$v) { if (is_array($v)) { $array[$k] = add_magic_quotes($v); } else { $array[$k] = addslashes($v); } } return $array; } } if (!get_magic_quotes_gpc()) { $_GET = add_magic_quotes($_GET); $_POST = add_magic_quotes($_POST); $_COOKIE = add_magic_quotes($_COOKIE); } $wpvarstoreset = array('action','mode','error','text','popupurl','popuptitle'); for ($i = 0; $i < count($wpvarstoreset); $i = $i + 1) { $wpvar = $wpvarstoreset[$i]; if (!isset($$wpvar)) { if (empty($_POST["$wpvar"])) { if (empty($_GET["$wpvar"])) { $$wpvar = ''; } else { $$wpvar = $_GET["$wpvar"]; } } else { $$wpvar = $_POST["$wpvar"]; } } } switch($action) { case 'logout': setcookie('wordpressuser_'.$cookiehash, " ", time() - 31536000, COOKIEPATH); setcookie('wordpresspass_'.$cookiehash, " ", time() - 31536000, COOKIEPATH); header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); if ($is_IIS) { header('Refresh: 0;url=wp-login.php'); } else { header('Location: wp-login.php'); } exit(); break; case 'login': if(!empty($_POST)) { $log = $_POST['log']; $pwd = $_POST['pwd']; $redirect_to = $_POST['redirect_to']; } $user = get_userdatabylogin($log); if (0 == $user->user_level) { $redirect_to = get_settings('siteurl') . '/wp-admin/profile.php'; } function login() { global $wpdb, $log, $pwd, $error, $user_ID; global $pass_is_md5; $user_login = &$log; $pwd = md5($pwd); $password = &$pwd; if (!$user_login) { $error = __('Error: the login field is empty.'); return false; } if (!$password) { $error = __('Error: the password field is empty.'); return false; } $query = "SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '$user_login' AND user_pass = '$password'"; $login = $wpdb->get_row($query); if (!$login) { $error = __('Error: wrong login or password.'); $pwd = ''; return false; } else { $user_ID = $login->ID; if (($pass_is_md5 == 0 && $login->user_login == $user_login && $login->user_pass == $password) || ($pass_is_md5 == 1 && $login->user_login == $user_login && $login->user_pass == md5($password))) { return true; } else { $error = __('Error: wrong login or password.'); $pwd = ''; return false; } } } if (!login()) { header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); if ($is_IIS) { header('Refresh: 0;url=wp-login.php'); } else { header('Location: wp-login.php'); } exit(); } else { $user_login = $log; $user_pass = $pwd; setcookie('wordpressuser_'.$cookiehash, $user_login, time() + 31536000, COOKIEPATH); setcookie('wordpresspass_'.$cookiehash, md5($user_pass), time() + 31536000, COOKIEPATH); header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); switch($mode) { case 'bookmarklet': $location = "wp-admin/bookmarklet.php?text=$text&popupurl=$popupurl&popuptitle=$popuptitle"; break; case 'sidebar': $location = "wp-admin/sidebar.php?text=$text&popupurl=$popupurl&popuptitle=$popuptitle"; break; case 'profile': $location = "wp-admin/profile.php?text=$text&popupurl=$popupurl&popuptitle=$popuptitle"; break; default: $location = "$redirect_to"; break; } if ($is_IIS) { header("Refresh: 0;url=$location"); } else { header("Location: $location"); } } break; case 'lostpassword': ?>
$error
\n";
echo "
Click here to login!
') ?>