Jump to content
  • 0

Помогите пожалуйста


7hp
 Share

Question

Обстановка такова: У меня есть сайт, сайт стоит на двиге: dle. Я хочу сделать отдельные шаблоны для модулей: userinfo(Персональная страница пользователя) и pm(Сообщения), что бы у каждого модуля, был свой собственный шаблон. Как сделать!? Помогите пожалуйста, буду рад. Заранее спасибо =)

Link to comment
Share on other sites

Recommended Posts

  • 0

Есть такое, но там основной шаблон, от страницы: main.tpl. А я хочу, свой шаблон поставить... Как сделать?

если правильно помню, то в ДЛЕ разные модули вызываются по разным адресам. То есть /userinfo.php - будет в адресной строке, когда этот модуль задействован. Я бы советовал вам попробовать найти место, где отдаётся на обработку шаблон, и добавить условие, подсовывающее шаблон в зависимости от адреса. Наверно прокатит. Нет под рукой DLE, чтобы глянуть.

Edited by Быколай
Link to comment
Share on other sites

  • 0

Не смог найти. Помогите пожалуйста, вот profil.php.

<?php
/*
=====================================================
DataLife Engine - by SoftNews Media Group
—————————————————--
http://dle-news.ru/
—————————————————--
Copyright (c) 2004,2011 SoftNews Media Group
=====================================================
Данный код защищен авторскими правами
=====================================================
Файл: profile.php
—————————————————--
Назначение: Профиль пользователя
=====================================================
*/

if( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}

include_once ENGINE_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( );
$parse->safe_mode = true;

//####################################################################################################################
// Обновление информации о пользователе
//####################################################################################################################
if( $allow_userinfo and $doaction == "adduserinfo" ) {

$stop = false;
$id = intval($_POST['id']);

if( !$is_logged OR $_POST['dle_allow_hash'] == "" OR $_POST['dle_allow_hash'] != $dle_login_hash OR !$id) {

die( "Hacking attempt! User ID not valid" );

}

if ( $member_id['user_id'] != $id AND $member_id['user_group'] != 1 ) {
die( "Hacking attempt!" );
}

$row = $db->super_query( "SELECT * FROM " . USERPREFIX . "_users WHERE user_id = '{$id}'" );

if( !$is_logged or !($member_id['user_id'] == $row['user_id'] or $member_id['user_group'] == 1) ) {

$stop = $lang['news_err_13'];

} else {

$parse->allow_url = $user_group[$member_id['user_group']]['allow_url'];
$parse->allow_image = $user_group[$member_id['user_group']]['allow_image'];

$password1 = $_POST['password1'];
$password2 = $_POST['password2'];

if( $_POST['allow_mail'] ) $allow_mail = 0; else $allow_mail = 1;

$altpass = md5( $_POST['altpass'] );
$info = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['info'] ), false ) );

$not_allow_symbol = array ("\x22", "\x60", "\t", '\n', '\r', "\n", "\r", '\\', ",", "/", "¬", "#", ";", ":", "~", "[", "]", "{", "}", ")", "(", "*", "^", "%", "$", "<", ">", "?", "!", '"', "'" );
$email = $db->safesql(trim( str_replace( $not_allow_symbol, '', strip_tags( stripslashes( $_POST['email'] ) ) ) ) );

$fullname = $db->safesql( $parse->process( $_POST['fullname'] ) );
$land = $db->safesql( $parse->process( $_POST['land'] ) );
$icq = intval( $_POST['icq'] );
if( ! $icq ) $icq = "";

$allowed_ip = str_replace( "\r", "", trim( $_POST['allowed_ip'] ) );
$allowed_ip = str_replace( "\n", "|", $allowed_ip );
$allowed_ip = $db->safesql( $parse->process( $allowed_ip ) );


$xfieldsid = stripslashes( $row['xfields'] );

if( $user_group[$row['user_group']]['allow_signature'] ) {

$signature = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['signature'] ), false ) );

