function setMyCookie($userName, $userPass, $userExpTime, $encodePass = TRUE) { if ($userPass != '' and $encodePass) { $userPass = writeUserPwd($userPass); } setcookie($GLOBALS['cookiename'], $userName . '|' . $userPass . '|' . $userExpTime, $GLOBALS['cookieexptime'], $GLOBALS['cookiepath'], $GLOBALS['cookiedomain'], $GLOBALS['cookiesecure']); }
if (isset($metaLocation)) { $meta_relocate = "{$main_url}/{$indexphp}{$queryStr}"; echo ParseTpl(makeUp($metaLocation)); exit; } else { header("Location: {$main_url}/{$indexphp}{$queryStr}"); } } elseif (!isset($_POST['allForums']) and isset($_COOKIE[$cookiename . 'allForumsPwd'])) { $allForums = $_COOKIE[$cookiename . 'allForumsPwd']; } elseif (!isset($_POST['allForums']) and !isset($_COOKIE[$cookiename . 'allForumsPwd']) and isset($_SESSION['allForums'])) { $allForums = $_SESSION['allForums']; } else { $allForums = ''; } if ($protectWholeForum == 1) { if ($allForums != writeUserPwd($protectWholeForumPwd)) { $title = $sitename . " :: " . $l_forumProtected; echo ParseTpl(makeUp('protect_forums')); exit; } } if ($viewTopicsIfOnlyOneForum == 1 and ($action == '' or $action == 'vtopic' or $action == 'vthread')) { $row = db_simpleSelect(0, $Tf, 'forum_id, forum_name, forum_icon, forum_desc, topics_count', '', '', '', 'forum_id asc', 1); $forumsArray[$row[0]] = array($row[1], $row[2], $row[3], $row[4]); $forum = $row[0]; if ($action == '') { $action = 'vtopic'; } } if (!isset($logged_admin)) { $logged_admin = 0;
$fs = db_delete($Ts, 'user_id', '=', $rw[0]); $row = $delemail; } elseif ($delemail == '') { $fs = db_delete($Ts); $row = 'ALL'; } else { $warning = $l_emailNotExists; $text2 = ParseTpl(makeUp('admin_sendmails1')); break; } $warning = $l_completed . " ({$row})"; $text2 = ParseTpl(makeUp('admin_panel')); break; case 'restoreData': ${$dbUserSheme['username'][1]} = $admin_usr; ${$dbUserSheme['user_password'][1]} = writeUserPwd($admin_pwd); ${$dbUserSheme['user_email'][1]} = $admin_email; ${$dbUserDate} = date('Y-m-d H:i:s'); $fields = array($dbUserSheme['username'][1], $dbUserSheme['user_password'][1], $dbUserSheme['user_email'][1]); if ($res = db_simpleSelect(0, $Tu, $dbUserId, $dbUserId, '=', 1)) { $ins = 1; $fs = updateArray($fields, $Tu, $dbUserId, 1); } else { $fields[] = $dbUserDate; $fields[] = $dbUserId; ${$dbUserId} = 1; $ins = 0; $fs = insertArray($fields, $Tu); } if ($fs > 0 and $ins == 1 or $fs == 0 and $ins == 0) { $warning = $l_prefsUpdated;
// if this is not admin, this is anonymous or registered user; check registered first } else { if (isset($loginsCase) and $loginsCase) { $caseComp1 = $caseComp . '('; $caseComp2 = ')'; } else { $caseComp1 = ''; $caseComp2 = ''; } if ($row = db_simpleSelect(FALSE, $Tu, $dbUserSheme['username'][1] . ',' . $dbUserSheme['user_password'][1], $caseComp1 . $dbUserSheme['username'][1] . $caseComp2, '=', $user_usr, '', 1)) { // It means that username exists in database; so let's check a password $username = $row[0]; $userpassword = $row[1]; if (($user_usr == $username or isset($loginsCase) and $loginsCase and strtolower($user_usr) == strtolower($username)) and $userpassword == writeUserPwd($user_pwd)) { $logged_user = 1; $cook = $username . "|" . writeUserPwd($user_pwd) . "|" . $cookieexptime; deleteMyCookie(); setMyCookie($username, $user_pwd, $cookieexptime); setCSRFCheckCookie(); if ($action == '') { if (isset($metaLocation)) { $meta_relocate = "{$main_url}/{$indexphp}{$queryStr}"; echo ParseTpl(makeUp($metaLocation)); exit; } elseif ($queryStr2 != '') { header("Location: {$queryStr2}"); exit; } else { header("Location: {$urlp}"); } }
