From 958f1aa3ce0a95f0a1a715b707ecb6f27d378f4e Mon Sep 17 00:00:00 2001 From: Kazuki Przyborowski Date: Thu, 20 Sep 2007 10:50:01 +0000 Subject: [PATCH] Added new function http_set_cookie to use httponly parameter in setcookie now for php below ver. 5 Also updated temp ban code in prelogin. git-svn-id: svn://svn.code.sf.net/p/intdb/svn/trunk@106 2b68903e-0b30-0410-9a39-a2e4f3c5be39 --- inc/misc/functions.php | 22 +++++++++++++++++++++- inc/prelogin.php | 18 +++++++++++++++--- inc/versioninfo.php | 6 +++--- 3 files changed, 39 insertions(+), 7 deletions(-) diff --git a/inc/misc/functions.php b/inc/misc/functions.php index 212011d..e6919f8 100644 --- a/inc/misc/functions.php +++ b/inc/misc/functions.php @@ -11,7 +11,7 @@ Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/ Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/ - $FileInfo: functions.php - Last Update: 08/09/2007 SVN 73 - Author: cooldude2k $ + $FileInfo: functions.php - Last Update: 09/20/2007 SVN 106 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="functions.php"||$File3Name=="/functions.php") { @@ -377,6 +377,26 @@ if(!is_array($search)&&!is_array($replace)) { $search = preg_quote($search, "/"); $subject = preg_replace("/".$search."/i", $replace, $subject); } return $subject; } } +/* Adds httponly to PHP below Ver. 5.2.0 // +// by René Johnson - Cool Dude 2k */ +function http_set_cookie($name,$value=null,$expire=null,$path=null,$domain=null,$secure=false,$httponly=false) { + $mkcookie = null; $expireGMT = null; + if(!isset($name)) { echo "Error: You need to enter a name for cookie."; return false; } + if(!isset($expire)) { echo "Error: You need to enter a time for cookie to expire."; return false; } + $expireGMT = gmdate("D, d-M-Y H:i:s \G\M\T", $expire); + if(!isset($value)) { $value = null; } + if(!isset($httponly)||$httponly==false) { + setcookie($name, $value, $expire, $path, $domain, $secure); return true; } + if(version_compare(PHP_VERSION,"5.2.0",">=")&&$httponly==true) { + setcookie($name, $value, $expire, $path, $domain, $secure, $httponly); return true; } + if(version_compare(PHP_VERSION,"5.2.0","<")&&$httponly==true) { + $mkcookie = "Set-Cookie: ".rawurlencode($name)."=".rawurlencode($value); + $mkcookie = $mkcookie."; expires=".$expireGMT; + if(isset($path)&&$path!=null) { $mkcookie = $mkcookie."; path=".$path; } + if(isset($domain)&&$domain!=null) { $mkcookie = $mkcookie."; domain=".$domain; } + if(isset($secure)&&$secure==true) { $mkcookie = $mkcookie."; secure"; } + if(isset($httponly)&&$httponly==true) { $mkcookie = $mkcookie."; HttpOnly"; } +header($mkcookie, false); return true; } } $foobar="fubar"; $$foobar="foobar"; // Debug info function dump_included_files() { return var_dump(get_included_files()); } diff --git a/inc/prelogin.php b/inc/prelogin.php index 62de887..d653631 100644 --- a/inc/prelogin.php +++ b/inc/prelogin.php @@ -11,7 +11,7 @@ Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/ Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/ - $FileInfo: prelogin.php - Last Update: 09/16/2007 SVN 104 - Author: cooldude2k $ + $FileInfo: prelogin.php - Last Update: 09/20/2007 SVN 106 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="prelogin.php"||$File3Name=="/prelogin.php") { @@ -28,12 +28,24 @@ $YourPassAM=mysql_result($resultlog2,0,"Password"); $gquery = query("SELECT * FROM `".