cotonti.com : Авторизация и Кукисы https://www.cotonti.com Son konu mesajları Cotonti en Mon, 13 Apr 2026 18:02:02 -0000 IIIyT Спасибо.Попробую

]]> Pzt, 14 Mar 2011 20:33:12 -0000 Trustmaster А если в datas/config.php поменять:

$cfg['ipcheck'] = FALSE;

]]> Pzt, 14 Mar 2011 18:22:54 -0000 IIIyT Доброго времени суток.

С давних пор пользуюсь Котонтиевским двиглом.И по сути возник трабл с вылетами. При работе на локалке Авторизация спокойно дружит с Куки и помнит столько, сколько требуется. Выгружаю на хостинг(hostlife.net) и авторизация попросту умирает. Такое ощущение что куки попросту невоспрнимается. 

Вот код из авторизации(users.auth.inc):

if ($a=='check')
{
sed_shield_protect();

/* === Hook for the plugins === */
$extp = sed_getextplugins('users.auth.check');
if (is_array($extp))
{ foreach($extp as $k => $pl) { include_once($cfg['plugins_dir'].'/'.$pl['pl_code'].'/'.$pl['pl_file'].'.php'); } }
/* ===== */

$rusername = sed_import('rusername','P','TXT', 100, TRUE);
$rpassword = sed_import('rpassword','P','PSW', 16, TRUE);
$rcookiettl = sed_import('rcookiettl', 'P', 'INT');
$rremember = sed_import('rremember', 'P', 'BOL');
if(empty($rremember) && $rcookiettl > 0) $rremember = true;
$rmdpass = md5($rpassword);

$sql = sed_sql_query("SELECT user_id, user_maingrp, user_banexpire, user_skin, user_theme, user_lang, user_unban_group FROM $db_users WHERE user_password='$rmdpass' AND user_name='".sed_sql_prep($rusername)."'");

if ($row = sed_sql_fetcharray($sql))
{
if ($row['user_maingrp']==-1)
{
sed_log("Log in attempt, user inactive : ".$rusername, 'usr');
sed_redirect(sed_url('message', 'msg=152', '', true));
exit;
}
if ($row['user_maingrp']==2)
{
sed_log("Log in attempt, user inactive : ".$rusername, 'usr');
sed_redirect(sed_url('message', 'msg=152', '', true));
exit;
}
elseif ($row['user_maingrp']==3)
{
if ($sys['now'] > $row['user_banexpire'] && $row['user_banexpire']>0)
{

$sql = sed_sql_query("UPDATE $db_users SET user_maingrp='".$row['user_unban_group']."' WHERE user_id='".$row['user_id']."'");
}
else
{
sed_log("Log in attempt, user banned : ".$rusername, 'usr');
sed_redirect(sed_url('message', 'msg=153&num='.$row['user_banexpire'], '', true));
exit;
}
}

$ruserid = $row['user_id'];
$rdefskin = $row['user_skin'];
$rdeftheme = $row['user_theme'];

$hashsalt = sed_unique(16);

sed_sql_query("UPDATE $db_users SET user_lastip='{$usr['ip']}', user_lastlog = {$sys['now_offset']}, user_logcount = user_logcount + 1, user_hashsalt = '$hashsalt' WHERE user_id={$row['user_id']}");

$passhash = md5($rmdpass.$hashsalt);
$u = base64_encode($ruserid.':_:'.$passhash);

if($rremember)
{
sed_setcookie($sys['site_id'], $u, time()+$cfg['cookielifetime'], $cfg['cookiepath'], $cfg['cookiedomain'], $sys['secure'], true);
}
else
{
$_SESSION[$sys['site_id']] = $u;
}

$_SESSION['saltstamp'] = $sys['now_offset'];

/* === Hook === */
$extp = sed_getextplugins('users.auth.check.done');
if (is_array($extp))
{ foreach($extp as $k => $pl) { include_once($cfg['plugins_dir'].'/'.$pl['pl_code'].'/'.$pl['pl_file'].'.php'); } }
/* ===== */

$sql = sed_sql_query("DELETE FROM $db_online WHERE online_userid='-1' AND online_ip='".$usr['ip']."' LIMIT 1");
sed_uriredir_apply($cfg['redirbkonlogin']);
sed_uriredir_redirect(empty($redirect) ? sed_url('index') : base64_decode($redirect));
exit;
}
else
{
sed_shield_update(7, "Log in");
sed_log("Log in failed, user : ".$rusername,'usr');
sed_redirect(sed_url('message', 'msg=151', '', true));
exit;
}
}

а вот из common:

