function isEmail($login)
{
if (empty($login)) {
$GLOBALS["error_detected"] = _T("empty login");
} else {
$req = "SELECT email_adh\n\t\t\t\tFROM " . PREFIX_DB . "adherents\n\t\t\t\tWHERE login_adh=" . txt_sqls($login);
$result =& $GLOBALS["DB"]->Execute($req);
if ($result->EOF) {
$GLOBALS["error_detected"] = _T("this login doesn't exist");
dblog("Nonexistent login sent via the lost password form. Login:"******" \"" . $login . "\"");
} else {
$email = $result->fields[0];
if (empty($email)) {
$GLOBALS["error_detected"] = _T("This account doesn't have a valid email address. Please contact an administrator.");
dblog("Someone asked to recover his password but had no email. Login:"******" \"" . $login . "\"");
} else {
return $email;
}
}
}
}
}
if (!isset($pref_lang)) {
$pref_lang = PREF_LANG;
}
echo "<a href=\"self_adherent.php?pref_lang={$pref_lang}\">" . _T("Subscribe") . "</a>";
}
// Authentication procedure
if (isset($_POST["ident"])) {
if ($_POST["login"] == PREF_ADMIN_LOGIN && $_POST["password"] == PREF_ADMIN_PASS || $_POST["login"] == PREF_ADMIN_LOGIN && md5($_POST["password"]) == PREF_ADMIN_PASS) {
$_SESSION["logged_status"] = 1;
$_SESSION["admin_status"] = 1;
$_SESSION["logged_username"] = $_POST["login"];
$_SESSION["logged_nom_adh"] = "Admin";
dblog("Login");
} else {
$requete = "SELECT id_adh, bool_admin_adh, nom_adh, prenom_adh, mdp_adh, pref_lang\n\t\t\t\t\tFROM " . PREFIX_DB . "adherents\n\t\t\t\t\tWHERE login_adh=" . txt_sqls($_POST["login"]) . "\n\t\t\t\t\tAND activite_adh='1'";
$resultat =& $DB->Execute($requete);
if (!$resultat->EOF && ($resultat->fields[4] == $_POST["password"] || $resultat->fields[4] == md5($_POST["password"]))) {
if ($resultat->fields[1] == "1") {
$_SESSION["admin_status"] = 1;
}
$_SESSION["logged_id_adh"] = $resultat->fields[0];
$_SESSION["logged_status"] = 1;
$_SESSION["logged_nom_adh"] = strtoupper($resultat->fields[2]) . " " . strtolower($resultat->fields[3]);
$pref_lang = $resultat->fields[5];
setcookie("pref_lang", $pref_lang);
dblog("Login");
} else {
dblog("Authentication failed", $_POST["login"]);
}
}
if (strcmp($_POST["mdp_adh"], $_POST["mdp_adh2"])) {
$error_detected[] = _T("- The passwords don't match!");
} else {
$passwd = $_POST['mdp_adh'];
if (strlen($passwd) < 4) {
$error_detected[] = _T("- The password must be of at least 4 characters!");
} else {
$passwd = md5($passwd);
$query = "UPDATE " . PREFIX_DB . "adherents";
$query .= " SET mdp_adh = '{$passwd}'";
$query .= " WHERE id_adh = '{$id_adh}'";
if (!$DB->Execute($query)) {
$warning_detected = _T("There was a database error");
} else {
//delete temporary password from table
$query = "DELETE from " . PREFIX_DB . "tmppasswds where tmp_passwd=" . txt_sqls($hash);
if (!$DB->Execute($query)) {
$warning_detected = _T("There was a database error");
} else {
dblog("**Password changed**. id:" . " \"" . $id_adh . "\"");
$warning_detected = _T("Password changed, you will be redirected to login page");
$head_redirect = "<meta http-equiv=\"refresh\" content=\"10;url=index.php\" />";
}
}
}
}
}
}
} else {
header('location: index.php');
die;