} else
$signature = "";

$image = $_FILES['image']['tmp_name'];
$image_name = $_FILES['image']['name'];
$image_size = $_FILES['image']['size'];
$img_name_arr = explode( ".", $image_name );
$type = totranslit( end( $img_name_arr ) );

if( strpos ( $type, "php" ) !== false ) die("Hacking attempt!");

if( $image_name != "" ) $image_name = totranslit( stripslashes( $img_name_arr[0] ) ) . "." . $type;

if( is_uploaded_file( $image ) and ! $stop ) {

if( intval( $user_group[$member_id['user_group']]['max_foto'] ) > 0 ) {

if( $image_size < 100000 ) {

$allowed_extensions = array ("jpg", "png", "jpe", "jpeg", "gif" );

if( in_array( $type, $allowed_extensions ) AND $image_name ) {

include_once ENGINE_DIR . '/classes/thumb.class.php';

$res = @move_uploaded_file( $image, ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type );

if( $res ) {

@chmod( ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type, 0666 );
$thumb = new thumbnail( ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type );

if( $thumb->size_auto( $user_group[$member_id['user_group']]['max_foto'] ) ) {
$thumb->jpeg_quality( $config['jpeg_quality'] );
$thumb->save( ROOT_DIR . "/uploads/fotos/foto_" . $row['user_id'] . "." . $type );
} else {
@rename( ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type, ROOT_DIR . "/uploads/fotos/foto_" . $row['user_id'] . "." . $type );
}

@chmod( ROOT_DIR . "/uploads/fotos/foto_" . $row['user_id'] . "." . $type, 0666 );
$foto_name = "foto_" . $row['user_id'] . "." . $type;

$db->query( "UPDATE " . USERPREFIX . "_users set foto='$foto_name' WHERE user_id = '{$id}'" );

} else
$stop .= $lang['news_err_14'];
} else
$stop .= $lang['news_err_15'];
} else
$stop .= $lang['news_err_16'];
} else
$stop .= $lang['news_err_32'];

@unlink( ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type );
}

if( $_POST['del_foto'] == "yes" AND !$stop) {

@unlink( ROOT_DIR . "/uploads/fotos/" . $row['foto'] );
$db->query( "UPDATE " . USERPREFIX . "_users set foto='' WHERE user_id = '{$id}'" );

}

if( strlen( $password1 ) > 0 ) {

$altpass = md5( $altpass );

if( $altpass != $member_id['password'] ) {
$stop .= $lang['news_err_17'];
}

if( $password1 != $password2 ) {
$stop .= $lang['news_err_18'];
}

if( strlen( $password1 ) < 6 ) {
$stop .= $lang['news_err_19'];
}

if ($member_id['user_id'] == $row['user_id'] AND $user_group[$member_id['user_group']]['admin_editusers']) {
$stop .= $lang['news_err_42'];
}
}

if( empty( $email ) OR strlen( $email ) > 50 OR @count(explode("@", $email)) != 2) {

$stop .= $lang['news_err_21'];
}
if ($member_id['user_id'] == $row['user_id'] AND $email != $member_id['email'] AND $user_group[$member_id['user_group']]['admin_editusers']) {
$stop .= $lang['news_err_42'];
}
if( intval( $user_group[$member_id['user_group']]['max_info'] ) > 0 and dle_strlen( $info, $config['charset'] ) > $user_group[$member_id['user_group']]['max_info'] ) {

$stop .= $lang['news_err_22'];
}
if( intval( $user_group[$member_id['user_group']]['max_signature'] ) > 0 and dle_strlen( $signature, $config['charset'] ) > $user_group[$member_id['user_group']]['max_signature'] ) {

$stop .= $lang['not_allowed_sig'];
}
if( dle_strlen( $fullname, $config['charset'] ) > 100 ) {

$stop .= $lang['news_err_23'];
}
if ( preg_match( "/[\||\'|\<|\>|\"|\!|\]|\?|\$|\@|\/|\\\|\&\~\*\+]/", $fullname ) ) {

