource.org | osi@opensource.org | |
19 | -// | | |
20 | -// ------------------------------------------------------------------------------- |
21 | - |
22 | - |
23 | - |
24 | -function register_user($uname, $upass) { |
25 | - |
26 | - global $sql; |
27 | - |
28 | - global $cfg; |
29 | - |
30 | - |
31 | - $timestamp = time(); |
32 | - |
33 | - |
34 | - if ($cfg['DB_TYPE'] === 'mysql') { |
35 | - $query = "select admin_id, admin_pass, admin_type, created_by from admin where binary admin_name = ?"; |
36 | - } |
37 | - |
38 | - $rs = exec_query($sql, $query, array($uname)); |
39 | - |
40 | - if (($rs -> RecordCount()) != 1) { |
41 | - |
42 | - write_log("Login error, <b><i>".htmlspecialchars($uname, ENT_QUOTES, "UTF-8")."</i></b> unknown username"); |
43 | - |
44 | - return false; |
45 | - |
46 | - } |
47 | - |
48 | - $udata = $rs -> FetchRow(); |
49 | - |
50 | - if (crypt($_POST['upass'], $udata[1]) === $udata[1] || md5($_POST['upass']) === $udata[1]) { |
51 | - |
52 | - if (isset($_SESSION['user_logged'])) { |
53 | - |
54 | - write_log($_SESSION['user_logged']." user already logged or session sharing problem! Aborting..."); |
55 | - |
56 | - system_message(tr('User already logged or session sharing problem! Aborting...')); |
57 | - |
58 | - } else { |
59 | - |
60 | - if ($udata['admin_type'] == "user"){ |
61 | - |
62 | - $domain_admin_id = $udata['admin_id']; |
63 | - |
64 | - $query = <<<SQL_QUERY |
65 | - select |
66 | - domain_status |
67 | - from |
68 | - domain |
69 | - where |
70 | - domain_admin_id = ?; |
71 | -SQL_QUERY; |
72 | - |
73 | - $rs = exec_query($sql, $query, array($domain_admin_id)); |
74 | - |
75 | - $user_dom_data = $rs -> FetchRow(); |
76 | - |
77 | - if ($user_dom_data['domain_status'] != $cfg['ITEM_OK_STATUS']){ |
78 | - |
79 | - write_log( htmlspecialchars($uname, ENT_QUOTES, "UTF-8")." Domain status is not OK - user can not login"); |
80 | - |
81 | - return false; |
82 | - } |
83 | - } |
84 | - |
85 | - // all is OK let's login the user |
86 | - $user_login_time = time(); |
87 | - |
88 | - $query = <<<SQL_QUERY |
89 | - insert into login |
90 | - (session_id, lastaccess) |
91 | - values |
92 | - (?, ?) |
93 | -SQL_QUERY; |
94 | - |
95 | - $rs = exec_query($sql, $query, array($uname, $user_login_time)); |
96 | - |
97 | - |
98 | - $_SESSION['user_logged'] = $uname; |
99 | - |
100 | - $_SESSION['user_type'] = $udata['admin_type']; |
101 | - |
102 | - $_SESSION['user_id'] = $udata['admin_id']; |
103 | - |
104 | - $_SESSION['user_created_by'] = $udata['created_by']; |
105 | - |
106 | - $_SESSION['user_login_time'] = $user_login_time; |
107 | - |
108 | - write_log( htmlspecialchars($uname, ENT_QUOTES, "UTF-8")." user logged in."); |
109 | - |
110 | - return true; |
111 | - |
112 | - } |
113 | - |
114 | - } else { |
115 | - |
116 | - write_log( htmlspecialchars($uname, ENT_QUOTES, "UTF-8")." bad password login data."); |
117 | - |
118 | - return false; |
119 | - |
120 | - } |
121 | - |
122 | -} |
123 | - |
124 | -function check_user_login($uname, $utype, $uid) { |
125 | - |
126 | - global $cfg, $sql; |
127 | - |
128 | - $timestamp = time(); |
129 | - //lets kill all time out sessions |
130 | - global $cfg; |
131 | - $timeout_sessions = $timestamp - $cfg['SESSION_TIMEOUT']; |
132 | - $query = <<<SQL_QUERY |
133 | - delete from |
134 | - login |
135 | - where |
136 | - lastaccess < ? |
137 | -SQL_QUERY; |
138 | - |
139 | - $rs = exec_query($sql, $query, array($timeout_sessions)); |
140 | - |
141 | - |
142 | - if (isset($_SESSION['user_logged'])) { |
143 | - |
144 | - $user_id = $_SESSION['user_logged']; |
145 | - |
146 | - $query = <<<SQL_QUERY |
147 | - select |
148 | - session_id |
149 | - from |
150 | - login |
151 | - where |
152 | - session_id = ? |
153 | -SQL_QUERY; |
154 | - |
155 | - $rs = exec_query($sql, $query, array($user_id)); |
156 | - |
157 | - if ($rs -> RecordCount() == 0) { |
158 | - |
159 | - write_log($_SESSION['user_logged']." user session do not exist or killed"); |
160 | - |
161 | - return false; |
162 | - |
163 | - } |
164 | - |
165 | - |
166 | - if ($timestamp - $_SESSION['user_login_time'] <= $cfg['SESSION_TIMEOUT']) { |
167 | - |
168 | - $_SESSION['user_login_time'] = $timestamp; |
169 | - |
170 | -$query = <<<SQL_QUERY |
171 | - update |
172 | - login |
173 | - set |
174 | - lastaccess = ? |
175 | - where |
176 | - session_id = ? |
177 | -SQL_QUERY; |
178 | - $rs = exec_query($sql, $query, array($timestamp, $user_id)); |
179 | - |
180 | - goto_user_location(); |
181 | - |
182 | - return true; |
183 | - |
184 | - } else { |
185 | - |
186 | - $query = <<<SQL_QUERY |
187 | - delete from |
188 | - login |
189 | - where |
190 | - session_id = ? |
191 | -SQL_QUERY; |
192 | - |
193 | - $rs = exec_query($sql, $query, array($user_id)); |
194 | - write_log(htmlspecialchars($uname, ENT_QUOTES, "UTF-8")." user session timed out"); |
195 | - |
196 | - return false; |
197 | - |
198 | - } |
199 | - |
200 | - } else { |
201 | - |
202 | - |
203 | - write_log(htmlspecialchars($uname, ENT_QUOTES, "UTF-8")." bad session data."); |
204 | - |
205 | - return false; |
206 | - |
207 | - } |
208 | - |
209 | -} |
