Cool_Tools/vichan
1
0
Fork 0
mirror of https://github.com/vichan-devel/vichan.git synced 2025-02-17 11:28:41 +01:00
Code Releases Wiki Activity

Merge branch 'master' of github.com:vichan-devel/Tinyboard into beta

Browse Source
This commit is contained in:
Marcin Łabanowski 2013-01-29 14:32:03 +01:00
commit 7d08d89a54
3 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
inc/mod/auth.php
View File

@ -49,7 +49,7 @@ function login($username, $password, $makehash=true) {
'username' => $username,
'hash' => mkhash($username, $password),
'boards' => explode(',', $user['boards'])
);
);
} else return false;
}
@ -108,7 +108,7 @@ if (isset($_COOKIE[$config['cookies']['mod']])) {
$user = $query->fetch();
// validate password hash
if ($cookie[1] != mkhash($cookie[0], $user['password'], $cookie[2])) {
if ($cookie[1] !== mkhash($cookie[0], $user['password'], $cookie[2])) {
// Malformed cookies
destroyCookies();
error($config['error']['malformed']);

7
inc/mod/pages.php
View File

@ -28,7 +28,7 @@ function mod_page($title, $template, $args, $subtitle = false) {
);
}
function mod_login() {
function mod_login($redirect = false) {
global $config;
$args = array();
@ -49,7 +49,10 @@ function mod_login() {
// Set cookies
setCookies();
header('Location: ?/', true, $config['redirect_http']);
if ($redirect)
header('Location: ?' . $redirect, true, $config['redirect_http']);
else
header('Location: ?/', true, $config['redirect_http']);
}
}

4
mod.php
View File

@ -61,7 +61,7 @@ $pages = array(
'/ban' => 'secure_POST ban', // new ban
'/([\w+.]+)/ban(&delete)?/(\d+)' => 'secure_POST ban_post', // ban poster
'/([\w+.]+)/move/(\d+)' => 'secure_POST move', // move thread
'/([\w+.])/edit(_raw)?/(\d+)' => 'secure_POST edit_post', // edit post
'/([\w+.]+)/edit(_raw)?/(\d+)' => 'secure_POST edit_post', // edit post
'/([\w+.]+)/delete/(\d+)' => 'secure delete', // delete post
'/([\w+.]+)/deletefile/(\d+)' => 'secure deletefile', // delete file from post
'/([\w+.]+)/deletebyip/(\d+)(/global)?' => 'secure deletebyip', // delete all posts by IP address
@ -93,7 +93,7 @@ $pages = array(
if (!$mod) {
$pages = array('!!' => 'login');
$pages = array('!^(.+)?$!' => 'login');
} elseif (isset($_GET['status'], $_GET['r'])) {
header('Location: ' . $_GET['r'], true, (int)$_GET['status']);
exit;