Apšylantis
Reputacija:
0
Pranešimai: 89
Įstojo: 2008-02-20
|
lostpassword.php
 Code
/*---------------------------------------------------+
| PHP-Fusion 6 Content Management System
+----------------------------------------------------+
| Copyright 2002 - 2006 Nick Jones
| http://www.php-fusion.co.uk/
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the
| GNU General Public License. For details refer to
| the included gpl.txt file or visit http://gnu.org
+----------------------------------------------------*/
require_once \"maincore.php\";
require_once \"subheader.php\";
require_once \"side_left.php\";
require_once INCLUDES.\"sendmail_include.php\";
include LOCALE.LOCALESET.\"lostpassword.php\";
if (iMEMBER) fallback(\"index.php\");
opentable($locale['400']);
if (isset($email) && isset($account)) {
$error = 0;
if (FUSION_QUERY != \"email=\".$email.\"&account=\".$account) fallback(\"index.php\");
$email = stripinput(trim(eregi_replace(\" +\", \"\", $email)));
if (!preg_match(\"/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i\", $email)) $error = 1;
if (!preg_match(\"/^[0-9a-z]{32}$/\", $account)) $error = 1;
if ($error == 0) {
$result = dbquery(\"SELECT * FROM \".$db_prefix.\"users WHERE user_password='$account' AND user_email='$email'\");
if (dbrows($result) != 0) {
$data = dbarray($result); $new_pass = \"\";
for ($i=0;$i<=7;$i++) { $new_pass .= chr(rand(97, 122)); }
$mailbody = str_replace(\"[NEW_PASS]\", $new_pass, $locale['411']);
$mailbody = str_replace(\"[USER_NAME]\", $data['user_name'], $mailbody);
sendemail($data['user_name'],$email,$settings['siteusername'],$settings['siteemail'],$locale['409'].$settings['sitename'],$mailbody);
$result = dbquery(\"UPDATE \".$db_prefix.\"users SET user_password='\".md5(md5($new_pass)).\"' WHERE user_id='\".$data['user_id'].\"'\");
echo \"
\n\".$locale['402'].\"
\n\".$locale['403'].\"
\n\n\";
} else {
$error = 1;
}
}
if ($error == 1) redirect(\"index.php\");
} elseif (isset($_POST['send_password'])) {
$email = stripinput(trim(eregi_replace(\" +\", \"\", $_POST['email'])));
if (preg_match(\"/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i\", $email)) {
$result = dbquery(\"SELECT * FROM \".$db_prefix.\"users WHERE user_email='$email'\");
if (dbrows($result) != 0) {
$data = dbarray($result);
$new_pass_link = $settings['siteurl'].\"lostpassword.php?email=\".$data['user_email'].\"&account=\".$data['user_password'];
$mailbody = str_replace(\"[NEW_PASS_LINK]\", $new_pass_link, $locale['410']);
$mailbody = str_replace(\"[USER_NAME]\", $data['user_name'], $mailbody);
sendemail($data['user_name'],$email,$settings['siteusername'],$settings['siteemail'],$locale['409'].$settings['sitename'],$mailbody);
echo \"
\n\".$locale['401'].\"
\n\".$locale['403'].\"
\n\n\";
} else {
echo \"
\n\".$locale['404'].\"
\n\".$locale['406'].\"
\n\n\";
}
} else {
echo \"
\n\".$locale['405'].\"
\n\".$locale['403'].\"
\n\";
}
} else {
echo \"\n\";
}
closetable();
require_once \"side_right.php\";
require_once \"footer.php\";
?>
contact.php
Code
/*---------------------------------------------------+
| PHP-Fusion 6 Content Management System
+----------------------------------------------------+
| Copyright 2002 - 2006 Nick Jones
| http://www.php-fusion.co.uk/