$Settings['sqltable']."groups` WHERE `id`=%i", array($YourGroupAM)); $gresult=mysql_query($gquery); $YourGroupAM=mysql_result($gresult,0,"Name"); -@mysql_free_result($gresult); +@mysql_free_result($gresult); $BanError = null; $YourTimeZoneAM=mysql_result($resultlog2,0,"TimeZone"); $UseThemeAM=mysql_result($resultlog2,0,"UseTheme"); $YourDSTAM=mysql_result($resultlog2,0,"DST"); +$YourBanTime=mysql_result($resultlog2,0,"BanTime"); +if($YourBanTime!=0&&$YourBanTime!=null) { +$CMonth = GMTimeGet("m",$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']); +$CDay = GMTimeGet("d",$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']); +$CYear = GMTimeGet("Y",$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']); +$BMonth = GMTimeChange("m",$YourBanTime,$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']); +$BDay = GMTimeChange("d",$YourBanTime,$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']); +$BYear = GMTimeChange("Y",$YourBanTime,$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']); +if($BYear<$CYear) { $BanError = "yes"; } +if($BYear<=$CYear&&$BMonth<$CMonth&&$BanError!="yes") { $BanError = "yes"; } +if($BYear<=$CYear&&$BMonth<=$CMonth&&$BDay<=$CDay&&$BanError!="yes") { $BanError = "yes"; } } $NewDay=GMTimeStamp(); $NewIP=$_SERVER['REMOTE_ADDR']; +if($BanError!="yes") { $queryup = query("UPDATE `".$Settings['sqltable']."members` SET `LastActive`=%i,`IP`='%s' WHERE `id`=%i", array($NewDay,$NewIP,$YourIDAM)); $_SESSION['Theme']=$UseThemeAM; $_SESSION['MemberName']=$_COOKIE['MemberName']; @@ -55,7 +67,7 @@ if($cookieSecure==false) { @setcookie("MemberName", $YourNameM, time() + (7 * 86400), $basedir, $cookieDomain); @setcookie("UserID", $YourIDAM, time() + (7 * 86400), $basedir, $cookieDomain); @setcookie("SessPass", $YourPassAM, time() + (7 * 86400), $basedir, $cookieDomain); } } -} if($numlog2<=0||$numlog2>1) { @session_unset(); +} } if($numlog2<=0||$numlog2>1||$BanError=="yes") { @session_unset(); if($cookieDomain==null) { @setcookie("MemberName", null, GMTimeStamp() - 3600, $basedir); @setcookie("UserID", null, GMTimeStamp() - 3600, $basedir); diff --git a/inc/versioninfo.php b/inc/versioninfo.php index dc8047f..edf5590 100644 --- a/inc/versioninfo.php +++ b/inc/versioninfo.php @@ -11,7 +11,7 @@ Copyright 2004-2007 Cool Dude 2k - http://intdb.sourceforge.net/ Copyright 2004-2007 Game Maker 2k - http://upload.idb.s1.jcink.com/ - $FileInfo: versioninfo.php - Last Update: 09/19/2007 SVN 105 - Author: cooldude2k $ + $FileInfo: versioninfo.php - Last Update: 09/20/2007 SVN 106 - Author: cooldude2k $ */ $File3Name = basename($_SERVER['SCRIPT_NAME']); if ($File3Name=="versioninfo.php"||$File3Name=="/versioninfo.php") { @@ -27,8 +27,8 @@ function version_info($proname,$subver,$ver,$supver,$reltype,$svnver,$showsvn) { return $return_var; } // Version number and date stuff. :P $VER1[0] = 0; $VER1[1] = 2; $VER1[2] = 0; $VERFull[1] = $VER1[0].".".$VER1[1].".".$VER1[2]; -$VER2[0] = "Pre-Alpha"; $VER2[1] = "PA"; $VER2[2] = "SVN"; $SubVerN = 105; $RName = "iDB"; $SFName = "IntDB"; -$SVNDay[0] = 09; $SVNDay[1] = 19; $SVNDay[2] = 2007; $SVNDay[3] = $SVNDay[0]."/".$SVNDay[1]."/".$SVNDay[2]; +$VER2[0] = "Pre-Alpha"; $VER2[1] = "PA"; $VER2[2] = "SVN"; $SubVerN = 106; $RName = "iDB"; $SFName = "IntDB"; +$SVNDay[0] = 09; $SVNDay[1] = 20; $SVNDay[2] = 2007; $SVNDay[3] = $SVNDay[0]."/".$SVNDay[1]."/".$SVNDay[2]; $VerInfo['iDB_Ver'] = version_info($RName,$VER1[0],$VER1[1],$VER1[2],$VER2[1],$SubVerN,false); $VerInfo['iDB_Ver_SVN'] = version_info($RName,$VER1[0],$VER1[1],$VER1[2],$VER2[1],$SubVerN,true); $VerInfo['iDB_Full_Ver'] = version_info($RName,$VER1[0],$VER1[1],$VER1[2],$VER2[0],$SubVerN,false); -- 2.11.0