Remember location when logging in.

[Ensiferous]

find:

Code Select Expand


if (isset($_SESSION['old_url']) && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0)
$_SESSION['login_url'] = $_SESSION['old_url'];
else
unset($_SESSION['login_url']);


replace:

Code Select Expand


if (isset($_SESSION['old_url']))
$_SESSION['login_url'] = $_SESSION['old_url'];
else
unset($_SESSION['login_url']);


[mvandemar]

Ok, I've done the following 2 changes... in Login() I modified it as such:

Code Select Expand

//if (isset($_SESSION['old_url']) && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0)
if (isset($_SESSION['old_url']))
$_SESSION['login_url'] = $_SESSION['old_url'];
else
unset($_SESSION['login_url']);


And in Login2() (which does not have the "else unset" bit, so pretty sure that wouldn't be it anyways) I now have:

Code Select Expand


//if (empty($_SESSION['login_url']) && isset($_SESSION['old_url']) && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0)
if (empty($_SESSION['login_url']))
$_SESSION['login_url'] = $_SESSION['old_url'];


In the page I am trying to allow login from, before displaying the form or logout link (depending on logged in status):

Code Select Expand


require_once("forums/smf_api.php");
smf_authenticateUser();
smf_loadSession();
$_SESSION['logout_url'] = "http://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"];
$_SESSION['login_url'] = "http://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"];
$_SESSION['old_url'] = "http://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"];


Logging out works just fine, but logging in still lands me on the forum index page, and not the page they logged in from.

Suggestions?

Thanks.

-Michael

[H]

mvandemar, do you still require help with this?

[mvandemar]

mvandemar, do you still require help with this?

Still discussing it here, actually:

http://www.simplemachines.org/community/index.php?topic=210667.0

Although for my own purposes I am achieving the same effect by using a non-smf cookie to hold the value I need.

-Michael

[Sakae]

Hi, I would like to install this feature on my SMF, but I'm not sure if it's up to date.

It is safe to make this modifications?

[H]

If the find section is still the same, there should be no problem applying it. Just take backups in case something goes wrong!

[Arkadaş]

SMF 2.0 RC1-1  What is not the problem ?

LogInOut If you appreciate the extra help

Code Select Expand

<?php
/**********************************************************************************
* LogInOut.php                                                                    *
***********************************************************************************
* SMF: Simple Machines Forum                                                      *
* Open-Source Project Inspired by Zef Hemel ([email protected])                    *
* =============================================================================== *
* Software Version:           SMF 2.0 RC1                                         *
* Software by:                Simple Machines (http://www.simplemachines.org)     *
* Copyright 2006-2009 by:     Simple Machines LLC (http://www.simplemachines.org) *
*           2001-2006 by:     Lewis Media (http://www.lewismedia.com)             *
* Support, News, Updates at:  http://www.simplemachines.org                       *
***********************************************************************************
* This program is free software; you may redistribute it and/or modify it under   *
* the terms of the provided license as published by Simple Machines LLC.          *
*                                                                                 *
* This program is distributed in the hope that it is and will be useful, but      *
* WITHOUT ANY WARRANTIES; without even any implied warranty of MERCHANTABILITY    *
* or FITNESS FOR A PARTICULAR PURPOSE.                                            *
*                                                                                 *
* See the "license.txt" file for details of the Simple Machines license.          *
* The latest version can always be found at http://www.simplemachines.org.        *
**********************************************************************************/

if (!defined('SMF'))
die('Hacking attempt...');

/* This file is concerned pretty entirely, as you see from its name, with
logging in and out members, and the validation of that.  It contains:

void Login()
- shows a page for the user to type in their username and password.
- caches the referring URL in $_SESSION['login_url'].
- uses the Login template and language file with the login sub
 template.
- if you are using a wireless device, uses the protocol_login sub
 template in the Wireless template.
- accessed from ?action=login.