210 | - |
211 | - |
212 | -function goto_user_location() |
213 | -{ |
214 | - $path = explode("/", $_SERVER['SCRIPT_NAME']); |
215 | - |
216 | - $found = false; |
217 | - |
218 | - for($i=0; $i< count($path);$i++){ |
219 | - |
220 | - if($path[$i] == $_SESSION['user_type']){ |
221 | - |
222 | - $found= true; |
223 | - |
224 | - } else if ($_SESSION['user_type'] == 'user' && $path[$i] == 'client') { |
225 | - |
226 | - $found= true; |
227 | - |
228 | - } |
229 | - } |
230 | - if(!$found) |
231 | - { |
232 | - |
233 | - if ($_SESSION['user_type'] == 'admin') { |
234 | - |
235 | - header("Location: ../admin/manage_users.php"); |
236 | - |
237 | - } else if ($_SESSION['user_type'] == 'reseller') { |
238 | - |
239 | - header("Location: ../reseller/index.php"); |
240 | - |
241 | - } else if ($_SESSION['user_type'] == 'user') { |
242 | - |
243 | - header("Location: ../client/index.php"); |
244 | - |
245 | - } |
246 | - } |
247 | - |
248 | -} |
249 | - |
250 | -function check_login () { |
251 | - |
252 | - if (isset($_SESSION['user_logged'])) { |
253 | - |
254 | - if (!check_user_login($_SESSION['user_logged'], $_SESSION['user_type'], $_SESSION['user_id'])) { |
255 | - |
256 | - header("Location: ../index.php"); |
257 | - |
258 | - } |
259 | - |
260 | - } else { |
261 | - |
262 | - header("Location: ../index.php"); |
263 | - |
264 | - } |
265 | - |
266 | -function change_user_interface($form_id, $to_id) { |
267 | - |
268 | - global $sql; |
269 | - |
270 | - global $cfg; |
271 | - |
272 | - |
273 | - $timestamp = time(); |
274 | - |
275 | - if ($cfg['DB_TYPE'] === 'mysql') { |
276 | - $query_from = "select admin_id, admin_name, admin_pass, admin_type, created_by from admin where binary admin_id = ?"; |
277 | - $query_to = "select admin_id, admin_name, admin_pass, admin_type, created_by from admin where binary admin_id = ?"; |
278 | - } |
279 | - |
280 | - $rs_from = exec_query($sql, $query_from, array($form_id)); |
281 | - $rs_to = exec_query($sql, $query_to, array($to_id)); |
282 | - |
283 | - if (($rs_from -> RecordCount()) != 1 || ($rs_to -> RecordCount()) != 1) { |
284 | - write_log("Change interface error => unknown from or to username"); |
285 | - return false; |
286 | - } |
287 | - |
288 | - |
289 | - $from_udata = $rs_from -> FetchRow(); |
290 | - |
291 | - $to_udata = $rs_to -> FetchRow(); |
292 | - |
293 | - |
294 | - // let's check if TO_DOMAIN Status OK |
295 | - // if domain satus not OK -> don't add mail accounts or subdomains .. or something else |
296 | - |
297 | - if ($to_udata['admin_type'] == "user"){ |
298 | - |
299 | - $domain_admin_id = $to_udata['admin_id']; |
300 | - |
301 | - $query = <<<SQL_QUERY |
302 | - select |
303 | - domain_status |
304 | - from |
305 | - domain |
306 | - where |
307 | - domain_admin_id = ? |
308 | -SQL_QUERY; |
309 | - |
310 | - $rs = exec_query($sql, $query, array($domain_admin_id)); |
311 | - |
312 | - $user_dom_data = $rs -> FetchRow(); |
313 | - |
314 | - if ($user_dom_data['domain_status'] != $cfg['ITEM_OK_STATUS']){ |
315 | - |
316 | - write_log("Domain ID: ".$to_udata['admin_id']." - domain status PROBLEM -"); |
317 | - |
318 | - return false; |
319 | - } |
320 | - } |
321 | - //end of Domain User Status check |
322 | - |
323 | - |
324 | - |
325 | - if ($from_udata['admin_type'] === 'admin' && $to_udata['admin_type'] === 'reseller') { |
326 | - |
327 | - $header = "../reseller/index.php"; |
328 | - |
329 | - } else if ($from_udata['admin_type'] === 'admin' && ($to_udata['admin_type'] != 'admin' || $to_udata['admin_type'] != 'reseller')) { |
330 | - |
331 | - $header = "../client/index.php"; |
332 | - |
333 | - } else if ($from_udata['admin_type'] === 'reseller' && ($to_udata['admin_type'] != 'admin' || $to_udata['admin_type'] != 'reseller')) { |
334 | - |
335 | - $header = "../client/index.php"; |
336 | - |
337 | - } |
338 | - |
339 | - // lets check and go from bottom to top User -> Reseller -> Admin |
340 | - |
341 | - else if (isset($_SESSION['logged_from'])) { // ther is SESSION 'logged from' -> we can go from Buttom to TOP |
342 | - |
343 | - if ($from_udata['admin_type'] === 'reseller' && $to_udata['admin_type'] == 'admin') { |
344 | - |
345 | - $header = "../admin/manage_users.php"; |
346 | - |
347 | - } |
348 | - // user to admin |
349 | - else if (($from_udata['admin_type'] != 'admin' || $from_udata['admin_type'] != 'reseller') && $to_udata['admin_type'] === 'admin') { |
350 | - |
351 | - $header = "../admin/manage_users.php"; |
352 | - |
353 | - } |
354 | - // user reseller |
355 | - else if (($from_udata['admin_type'] != 'admin' || $from_udata['admin_type'] != 'reseller') && $to_udata['admin_type'] === 'reseller') { |
356 | - |
357 | - $header = "../reseller/users.php"; |
358 | - |
359 | - } |
360 | - |
361 | - else{ |
362 | - |
363 | - write_log("change interface error from: ".$from_udata['admin_name']." to: ".$to_udata['admin_name']); |
364 | - |
365 | - return false; |
366 | - } |
367 | - |
368 | - |
369 | - |
370 | - } else { |
371 | - |
372 | - write_log("change interface error from: ".$from_udata['admin_name']." to: ".$to_udata['admin_name']); |
373 | - |
