} } else { $module .= _formMessage(2, str_replace(array("*1*", "*2*"), array(_maxloginattempts, _maxloginexpire / 60), $_lang['login.attemptlimit'])); } break; default: $module .= "<p class='bborder'>" . $_lang['mod.lostpass.p'] . "</p>"; // kontrola promennych, odeslani emailu $sent = false; if (isset($_POST['username'])) { if (_iplogCheck(7)) { // nacteni promennych $username = _anchorStr($_POST['username'], false); $email = DB::esc($_POST['email']); // kontrola promennych if (_captchaCheck()) { $userdata = DB::query("SELECT email,password,salt,username FROM `" . _mysql_prefix . "-users` WHERE username='******' AND email='" . $email . "'"); if (DB::size($userdata) != 0) { // odeslani emailu $userdata = DB::row($userdata); $link = _url . "/index.php?m=lostpass&link&user="******"&hash=" . md5($userdata['email'] . $userdata['salt'] . $userdata['password']); $text_tags = array("*domain*", "*username*", "*link*", "*date*", "*ip*"); $text_contents = array(_getDomain(), $userdata['username'], $link, _formatTime(time()), _userip); if (_mail($userdata['email'], str_replace('*domain*', _getDomain(), $_lang['mod.lostpass.mail.subject']), str_replace($text_tags, $text_contents, $_lang['mod.lostpass.mail.text']), "Content-Type: text/plain; charset=UTF-8\n" . _sysMailHeader())) { $module .= _formMessage(1, $_lang['mod.lostpass.cmailsent']); _iplogUpdate(7); $sent = true; } else { $module .= _formMessage(3, $_lang['hcm.mailform.msg.failure2']); } } else {
} /* -- kontrola prispevku pro odpoved -- */ if ($xhome != -1 && $posttype != 6) { $continue2 = false; $tdata = DB::query("SELECT xhome FROM `" . _mysql_prefix . "-posts` WHERE id=" . $xhome . " AND home=" . $posttarget . " AND locked=0"); if (DB::size($tdata) != 0) { $tdata = DB::row($tdata); if ($tdata['xhome'] == -1) { $continue2 = true; } } } else { $continue2 = true; } /* -- ulozeni prispevku -- */ if ($continue and $continue2 and $text != "" and $posttype == 4 || _captchaCheck()) { if (_xsrfCheck()) { if ($posttype == 4 or _loginright_unlimitedpostaccess or _iplogCheck(5)) { if ($guest === '' || DB::result(DB::query('SELECT COUNT(*) FROM `' . _mysql_prefix . '-users` WHERE username=\'' . DB::esc($guest) . '\' OR publicname=\'' . DB::esc($guest) . '\''), 0) == 0) { // zpracovani pluginem $allow = true; _extend('call', 'posts.submit', array('allow' => &$allow, 'posttype' => $posttype, 'posttarget' => $posttarget, 'xhome' => $xhome, 'subject' => &$subject, 'text' => &$text, 'author' => $author, 'guest' => $guest)); if ($allow) { // ulozeni DB::query("INSERT INTO `" . _mysql_prefix . "-posts` (type,home,xhome,subject,text,author,guest,time,ip,bumptime,flag) VALUES (" . $posttype . "," . $posttarget . "," . $xhome . ",'" . $subject . "','" . $text . "'," . $author . ",'" . $guest . "'," . time() . ",'" . _userip . "'," . ($posttype == 5 && $xhome == -1 ? 'UNIX_TIMESTAMP()' : '0') . "," . $pluginflag . ")"); $insert_id = DB::insertID(); if (!_loginright_unlimitedpostaccess and $posttype != 4) { _iplogUpdate(5); } $return = 1; _extend('call', 'posts.new', array('id' => $insert_id, 'posttype' => $posttype));
$receiver = $_SESSION[$skey]; unset($_SESSION[$skey], $skey); } else { die($_lang['global.badinput']); } // casove omezeni if (_iplogCheck(5)) { _iplogUpdate(5); } else { // prekroceno echo str_replace('*postsendexpire*', _postsendexpire, $_lang['misc.requestlimit']); die; } // odeslani if (_xsrfCheck()) { if (_validateEmail($sender) and $text != "" and _captchaCheck()) { // pridani informacniho textu do tela $info_ip = _userip; if (_loginindicator) { $info_ip .= ' (' . _loginname . ')'; } $info_from = array("*domain*", "*time*", "*ip*", "*sender*"); $info_to = array(_getDomain(), _formatTime(time()), $info_ip, $sender); $text .= "\n\n" . str_repeat("-", 16) . "\n" . str_replace($info_from, $info_to, $_lang['hcm.mailform.info']); // prilozeni souboru if (isset($_FILES['att']['tmp_name']) and is_uploaded_file($_FILES['att']['tmp_name'])) { $att = true; $att_name = $_FILES['att']['name']; $att_tmpname = $_FILES['att']['tmp_name']; $att_content = @file_get_contents($att_tmpname); $att_content = @chunk_split(@base64_encode($att_content));
if ($password != $password2) { $errors[] = $_lang['mod.reg.nosame']; } if ($password != "") { $password = _md5Salt($password); } else { $errors[] = $_lang['mod.reg.passwordneeded']; } $email = DB::esc(trim($_POST['email'])); if (!_validateEmail($email)) { $errors[] = $_lang['admin.users.edit.bademail']; } if (DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-users` WHERE email='" . $email . "'"), 0) != 0) { $errors[] = $_lang['admin.users.edit.emailexists']; } if (!_captchaCheck()) { $errors[] = $_lang['captcha.failure']; } $massemail = _checkboxLoad('massemail'); if (_registration_grouplist and isset($_POST['group'])) { $group = intval($_POST['group']); $groupdata = DB::query("SELECT id FROM `" . _mysql_prefix . "-groups` WHERE id=" . $group . " AND blocked=0 AND reglist=1"); if (DB::size($groupdata) == 0) { $errors[] = $_lang['global.badinput']; } } else { $group = _defaultgroup; } if (SL::$settings['rules'] != "" and !_checkboxLoad("agreement")) { $errors[] = $_lang['mod.reg.rules.disagreed']; }