Profile
MAJ is an Open Source, PHP-based content management system (CMS) that can be deployed as a blog, bulletin or message board, Internet forum, and wiki. It is extensible via PHP panels and is HTML5 and CSS3 ready.
Git
This commit has been accessed 7 times via Git panel.

commit 0bc3d939315bf889dd6cf2f96feb1202577924e2
tree 0f3ac592e19144f87cb5a7f055478a58083a2bc4
parent 4b72636d268c915cc14aa50b0469e4f0e57f9a68
author Engels Antonio <engels@majcms.org> 1307311749 +0800
committer Engels Antonio <engels@majcms.org> 1307311749 +0800

    Add member lockout support

diff --git a/login.php b/login.php
index 1c11c54..d93e0d3 100644
--- a/login.php
+++ b/login.php
@@ -105,7 +105,7 @@ a:active {
                        $err_username = "0";
                }
                else {
-                       if (file_exists("data/members/active/$put_username") and file_exists("data/bb.txt")) {
+                       if (file_exists("data/members/active/$put_username") and file_exists("data/bb.txt") and !file_exists("data/members/active/$put_username/lockout.txt")) {
                                $get_password = file_get_contents("data/members/active/$put_username/password.txt");
                                $last_login = "data/members/active/$put_username/bb-last.txt";
                                $logins = "data/members/active/$put_username/bb-logins.txt";
diff --git a/member.php b/member.php
index ccee89f..7c1be00 100644
--- a/member.php
+++ b/member.php
@@ -197,6 +197,34 @@ if ($id == "all") {
                        unlink("data/members/active/{$_POST['username']}/noml.txt");
                }
       
+               if (isset($_POST['lockout']) and !empty($_POST['lockout']) and ($_POST['lockout'] == "on")) {
+
+                       if (!file_exists("data/members/active/{$_POST['username']}/lockout.txt")) {
+                               touch("data/members/active/{$_POST['username']}/lockout.txt");
+                       }
+                      
+                       if (file_exists("data/members/active/{$_POST['username']}/noml.txt")) {
+                               touch("data/members/active/{$_POST['username']}/noml2.txt");
+                       }
+                      
+                       if (!file_exists("data/members/active/{$_POST['username']}/noml.txt")) {
+                               touch("data/members/active/{$_POST['username']}/noml.txt");
+                       }
+               }
+      
+               if ((!isset($_POST['lockout']) or empty($_POST['lockout'])) and file_exists("data/members/active/{$_POST['username']}/lockout.txt")) {
+
+                       unlink("data/members/active/{$_POST['username']}/lockout.txt");
+                      
+                       if (file_exists("data/members/active/{$_POST['username']}/noml.txt")) {
+                               unlink("data/members/active/{$_POST['username']}/noml.txt");
+                       }
+
+                       if (file_exists("data/members/active/{$_POST['username']}/noml2.txt")) {
+                               rename("data/members/active/{$_POST['username']}/noml2.txt","data/members/active/{$_POST['username']}/noml.txt");                      
+                       }
+               }
+
                if (isset($_POST['rank']) and !empty($_POST['rank']) and (strtolower($_POST['rank']) != "member")) {
                        $rank_file = "data/members/active/{$_POST['username']}/rank.txt";
                        $fp_rank_txt = fopen($rank_file,"w");
@@ -235,7 +263,7 @@ if ($id == "all") {
 <tr><td bgcolor="#eeeeee" align="center">status</td><td bgcolor="#eeeeee" align="center">username</td><?php if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) { echo "<td bgcolor=\"#eeeeee\" align=\"center\">real name</td>"; } ?><td bgcolor="#eeeeee" align="center">member since</td><td bgcolor="#eeeeee" align="center">logins</td><td bgcolor="#eeeeee" align="center">posts</td><?php
 
 if (isset($_SESSION['logged_in']) and !empty($_SESSION['logged_in']) and ($_SESSION['logged_in'] == file_get_contents("data/username.txt"))) {
-       echo '<td bgcolor="#eeeeee" align="center">rw</td><td bgcolor="#eeeeee" align="center">ul</td><td bgcolor="#eeeeee" align="center">noml</td><td bgcolor="#eeeeee" align="center">delete</td><td bgcolor="#eeeeee" align="center">rank</td><td bgcolor="#eeeeee" align="center">category</td><td bgcolor="#eeeeee" align="center">action</td>';
+       echo '<td bgcolor="#eeeeee" align="center">rw</td><td bgcolor="#eeeeee" align="center">ul</td><td bgcolor="#eeeeee" align="center">noml</td><td bgcolor="#eeeeee" align="center">lock</td><td bgcolor="#eeeeee" align="center">del</td><td bgcolor="#eeeeee" align="center">rank</td><td bgcolor="#eeeeee" align="center">category</td><td bgcolor="#eeeeee" align="center">action</td>';
 }
 
 ?></tr>
@@ -426,6 +454,12 @@ if (file_exists("data/members/active")) {
                                        if (file_exists("data/members/active/$member_list_entry/noml.txt")) {
                                                echo " checked";
                                        }
+                                      
+                                       echo "></td><td bgcolor=#ffffff align=center><input type=checkbox name=lockout";
+
+                                       if (file_exists("data/members/active/$member_list_entry/lockout.txt")) {
+                                               echo " checked";
+                                       }                                      
 
                                        echo "></td><td bgcolor=#ffffff align=center><input type=checkbox name=del></td><td bgcolor=#ffffff align=center><input class=submit type=text name=rank autocomplete=off value=\"";
 
@@ -478,7 +512,7 @@ if (file_exists("data/members/active")) {
                                }
 
                                if ($member_list_entry == file_get_contents("data/username.txt")) {
-                                       echo "<td colspan=7 bgcolor=#ffffff align=center><a href=settings.php>administrator settings</a></td>";
+                                       echo "<td colspan=8 bgcolor=#ffffff align=center><a href=settings.php>administrator settings</a></td>";
                                }
                        }
                }
 
Credits
Sunday, Sep 18, 2005, 12:00 AM (Revision 11 - Thursday, Jul 14, 2011, 7:30 PM)
Open Source enables software developers to stand on the shoulders of giants instead of reinventing the wheel, so to speak. Kudos and many thanks to the folks who made their work freely available for reuse in MAJ.

read more
Bugs and Exploits
Friday, Aug 26, 2005, 12:00 AM (Revision 23 - Wednesday, May 29, 2013, 5:25 AM)
Although MAJ started as a family project, care has been taken to make it as "safe" as possible. With more people now working on MAJ, bugs and exploitable code may sometimes slip in. We invite you to poke around and see if you can find any. Generally, there are two things you can do when you find a MAJ or PHP-related bug or exploit:

1. Take advantage of it. But hey, what's so exciting about messing up someone's blog? Ho-hum, right?
2. Report it here so that we can work on a fix and make MAJ better.

read more
Search
Download
MAJ 2.0
75 files
33012 downloads
MAJ 1.0
26 files
13143 downloads
MAJ 0.14
45 files
35025 downloads