$stop .= $lang['news_err_35'];
}
if( dle_strlen( $land, $config['charset'] ) > 100 ) {

$stop .= $lang['news_err_24'];
}
if ( preg_match( "/[\||\'|\<|\>|\"|\!|\]|\?|\$|\@|\/|\\\|\&\~\*\+]/", $land ) ) {

$stop .= $lang['news_err_36'];
}
if( strlen( $icq ) > 20 ) {

$stop .= $lang['news_err_25'];
}

if( $parse->not_allowed_tags ) {

$stop .= $lang['news_err_34'];
}

if( $parse->not_allowed_text ) {

$stop .= $lang['news_err_38'];
}

$db->query( "SELECT name FROM " . USERPREFIX . "_users WHERE email = '$email' AND user_id != '{$id}'" );

if( $db->num_rows() ) {
$stop .= $lang['reg_err_8'];
}

$db->free();

}

if( $stop ) {

msgbox( $lang['all_err_1'], "<ul>".$stop."</ul>" );

} else {

$xfieldsaction = "init";
$xfieldsadd = false;
include (ENGINE_DIR . '/inc/userfields.php');
$filecontents = array ();

if( ! empty( $postedxfields ) ) {
foreach ( $postedxfields as $xfielddataname => $xfielddatavalue ) {
if( ! $xfielddatavalue ) {
continue;
}

$xfielddatavalue = $db->safesql( $parse->BB_Parse( $parse->process( $xfielddatavalue ), false ) );

$xfielddataname = $db->safesql( $xfielddataname );

$xfielddataname = str_replace( "|", "|", $xfielddataname );
$xfielddatavalue = str_replace( "|", "|", $xfielddatavalue );
$filecontents[] = "$xfielddataname|$xfielddatavalue";
}

$filecontents = implode( "||", $filecontents );
} else
$filecontents = '';

if( strlen( $password1 ) > 0 ) {

$password1 = md5( md5( $password1 ) );
$sql_user = "UPDATE " . USERPREFIX . "_users set fullname='$fullname', land='$land', icq='$icq', email='$email', info='$info', signature='$signature', password='$password1', allow_mail='$allow_mail', xfields='$filecontents', allowed_ip='$allowed_ip' WHERE user_id = '{$id}'";

} else {

$sql_user = "UPDATE " . USERPREFIX . "_users set fullname='$fullname', land='$land', icq='$icq', email='$email', info='$info', signature='$signature', allow_mail='$allow_mail', xfields='$filecontents', allowed_ip='$allowed_ip' WHERE user_id = '{$id}'";

}

$db->query( $sql_user );

if ( $_POST['subscribe'] ) $db->query( "DELETE FROM " . PREFIX . "_subscribe WHERE user_id = '{$row['user_id']}'" );
}

}

//####################################################################################################################
// Просмотр профиля пользователя
//####################################################################################################################


$user_found = FALSE;
if( preg_match( "/[\||\'|\<|\>|\"|\!|\?|\$|\@|\/|\\\|\&\~\*\+]/", $name ) ) die("Not allowed user name!");

$sql_result = $db->query( "SELECT * FROM " . USERPREFIX . "_users where name = '$user'" );

$tpl->load_template( 'userinfo.tpl' );

while ( $row = $db->get_row( $sql_result ) ) {

$user_found = TRUE;

if( $row['banned'] == 'yes' ) $user_group[$row['user_group']]['group_name'] = $lang['user_ban'];

if( $row['allow_mail'] ) {

if ( !$user_group[$member_id['user_group']]['allow_feed'] AND $row['user_group'] != 1 )
$tpl->set( '{email}', $lang['news_mail'], $output );
else
$tpl->set( '{email}', "<a href=\"$PHP_SELF?do=feedback&user=$row[user_id]\">" . $lang['news_mail'] . "</a>" );


} else {

$tpl->set( '{email}', $lang['news_mail'], $output );

