2 $reqVar = '_' . $_SERVER['REQUEST_METHOD'];
\r
3 $form_vars = $$reqVar;
\r
4 $parm = $form_vars['parm'] ;
\r
6 $url = explode("|", $parm);
\r
8 $f_username = $url[0];
\r
9 $f_usermail = $url[1];
\r
13 $home .= "user.php?op=loginscreen&module=NS-User" ;
\r
18 if ($f_username==""){
\r
19 header ("Location : $home") ;
\r
23 $page = 'PostNuke_start';
\r
24 $_user_location = 'public';
\r
27 if ($version == '1.3.0'){
\r
28 $_include_path = 'include/';
\r
29 require ($_include_path.'vitals.inc.php');
\r
31 define('AT_INCLUDE_PATH', 'include/');
\r
32 require(AT_INCLUDE_PATH.'vitals.inc.php');
\r
37 $sql = "SELECT password FROM ".TABLE_PREFIX."members WHERE login='$f_username' ";
\r
38 $result = mysql_query($sql);
\r
39 $num_rows = mysql_num_rows($result);
\r
43 if ($f_users != ''){
\r
44 // Insert the new user
\r
45 $new_pwd = ranpass() ;
\r
46 $adding = "INSERT INTO ".TABLE_PREFIX."members (login, password,email,language,preferences) VALUES ( '$f_username','$new_pwd','$f_username', 'en',' ')";
\r
47 $added = mysql_query($adding) or mysql_error();
\r
49 $sql = "SELECT password FROM ".TABLE_PREFIX."members WHERE login='$f_username' ";
\r
50 $result = mysql_query($sql);
\r
51 $row99 = mysql_fetch_row($result) ;
\r
55 $row99 = mysql_fetch_row($result) ;
\r
59 /* form post login */
\r
60 $this_login = $f_username;
\r
61 $this_password = $pwd;
\r
63 $used_cookie = false;
\r
65 $sql = "SELECT member_id, login, preferences, PASSWORD(password) AS pass, language FROM ".TABLE_PREFIX."members WHERE login='$this_login' AND PASSWORD(password)=PASSWORD('$this_password')";
\r
67 $result = mysql_query($sql);
\r
68 if ($row = mysql_fetch_array($result)) {
\r
69 $_SESSION['login'] = $row['login'];
\r
70 $_SESSION['valid_user'] = TRUE;
\r
71 $_SESSION['member_id'] = intval($row['member_id']);
\r
72 assign_session_prefs(unserialize(stripslashes($row['preferences'])));
\r
73 $_SESSION['is_guest'] = 0;
\r
74 $_SESSION['lang'] = $row['language'];
\r
76 $_POST['form_course_id'] = $url[5] ;
\r
77 Header('Location: ./bounce.php?course='.$_POST['form_course_id']);
\r
80 $errors[] = AT_ERROR_INVALID_LOGIN;
\r
81 Header('Location: ./login.php');
\r
83 Header('Location: ./login.php');
\r
87 function ranpass($len = "8"){
\r
89 for($i=0; $i<$len; $i++) {
\r
90 $char = chr(rand(48,122));
\r
91 while (!ereg("[a-zA-Z0-9]", $char)){
\r
92 if($char == $lchar) continue;
\r
93 $char = chr(rand(48,90));
\r