void Login2()
- actually logs you in and checks that login was successful.
- employs protection against a specific IP or user trying to brute
 force a login to an account.
- on error, uses the same templates Login() uses.
- upgrades password encryption on login, if necessary.
- after successful login, redirects you to $_SESSION['login_url'].
- accessed from ?action=login2, by forms.

void Logout(bool internal = false)
- logs the current user out of their account.
- requires that the session hash is sent as well, to prevent automatic
 logouts by images or javascript.
- doesn't check the session if internal is true.
- redirects back to $_SESSION['logout_url'], if it exists.
- accessed via ?action=logout;sesc=...

string md5_hmac(string data, string key)
- old style SMF 1.0.x/YaBB SE 1.5.x hashing.
- returns the HMAC MD5 of data with key.

string phpBB3_password_check(string passwd, string passwd_hash)
- Custom encryption for phpBB3 based passwords.

void validatePasswordFlood(id_member, password_flood_value = false, was_correct = false)
// !!!
*/

// Ask them for their login information.
function Login()
{
global $txt, $context;

// In wireless?  If so, use the correct sub template.
if (WIRELESS)
$context['sub_template'] = WIRELESS_PROTOCOL . '_login';
// Otherwise, we need to load the Login template/language file.
else
{
loadLanguage('Login');
loadTemplate('Login', 'login');
$context['sub_template'] = 'login';
}

// Get the template ready.... not really much else to do.
$context['page_title'] = $txt['login'];
$context['default_username'] = &$_REQUEST['u'];
$context['default_password'] = '';
$context['never_expire'] = false;

// Set the login URL - will be used when the login process is done.
if (isset($_SESSION['old_url']))
$_SESSION['login_url'] = $_SESSION['old_url'];
else
unset($_SESSION['login_url']);

}

// Perform the actual logging-in.
function Login2()
{
global $txt, $scripturl, $user_info, $user_settings, $smcFunc;
global $cookiename, $maintenance, $modSettings, $context, $sc, $sourcedir;

// Load cookie authentication stuff.
require_once($sourcedir . '/Subs-Auth.php');

if (isset($_GET['sa']) && $_GET['sa'] == 'salt' && !$user_info['is_guest'])
{
if (isset($_COOKIE[$cookiename]) && preg_match('~^a:[34]:\{i:0;(i:\d{1,6}|s:[1-8]:"\d{1,8}");i:1;s:(0|40):"([a-fA-F0-9]{40})?";i:2;[id]:\d{1,14};(i:3;i:\d;)?\}$~', $_COOKIE[$cookiename]) === 1)
list (, , $timeout) = @unserialize($_COOKIE[$cookiename]);
elseif (isset($_SESSION['login_' . $cookiename]))
list (, , $timeout) = @unserialize($_SESSION['login_' . $cookiename]);
else
trigger_error('Login2(): Cannot be logged in without a session or cookie', E_USER_ERROR);

$user_settings['password_salt'] = substr(md5(mt_rand()), 0, 4);
updateMemberData($user_info['id'], array('password_salt' => $user_settings['password_salt']));

setLoginCookie($timeout - time(), $user_info['id'], sha1($user_settings['passwd'] . $user_settings['password_salt']));

redirectexit('action=login2;sa=check;member=' . $user_info['id'], $context['server']['needs_login_fix']);
}
// Double check the cookie...
elseif (isset($_GET['sa']) && $_GET['sa'] == 'check')
{
// Strike!  You're outta there!
if ($_GET['member'] != $user_info['id'])
fatal_lang_error('login_cookie_error', false);

// Some whitelisting for login_url...
if (empty($_SESSION['login_url']))
redirectexit();
else
{
// Best not to clutter the session data too much...
$temp = $_SESSION['login_url'];
unset($_SESSION['login_url']);

redirectexit($temp);
}
}

// Beyond this point you are assumed to be a guest trying to login.
if (!$user_info['is_guest'])
redirectexit();

// Set the login_url if it's not already set.
if (empty($_SESSION['login_url']) && isset($_SESSION['old_url']) && preg_match('~(board|topic)[=,]~', $_SESSION['old_url']) != 0)
$_SESSION['login_url'] = $_SESSION['old_url'];