}

if ( $user_group[$member_id['user_group']]['allow_pm'] )
$tpl->set( '{pm}', "<a href=\"$PHP_SELF?do=pm&doaction=newpm&user=" . $row['user_id'] . "\">" . $lang['news_pmnew'] . "</a>" );
else
$tpl->set( '{pm}', $lang['news_pmnew'], $output );


if( ! $row['allow_mail'] ) $mailbox = "checked";
else $mailbox = "";

if( $row['foto'] and (file_exists( ROOT_DIR . "/uploads/fotos/" . $row['foto'] )) ) $tpl->set( '{foto}', $config['http_home_url'] . "uploads/fotos/" . $row['foto'] );
else $tpl->set( '{foto}', "{THEME}/images/noavatar.png" );

$tpl->set( '{hidemail}', "<input type=\"checkbox\" name=\"allow_mail\" value=\"1\" " . $mailbox . " /> " . $lang['news_noamail'] );
$tpl->set( '{usertitle}', stripslashes( $row['name'] ) );
$tpl->set( '{fullname}', stripslashes( $row['fullname'] ) );
$tpl->set( '{icq}', stripslashes( $row['icq'] ) );
$tpl->set( '{land}', stripslashes( $row['land'] ) );
$tpl->set( '{info}', stripslashes( $row['info'] ) );
$tpl->set( '{editmail}', stripslashes( $row['email'] ) );
$tpl->set( '{comm_num}', $row['comm_num'] );
$tpl->set( '{news_num}', $row['news_num'] );
$tpl->set( '{status}', $user_group[$row['user_group']]['group_prefix'].$user_group[$row['user_group']]['group_name'].$user_group[$row['user_group']]['group_suffix'] );
$tpl->set( '{rate}', userrating( $row['name'] ) );
$tpl->set( '{registration}', langdate( "j F Y H:i", $row['reg_date'] ) );
$tpl->set( '{lastdate}', langdate( "j F Y H:i", $row['lastdate'] ) );

if( $user_group[$row['user_group']]['icon'] ) $tpl->set( '{group-icon}', "<img src=\"" . $user_group[$row['user_group']]['icon'] . "\" border=\"0\" />" );
else $tpl->set( '{group-icon}', "" );

if( $is_logged and $user_group[$row['user_group']]['time_limit'] and ($member_id['user_id'] == $row['user_id'] or $member_id['user_group'] < 3) ) {

$tpl->set_block( "'\\[time_limit\\](.*?)\\[/time_limit\\]'si", "\\1" );

if( $row['time_limit'] ) {

$tpl->set( '{time_limit}', langdate( "j F Y H:i", $row['time_limit'] ) );

} else {

$tpl->set( '{time_limit}', $lang['no_limit'] );

}

} else {

$tpl->set_block( "'\\[time_limit\\](.*?)\\[/time_limit\\]'si", "" );

}

$_IP = $db->safesql( $_SERVER['REMOTE_ADDR'] );

$tpl->set( '{ip}', $_IP );
$tpl->set( '{allowed-ip}', stripslashes( str_replace( "|", "\n", $row['allowed_ip'] ) ) );
$tpl->set( '{editinfo}', $parse->decodeBBCodes( $row['info'], false ) );

if( $user_group[$row['user_group']]['allow_signature'] ) $tpl->set( '{editsignature}', $parse->decodeBBCodes( $row['signature'], false ) );
else $tpl->set( '{editsignature}', $lang['sig_not_allowed'] );

if( $row['comm_num'] ) {

$tpl->set( '{comments}', "<a href=\"$PHP_SELF?do=lastcomments&userid=" . $row['user_id'] . "\">" . $lang['last_comm'] . "</a>" );

} else {

$tpl->set( '{comments}', $lang['last_comm'] );

