- // Secure lifetime from input form
- $l = bigintval($_POST['lifetime']);
- $life = "-1";
- if ($l > 0)
- {
- // Calculate lifetime of cookies
- $life = time() + $l;
-
- // Calculate new hash with the secret key and master salt together
- $hash = generatePassString($hash);
-
- // Update cookies
- $login = (@setcookie("userid" , $UID , $life, COOKIE_PATH)
- && @setcookie("u_hash" , $hash, $life, COOKIE_PATH)
- && @setcookie("lifetime", $l , $life, COOKIE_PATH));
-
- // Update global array
- $GLOBALS['userid'] = $UID;
- $_COOKIE['u_hash'] = $hash;
- $_COOKIE['lifetime'] = $l;
- }
- else
- {
- // Check for login data
- $login = IS_LOGGED_IN();
- }
+ if ($hash == $password) {
+ // New hashed password found so let's generate a new one
+ $hash = generateHash($_POST['password']);
+
+ // ... and update database
+ SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_user_data SET password='%s' WHERE userid=%s AND status='CONFIRMED' LIMIT 1",
+ array($hash, $uid), __FILE__, __LINE__);
+
+ // No login bonus by default
+ $BONUS = false;
+
+ // Probe for last online timemark
+ $probe = time() - $online;
+ if (!empty($login)) $probe = time() - $login;
+ if ((GET_EXT_VERSION("bonus") >= "0.2.2") && ($probe >= $_CONFIG['login_timeout'])) {
+ // Add login bonus to user's account
+ $ADD = sprintf(", login_bonus=login_bonus+%s",
+ (float)$_CONFIG['login_bonus']
+ );
+ $BONUS = true;
+
+ // Subtract login bonus from userid's account or jackpot
+ if ((GET_EXT_VERSION("bonus") >= "0.3.5") && ($_CONFIG['bonus_mode'] != "ADD")) BONUS_POINTS_HANDLER('login_bonus');
+ } // END - if
+
+ // Init variables
+ $life = "-1"; $login = false;
+
+ // Secure lifetime from input form
+ $l = bigintval($_POST['lifetime']);
+
+ // Is the lifetime set?
+ if ($l > 0) {
+ // Calculate lifetime of cookies
+ $life = time() + $l;
+
+ // Calculate new hash with the secret key and master salt together
+ $hash = generatePassString($hash);
+
+ // Update cookies
+ $login = (set_session("userid" , $uid , $life, COOKIE_PATH)
+ && set_session("u_hash" , $hash, $life, COOKIE_PATH)
+ && set_session("lifetime", $l , $life, COOKIE_PATH)
+ );
+
+ // Update global array
+ $GLOBALS['userid'] = $uid;
+ } else {
+ // Check for login data
+ $login = IS_MEMBER();
+ }