// Are you guessing with a script that doesn't keep the session id?
spamProtection('login');

// Been guessing a lot, haven't we?
if (isset($_SESSION['failed_login']) && $_SESSION['failed_login'] >= $modSettings['failed_login_threshold'] * 3)
fatal_lang_error('login_threshold_fail', 'critical');

// Set up the cookie length.  (if it's invalid, just fall through and use the default.)
if (isset($_POST['cookieneverexp']) || (!empty($_POST['cookielength']) && $_POST['cookielength'] == -1))
$modSettings['cookieTime'] = 3153600;
elseif (!empty($_POST['cookielength']) && ($_POST['cookielength'] >= 1 || $_POST['cookielength'] <= 525600))
$modSettings['cookieTime'] = (int) $_POST['cookielength'];

loadLanguage('Login');
// Load the template stuff - wireless or normal.
if (WIRELESS)
$context['sub_template'] = WIRELESS_PROTOCOL . '_login';
else
{
loadTemplate('Login', 'login');
$context['sub_template'] = 'login';
}

// Set up the default/fallback stuff.
$context['default_username'] = isset($_REQUEST['user']) ? preg_replace('~&amp;#(\\d{1,7}|x[0-9a-fA-F]{1,6});~', '&#38;#\\1;', htmlspecialchars($_REQUEST['user'])) : '';
$context['default_password'] = '';
$context['never_expire'] = $modSettings['cookieTime'] == 525600 || $modSettings['cookieTime'] == 3153600;
$context['login_errors'] = array($txt['error_occured']);
$context['page_title'] = $txt['login'];

if (!empty($_REQUEST['openid_url']) && !empty($modSettings['enableOpenID']))
{
require_once($sourcedir . '/Subs-OpenID.php');
return smf_openID_validate($_REQUEST['openid_url']);
}

// You forgot to type your username, dummy!
if (!isset($_REQUEST['user']) || $_REQUEST['user'] == '')
{
$context['login_errors'] = array($txt['need_username']);
return;
}

// Hmm... maybe 'admin' will login with no password. Uhh... NO!
if ((!isset($_POST['passwrd']) || $_POST['passwrd'] == '') && (!isset($_REQUEST['hash_passwrd']) || strlen($_REQUEST['hash_passwrd']) != 40))
{
$context['login_errors'] = array($txt['no_password']);
return;
}

// No funky symbols either.
if (preg_match('~[<>&"\'=\\\]~', preg_replace('~(&#38;#(\\d{1,7}|x[0-9a-fA-F]{1,6});)~', '', $_REQUEST['user'])) != 0)
{
$context['login_errors'] = array($txt['error_invalid_characters_username']);
return;
}

// Are we using any sort of integration to validate the login?
if (isset($modSettings['integrate_validate_login']) && function_exists($modSettings['integrate_validate_login']))
if (call_user_func($modSettings['integrate_validate_login'], $_REQUEST['user'], isset($_REQUEST['hash_passwrd']) && strlen($_REQUEST['hash_passwrd']) == 40 ? $_REQUEST['hash_passwrd'] : null, $modSettings['cookieTime']) == 'retry')
{
$context['login_errors'] = array($txt['login_hash_error']);
$context['disable_login_hashing'] = true;
return;
}

// Load the data up!
$request = $smcFunc['db_query']('', '
SELECT passwd, id_member, id_group, lngfile, is_activated, email_address, additional_groups, member_name, password_salt,
openid_uri, passwd_flood
FROM {db_prefix}members
WHERE ' . ($smcFunc['db_case_sensitive'] ? 'LOWER(member_name)' : 'member_name') . ' = {string:user_name}
LIMIT 1',
array(
'user_name' => $smcFunc['db_case_sensitive'] ? strtolower($_REQUEST['user']) : $_REQUEST['user'],
)
);
// Probably mistyped or their email, try it as an email address. (member_name first, though!)
if ($smcFunc['db_num_rows']($request) == 0)
{
$smcFunc['db_free_result']($request);

