eval("\$inc[action] \t= \"" . gettemplate("user.fail.activated") . "\";");
}
} else {
eval("\$inc[action] = \"" . gettemplate("fail.eingabe") . "\";");
}
}
##########################################
if ($action == "sendpasswordkey") {
if (!checkmail($form[reg_email])) {
eval("\$fail_forgotnpwd = \"" . gettemplate("fail.eingabe.invalid.mail") . "\";");
} else {
$user = $db->query("SELECT * FROM {$tab['user']} WHERE reg_email='{$form['reg_email']}' OR user_email='{$form['reg_email']}'LIMIT 1");
if (!$user[id] || $user[id] == 1) {
eval("\$fail_forgotnpwd = \"" . gettemplate("user.forgotpassword.step1.nouser") . "\";");
} else {
$key = generatepass(25);
### SQL ###
$db->query_str("UPDATE {$tab['user']} SET lostpassword='******' WHERE id='{$user['id']}'");
### Mail ###
eval("\$mail[subject] \t= \"" . gettemplate("user.forgotpassword.mail.subject") . "\";");
eval("\$mail[body] \t= \"" . gettemplate("user.forgotpassword.mail.body") . "\";");
eval("\$mail[header] \t= \"" . gettemplate("user.forgotpassword.mail.header") . "\";");
$sendmail->mail($user[reg_email], $mail[subject], $mail[body], $mail[header]);
### OUTPUT ###
eval("\$inc[action] = \"" . gettemplate("user.forgotpassword.senddone") . "\";");
}
}
}
##########################################
if ($action == "savenewpassword") {
if ($pass1 != $pass2) {
if (!($styleset = $config[defaultstyleset])) {
$styleset = "default";
}
}
if (@is_dir("templates/{$styleset}")) {
setcookie("styleset_c", $styleset, time() + 60 * 24 * 356);
} else {
$styleset = "default";
}
}
}
///////////////////////////////////
// USER IDENDITY
///////////////////////////////////
if (!$HTTP_COOKIE_VARS[cid]) {
$cid = generatepass(25);
@setcookie("cid", $cid, time() + 3600 * 365);
} else {
$cid = $HTTP_COOKIE_VARS[cid];
@setcookie("cid", $cid, time() + 3600 * 365);
}
///////////////////////////////////
// FOR THE index.php
///////////////////////////////////
if (!preg_match("/index.php/", $REQUEST_URI)) {
header("LOCATION: index.php");
exit;
}
///////////////////////////////////
// STYLE SELECT
///////////////////////////////////
if ($fp = @fopen($form[link], "rb")) {
$olduseravatar = $db->query_str("SELECT * FROM {$tab['avatar']} WHERE userid=1 LIMIT 1");
if ($oldavatar[path]) {
unlink($oldavatar[path]);
}
$olddbentrys = $db->query_str("DELETE FROM {$tab['avatar']} WHERE userid='{$login['id']}'");
$db->query_str("INSERT INTO {$tab['avatar']} (userid,path) VALUES ('{$login['id']}','{$form['link']}')");
fclose($fp);
} else {
eval("\$fail_avatar = \"Datei ungültig\";");
}
} elseif (@is_file($avatarpic_path)) {
if ($config[avatar_ftpid]) {
if ($avatarpic_size < $config[avatar_maxsize] || is_allowed("any")) {
if (preg_match("#^image#", $avatarpic_type)) {
$name = generatepass(15);
$accesscodes = getftpaccesscodes($config[avatar_ftpid]);
if ($ftp->connect($accesscodes[host], $accesscodes[port], $accesscodes[user], $accesscodes[pwd])) {
if ($fp = fopen($avatarpic_path, "rb")) {
$ftp->setmode(2);
if ($ftp->cfput($fp, $accesscodes[path] . $name)) {
$olduseravatar = $db->query("SELECT * FROM {$tab['avatar']} WHERE userid=1 LIMIT 1");
if ($oldavatar[path]) {
unlink($oldavatar[path]);
}
$olddbentrys = $db->query_str("DELETE FROM {$tab['avatar']} WHERE userid='{$login['id']}'");
$db->query_str("INSERT INTO {$tab['avatar']} (userid,path) VALUES ('{$login['id']}','{$name}')");
} else {
eval("\$fail_avatar = \"Upload Failed\";");
}
$ftp->disconnect();