$site_id = 'ct'.substr(md5(empty($cfg['site_id']) ? $cfg['mainurl'] : $cfg['site_id']), 0, 16);
$sys['site_id'] = $site_id;

session_start();

if(!empty($_COOKIE[$site_id]) || !empty($_SESSION[$site_id]))
{
$u = empty($_SESSION[$site_id]) ? base64_decode($_COOKIE[$site_id]) : base64_decode($_SESSION[$site_id]);
$u = explode(':_:', $u);
$u_id = (int) sed_import($u[0], 'D', 'INT');
$u_passhash = sed_import($u[1], 'D', 'ALP');
if($u_id > 0)
{
$sql = sed_sql_query("SELECT * FROM $db_users WHERE user_id = $u_id");

if($row = sed_sql_fetcharray($sql))
{
$passhash = md5($row['user_password'].$row['user_hashsalt']);
if(($u_passhash == $passhash
|| ($sys['now_offset'] - $_SESSION['saltstamp'] < 60
&& $u_passhash == $_SESSION['oldhash']))
&& $row['user_maingrp'] > 3
&& ($cfg['ipcheck']==FALSE || $row['user_lastip'] == $usr['ip']))
{
$usr['id'] = (int) $row['user_id'];
$usr['pmnotif'] = $row['user_pmnotif'];
$usr['name'] = $row['user_name'];
$usr['maingrp'] = $row['user_maingrp'];
$usr['lastvisit'] = $row['user_lastvisit'];
$usr['lastlog'] = $row['user_lastlog'];
$usr['timezone'] = $row['user_timezone'];
$usr['skin'] = ($cfg['forcedefaultskin']) ? $cfg['defaultskin'] : $row['user_skin'];
$usr['theme'] = $row['user_theme'];
$usr['lang'] = ($cfg['forcedefaultlang']) ? $cfg['defaultlang'] : $row['user_lang'];
$usr['newpm'] = $row['user_newpm'];
$usr['auth'] = unserialize($row['user_auth']);
$usr['level'] = $sed_groups[$usr['maingrp']]['level'];
$usr['profile'] = $row;
 

if ($usr['lastlog'] + $cfg['timedout'] < $sys['now_offset'])
{
$sys['comingback']= TRUE;
if ($usr['lastlog'] > $usr['lastvisit'])
{
$usr['lastvisit'] = $usr['lastlog'];
$update_lastvisit = ", user_lastvisit = " . $usr['lastvisit'];
}
}

if ($usr['lastlog']+$cfg['timedout'] < $sys['now_offset'])
{
$sys['comingback']= TRUE;
$usr['lastvisit'] = $usr['lastlog'];
$sys['sql_update_lastvisit'] = ", user_lastvisit='".$usr['lastvisit']."'";
}

if(empty($_SESSION['saltstamp']) || $sys['now_offset'] - $_SESSION['saltstamp'] > 60)
{
$usr['auth'] = sed_auth_build($usr['id'], $usr['maingrp']);
$sys['sql_update_auth'] = ", user_auth='".serialize($usr['auth'])."'";
}

if(empty($_COOKIE['sourcekey']))
{
$sys['xk'] = mb_strtoupper(sed_unique(8));
$update_sid = ", user_sid = '{$sys['xk']}'";
sed_setcookie('sourcekey', $sys['xk'], time()+$cfg['cookielifetime'], $cfg['cookiepath'],
$cfg['cookiedomain'], $sys['secure'], true);
}
else
{
$sys['xk'] = $_COOKIE['sourcekey'];
$update_sid = '';
}

sed_sql_query("UPDATE $db_users
SET user_lastlog = {$sys['now_offset']} $update_lastvisit $update_sid $update_hashsalt $update_auth
WHERE user_id='{$usr['id']}'");

unset($u, $passhash, $update_auth, $update_hashsalt, $update_lastvisit, $update_sid);
}
}
}
else
{
$usr['skin'] = sed_import($u[0], 'D', 'ALP');
$usr['theme'] = sed_import($u[1], 'D', 'ALP');
$usr['lang'] = sed_import($u[2], 'D', 'ALP');
}
}

if($usr['id']==0)
{
$usr['auth'] = sed_auth_build(0);
$usr['skin'] = empty($usr['skin']) ? $cfg['defaultskin'] : $usr['skin'];
$usr['theme'] = empty($usr['theme']) ? $cfg['defaulttheme'] : $usr['theme'];
$usr['lang'] = empty($usr['lang']) ? $cfg['defaultlang'] : $usr['lang'];
$sys['xk'] = mb_strtoupper(dechex(crc32($sys['abs_url']))); // Site related key for guests
}

 

Заранее благодарен за любую ценную информацию

З.Ы, где на тулбаре кнопка Спойлера или Кода я ненашёл...

]]> Pzt, 14 Mar 2011 14:57:42 -0000