$request = $smcFunc['db_query']('', '
SELECT passwd, id_member, id_group, lngfile, is_activated, email_address, additional_groups, member_name, password_salt, openid_uri,
passwd_flood
FROM {db_prefix}members
WHERE email_address = {string:user_name}
LIMIT 1',
array(
'user_name' => $_REQUEST['user'],
)
);
// Let them try again, it didn't match anything...
if ($smcFunc['db_num_rows']($request) == 0)
{
$context['login_errors'] = array($txt['username_no_exist']);
return;
}
}

$user_settings = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);

// Figure out the password using SMF's encryption - if what they typed is right.
if (isset($_REQUEST['hash_passwrd']) && strlen($_REQUEST['hash_passwrd']) == 40)
{
// Needs upgrading?
if (strlen($user_settings['passwd']) != 40)
{
$context['login_errors'] = array($txt['login_hash_error']);
$context['disable_login_hashing'] = true;
return;
}
// Challenge passed.
elseif ($_REQUEST['hash_passwrd'] == sha1($user_settings['passwd'] . $sc))
$sha_passwd = $user_settings['passwd'];
else
{
// Don't allow this!
validatePasswordFlood($user_settings['id_member'], $user_settings['passwd_flood']);

$_SESSION['failed_login'] = @$_SESSION['failed_login'] + 1;

if ($_SESSION['failed_login'] >= $modSettings['failed_login_threshold'])
redirectexit('action=reminder');
else
{
log_error($txt['incorrect_password'] . ' - <span class="remove">' . $user_settings['member_name'] . '</span>', 'user');

$context['disable_login_hashing'] = true;
$context['login_errors'] = array($txt['incorrect_password']);
return;
}
}
}
else
$sha_passwd = sha1(strtolower($user_settings['member_name']) . un_htmlspecialchars($_POST['passwrd']));

// Bad password!  Thought you could fool the database?!
if ($user_settings['passwd'] != $sha_passwd)
{
// Let's be cautious, no hacking please. thanx.
validatePasswordFlood($user_settings['id_member'], $user_settings['passwd_flood']);

// Maybe we were too hasty... let's try some other authentication methods.
$other_passwords = array();

// None of the below cases will be used most of the time (because the salt is normally set.)
if ($user_settings['password_salt'] == '')
{
// YaBB SE, Discus, MD5 (used a lot), SHA-1 (used some), SMF 1.0.x, IkonBoard, and none at all.
$other_passwords[] = crypt($_POST['passwrd'], substr($_POST['passwrd'], 0, 2));
$other_passwords[] = crypt($_POST['passwrd'], substr($user_settings['passwd'], 0, 2));
$other_passwords[] = md5($_POST['passwrd']);
$other_passwords[] = sha1($_POST['passwrd']);
$other_passwords[] = md5_hmac($_POST['passwrd'], strtolower($user_settings['member_name']));
$other_passwords[] = md5($_POST['passwrd'] . strtolower($user_settings['member_name']));
$other_passwords[] = $_POST['passwrd'];

// This one is a strange one... MyPHP, crypt() on the MD5 hash.
$other_passwords[] = crypt(md5($_POST['passwrd']), md5($_POST['passwrd']));

// Snitz style - SHA-256.  Technically, this is a downgrade, but most PHP configurations don't support sha256 anyway.
if (strlen($user_settings['passwd']) == 64 && function_exists('mhash') && defined('MHASH_SHA256'))
$other_passwords[] = bin2hex(mhash(MHASH_SHA256, $_POST['passwrd']));

// phpBB3 users new hashing.  We now support it as well ;).
$other_passwords[] = phpBB3_password_check($_POST['passwrd'], $user_settings['passwd']);