374 | - return false; |
375 | - } |
376 | - |
377 | - // lets save layout and language from admin/reseler - they don't wannt to read user interface on china or arabic language |
378 | - $user_language = $_SESSION['user_def_lang']; |
379 | - |
380 | - $user_layout = $_SESSION['user_theme_color']; |
381 | - |
382 | - |
383 | - // delete all sessions and globals data and set new one with SESSION logged_from |
384 | - unset_user_login_data(); |
385 | - |
386 | - if ($to_udata['admin_type'] != 'admin'){ |
387 | - |
388 | - $_SESSION['logged_from'] = $from_udata['admin_name']; |
389 | - |
390 | - $_SESSION['logged_from_id'] = $from_udata['admin_id']; |
391 | - |
392 | - } |
393 | - |
394 | - // we gonna kill all sessions and globals if user get back to admin level |
395 | - if (isset($_SESSION['admin_name'])) |
396 | - |
397 | - unset($_SESSION['admin_name']); |
398 | - |
399 | - if (isset($_SESSION['admin_id'])) |
400 | - |
401 | - unset($_SESSION['admin_id']); |
402 | - |
403 | - if (isset($GLOBALS['admin_name'])) |
404 | - |
405 | - unset($GLOBALS['admin_name']); |
406 | - |
407 | - if (isset($GLOBALS['admin_id'])) |
408 | - |
409 | - unset($GLOBALS['admin_id']); |
410 | - // no more sessions and globals to kill - they were always killed - rest in peace |
411 | - |
412 | - $_SESSION['user_logged'] = $to_udata['admin_name']; |
413 | - |
414 | - $_SESSION['user_type'] = $to_udata['admin_type']; |
415 | - |
416 | - $_SESSION['user_id'] = $to_udata['admin_id']; |
417 | - |
418 | - $_SESSION['user_created_by'] = $to_udata['created_by']; |
419 | - |
420 | - $_SESSION['user_login_time'] = time(); |
421 | - |
422 | - $_SESSION['user_def_lang'] = $user_language; |
423 | - |
424 | - $_SESSION['user_theme_color'] = $user_layout; |
425 | - |
426 | - $user_login_time = time(); |
427 | - $new_user_name = $to_udata['admin_name']; |
428 | - |
429 | - $query = <<<SQL_QUERY |
430 | - insert into login |
431 | - (session_id, lastaccess) |
432 | - values |
433 | - (?, ?) |
434 | -SQL_QUERY; |
435 | - |
436 | - $rs = exec_query($sql, $query, array($new_user_name, $user_login_time)); |
437 | - |
438 | - write_log($from_udata['admin_name']." change into interface from ".$to_udata['admin_name']); |
439 | - return $header; |
440 | - } |
441 | -} |
442 | - |
443 | -function unset_user_login_data () { |
444 | - |
445 | - global $cfg, $sql; |
446 | - |
447 | - if (isset($_SESSION['user_logged'])) { |
448 | - $admin_name = $_SESSION['user_logged']; |
449 | - |
450 | - $query = <<<SQL_QUERY |
451 | - delete from |
452 | - login |
453 | - where |
454 | - session_id = ? |
455 | -SQL_QUERY; |
456 | - |
457 | - $rs = exec_query($sql, $query, array($admin_name)); |
458 | - |
459 | - unset($_SESSION['user_logged']); |
460 | - } |
461 | - |
462 | - if (isset($_SESSION['user_id'])) |
463 | - |
464 | - unset($_SESSION['user_id']); |
465 | - |
466 | - if (isset($_SESSION['user_type'])) |
467 | - |
468 | - unset($_SESSION['user_type']); |
469 | - |
470 | - if (isset($_SESSION['user_created_by'])) |
471 | - |
472 | - unset($_SESSION['user_created_by']); |
473 | - |
474 | - if (isset($_SESSION['user_login_time'])) |
475 | - |
476 | - unset($_SESSION['user_login_time']); |
477 | - |
478 | - if (isset($_SESSION['dmn_name'])) |
479 | - |
480 | - unset($_SESSION['dmn_name']); |
481 | - |
482 | - if (isset($_SESSION['user_has_domain'])) |
483 | - |
484 | - unset($_SESSION['user_has_domain']); |
485 | - |
486 | - if (isset($_SESSION['hpid'])) |
487 | - |
488 | - unset($_SESSION['hpid']); |
489 | - |
490 | - if (isset($_SESSION['user_deleted'])) |
491 | - |
492 | - unset($_SESSION['user_deleted']); |
493 | - |
494 | - if (isset($_SESSION['edit'])) |
495 | - |
496 | - unset($_SESSION['edit']); |
497 | - |
498 | - if (isset($_SESSION['reseller_ips'])) |
499 | - |
500 | - unset($_SESSION['reseller_ips']); |
501 | - |
502 | - if (isset($_SESSION['sql_support'])) |
503 | - |
504 | - unset($_SESSION['sql_support']); |
505 | - |
506 | - if (isset($_SESSION['email_support'])) |
507 | - |
508 | - unset($_SESSION['email_support']); |
509 | - |
510 | - if (isset($_SESSION['admin_id'])) |
511 | - |
512 | - unset($_SESSION['admin_id']); |
513 | - |
514 | - if (isset($_SESSION['admin_login'])) |
515 | - |
516 | - unset($_SESSION['admin_login']); |
517 | - |
518 | - if (isset($_SESSION['admin_type'])) |
519 | - |
520 | - unset($_SESSION['admin_type']); |
521 | - |
522 | - if (isset($_SESSION['admin_email'])) |
523 | - |
524 | - unset($_SESSION['admin_email']); |
525 | - |
526 | - if (isset($_SESSION['cur_lang'])) |
527 | - |
528 | - unset($_SESSION['cur_lang']); |
529 | - |
530 | - if (isset($_SESSION['step_two_back_data'])) |
531 | - |
532 | - unset($_SESSION['step_two_back_data']); |
533 | - |
534 | - if (isset($_SESSION['local_data'])) |
535 | - |
536 | - unset($_SESSION['local_data']); |
537 | - |
538 | - if (isset($_SESSION['logged'])) |
539 | - |
540 | - unset($_SESSION['logged']); |
541 | - |
542 | - if (isset($_SESSION['subdomain_support'])) |
543 | - |
544 | - unset($_SESSION['subdomain_support']); |
545 | - |
546 | - if (isset($_SESSION['edit_ID'])) |
547 | - |
548 | - unset($_SESSION['edit_ID']); |