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the
| GNU General Public License. For details refer to
| the included gpl.txt file or visit http://gnu.org
+----------------------------------------------------*/
require_once \"maincore.php\";
require_once \"subheader.php\";
require_once \"side_left.php\";
include LOCALE.LOCALESET.\"contact.php\";
if (isset($_POST['sendmessage'])) {
$error = \"\";
$mailname = substr(stripinput(trim($_POST['mailname'])),0,50);
$email = substr(stripinput(trim($_POST['email'])),0,100);
$subject = substr(str_replace(array(\"\r\",\"\n\",\"@\"), \"\", descript(stripslash(trim($_POST['subject'])))),0,50);
$message = descript(stripslash(trim($_POST['message'])));
if ($mailname == \"\") {
$error .= \" \".$locale['420'].\"
\n\";
}
if ($email == \"\" || !preg_match(\"/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i\", $email)) {
$error .= \" \".$locale['421'].\"
\n\";
}
if ($subject == \"\") {
$error .= \" \".$locale['422'].\"
\n\";
}
if ($message == \"\") {
$error .= \" \".$locale['423'].\"
\n\";
}
if (!$error) {
require_once INCLUDES.\"sendmail_include.php\";
sendemail($settings['siteusername'],$settings['siteemail'],$mailname,$email,$subject,$message);
opentable($locale['400']);
echo \"
\n\".$locale['440'].\"
\n\".$locale['441'].\"
\n\";
closetable();
} else {
opentable($locale['400']);
echo \"
\n\".$locale['442'].\"
\n$error
\n\".$locale['443'].\"
\n\";
closetable();
}
} else {
opentable($locale['400']);
echo $locale['401'].\"
\n\";
closetable();
}
require_once \"side_right.php\";
require_once \"footer.php\";
?>
|
Apšylantis
Reputacija:
0
Pranešimai: 89
Įstojo: 2008-02-20
|
Code
/*---------------------------------------------------+
| PHP-Fusion 6 Content Management System
+----------------------------------------------------+
| Copyright 2002 - 2006 Nick Jones
| http://www.php-fusion.co.uk/
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the
| GNU General Public License. For details refer to
| the included gpl.txt file or visit http://gnu.org
+----------------------------------------------------*/
require_once \"maincore.php\";
require_once \"subheader.php\";
require_once \"side_left.php\";
include LOCALE.LOCALESET.\"register.php\";
include LOCALE.LOCALESET.\"user_fields.php\";
if (iMEMBER) fallback(\"index.php\");
if ($settings['enable_registration']) {
if (isset($activate)) {
if (!preg_match(\"/^[0-9a-z]{32}$/\", $activate)) fallback(\"index.php\");
$result = dbquery(\"SELECT * FROM \".$db_prefix.\"new_users WHERE user_code='$activate'\");
if (dbrows($result) != 0) {
$data = dbarray($result);
$user_info = unserialize($data['user_info']);
$activation = $settings['admin_activation'] == \"1\" ? \"2\" : \"0\";
$result = dbquery(\"INSERT INTO \".$db_prefix.\"users (user_name, user_password, user_email, user_hide_email, user_location, user_birthdate, user_aim, user_icq, user_msn, user_yahoo, user_web, user_theme, user_offset, user_avatar, user_sig, user_posts, user_joined, user_lastvisit, user_ip, user_rights, user_groups, user_level, user_status) VALUES('\".$user_info['user_name'].\"', '\".$user_info['user_password'].\"', '\".$user_info['user_email'].\"', '\".$user_info['user_hide_email'].\"', '', '0000-00-00', '', '', '', '', '', 'Default', '0', '', '', '0', '\".time().\"', '0', '\".USER_IP.\"', '', '', '101', '$activation')\");