// APBoard 2 Login Method.
$other_passwords[] = md5(crypt($_REQUEST['passwrd'], 'CRYPT_MD5'));
}
// The hash should be 40 if it's SHA-1, so we're safe with more here too.
elseif (strlen($user_settings['passwd']) == 32)
{
// vBulletin 3 style hashing?  Let's welcome them with open arms \o/.
$other_passwords[] = md5(md5($_POST['passwrd']) . $user_settings['password_salt']);
// Hmm.. p'raps it's Invision 2 style?
$other_passwords[] = md5(md5($user_settings['password_salt']) . md5($_POST['passwrd']));
// Some common md5 ones.
$other_passwords[] = md5($user_settings['password_salt'] . $_POST['passwrd']);
$other_passwords[] = md5($_POST['passwrd'] . $user_settings['password_salt']);
$other_passwords[] = md5($_POST['passwrd']);
$other_passwords[] = md5(md5($_POST['passwrd']));
}

// Maybe they are using a hash from before the password fix.
$other_passwords[] = sha1(strtolower($user_settings['member_name']) . un_htmlspecialchars($_POST['passwrd']));

// SMF's sha1 function can give a funny result on Linux (Not our fault!). If we've now got the real one let the old one be valid!
require_once($sourcedir . '/Subs-Compat.php');
$other_passwords[] = sha1_smf(strtolower($user_settings['member_name']) . un_htmlspecialchars($_POST['passwrd']));

// Whichever encryption it was using, let's make it use SMF's now ;).
if (in_array($user_settings['passwd'], $other_passwords))
{
$user_settings['passwd'] = $sha_passwd;
$user_settings['password_salt'] = substr(md5(mt_rand()), 0, 4);

// Update the password and set up the hash.
updateMemberData($user_settings['id_member'], array('passwd' => $user_settings['passwd'], 'password_salt' => $user_settings['password_salt']));
}
// Okay, they for sure didn't enter the password!
else
{
// They've messed up again - keep a count to see if they need a hand.
$_SESSION['failed_login'] = @$_SESSION['failed_login'] + 1;

// Hmm... don't remember it, do you?  Here, try the password reminder ;).
if ($_SESSION['failed_login'] >= $modSettings['failed_login_threshold'])
redirectexit('action=reminder');
// We'll give you another chance...
else
{
// Log an error so we know that it didn't go well in the error log.
log_error($txt['incorrect_password'] . ' - <span class="remove">' . $user_settings['member_name'] . '</span>', 'user');

$context['login_errors'] = array($txt['incorrect_password']);
return;
}
}
}
elseif (!empty($user_settings['passwd_flood']))
{
// Let's be sure they wern't a little hacker.
validatePasswordFlood($user_settings['id_member'], $user_settings['passwd_flood'], true);

// If we got here then we can reset the flood counter.
updateMemberData($user_settings['id_member'], array('passwd_flood' => ''));
}

// Correct password, but they've got no salt; fix it!
if ($user_settings['password_salt'] == '')
{
$user_settings['password_salt'] = substr(md5(mt_rand()), 0, 4);
updateMemberData($user_settings['id_member'], array('password_salt' => $user_settings['password_salt']));
}

// Check their activation status.
if (!checkActivation())
return;

DoLogin();
}

function checkActivation()
{
global $context, $txt, $scripturl, $user_settings, $modSettings;

if (!isset($context['login_errors']))
$context['login_errors'] = array();

// What is the true activation status of this account?
$activation_status = $user_settings['is_activated'] > 10 ? $user_settings['is_activated'] - 10 : $user_settings['is_activated'];

// Check if the account is activated - COPPA first...
if ($activation_status == 5)
{
$context['login_errors'][] = $txt['coppa_no_concent'] . ' <a href="' . $scripturl . '?action=coppa;member=' . $user_settings['id_member'] . '">' . $txt['coppa_need_more_details'] . '</a>';
return false;
}
// Awaiting approval still?
elseif ($activation_status == 3)
fatal_lang_error('still_awaiting_approval', 'user');
// Awaiting deletion, changed their mind?
elseif ($activation_status == 4)
{
if (isset($_REQUEST['undelete']))
{
updateMemberData($user_settings['id_member'], array('is_activated' => 1));
updateSettings(array('unapprovedMembers' => ($modSettings['unapprovedMembers'] > 0 ? $modSettings['unapprovedMembers'] - 1 : 0)));
}
else
{
$context['login_errors'][] = $txt['awaiting_delete_account'];
$context['login_show_undelete'] = true;
return false;
}
}
// Standard activation?
elseif ($activation_status != 1)
{
log_error($txt['activate_not_completed1'] . ' - <span class="remove">' . $user_settings['member_name'] . '</span>', false);