549 | - |
550 | - if (isset($_SESSION['user_name'])) |
551 | - |
552 | - unset($_SESSION['user_name']); |
553 | - |
554 | - if (isset($_SESSION['user_has_domain'])) |
555 | - |
556 | - unset($_SESSION['user_has_domain']); |
557 | - |
558 | - if (isset($_SESSION['layout_id'])) |
559 | - |
560 | - unset($_SESSION['layout_id']); |
561 | - |
562 | - if (isset($_SESSION['user_page_message'])) |
563 | - |
564 | - unset($_SESSION['user_page_message']); |
565 | - |
566 | - if (isset($_SESSION['dmn_name'])) |
567 | - |
568 | - unset($_SESSION['dmn_name']); |
569 | - |
570 | - if (isset($_SESSION['local_data'])) |
571 | - |
572 | - unset($_SESSION['local_data']); |
573 | - |
574 | - if (isset($_SESSION['rau3_added'])) |
575 | - |
576 | - unset($_SESSION['rau3_added']); |
577 | - |
578 | - if (isset($_SESSION['chtpl'])) |
579 | - |
580 | - unset($_SESSION['chtpl']); |
581 | - |
582 | - if (isset($_SESSION['step_one'])) |
583 | - |
584 | - unset($_SESSION['step_one']); |
585 | - |
586 | - if (isset($_SESSION['dmn_tpl'])) |
587 | - |
588 | - unset($_SESSION['dmn_tpl']); |
589 | - |
590 | - if (isset($_SESSION['logged_from'])) |
591 | - |
592 | - unset($_SESSION['logged_from']); |
593 | - |
594 | - if (isset($_SESSION['logged_from_id'])) |
595 | - |
596 | - unset($_SESSION['logged_from_id']); |
597 | - |
598 | - if (isset($_SESSION['ddel'])) |
599 | - |
600 | - unset($_SESSION['ddel']); |
601 | - |
602 | - if (isset($_SESSION['user_def_lang'])) |
603 | - |
604 | - unset($_SESSION['user_def_lang']); |
605 | - |
606 | - if (isset($_SESSION['alias_support'])) |
607 | - |
608 | - unset($_SESSION['alias_support']); |
609 | - |
610 | - |
611 | - |
612 | -// globals |
613 | - |
614 | - if (isset($GLOBALS['user_logged'])) |
615 | - |
616 | - unset($GLOBALS['user_logged']); |
617 | - |
618 | - if (isset($GLOBALS['user_def_lang'])) |
619 | - |
620 | - unset($GLOBALS['user_def_lang']); |
621 | - |
622 | - if (isset($GLOBALS['user_type'])) |
623 | - |
624 | - unset($GLOBALS['user_type']); |
625 | - |
626 | - if (isset($GLOBALS['user_id'])) |
627 | - |
628 | - unset($GLOBALS['user_id']); |
629 | - |
630 | - if (isset($GLOBALS['user_created_by'])) |
631 | - |
632 | - unset($GLOBALS['user_created_by']); |
633 | - |
634 | - if (isset($GLOBALS['user_login_time'])) |
635 | - |
636 | - unset($GLOBALS['user_login_time']); |
637 | - |
638 | - if (isset($GLOBALS['user_theme_color'])) |
639 | - |
640 | - unset($GLOBALS['user_theme_color']); |
641 | - |
642 | - if (isset($GLOBALS['layout_id'])) |
643 | - |
644 | - unset($GLOBALS['layout_id']); |
645 | - |
646 | - if (isset($GLOBALS['email_support'])) |
647 | - |
648 | - unset($GLOBALS['email_support']); |
649 | - |
650 | - if (isset($GLOBALS['subdomain_support'])) |
651 | - |
652 | - unset($GLOBALS['subdomain_support']); |
653 | - |
654 | - if (isset($GLOBALS['sql_support'])) |
655 | - |
656 | - unset($GLOBALS['sql_support']); |
657 | - |
658 | - if (isset($GLOBALS['user_page_message'])) |
659 | - |
660 | - unset($GLOBALS['user_page_message']); |
661 | - |
662 | - if (isset($GLOBALS['ch_hpprops'])) |
663 | - |
664 | - unset($GLOBALS['ch_hpprops']); |
665 | - |
666 | - if (isset($_SESSION['ch_hpprops'])) |
667 | - |
668 | - unset($_SESSION['ch_hpprops']); |
669 | - |
670 | - if (isset($GLOBALS['dmn_name'])) |
671 | - |
672 | - unset($GLOBALS['dmn_name']); |
673 | - |
674 | - if (isset($GLOBALS['local_data'])) |
675 | - |
676 | - unset($GLOBALS['local_data']); |
677 | - |
678 | - if (isset($GLOBALS['rau3_added'])) |
679 | - |
680 | - unset($GLOBALS['rau3_added']); |
681 | - |
682 | - if (isset($GLOBALS['dmn_tpl'])) |
683 | - |
684 | - unset($GLOBALS['dmn_tpl']); |
685 | - |
686 | - if (isset($GLOBALS['chtpl'])) |
687 | - |
688 | - unset($GLOBALS['chtpl']); |
689 | - |
690 | - if (isset($GLOBALS['step_one'])) |
691 | - |
692 | - unset($GLOBALS['step_one']); |
693 | - |
694 | - if (isset($GLOBALS['logged_from'])) |
695 | - |
696 | - unset($GLOBALS['logged_from']); |
697 | - |
698 | - if (isset($GLOBALS['logged_from_id'])) |
699 | - |
700 | - unset($GLOBALS['logged_from_id']); |
701 | - |
702 | - if (isset($GLOBALS['ddel'])) |
703 | - |
704 | - unset($GLOBALS['ddel']); |
705 | - |
706 | - if (isset($GLOBALS['alias_support'])) |
707 | - |
708 | - unset($GLOBALS['alias_support']); |
709 | - |
710 | - |
711 | - $_SESSION['user_def_lang'] = $cfg['USER_INITIAL_LANG']; |
712 | -} |
713 | - |
714 | -?> |
715 | +<?php |
716 | +// ------------------------------------------------------------------------------- |
717 | +// | VHCS(tm) - Virtual Hosting Control System | |
718 | +// | Copyright (c) 2001-2004 be moleSoftware | |
719 | +// | http://vhcs.net | http://www.molesoftware.com | |
720 | +// | | |
721 | +// | This program is free software; you can redistribute it and/or | |
722 | +// | modify it under the terms of the MPL General Public License | |
723 | +// | as published by the Free Software Foundation; either version 1.1 | |
724 | +// | of the License, or (at your option) any later version. | |
725 | +// | | |
726 | +// | You should have received a copy of the MPL Mozilla Public License | |