$result = dbquery(\"DELETE FROM \".$db_prefix.\"new_users WHERE user_code='$activate'\");
opentable($locale['401']);
if ($settings['admin_activation'] == \"1\") {
echo \"
\n\".$locale['455'].\"
\n\".$locale['453'].\"
\n\n\";
} else {
echo \"
\n\".$locale['455'].\"
\n\".$locale['452'].\"
\n\n\";
}
closetable();
} else {
fallback(\"index.php\");
}
} else if (isset($_POST['register'])) {
$error = \"\";
$username = stripinput(trim(eregi_replace(\" +\", \" \", $_POST['username'])));
$email = stripinput(trim(eregi_replace(\" +\", \"\", $_POST['email'])));
$password1 = stripinput(trim(eregi_replace(\" +\", \"\", $_POST['password1'])));
if ($username == \"\" || $password1 == \"\" || $email == \"\") $error .= $locale['402'].\"
\n\";
if (!preg_match(\"/^[-0-9A-Z_@\s]+$/i\", $username)) $error .= $locale['403'].\"
\n\";
if (preg_match(\"/^[0-9A-Z@]{6,20}$/i\", $password1)) {
if ($password1 != $_POST['password2']) $error .= $locale['404'].\"
\n\";
} else {
$error .= $locale['405'].\"
\n\";
}
if (!preg_match(\"/^[-0-9A-Z_\.]{1,50}@([-0-9A-Z_\.]+\.){1,50}([0-9A-Z]){2,4}$/i\", $email)) {
$error .= $locale['406'].\"
\n\";
}
$email_domain = substr(strrchr($email, \"@\"), 1);
$result = dbquery(\"SELECT * FROM \".$db_prefix.\"blacklist WHERE blacklist_email='\".$email.\"' OR blacklist_email='$email_domain'\");
if (dbrows($result) != 0) $error = $locale['411'].\"
\n\";
$result = dbquery(\"SELECT * FROM \".$db_prefix.\"users WHERE user_name='$username'\");
if (dbrows($result) != 0) $error = $locale['407'].\"
\n\";
$result = dbquery(\"SELECT * FROM \".$db_prefix.\"users WHERE user_email='\".$email.\"'\");
if (dbrows($result) != 0) $error = $locale['408'].\"
\n\";
if ($settings['email_verification'] == \"1\") {
$result = dbquery(\"SELECT * FROM \".$db_prefix.\"new_users\");
while ($new_users = dbarray($result)) {
$user_info = unserialize($new_users['user_info']);
if ($new_users['user_email'] == $email) { $error = $locale['409'].\"
\n\"; }
if ($user_info['user_name'] == $username) { $error = $locale['407'].\"
\n\"; break; }
}
}
if ($settings['display_validation'] == \"1\") {
if (!check_captcha($_POST['captcha_encode'], $_POST['captcha_code'])) {
$error .= $locale['410'].\"
\n\";
}
}
$user_hide_email = isNum($_POST['user_hide_email']) ? $_POST['user_hide_email'] : \"1\";
if ($settings['email_verification'] == \"0\") {
$user_location = isset($_POST['user_location']) ? stripinput(trim($_POST['user_location'])) : \"\";
if ($_POST['user_month'] != 0 && $_POST['user_day'] != 0 && $_POST['user_year'] != 0) {
$user_birthdate = (isNum($_POST['user_year']) ? $_POST['user_year'] : \"0000\")
.\"-\".(isNum($_POST['user_month']) ? $_POST['user_month'] : \"00\")
.\"-\".(isNum($_POST['user_day']) ? $_POST['user_day'] : \"00\");
} else {
$user_birthdate = \"0000-00-00\";
}
$user_aim = isset($_POST['user_aim']) ? stripinput(trim($_POST['user_aim'])) : \"\";
$user_icq = isset($_POST['user_icq']) ? stripinput(trim($_POST['user_icq'])) : \"\";
$user_msn = isset($_POST['user_msn']) ? stripinput(trim($_POST['user_msn'])) : \"\";
$user_yahoo = isset($_POST['user_yahoo']) ? stripinput(trim($_POST['user_yahoo'])) : \"\";