$context['login_errors'][] = $txt['activate_not_completed1'] . ' <a href="' . $scripturl . '?action=activate;sa=resend;u=' . $user_settings['id_member'] . '">' . $txt['activate_not_completed2'] . '</a>';
return false;
}
return true;
}

function DoLogin()
{
global $txt, $scripturl, $user_info, $user_settings, $smcFunc;
global $cookiename, $maintenance, $modSettings, $context, $sourcedir;

// Load cookie authentication stuff.
require_once($sourcedir . '/Subs-Auth.php');

if (isset($modSettings['integrate_login']) && function_exists($modSettings['integrate_login']))
$modSettings['integrate_login']($user_settings['member_name'], isset($_REQUEST['hash_passwrd']) && strlen($_REQUEST['hash_passwrd']) == 40 ? $_REQUEST['hash_passwrd'] : null, $modSettings['cookieTime']);

// Get ready to set the cookie...
$username = $user_settings['member_name'];
$user_info['id'] = $user_settings['id_member'];

// Bam!  Cookie set.  A session too, just in case.
setLoginCookie(60 * $modSettings['cookieTime'], $user_settings['id_member'], sha1($user_settings['passwd'] . $user_settings['password_salt']));

// Reset the login threshold.
if (isset($_SESSION['failed_login']))
unset($_SESSION['failed_login']);

$user_info['is_guest'] = false;
$user_settings['additional_groups'] = explode(',', $user_settings['additional_groups']);
$user_info['is_admin'] = $user_settings['id_group'] == 1 || in_array(1, $user_settings['additional_groups']);

// Are you banned?
is_not_banned(true);

// An administrator, set up the login so they don't have to type it again.
if ($user_info['is_admin'] && isset($user_settings['openid_uri']) && empty($user_settings['openid_uri']))
{
$_SESSION['admin_time'] = time();
unset($_SESSION['just_registered']);
}

// Don't stick the language or theme after this point.
unset($_SESSION['language']);
unset($_SESSION['id_theme']);

// You've logged in, haven't you?
updateMemberData($user_info['id'], array('last_login' => time(), 'member_ip' => $user_info['ip'], 'member_ip2' => $_SERVER['BAN_CHECK_IP']));

// Get rid of the online entry for that old guest....
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}log_online
WHERE session = {string:session}',
array(
'session' => 'ip' . $user_info['ip'],
)
);
$_SESSION['log_time'] = 0;

// Just log you back out if it's in maintenance mode and you AREN'T an admin.
if (empty($maintenance) || allowedTo('admin_forum'))
redirectexit('action=login2;sa=check;member=' . $user_info['id'], $context['server']['needs_login_fix']);
else
redirectexit('action=logout;' . $context['session_var'] . '=' . $context['session_id'], $context['server']['needs_login_fix']);
}

// Log the user out.
function Logout($internal = false, $redirect = true)
{
global $sourcedir, $user_info, $user_settings, $context, $modSettings, $smcFunc;

// Make sure they aren't being auto-logged out.
if (!$internal)
checkSession('get');

require_once($sourcedir . '/Subs-Auth.php');

if (isset($_SESSION['pack_ftp']))
$_SESSION['pack_ftp'] = null;

// They cannot be open ID verified any longer.
if (isset($_SESSION['openid']))
unset($_SESSION['openid']);

// Just ensure they aren't a guest!
if (!$user_info['is_guest'])
{
if (isset($modSettings['integrate_logout']) && function_exists($modSettings['integrate_logout']))
call_user_func($modSettings['integrate_logout'], $user_settings['member_name']);