}

if( $row['news_num'] ) {

if( $config['allow_alt_url'] == "yes" ) {

$tpl->set( '{news}', "<a href=\"" . $config['http_home_url'] . "user/" . urlencode( $row['name'] ) . "/news/" . "\">" . $lang['all_user_news'] . "</a>" );
$tpl->set( '[rss]', "<a href=\"" . $config['http_home_url'] . "user/" . urlencode( $row['name'] ) . "/rss.xml" . "\" title=\"" . $lang['rss_user'] . "\">" );
$tpl->set( '[/rss]', "</a>" );

} else {

$tpl->set( '{news}', "<a href=\"" . $PHP_SELF . "?subaction=allnews&user=" . urlencode( $row['name'] ) . "\">" . $lang['all_user_news'] . "</a>" );
$tpl->set( '[rss]', "<a href=\"engine/rss.php?subaction=allnews&user=" . urlencode( $row['name'] ) . "\" title=\"" . $lang['rss_user'] . "\">" );
$tpl->set( '[/rss]', "</a>" );
}
} else {

$tpl->set( '{news}', $lang['all_user_news'] );
$tpl->set_block( "'\\[rss\\](.*?)\\[/rss\\]'si", "" );

}

if( $row['signature'] and $user_group[$row['user_group']]['allow_signature'] ) {

$tpl->set_block( "'\\[signature\\](.*?)\\[/signature\\]'si", "\\1" );
$tpl->set( '{signature}', stripslashes( $row['signature'] ) );

} else {

$tpl->set_block( "'\\[signature\\](.*?)\\[/signature\\]'si", "" );

}

$xfieldsaction = "list";
$xfieldsadd = false;
$xfieldsid = $row['xfields'];
include (ENGINE_DIR . '/inc/userfields.php');
$tpl->set( '{xfields}', $output );

// Обработка дополнительных полей
$xfieldsdata = xfieldsdataload( $row['xfields'] );

foreach ( $xfields as $value ) {
$preg_safe_name = preg_quote( $value[0], "'" );

if( $value[5] != 1 or ($is_logged and $member_id['user_group'] == 1) or ($is_logged and $member_id['user_id'] == $row['user_id']) ) {
if( empty( $xfieldsdata[$value[0]] ) ) {
$tpl->copy_template = preg_replace( "'\\[xfgiven_{$preg_safe_name}\\](.*?)\\[/xfgiven_{$preg_safe_name}\\]'is", "", $tpl->copy_template );
} else {
$tpl->copy_template = preg_replace( "'\\[xfgiven_{$preg_safe_name}\\](.*?)\\[/xfgiven_{$preg_safe_name}\\]'is", "\\1", $tpl->copy_template );
}
$tpl->copy_template = preg_replace( "'\\[xfvalue_{$preg_safe_name}\\]'i", stripslashes( $xfieldsdata[$value[0]] ), $tpl->copy_template );
} else {
$tpl->copy_template = preg_replace( "'\\[xfgiven_{$preg_safe_name}\\](.*?)\\[/xfgiven_{$preg_safe_name}\\]'is", "", $tpl->copy_template );
$tpl->copy_template = preg_replace( "'\\[xfvalue_{$preg_safe_name}\\]'i", "", $tpl->copy_template );
}
}
// Обработка дополнительных полей


if( $is_logged and ($member_id['user_id'] == $row['user_id'] or $member_id['user_group'] == 1) ) {
$tpl->set( '{edituser}', "[ <a href=\"javascript:ShowOrHide('options')\">" . $lang['news_option'] . "</a> ]" );
$tpl->set( '[not-logged]', "" );
$tpl->set( '[/not-logged]', "" );
} else {
$tpl->set( '{edituser}', "" );
$tpl->set_block( "'\\[not-logged\\](.*?)\\[/not-logged\\]'si", "<!-- profile -->" );
}

if( $config['allow_alt_url'] == "yes" ) $link_profile = $config['http_home_url'] . "user/" . urlencode( $row['name'] ) . "/";
else $link_profile = $PHP_SELF . "?subaction=userinfo&user=" . urlencode( $row['name'] );

if( $is_logged and ($member_id['user_id'] == $row['user_id'] or $member_id['user_group'] == 1) ) {
$tpl->copy_template = "<form method=\"post\" name=\"userinfo\" id=\"userinfo\" enctype=\"multipart/form-data\" action=\"{$link_profile}\">" . $tpl->copy_template . "
<input type=\"hidden\" name=\"doaction\" value=\"adduserinfo\" />
<input type=\"hidden\" name=\"id\" value=\"{$row['user_id']}\" />
<input type=\"hidden\" name=\"dle_allow_hash\" value=\"{$dle_login_hash}\" />
</form>";
}