727 | +// | along with this program; if not, write to the Open Source Initiative (OSI) | |
728 | +// | http://opensource.org | osi@opensource.org | |
729 | +// | | |
730 | +// ------------------------------------------------------------------------------- |
731 | + |
732 | + |
733 | + |
734 | +function register_user($uname, $upass) { |
735 | + |
736 | + global $sql; |
737 | + |
738 | + global $cfg; |
739 | + |
740 | + |
741 | + $timestamp = time(); |
742 | + |
743 | + |
744 | + if ($cfg['DB_TYPE'] === 'mysql') { |
745 | + $query = "select admin_id, admin_pass, admin_type, created_by from admin where binary admin_name = ?"; |
746 | + } |
747 | + |
748 | + $rs = exec_query($sql, $query, array($uname)); |
749 | + |
750 | + if (($rs -> RecordCount()) != 1) { |
751 | + |
752 | + write_log("Login error, <b><i>".htmlspecialchars($uname, ENT_QUOTES, "UTF-8")."</i></b> unknown username"); |
753 | + |
754 | + return false; |
755 | + |
756 | + } |
757 | + |
758 | + $udata = $rs -> FetchRow(); |
759 | + |
760 | + if (crypt($_POST['upass'], $udata[1]) === $udata[1] || md5($_POST['upass']) === $udata[1]) { |
761 | + |
762 | + if (isset($_SESSION['user_logged'])) { |
763 | + |
764 | + write_log($_SESSION['user_logged']." user already logged or session sharing problem! Aborting..."); |
765 | + |
766 | + system_message(tr('User already logged or session sharing problem! Aborting...')); |
767 | + |
768 | + } else { |
769 | + |
770 | + if ($udata['admin_type'] == "user"){ |
771 | + |
772 | + $domain_admin_id = $udata['admin_id']; |
773 | + |
774 | + $query = <<<SQL_QUERY |
775 | + select |
776 | + domain_status |
777 | + from |
778 | + domain |
779 | + where |
780 | + domain_admin_id = ?; |
781 | +SQL_QUERY; |
782 | + |
783 | + $rs = exec_query($sql, $query, array($domain_admin_id)); |
784 | + |
785 | + $user_dom_data = $rs -> FetchRow(); |
786 | + |
787 | + if ($user_dom_data['domain_status'] != $cfg['ITEM_OK_STATUS']){ |
788 | + |
789 | + write_log( htmlspecialchars($uname, ENT_QUOTES, "UTF-8")." Domain status is not OK - user can not login"); |
790 | + |
791 | + return false; |
792 | + } |
793 | + } |
794 | + |
795 | + // all is OK let's login the user |
796 | + $user_login_time = time(); |
797 | + |
798 | + $query = <<<SQL_QUERY |
799 | + insert into login |
800 | + (session_id, lastaccess) |
801 | + values |
802 | + (?, ?) |
803 | +SQL_QUERY; |
804 | + |
805 | + $rs = exec_query($sql, $query, array($uname, $user_login_time)); |
806 | + |
807 | + |
808 | + $_SESSION['user_logged'] = $uname; |
809 | + |
810 | + $_SESSION['user_type'] = $udata['admin_type']; |
811 | + |
812 | + $_SESSION['user_id'] = $udata['admin_id']; |
813 | + |
814 | + $_SESSION['user_created_by'] = $udata['created_by']; |
815 | + |
816 | + $_SESSION['user_login_time'] = $user_login_time; |
817 | + |
818 | + write_log( htmlspecialchars($uname, ENT_QUOTES, "UTF-8")." user logged in."); |
819 | + |
820 | + return true; |
821 | + |
822 | + } |
823 | + |
824 | + } else { |
825 | + |
826 | + write_log( htmlspecialchars($uname, ENT_QUOTES, "UTF-8")." bad password login data."); |
827 | + |
828 | + return false; |
829 | + |
830 | + } |
831 | + |
832 | +} |
833 | + |
834 | +function check_user_login($uname, $utype, $uid) { |
835 | + |
836 | + global $cfg, $sql; |
837 | + |
838 | + $timestamp = time(); |
839 | + //lets kill all time out sessions |
840 | + global $cfg; |
841 | + $timeout_sessions = $timestamp - $cfg['SESSION_TIMEOUT']; |
842 | + $query = <<<SQL_QUERY |
843 | + delete from |
844 | + login |
845 | + where |
846 | + lastaccess < ? |
847 | +SQL_QUERY; |
848 | + |
849 | + $rs = exec_query($sql, $query, array($timeout_sessions)); |
850 | + |
851 | + |
852 | + if (isset($_SESSION['user_logged'])) { |
853 | + |
854 | + $user_id = $_SESSION['user_logged']; |
855 | + |
856 | + $query = <<<SQL_QUERY |
857 | + select |
858 | + session_id |
859 | + from |
860 | + login |
861 | + where |
862 | + session_id = ? |
863 | +SQL_QUERY; |
864 | + |
865 | + $rs = exec_query($sql, $query, array($user_id)); |
866 | + |
867 | + if ($rs -> RecordCount() == 0) { |
868 | + |
869 | + write_log($_SESSION['user_logged']." user session do not exist or killed"); |
870 | + |
871 | + return false; |
872 | + |
873 | + } |
874 | + |
875 | + |
876 | + if ($timestamp - $_SESSION['user_login_time'] <= $cfg['SESSION_TIMEOUT']) { |
877 | + |
878 | + $_SESSION['user_login_time'] = $timestamp; |
879 | + |
880 | +$query = <<<SQL_QUERY |
881 | + update |
882 | + login |
883 | + set |
884 | + lastaccess = ? |
885 | + where |
886 | + session_id = ? |
887 | +SQL_QUERY; |
888 | + $rs = exec_query($sql, $query, array($timestamp, $user_id)); |
889 | + |
890 | + goto_user_location(); |
891 | + |
892 | + return true; |
893 | + |
894 | + } else { |
895 | + |
896 | + $query = <<<SQL_QUERY |
897 | + delete from |
898 | + login |
899 | + where |
900 | + session_id = ? |
901 | +SQL_QUERY; |
902 | + |
903 | + $rs = exec_query($sql, $query, array($user_id)); |
904 | + write_log(htmlspecialchars($uname, ENT_QUOTES, "UTF-8")." user session timed out"); |
905 | + |
906 | + return false; |
907 | + |
908 | + } |
909 | + |
910 | + } else { |
911 | + |