$user_web = isset($_POST['user_web']) ? stripinput(trim($_POST['user_web'])) : \"\";
$user_theme = stripinput($_POST['user_theme']);
$user_offset = is_numeric($_POST['user_offset']) ? $_POST['user_offset'] : \"0\";
$user_sig = isset($_POST['user_sig']) ? stripinput(trim($_POST['user_sig'])) : \"\";
}
if ($error == \"\") {
if ($settings['email_verification'] == \"1\") {
require_once INCLUDES.\"sendmail_include.php\";
mt_srand((double)microtime()*1000000); $salt = \"\";
for ($i=0;$i<=7;$i++) { $salt .= chr(rand(97, 122)); }
$user_code = md5($email.$salt);
$activation_url = $settings['siteurl'].\"register.php?activate=\".$user_code;
if (sendemail($username,$email,$settings['siteusername'],$settings['siteemail'],$locale['449'], $locale['450'].$activation_url)) {
$user_info = serialize(array(
\"user_name\" => $username,
\"user_password\" => md5(md5($password1)),
\"user_email\" => $email,
\"user_hide_email\" => isNum($_POST['user_hide_email']) ? $_POST['user_hide_email'] : \"1\"
));
$result = dbquery(\"INSERT INTO \".$db_prefix.\"new_users (user_code, user_email, user_datestamp, user_info) VALUES('$user_code', '\".$email.\"', '\".time().\"', '$user_info')\");
opentable($locale['400']);
echo \"
\n\".$locale['454'].\"
\n\n\";
closetable();
} else {
opentable($locale['456']);
echo \"
\n\".$locale['457'].\"
\n\n\";
closetable();
}
} else {
$activation = $settings['admin_activation'] == \"1\" ? \"2\" : \"0\";
$result = dbquery(\"INSERT INTO \".$db_prefix.\"users (user_name, user_password, user_email, user_hide_email, user_location, user_birthdate, user_aim, user_icq, user_msn, user_yahoo, user_web, user_theme, user_offset, user_avatar, user_sig, user_posts, user_joined, user_lastvisit, user_ip, user_rights, user_groups, user_level, user_status) VALUES('$username', '\".md5(md5($password1)).\"', '\".$email.\"', '$user_hide_email', '$user_location', '$user_birthdate', '$user_aim', '$user_icq', '$user_msn', '$user_yahoo', '$user_web', '$user_theme', '$user_offset', '', '$user_sig', '0', '\".time().\"', '0', '\".USER_IP.\"', '', '', '101', '$activation')\");
opentable($locale['400']);
if ($settings['admin_activation'] == \"1\") {
echo \"
\n\".$locale['451'].\"
\n\".$locale['453'].\"
\n\n\";
} else {
echo \"
\n\".$locale['451'].\"
\n\".$locale['452'].\"
\n\n\";
}
closetable();
}
} else {
opentable($locale['456']);
echo \"
\n\".$locale['458'].\"
\n$error
\n\".$locale['459'].\"\n\";
closetable();
}
} else {
if ($settings['email_verification'] == \"0\") {
$theme_files = makefilelist(THEMES, \".|..\", true, \"folders\");
array_unshift($theme_files, \"Default\");
$offset_list = \"\";
for ($i=-13;$i<17;$i++) {
if ($i > 0) { $offset=\"+\".$i; } else { $offset=$i; }
$offset_list .= \" $offset\n\";
}
}
opentable($locale['400']);
echo \"\".$locale['500'].\"\n\";
if ($settings['email_verification'] == \"1\") echo $locale['501'].\"\n\";
echo $locale['502'];
if ($settings['email_verification'] == \"1\") echo \"\n\".$locale['503'];
echo \"
\";
closetable();
echo \"\n\";
}
} else {
opentable($locale['400']);
echo \"
\n\".$locale['507'].\"
\n\n\";
closetable();
}
require_once \"side_right.php\";
require_once \"footer.php\";
?>
na?
Redagavo Lordcraft 2011-01-29 15:40 |