$tpl->compile( 'content' );

}

$tpl->clear();
$db->free( $sql_result );

if( $user_found == FALSE ) {
$allow_active_news = false;
msgbox( $lang['all_err_1'], $lang['news_err_26'] );
}
?>

Link to comment
Share on other sites

  • 0

Мне нужен отдельный макет, а userinfo.tpl на main.tpl держится.

Что бы профиль юзера переходился к примеру по такой ссылке: http://website/profil.php!

И был свой отдельный шаблон!

Edited by 7hp
Link to comment
Share on other sites

  • 0

Вроде бы нет. Надо писать с нуля вроде бы

Можно создавать "Статические страницы"

А может в index.php поставить условие при котором бы менялось

$tpl->load_template ( 'main.tpl' );

либо

$tpl->load_template ( 'new_main.tpl' );

?

Link to comment
Share on other sites

  • 0

А все, получилось. Теперь другая бы помощь не помешало бы, проблема такова:

На двигателях dle есть тэги, в моем случает: {login} его шаблон login.tpl, как мне создать точно такой же мод, и со своим же шаблоном, но с другим вызывающим тэгом, к примеру: {login2} или {loginuser}, что бы был свой tpl.

Вот login.tpl:

[not-group=5]
<ul class="reset loginbox">
<li class="lvsep"><a id="loginlink" href="#">Привет, {login}!</a></li>
<li class="loginbtn"><a href="{logout-link}"><b>Выход</b></a></li>
</ul>
<div style="display: none;" id="logindialog" title="{login}">
<div class="userinfo">
<div class="lcol">
<div style="margin: 0" class="avatar"><a href="{profile-link}"><img src="{foto}" alt="{login}" /></a></div>
</div>
<div class="rcol">
<ul class="reset">
[admin-link]<li><a href="{admin-link}" target="_blank"><b>Админпанель</b></a></li>[/admin-link]
<li><a href="{addnews-link}"><b>Добавить новость</b></a></li>
<li><a href="{pm-link}">Сообщения: ({new-pm} | {all-pm})</a></li>
<li><a href="{profile-link}">Мой профиль</a></li>
<li><a href="{favorites-link}">Мои закладки</a></li>
<li><a href="{stats-link}">Статистика</a></li>
</ul>
</div>
<div class="clr"></div>
</div>
</div>
[/not-group]
[group=5]
<ul class="reset loginbox">
<li class="lvsep"><a href="{registration-link}">Регистрация</a></li>
<li class="loginbtn"><a id="loginlink" href="#"><b>Войти</b></a></li>
</ul>
<div style="display: none;" id="logindialog" title="Авторизация">
<form method="post" action="">
<div class="logform">
<ul class="reset">
<li class="lfield"><label for="login_name">Имя:</label><br /><input type="text" name="login_name" id="login_name" /></li>
<li class="lfield lfpas"><label for="login_password">Пароль (<a href="{lostpassword-link}">Забыли?</a>):</label><br /><input type="password" name="login_password" id="login_password" /></li>
<li class="lbtn"><button class="fbutton" onclick="submit();" type="submit" title="Войти"><span>Войти</span></button></li>
</ul>
<input name="login" type="hidden" id="login" value="submit" />
</div>
</form>
</div>
[/group]

Вот loginsite.php:

<?php
/*
=====================================================
DataLife Engine - by SoftNews Media Group
—————————————————--
http://dle-news.ru/
—————————————————--
Copyright (c) 2004,2011 SoftNews Media Group
=====================================================
Данный код защищен авторскими правами
=====================================================
Файл: sitelogin.php
—————————————————--
Назначение: авторизация посетителей на сайте
=====================================================
*/

if( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}

$_IP = $db->safesql( $_SERVER['REMOTE_ADDR'] );
$dle_login_hash = "";
$allow_login = true;

if( isset( $_REQUEST['action'] ) and $_REQUEST['action'] == "logout" ) {

$dle_user_id = "";
$dle_password = "";
set_cookie( "dle_user_id", "", 0 );
set_cookie( "dle_name", "", 0 );
set_cookie( "dle_password", "", 0 );
set_cookie( "dle_skin", "", 0 );
set_cookie( "dle_newpm", "", 0 );
set_cookie( "dle_hash", "", 0 );
set_cookie( session_name(), "", 0 );
@session_destroy();
@session_unset();
$is_logged = 0;

header( "Location: {$_SERVER['PHP_SELF']}" );
die();
}

$is_logged = 0;
$member_id = array ();

if( isset( $_POST['login'] ) and $_POST['login'] == "submit" ) {

$_POST['login_name'] = $db->safesql( $_POST['login_name'] );
$_POST['login_password'] = @md5( $_POST['login_password'] );

if ($config['login_log']) $allow_login = check_allow_login ($_IP, $config['login_log']);

if( !preg_match( "/[\||\'|\<|\>|\"|\!|\?|\$|\@|\/|\\\|\&\~\*\+]/", $_POST['login_name']) AND $allow_login) {

$member_id = $db->super_query( "SELECT * FROM " . USERPREFIX . "_users where name='{$_POST['login_name']}' and password='" . md5( $_POST['login_password'] ) . "'" );

if( $member_id['user_id'] ) {

set_cookie( "dle_user_id", $member_id['user_id'], 365 );
set_cookie( "dle_password", $_POST['login_password'], 365 );

$_SESSION['dle_user_id'] = $member_id['user_id'];
$_SESSION['dle_password'] = $_POST['login_password'];
$_SESSION['member_lasttime'] = $member_id['lastdate'];

$dle_login_hash = md5( strtolower( $_SERVER['HTTP_HOST'] . $member_id['name'] . sha1($_POST['login_password']) . $config['key'] . date( "Ymd" ) ) );

if( $config['log_hash'] ) {

$salt = "abchefghjkmnpqrstuvwxyz0123456789";
$hash = '';
srand( ( double ) microtime() * 1000000 );

for($i = 0; $i < 9; $i ++) {
$hash .= $salt{rand( 0, 33 )};
}

$hash = md5( $hash );

$db->query( "UPDATE " . USERPREFIX . "_users set hash='" . $hash . "', lastdate='{$_TIME}', logged_ip='" . $_IP . "' WHERE user_id='$member_id[user_id]'" );

set_cookie( "dle_hash", $hash, 365 );

$_COOKIE['dle_hash'] = $hash;
$member_id['hash'] = $hash;

} else
$db->query( "UPDATE LOW_PRIORITY " . USERPREFIX . "_users set lastdate='{$_TIME}', logged_ip='" . $_IP . "' WHERE user_id='$member_id[user_id]'" );

$is_logged = TRUE;
}
}

} elseif( isset( $_SESSION['dle_user_id'] ) AND intval( $_SESSION['dle_user_id'] ) > 0 AND $_SESSION['dle_password'] ) {

$member_id = $db->super_query( "SELECT * FROM " . USERPREFIX . "_users WHERE user_id='" . intval( $_SESSION['dle_user_id'] ) . "'" );

if( $member_id['password'] == md5( $_SESSION['dle_password'] ) ) {

$is_logged = TRUE;
$dle_login_hash = md5( strtolower( $_SERVER['HTTP_HOST'] . $member_id['name'] . sha1($_SESSION['dle_password']) . $config['key'] . date( "Ymd" ) ) );