912 | + |
913 | + write_log(htmlspecialchars($uname, ENT_QUOTES, "UTF-8")." bad session data."); |
914 | + |
915 | + return false; |
916 | + |
917 | + } |
918 | + |
919 | +} |
920 | + |
921 | + |
922 | +function goto_user_location() |
923 | +{ |
924 | + $path = explode("/", $_SERVER['SCRIPT_NAME']); |
925 | + |
926 | + $found = false; |
927 | + |
928 | + for($i=0; $i< count($path);$i++){ |
929 | + |
930 | + if($path[$i] == $_SESSION['user_type']){ |
931 | + |
932 | + $found= true; |
933 | + |
934 | + } else if ($_SESSION['user_type'] == 'user' && $path[$i] == 'client') { |
935 | + |
936 | + $found= true; |
937 | + |
938 | + } |
939 | + } |
940 | + if(!$found) |
941 | + { |
942 | + |
943 | + if ($_SESSION['user_type'] == 'admin') { |
944 | + |
945 | + header("Location: ../admin/manage_users.php"); |
946 | + |
947 | + die(); |
948 | + |
949 | + } else if ($_SESSION['user_type'] == 'reseller') { |
950 | + |
951 | + header("Location: ../reseller/index.php"); |
952 | + |
953 | + die(); |
954 | + |
955 | + } else if ($_SESSION['user_type'] == 'user') { |
956 | + |
957 | + header("Location: ../client/index.php"); |
958 | + |
959 | + die(); |
960 | + |
961 | + } |
962 | + } |
963 | + |
964 | +} |
965 | + |
966 | +function check_login () { |
967 | + |
968 | + if (isset($_SESSION['user_logged'])) { |
969 | + |
970 | + if (!check_user_login($_SESSION['user_logged'], $_SESSION['user_type'], $_SESSION['user_id'])) { |
971 | + |
972 | + header("Location: ../index.php"); |
973 | + die(); |
974 | + |
975 | + } |
976 | + |
977 | + } else { |
978 | + |
979 | + header("Location: ../index.php"); |
980 | + die(); |
981 | + } |
982 | +} |
983 | + |
984 | +function change_user_interface($form_id, $to_id) { |
985 | + |
986 | + global $sql; |
987 | + |
988 | + global $cfg; |
989 | + |
990 | + |
991 | + $timestamp = time(); |
992 | + |
993 | + if ($cfg['DB_TYPE'] === 'mysql') { |
994 | + $query_from = "select admin_id, admin_name, admin_pass, admin_type, created_by from admin where binary admin_id = ?"; |
995 | + $query_to = "select admin_id, admin_name, admin_pass, admin_type, created_by from admin where binary admin_id = ?"; |
996 | + } |
997 | + |
998 | + $rs_from = exec_query($sql, $query_from, array($form_id)); |
999 | + $rs_to = exec_query($sql, $query_to, array($to_id)); |
1000 | + |
1001 | + if (($rs_from -> RecordCount()) != 1 || ($rs_to -> RecordCount()) != 1) { |
1002 | + write_log("Change interface error => unknown from or to username"); |
1003 | + return false; |
1004 | + } |
1005 | + |
1006 | + |
1007 | + $from_udata = $rs_from -> FetchRow(); |
1008 | + |
1009 | + $to_udata = $rs_to -> FetchRow(); |
1010 | + |
1011 | + |
1012 | + // let's check if TO_DOMAIN Status OK |
1013 | + // if domain satus not OK -> don't add mail accounts or subdomains .. or something else |
1014 | + |
1015 | + if ($to_udata['admin_type'] == "user"){ |
1016 | + |
1017 | + $domain_admin_id = $to_udata['admin_id']; |
1018 | + |
1019 | + $query = <<<SQL_QUERY |
1020 | + select |
1021 | + domain_status |
1022 | + from |
1023 | + domain |
1024 | + where |
1025 | + domain_admin_id = ? |
1026 | +SQL_QUERY; |
1027 | + |
1028 | + $rs = exec_query($sql, $query, array($domain_admin_id)); |
1029 | + |
1030 | + $user_dom_data = $rs -> FetchRow(); |
1031 | + |
1032 | + if ($user_dom_data['domain_status'] != $cfg['ITEM_OK_STATUS']){ |
1033 | + |
1034 | + write_log("Domain ID: ".$to_udata['admin_id']." - domain status PROBLEM -"); |
1035 | + |
1036 | + return false; |
1037 | + } |
1038 | + } |
1039 | + //end of Domain User Status check |
1040 | + |
1041 | + |
1042 | + |
1043 | + if ($from_udata['admin_type'] === 'admin' && $to_udata['admin_type'] === 'reseller') { |
1044 | + |
1045 | + $header = "../reseller/index.php"; |
1046 | + |
1047 | + } else if ($from_udata['admin_type'] === 'admin' && ($to_udata['admin_type'] != 'admin' || $to_udata['admin_type'] != 'reseller')) { |
1048 | + |
1049 | + $header = "../client/index.php"; |
1050 | + |
1051 | + } else if ($from_udata['admin_type'] === 'reseller' && ($to_udata['admin_type'] != 'admin' || $to_udata['admin_type'] != 'reseller')) { |
1052 | + |
1053 | + $header = "../client/index.php"; |
1054 | + |
1055 | + } |
1056 | + |
1057 | + // lets check and go from bottom to top User -> Reseller -> Admin |
1058 | + |
1059 | + else if (isset($_SESSION['logged_from'])) { // ther is SESSION 'logged from' -> we can go from Buttom to TOP |
1060 | + |
1061 | + if ($from_udata['admin_type'] === 'reseller' && $to_udata['admin_type'] == 'admin') { |
1062 | + |
1063 | + $header = "../admin/manage_users.php"; |
1064 | + |
1065 | + } |
1066 | + // user to admin |
1067 | + else if (($from_udata['admin_type'] != 'admin' || $from_udata['admin_type'] != 'reseller') && $to_udata['admin_type'] === 'admin') { |
1068 | + |
1069 | + $header = "../admin/manage_users.php"; |
1070 | + |
1071 | + } |
1072 | + // user reseller |
1073 | + else if (($from_udata['admin_type'] != 'admin' || $from_udata['admin_type'] != 'reseller') && $to_udata['admin_type'] === 'reseller') { |
1074 | + |
1075 | + $header = "../reseller/users.php"; |
1076 | + |
1077 | + } |
1078 | + |
