//@todo: to remove this part for non-global approach
define("iAUTH", substr(md5($userdata['user_password'] . USER_IP), 16, 16));
$aidlink = fusion_get_aidlink();
// Generate a session aid every turn
$token_time = time();
$algo = fusion_get_settings('password_algorithm');
$key = $userdata['user_id'] . $token_time . iAUTH . SECRET_KEY;
$salt = md5($userdata['user_admin_salt'] . SECRET_KEY_SALT);
$_SESSION['aid'] = $userdata['user_id'] . "." . $token_time . "." . hash_hmac($algo, $key, $salt);
}
// PHP-Fusion user cookie functions
if (!isset($_COOKIE[COOKIE_PREFIX . 'visited'])) {
$result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value=settings_value+1 WHERE settings_name='counter'");
setcookie(COOKIE_PREFIX . "visited", "yes", time() + 31536000, "/", "", "0");
}
$lastvisited = Authenticate::setLastVisitCookie();
// Check file types of the uploaded file with known mime types list to prevent uploading unwanted files if enabled
if ($settings['mime_check'] == "1") {
if (isset($_FILES) && count($_FILES)) {
require_once INCLUDES . "mimetypes_include.php";
$mime_types = mimeTypes();
foreach ($_FILES as $each) {
if (isset($each['name']) && strlen($each['tmp_name'])) {
$file_info = pathinfo($each['name']);
$extension = $file_info['extension'];
if (array_key_exists($extension, $mime_types)) {
if (is_array($mime_types[$extension])) {
$valid_mimetype = FALSE;
foreach ($mime_types[$extension] as $each_mimetype) {
if ($each_mimetype == $each['type']) {
$valid_mimetype = TRUE;