}
} else {
$module .= _formMessage(2, str_replace(array("*1*", "*2*"), array(_maxloginattempts, _maxloginexpire / 60), $_lang['login.attemptlimit']));
}
break;
default:
$module .= "<p class='bborder'>" . $_lang['mod.lostpass.p'] . "</p>";
// kontrola promennych, odeslani emailu
$sent = false;
if (isset($_POST['username'])) {
if (_iplogCheck(7)) {
// nacteni promennych
$username = _anchorStr($_POST['username'], false);
$email = DB::esc($_POST['email']);
// kontrola promennych
if (_captchaCheck()) {
$userdata = DB::query("SELECT email,password,salt,username FROM `" . _mysql_prefix . "-users` WHERE username='******' AND email='" . $email . "'");
if (DB::size($userdata) != 0) {
// odeslani emailu
$userdata = DB::row($userdata);
$link = _url . "/index.php?m=lostpass&link&user="******"&hash=" . md5($userdata['email'] . $userdata['salt'] . $userdata['password']);
$text_tags = array("*domain*", "*username*", "*link*", "*date*", "*ip*");
$text_contents = array(_getDomain(), $userdata['username'], $link, _formatTime(time()), _userip);
if (_mail($userdata['email'], str_replace('*domain*', _getDomain(), $_lang['mod.lostpass.mail.subject']), str_replace($text_tags, $text_contents, $_lang['mod.lostpass.mail.text']), "Content-Type: text/plain; charset=UTF-8\n" . _sysMailHeader())) {
$module .= _formMessage(1, $_lang['mod.lostpass.cmailsent']);
_iplogUpdate(7);
$sent = true;
} else {
$module .= _formMessage(3, $_lang['hcm.mailform.msg.failure2']);
}
} else {
}
/* -- kontrola prispevku pro odpoved -- */
if ($xhome != -1 && $posttype != 6) {
$continue2 = false;
$tdata = DB::query("SELECT xhome FROM `" . _mysql_prefix . "-posts` WHERE id=" . $xhome . " AND home=" . $posttarget . " AND locked=0");
if (DB::size($tdata) != 0) {
$tdata = DB::row($tdata);
if ($tdata['xhome'] == -1) {
$continue2 = true;
}
}
} else {
$continue2 = true;
}
/* -- ulozeni prispevku -- */
if ($continue and $continue2 and $text != "" and $posttype == 4 || _captchaCheck()) {
if (_xsrfCheck()) {
if ($posttype == 4 or _loginright_unlimitedpostaccess or _iplogCheck(5)) {
if ($guest === '' || DB::result(DB::query('SELECT COUNT(*) FROM `' . _mysql_prefix . '-users` WHERE username=\'' . DB::esc($guest) . '\' OR publicname=\'' . DB::esc($guest) . '\''), 0) == 0) {
// zpracovani pluginem
$allow = true;
_extend('call', 'posts.submit', array('allow' => &$allow, 'posttype' => $posttype, 'posttarget' => $posttarget, 'xhome' => $xhome, 'subject' => &$subject, 'text' => &$text, 'author' => $author, 'guest' => $guest));
if ($allow) {
// ulozeni
DB::query("INSERT INTO `" . _mysql_prefix . "-posts` (type,home,xhome,subject,text,author,guest,time,ip,bumptime,flag) VALUES (" . $posttype . "," . $posttarget . "," . $xhome . ",'" . $subject . "','" . $text . "'," . $author . ",'" . $guest . "'," . time() . ",'" . _userip . "'," . ($posttype == 5 && $xhome == -1 ? 'UNIX_TIMESTAMP()' : '0') . "," . $pluginflag . ")");
$insert_id = DB::insertID();
if (!_loginright_unlimitedpostaccess and $posttype != 4) {
_iplogUpdate(5);
}
$return = 1;
_extend('call', 'posts.new', array('id' => $insert_id, 'posttype' => $posttype));
$receiver = $_SESSION[$skey];
unset($_SESSION[$skey], $skey);
} else {
die($_lang['global.badinput']);
}
// casove omezeni
if (_iplogCheck(5)) {
_iplogUpdate(5);
} else {
// prekroceno
echo str_replace('*postsendexpire*', _postsendexpire, $_lang['misc.requestlimit']);
die;
}
// odeslani
if (_xsrfCheck()) {
if (_validateEmail($sender) and $text != "" and _captchaCheck()) {
// pridani informacniho textu do tela
$info_ip = _userip;
if (_loginindicator) {
$info_ip .= ' (' . _loginname . ')';
}
$info_from = array("*domain*", "*time*", "*ip*", "*sender*");
$info_to = array(_getDomain(), _formatTime(time()), $info_ip, $sender);
$text .= "\n\n" . str_repeat("-", 16) . "\n" . str_replace($info_from, $info_to, $_lang['hcm.mailform.info']);
// prilozeni souboru
if (isset($_FILES['att']['tmp_name']) and is_uploaded_file($_FILES['att']['tmp_name'])) {
$att = true;
$att_name = $_FILES['att']['name'];
$att_tmpname = $_FILES['att']['tmp_name'];
$att_content = @file_get_contents($att_tmpname);
$att_content = @chunk_split(@base64_encode($att_content));
if ($password != $password2) {
$errors[] = $_lang['mod.reg.nosame'];
}
if ($password != "") {
$password = _md5Salt($password);
} else {
$errors[] = $_lang['mod.reg.passwordneeded'];
}
$email = DB::esc(trim($_POST['email']));
if (!_validateEmail($email)) {
$errors[] = $_lang['admin.users.edit.bademail'];
}
if (DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-users` WHERE email='" . $email . "'"), 0) != 0) {
$errors[] = $_lang['admin.users.edit.emailexists'];
}
if (!_captchaCheck()) {
$errors[] = $_lang['captcha.failure'];
}
$massemail = _checkboxLoad('massemail');
if (_registration_grouplist and isset($_POST['group'])) {
$group = intval($_POST['group']);
$groupdata = DB::query("SELECT id FROM `" . _mysql_prefix . "-groups` WHERE id=" . $group . " AND blocked=0 AND reglist=1");
if (DB::size($groupdata) == 0) {
$errors[] = $_lang['global.badinput'];
}
} else {
$group = _defaultgroup;
}
if (SL::$settings['rules'] != "" and !_checkboxLoad("agreement")) {
$errors[] = $_lang['mod.reg.rules.disagreed'];
}