1079 | + else{ |
1080 | + |
1081 | + write_log("change interface error from: ".$from_udata['admin_name']." to: ".$to_udata['admin_name']); |
1082 | + |
1083 | + return false; |
1084 | + } |
1085 | + |
1086 | + |
1087 | + |
1088 | + } else { |
1089 | + |
1090 | + write_log("change interface error from: ".$from_udata['admin_name']." to: ".$to_udata['admin_name']); |
1091 | + |
1092 | + return false; |
1093 | + } |
1094 | + |
1095 | + // lets save layout and language from admin/reseler - they don't wannt to read user interface on china or arabic language |
1096 | + $user_language = $_SESSION['user_def_lang']; |
1097 | + |
1098 | + $user_layout = $_SESSION['user_theme_color']; |
1099 | + |
1100 | + |
1101 | + // delete all sessions and globals data and set new one with SESSION logged_from |
1102 | + unset_user_login_data(); |
1103 | + |
1104 | + if ($to_udata['admin_type'] != 'admin'){ |
1105 | + |
1106 | + $_SESSION['logged_from'] = $from_udata['admin_name']; |
1107 | + |
1108 | + $_SESSION['logged_from_id'] = $from_udata['admin_id']; |
1109 | + |
1110 | + } |
1111 | + |
1112 | + // we gonna kill all sessions and globals if user get back to admin level |
1113 | + if (isset($_SESSION['admin_name'])) |
1114 | + |
1115 | + unset($_SESSION['admin_name']); |
1116 | + |
1117 | + if (isset($_SESSION['admin_id'])) |
1118 | + |
1119 | + unset($_SESSION['admin_id']); |
1120 | + |
1121 | + if (isset($GLOBALS['admin_name'])) |
1122 | + |
1123 | + unset($GLOBALS['admin_name']); |
1124 | + |
1125 | + if (isset($GLOBALS['admin_id'])) |
1126 | + |
1127 | + unset($GLOBALS['admin_id']); |
1128 | + // no more sessions and globals to kill - they were always killed - rest in peace |
1129 | + |
1130 | + $_SESSION['user_logged'] = $to_udata['admin_name']; |
1131 | + |
1132 | + $_SESSION['user_type'] = $to_udata['admin_type']; |
1133 | + |
1134 | + $_SESSION['user_id'] = $to_udata['admin_id']; |
1135 | + |
1136 | + $_SESSION['user_created_by'] = $to_udata['created_by']; |
1137 | + |
1138 | + $_SESSION['user_login_time'] = time(); |
1139 | + |
1140 | + $_SESSION['user_def_lang'] = $user_language; |
1141 | + |
1142 | + $_SESSION['user_theme_color'] = $user_layout; |
1143 | + |
1144 | + $user_login_time = time(); |
1145 | + $new_user_name = $to_udata['admin_name']; |
1146 | + |
1147 | + $query = <<<SQL_QUERY |
1148 | + insert into login |
1149 | + (session_id, lastaccess) |
1150 | + values |
1151 | + (?, ?) |
1152 | +SQL_QUERY; |
1153 | + |
1154 | + $rs = exec_query($sql, $query, array($new_user_name, $user_login_time)); |
1155 | + |
1156 | + write_log($from_udata['admin_name']." change into interface from ".$to_udata['admin_name']); |
1157 | + return $header; |
1158 | + |
1159 | +} |
1160 | + |
1161 | +function unset_user_login_data () { |
1162 | + |
1163 | + global $cfg, $sql; |
1164 | + |
1165 | + if (isset($_SESSION['user_logged'])) { |
1166 | + $admin_name = $_SESSION['user_logged']; |
1167 | + |
1168 | + $query = <<<SQL_QUERY |
1169 | + delete from |
1170 | + login |
1171 | + where |
1172 | + session_id = ? |
1173 | +SQL_QUERY; |
1174 | + |
1175 | + $rs = exec_query($sql, $query, array($admin_name)); |
1176 | + |
1177 | + unset($_SESSION['user_logged']); |
1178 | + } |
1179 | + |
1180 | + if (isset($_SESSION['user_id'])) |
1181 | + |
1182 | + unset($_SESSION['user_id']); |
1183 | + |
1184 | + if (isset($_SESSION['user_type'])) |
1185 | + |
1186 | + unset($_SESSION['user_type']); |
1187 | + |
1188 | + if (isset($_SESSION['user_created_by'])) |
1189 | + |
1190 | + unset($_SESSION['user_created_by']); |
1191 | + |
1192 | + if (isset($_SESSION['user_login_time'])) |
1193 | + |
1194 | + unset($_SESSION['user_login_time']); |
1195 | + |
1196 | + if (isset($_SESSION['dmn_name'])) |
1197 | + |
1198 | + unset($_SESSION['dmn_name']); |
1199 | + |
1200 | + if (isset($_SESSION['user_has_domain'])) |
1201 | + |
1202 | + unset($_SESSION['user_has_domain']); |
1203 | + |
1204 | + if (isset($_SESSION['hpid'])) |
1205 | + |
1206 | + unset($_SESSION['hpid']); |
1207 | + |
1208 | + if (isset($_SESSION['user_deleted'])) |
1209 | + |
1210 | + unset($_SESSION['user_deleted']); |
1211 | + |
1212 | + if (isset($_SESSION['edit'])) |
1213 | + |
1214 | + unset($_SESSION['edit']); |
1215 | + |
1216 | + if (isset($_SESSION['reseller_ips'])) |
1217 | + |
1218 | + unset($_SESSION['reseller_ips']); |
1219 | + |
1220 | + if (isset($_SESSION['sql_support'])) |
1221 | + |
1222 | + unset($_SESSION['sql_support']); |
1223 | + |
1224 | + if (isset($_SESSION['email_support'])) |
1225 | + |
1226 | + unset($_SESSION['email_support']); |
1227 | + |
1228 | + if (isset($_SESSION['admin_id'])) |
1229 | + |
1230 | + unset($_SESSION['admin_id']); |
1231 | + |
1232 | + if (isset($_SESSION['admin_login'])) |
1233 | + |
1234 | + unset($_SESSION['admin_login']); |
1235 | + |
1236 | + if (isset($_SESSION['admin_type'])) |
1237 | + |
1238 | + unset($_SESSION['admin_type']); |
1239 | + |
1240 | + if (isset($_SESSION['admin_email'])) |
1241 | + |
1242 | + unset($_SESSION['admin_email']); |
1243 | + |
1244 | + if (isset($_SESSION['cur_lang'])) |
1245 | + |
1246 | + unset($_SESSION['cur_lang']); |
1247 | + |