} else {

$member_id = array ();
$is_logged = false;
if ($config['login_log']) $db->query( "INSERT INTO " . PREFIX . "_login_log (ip, count, date) VALUES('{$_IP}', '0', '".time()."') ON DUPLICATE KEY UPDATE count=count+1, date='".time()."'" );
}

} elseif( isset( $_COOKIE['dle_user_id'] ) AND intval( $_COOKIE['dle_user_id'] ) > 0 ) {

if ($config['login_log']) $allow_login = check_allow_login ($_IP, $config['login_log']);

if ( $allow_login ) {

$member_id = $db->super_query( "SELECT * FROM " . USERPREFIX . "_users WHERE user_id='" . intval( $_COOKIE['dle_user_id'] ) . "'" );

if( $member_id['password'] == md5( $_COOKIE['dle_password'] ) ) {

$is_logged = TRUE;
$dle_login_hash = md5( strtolower( $_SERVER['HTTP_HOST'] . $member_id['name'] . sha1($_COOKIE['dle_password']) . $config['key'] . date( "Ymd" ) ) );

$_SESSION['dle_user_id'] = $member_id['user_id'];
$_SESSION['dle_password'] = $_COOKIE['dle_password'];

} else {

$member_id = array ();
$is_logged = false;
if ($config['login_log']) $db->query( "INSERT INTO " . PREFIX . "_login_log (ip, count, date) VALUES('{$_IP}', '0', '".time()."') ON DUPLICATE KEY UPDATE count=count+1, date='".time()."'" );

}

if( $config['log_hash'] and (($_COOKIE['dle_hash'] != $member_id['hash']) or ($member_id['hash'] == "")) ) {

$member_id = array ();
$is_logged = false;

}

}

}

if( isset( $_POST['login'] ) and !$is_logged AND $allow_login) {

if ($config['login_log']) $db->query( "INSERT INTO " . PREFIX . "_login_log (ip, count, date) VALUES('{$_IP}', '0', '".time()."') ON DUPLICATE KEY UPDATE count=count+1, date='".time()."'" );

msgbox( $lang['login_err'], $lang['login_err_1'] );
}

if ( !$allow_login ) {
msgbox( $lang['login_err'], $lang['login_err_2'] );
}

if( $is_logged ) {

if( !$_SESSION['member_lasttime'] ) {

$_SESSION['member_lasttime'] = $member_id['lastdate'];

if( ($member_id['lastdate'] + (3600 * 4)) < $_TIME ) {

$db->query( "UPDATE LOW_PRIORITY " . USERPREFIX . "_users SET lastdate='{$_TIME}' where user_id='$member_id[user_id]'" );

}
}

if( ! allowed_ip( $member_id['allowed_ip'] ) ) {

$is_logged = 0;

msgbox( $lang['login_err'], $lang['ip_block_login'] );

}

if( $config['ip_control'] == '2' and ! check_netz( $member_id['logged_ip'], $_IP ) and ! isset( $_POST['login'] ) ) $is_logged = 0;
elseif( $config['ip_control'] == '1' and $user_group[$member_id['user_group']]['allow_admin'] and ! check_netz( $member_id['logged_ip'], $_IP ) and ! isset( $_POST['login'] ) ) $is_logged = 0;

}

if( !$is_logged ) {

$member_id = array ();
set_cookie( "dle_user_id", "", 0 );
set_cookie( "dle_password", "", 0 );
set_cookie( "dle_hash", "", 0 );
$_SESSION['dle_user_id'] = 0;
$_SESSION['dle_password'] = "";

}
?>

Link to comment
Share on other sites

  • 0

ох, ну у вас и портянки, уважаемый. если бы вы перед тем как пытаться модифицировать чужую работоспособную систему (DLE, между прочим платную) удосужились хотя бы немного освоить язык на котором она написана, избежали бы этих проблем.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. See more about our Guidelines and Privacy Policy