X-Git-Url: https://git.nubati.net/cgi-bin/gitweb.cgi?p=e-DoKo.git;a=blobdiff_plain;f=include%2Fuser.php;h=55b84f4e5e3379b4f4debab91ef6330c9bf0bea9;hp=3d0b7291f178e66d59e6fe3c3dc8061963d5eb84;hb=2aa6083b051373dc64470e707d6b21600f89a534;hpb=cc143e38299d3dd3981efd81972c0e0df4df1462

diff --git a/include/user.php b/include/user.php
index 3d0b729..55b84f4 100644
--- a/include/user.php
+++ b/include/user.php
@@ -1,5 +1,5 @@
 <?php
-/* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arun Persaud <arun@nubati.net>
+/* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arun Persaud <arun@nubati.net>
  *
  *   This file is part of e-DoKo.
  *
@@ -25,12 +25,7 @@ if(!isset($HOST))
   exit;
 
 /* test id and password, should really be done in one step */
-if(!isset($_SESSION['name']))
-  {
-    $email     = $_REQUEST['email'];
-    $password  = $_REQUEST['password'];
-  }
-else
+if(isset($_SESSION['name']))
   {
     $name = $_SESSION['name'];
     $email     = DB_get_email('name',$name);
@@ -69,12 +64,12 @@ if(myisset('forgot'))
 	    $hash  = md5('Anewpassword'.$email.$TIME);
 	    $newpw = substr($hash,1,8);
 
-	    $message = "Someone (hopefully you) requested a new password. \n".
-	      "You can use this email and the following password: \n".
-	      "   $newpw    \n".
+	    $message = sprintf( _("Someone (hopefully you) requested a new password.\n".
+	      "You can use this email and the following password:\n".
+	      "   %s\n".
 	      "to log into the server. The new password is valid for 24h, so make\n".
 	      "sure you reset your password to something new. Your old password will\n".
-	      "also still be valid until you set a new one.\n";
+	      "also still be valid until you set a new one.\n"), $newpw);
 	    mymail($myid,0, GAME_RECOVERY, $message);
 
 	    /* we save these in the database */
@@ -106,12 +101,14 @@ else
   { /* normal user page */
 
     /* verify password and email */
-    if(strlen($password)!=32)
-      $password = md5($password);
-
     $ok  = 1;
-    $myid = DB_get_userid('email-password',$email,$password);
-    if(!$myid)
+    if(isset($email, $password))
+      {
+	$myid = DB_get_userid('email-password',$email,$password);
+        if(!$myid)
+	  $ok = 0;
+      }
+    else
       $ok = 0;
 
     if($ok)
@@ -121,6 +118,9 @@ else
 	$_SESSION['name'] = $myname;
 
 	$PREF = DB_get_PREF($myid);
+	/* set language chosen in preferences, will become active on the next reload (see index.php)*/
+	$_SESSION['language'] = $PREF['language'];
+	set_language($PREF['language']);
 
 	DB_update_user_timestamp($myid);