1248 | + if (isset($_SESSION['step_two_back_data'])) |
1249 | + |
1250 | + unset($_SESSION['step_two_back_data']); |
1251 | + |
1252 | + if (isset($_SESSION['local_data'])) |
1253 | + |
1254 | + unset($_SESSION['local_data']); |
1255 | + |
1256 | + if (isset($_SESSION['logged'])) |
1257 | + |
1258 | + unset($_SESSION['logged']); |
1259 | + |
1260 | + if (isset($_SESSION['subdomain_support'])) |
1261 | + |
1262 | + unset($_SESSION['subdomain_support']); |
1263 | + |
1264 | + if (isset($_SESSION['edit_ID'])) |
1265 | + |
1266 | + unset($_SESSION['edit_ID']); |
1267 | + |
1268 | + if (isset($_SESSION['user_name'])) |
1269 | + |
1270 | + unset($_SESSION['user_name']); |
1271 | + |
1272 | + if (isset($_SESSION['user_has_domain'])) |
1273 | + |
1274 | + unset($_SESSION['user_has_domain']); |
1275 | + |
1276 | + if (isset($_SESSION['layout_id'])) |
1277 | + |
1278 | + unset($_SESSION['layout_id']); |
1279 | + |
1280 | + if (isset($_SESSION['user_page_message'])) |
1281 | + |
1282 | + unset($_SESSION['user_page_message']); |
1283 | + |
1284 | + if (isset($_SESSION['dmn_name'])) |
1285 | + |
1286 | + unset($_SESSION['dmn_name']); |
1287 | + |
1288 | + if (isset($_SESSION['local_data'])) |
1289 | + |
1290 | + unset($_SESSION['local_data']); |
1291 | + |
1292 | + if (isset($_SESSION['rau3_added'])) |
1293 | + |
1294 | + unset($_SESSION['rau3_added']); |
1295 | + |
1296 | + if (isset($_SESSION['chtpl'])) |
1297 | + |
1298 | + unset($_SESSION['chtpl']); |
1299 | + |
1300 | + if (isset($_SESSION['step_one'])) |
1301 | + |
1302 | + unset($_SESSION['step_one']); |
1303 | + |
1304 | + if (isset($_SESSION['dmn_tpl'])) |
1305 | + |
1306 | + unset($_SESSION['dmn_tpl']); |
1307 | + |
1308 | + if (isset($_SESSION['logged_from'])) |
1309 | + |
1310 | + unset($_SESSION['logged_from']); |
1311 | + |
1312 | + if (isset($_SESSION['logged_from_id'])) |
1313 | + |
1314 | + unset($_SESSION['logged_from_id']); |
1315 | + |
1316 | + if (isset($_SESSION['ddel'])) |
1317 | + |
1318 | + unset($_SESSION['ddel']); |
1319 | + |
1320 | + if (isset($_SESSION['user_def_lang'])) |
1321 | + |
1322 | + unset($_SESSION['user_def_lang']); |
1323 | + |
1324 | + if (isset($_SESSION['alias_support'])) |
1325 | + |
1326 | + unset($_SESSION['alias_support']); |
1327 | + |
1328 | + |
1329 | + |
1330 | +// globals |
1331 | + |
1332 | + if (isset($GLOBALS['user_logged'])) |
1333 | + |
1334 | + unset($GLOBALS['user_logged']); |
1335 | + |
1336 | + if (isset($GLOBALS['user_def_lang'])) |
1337 | + |
1338 | + unset($GLOBALS['user_def_lang']); |
1339 | + |
1340 | + if (isset($GLOBALS['user_type'])) |
1341 | + |
1342 | + unset($GLOBALS['user_type']); |
1343 | + |
1344 | + if (isset($GLOBALS['user_id'])) |
1345 | + |
1346 | + unset($GLOBALS['user_id']); |
1347 | + |
1348 | + if (isset($GLOBALS['user_created_by'])) |
1349 | + |
1350 | + unset($GLOBALS['user_created_by']); |
1351 | + |
1352 | + if (isset($GLOBALS['user_login_time'])) |
1353 | + |
1354 | + unset($GLOBALS['user_login_time']); |
1355 | + |
1356 | + if (isset($GLOBALS['user_theme_color'])) |
1357 | + |
1358 | + unset($GLOBALS['user_theme_color']); |
1359 | + |
1360 | + if (isset($GLOBALS['layout_id'])) |
1361 | + |
1362 | + unset($GLOBALS['layout_id']); |
1363 | + |
1364 | + if (isset($GLOBALS['email_support'])) |
1365 | + |
1366 | + unset($GLOBALS['email_support']); |
1367 | + |
1368 | + if (isset($GLOBALS['subdomain_support'])) |
1369 | + |
1370 | + unset($GLOBALS['subdomain_support']); |
1371 | + |
1372 | + if (isset($GLOBALS['sql_support'])) |
1373 | + |
1374 | + unset($GLOBALS['sql_support']); |
1375 | + |
1376 | + if (isset($GLOBALS['user_page_message'])) |
1377 | + |
1378 | + unset($GLOBALS['user_page_message']); |
1379 | + |
1380 | + if (isset($GLOBALS['ch_hpprops'])) |
1381 | + |
1382 | + unset($GLOBALS['ch_hpprops']); |
1383 | + |
1384 | + if (isset($_SESSION['ch_hpprops'])) |
1385 | + |
1386 | + unset($_SESSION['ch_hpprops']); |
1387 | + |
1388 | + if (isset($GLOBALS['dmn_name'])) |
1389 | + |
1390 | + unset($GLOBALS['dmn_name']); |
1391 | + |
1392 | + if (isset($GLOBALS['local_data'])) |
1393 | + |
1394 | + unset($GLOBALS['local_data']); |
1395 | + |
1396 | + if (isset($GLOBALS['rau3_added'])) |
1397 | + |
1398 | + unset($GLOBALS['rau3_added']); |
1399 | + |
1400 | + if (isset($GLOBALS['dmn_tpl'])) |
1401 | + |
1402 | + unset($GLOBALS['dmn_tpl']); |
1403 | + |
1404 | + if (isset($GLOBALS['chtpl'])) |
1405 | + |
1406 | + unset($GLOBALS['chtpl']); |
1407 | + |
1408 | + if (isset($GLOBALS['step_one'])) |
1409 | + |
1410 | + unset($GLOBALS['step_one']); |
1411 | + |
1412 | + if (isset($GLOBALS['logged_from'])) |
1413 | + |
1414 | + unset($GLOBALS['logged_from']); |
1415 | + |
1416 | + if (isset($GLOBALS['logged_from_id'])) |
1417 | + |
1418 | + unset($GLOBALS['logged_from_id']); |
1419 | + |
1420 | + if (isset($GLOBALS['ddel'])) |
1421 | + |
1422 | + unset($GLOBALS['ddel']); |
1423 | + |
1424 | + if (isset($GLOBALS['alias_support'])) |
1425 | + |
1426 | + unset($GLOBALS['alias_support']); |
1427 | + |
1428 | + |
1429 | + $_SESSION['user_def_lang'] = $cfg['USER_INITIAL_LANG']; |
1430 | +} |
1431 | + |
1432 | +?> |