как реализовать регистрацию

[silicium]

есть файл smf_api.php

пытаюсь с ним реализовать регистрацию

использую

smf_setLoginCookie(60*60*24, $login, $pass, true);

когда правильный логин выдает всегда правду (а на пароль ему просто нас рать)

что-то не так делаю?

[vooon]

Вот как сделано у меня:

Код Выделить Развернуть


$user_info = smf_GetUserInfo($smf_user_info['ID_MEMBER'], 'id');



if (isset($_REQUEST['hash_passwrd']) && strlen($_REQUEST['hash_passwrd']) == 40) {

if ($_REQUEST['hash_passwrd'] == sha1($user_info['passwd'] . $_SESSION['rand_code'])){

// Юзер вошел

smf_LoginByName($user_info['memberName'], $cookielength);

smf_setLoginCookie2(60 * $smf_settings['cookieTime'], $user_info['ID_MEMBER'], sha1($user_info['passwd'] . $user_info['passwordSalt']));
// ..........................
}
}


Вот функции в smf_api.php , в него я внес очень много изменений. sha1 осталась прежней.

smf_GetUserInfo

Код Выделить Развернуть


function smf_GetUserInfo($ID, $how)
{
global $smf_connection, $smf_settings, $smf_user_info;

if (!$smf_connection)
return false;
$ID = mysql_real_escape_string($ID);
if ($how==='id')
$request = smf_query("
SELECT *
FROM $smf_settings[db_prefix]members
WHERE ID_MEMBER = '$ID'
LIMIT 1", __FILE__, __LINE__);
elseif ($how==='name')
$request = smf_query("
SELECT *
FROM $smf_settings[db_prefix]members
WHERE memberName = '$ID'
LIMIT 1", __FILE__, __LINE__);
else return false;

if (mysql_num_rows($request) != 0) {
$user_info = mysql_fetch_assoc($request);
mysql_free_result($request);
return $user_info;
} else {
mysql_free_result($request);
return false;



smf_LoginByName

Код Выделить Развернуть


function smf_LoginByName($username, $cookieLength = 3600){
global $user_ip, $smf_connection, $smf_settings;

// enable binary look up for MODx workaround - Raymond
$binaryLookup = !empty($smf_settings['reserveCase']) ?  'BINARY':'';

     $sql = "SELECT *
          FROM $smf_settings[db_prefix]members
          WHERE $binaryLookup memberName = '".mysql_escape_string($username)."'
          LIMIT 1";
     $request = smf_query($sql, __FILE__, __LINE__);
     
$lastLogin = time();
smf_query("
UPDATE $smf_settings[db_prefix]members
SET lastLogin='$lastLogin', memberIP='$user_ip'
WHERE memberName = '".mysql_escape_string($username)."'
        LIMIT 1", __FILE__, __LINE__);
     smf_query("
DELETE FROM $smf_settings[db_prefix]log_online
WHERE session = 'ip$user_ip'
LIMIT 1", __FILE__, __LINE__);
$_SESSION['log_time'] = 0;
return;
}


smf_setLoginCookie2

Код Выделить Развернуть


function smf_setLoginCookie2($cookie_length, $id, $password = '', $encrypted = true)
{
global $smf_connection, $smf_settings;

// enable binary look up for MODx workaround - Raymond
$binaryLookup = !empty($smf_settings['reserveCase']) ? 'BINARY':'';

// The $id is not numeric; it's probably a username.
if (!is_integer($id))
{
if (!$smf_connection)
return false;

// Save for later use.
$username = $id;

$result = smf_query("
SELECT ID_MEMBER
FROM $smf_settings[db_prefix]members
WHERE $binaryLookup memberName = '$username'
LIMIT 1", __FILE__, __LINE__);
list ($id) = mysql_fetch_row($result);
mysql_free_result($result);

// It wasn't found, after all?
if (empty($id))
{
$id = (int) $username;
unset($username);
}
}

// Oh well, I guess it just was not to be...
if (empty($id))
return false;

// The password isn't encrypted, do so.
if (!$encrypted)
{
if (!$smf_connection)
return false;

$result = smf_query("
SELECT memberName, passwordSalt
FROM $smf_settings[db_prefix]members
WHERE ID_MEMBER = '" . (int) $id . "'
LIMIT 1", __FILE__, __LINE__);
list ($username, $salt) = mysql_fetch_row($result);
mysql_free_result($result);

if (empty($username))
return false;

$password = sha1(sha1(strtolower($username) . $password) . $salt);
}

// The cookie may already exist, and have been set with different options.
$cookie_state = (empty($smf_settings['localCookies']) ? 0 : 1) | (empty($smf_settings['globalCookies']) ? 0 : 2);
if (isset($_COOKIE[$smf_settings['cookiename']]))
{
$array = @unserialize($_COOKIE[$smf_settings['cookiename']]);

if (isset($array[3]) && $array[3] != $cookie_state)
{
$parsed_url = smf_cookie_url($array[3] & 1 > 0, $array[3] & 2 > 0);
setcookie($smf_settings['cookiename'], serialize(array(0, '', 0)), time() - 3600, $parsed_url['path'] . '/', $parsed_url['host'], 0);
}
}

// Get the data and path to set it on.
$data = serialize(empty($id) ? array(0, '', 0) : array($id, $password, time() + $cookie_length));
$parsed_url = smf_cookie_url(!empty($smf_settings['localCookies']), !empty($smf_settings['globalCookies']));

// Set the cookie, $_COOKIE, and session variable.
setcookie($smf_settings['cookiename'], $data, time() + $cookie_length, $parsed_url['path'] . '/', $parsed_url['host'], 0);
$_COOKIE[$smf_settings['cookiename']] = $data;
$_SESSION['login_' . $smf_settings['cookiename']] = $data;

// set sub domain independent cookie if globalCookies is on - mod by Raymond
if(!empty($smf_settings['globalCookies'])) {
setcookie($smf_settings['cookiename'], $data, time() + $cookie_length, $parsed_url['path'] . '/', '', 0);
}

return true;
}