// If you log out, you aren't online anymore :P.
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}log_online
WHERE id_member = {int:current_member}',
array(
'current_member' => $user_info['id'],
)
);
}

$_SESSION['log_time'] = 0;

// Empty the cookie! (set it in the past, and for id_member = 0)
setLoginCookie(-3600, 0);

// Off to the merry board index we go!
if ($redirect)
{
if (empty($_SESSION['logout_url']))
redirectexit('', $context['server']['needs_login_fix']);
else
{
$temp = $_SESSION['logout_url'];
unset($_SESSION['logout_url']);

redirectexit($temp, $context['server']['needs_login_fix']);
}
}
}

// MD5 Encryption used for older passwords.
function md5_hmac($data, $key)
{
$key = str_pad(strlen($key) <= 64 ? $key : pack('H*', md5($key)), 64, chr(0x00));
return md5(($key ^ str_repeat(chr(0x5c), 64)) . pack('H*', md5(($key ^ str_repeat(chr(0x36), 64)) . $data)));
}

// Special encryption used by phpBB3.
function phpBB3_password_check($passwd, $passwd_hash)
{
// Too long or too short?
if (strlen($passwd_hash) != 34)
return;

// Range of characters allowed.
$range = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';

// Tests
$strpos = strpos($range, $passwd_hash[3]);
$count = 1 << $strpos;
$count2 = $count;
$salt = substr($passwd_hash, 4, 8);

// Things are done differently for PHP 5.
if (@version_compare(PHP_VERSION, '5') >= 0)
{
$hash = md5($salt . $passwd, true);
for (; $count != 0; --$count)
$hash = md5($hash . $passwd, true);;
}
else
{
$hash = pack('H*', md5($salt . $passwd));
for (; $count != 0; --$count)
$hash = pack('H*', md5($hash . $passwd));
}

$output = substr($passwd_hash, 0, 12);
$i = 0;
while ($i < 16)
{
$value = ord($hash[$i++]);
$output .= $range[$value & 0x3f];

if ($i < 16)
$value |= ord($hash[$i]) << 8;

$output .= $range[($value >> 6) & 0x3f];

if ($i++ >= 16)
break;

if ($i < 16)
$value |= ord($hash[$i]) << 16;

$output .= $range[($value >> 12) & 0x3f];

if ($i++ >= 16)
break;

$output .= $range[($value >> 18) & 0x3f];
}

// Return now.
return $output;
}

// This protects against brute force attacks on a member's password. Importantly even if the password was right we DON'T TELL THEM!
function validatePasswordFlood($id_member, $password_flood_value = false, $was_correct = false)
{
global $smcFunc, $cookiename, $sourcedir;

// As this is only brute protection, we allow 5 attempts every 10 seconds.

// Destroy any session or cookie data about this member, as they validated wrong.
require_once($sourcedir . '/Subs-Auth.php');

setLoginCookie(-3600, 0);
if (isset($_SESSION['login_' . $cookiename]))
unset($_SESSION['login_' . $cookiename]);

// We need a member!
if (!$id_member)
fatal_lang_error('no_access');

// Right, have we got a flood value?
if ($password_flood_value !== false)
@list ($time_stamp, $number_tries) = explode('|', $password_flood_value);

// Timestamp invalid or non-existent?
if (empty($number_tries) || $time_stamp < (time() - 10))
{
// If it wasn't *that* long ago, don't give them another five goes.
$number_tries = !empty($number_tries) && $time_stamp < (time() - 20) ? 2 : 0;
$time_stamp = time();
}

$number_tries++;

// Broken the law?
if ($number_tries > 5)
fatal_lang_error('login_threshold_brute_fail', 'critical');

// Otherwise set the members data. If they correct on their first attempt then we actually clear it, otherwise we set it!
updateMemberData($id_member, array('passwd_flood' => $was_correct && $number_tries == 1 ? '' : $time_stamp . '|' . $number_tries));

}

?>

[Antechinus]

Anyone still stuck on this?