$title .= $l_sub_pass; echo load_header(); echo ParseTpl(makeUp('tools_send_password')); return; } else { if (!($updId = db_simpleSelect(0, $Tu, "{$dbUserId},{$dbUserSheme['language'][1]},{$dbUserSheme['username'][1]}", $dbUserSheme['user_email'][1], '=', $email))) { $title .= $l_emailNotExists; $errorMSG = $l_emailNotExists; $correctErr = $backErrorLink; echo load_header(); echo ParseTpl(makeUp('main_warning')); return; } else { $ulang = $updId[1]; $loginName = $updId[2]; ${$dbUserNp} = substr(ereg_replace("[^0-9A-Za-z]", "A", writeUserPwd(uniqid(rand()))), 0, 8); $newPasswd = ${$dbUserNp}; ${$dbUserNk} = substr(md5(uniqid(rand())), 0, 32); $confirmCode = ${$dbUserNk}; $updArr = array($dbUserNp, $dbUserNk); $fs = updateArray($updArr, $Tu, $dbUserId, $updId[0]); if ($fs > 0) { if ($emailusers == 2 and file_exists($pathToFiles . 'templates/email_user_password_' . $ulang . '.txt')) { $langS = $ulang; } else { $langS = $langOrig; } $msg = ParseTpl(makeUp('email_user_password_' . $langS)); $sub = explode('SUBJECT>>', $msg); $sub = explode('<<', $sub[1]); $msg = trim($sub[1]);
if ($step == 1) { if (isset($closeRegister) and $closeRegister == 1) { $_POST['passwd'] = substr(ereg_replace("[^0-9A-Za-z]", "A", writeUserPwd(uniqid(rand()))), 0, 8); $_POST['passwd2'] = $_POST['passwd']; } require $pathToFiles . 'bb_func_usrdat.php'; if (db_simpleSelect(0, $Tu, $dbUserId, $dbUserId, '=', 1) and !db_simpleSelect(0, $Tu, $dbUserId, $caseComp . "({$dbUserSheme['username'][1]})", '=', strtolower(${$dbUserSheme['username'][2]})) and !db_simpleSelect(0, $Tu, $dbUserId, $caseComp . "({$dbUserSheme['user_email'][1]})", '=', strtolower(${$dbUserSheme['user_email'][2]})) and ${$dbUserSheme['username'][2]} != $admin_usr and strtolower(${$dbUserSheme['user_email'][2]}) != strtolower($admin_email)) { $act = 'reg'; require $pathToFiles . 'bb_func_checkusr.php'; if (file_exists($pluginsFile)) { include $pluginsFile; } if ($correct == 0) { $addFieldsGen = array('user_icq', 'user_website', 'user_occ', 'user_from', 'user_interest'); ${$dbUserDate} = date('Y-m-d H:i:s'); ${$dbUserSheme['user_password'][1]} = writeUserPwd(${$dbUserSheme['user_password'][1]}); if (isset($registerInactiveUsers) and $registerInactiveUsers) { ${$dbUserAct} = 0; } else { ${$dbUserAct} = 1; } $insa = array($dbUserSheme['username'][1], $dbUserDate, $dbUserSheme['user_password'][1], $dbUserSheme['user_email'][1], $dbUserSheme['user_viewemail'][1], $dbUserSheme['user_sorttopics'][1], $dbUserSheme['language'][1], $dbUserAct); foreach ($addFieldsGen as $k) { if (isset($dbUserSheme[$k])) { $insa[] = $dbUserSheme[$k][1]; } } foreach ($dbUserSheme as $k => $v) { if (strstr($k, 'user_custom') and isset($_POST[$v[2]]) and $_POST[$v[2]] != '') { $insa[] = $v[1]; }
$confEmail = TRUE; } if ($confirmCode == '') { $title .= $l_forbidden; $errorMSG = $l_forbidden; $correctErr = ''; } elseif ($curr = db_simpleSelect(0, $Tu, $dbUserNp, $dbUserNk, '=', $confirmCode)) { if ($confEmail) { ${$dbUserNk} = ''; ${$dbUserNp} = ''; ${$dbUserAct} = 1; $updArr = array($dbUserAct, $dbUserNk, $dbUserNp); $fs = updateArray($updArr, $Tu, $dbUserNk, $confirmCode); $mes = $l_emailCodeConfirm; } else { ${$dbUserSheme['user_password'][1]} = writeUserPwd($curr[0]); ${$dbUserNk} = ''; ${$dbUserNp} = ''; $updArr = array($dbUserSheme['user_password'][1], $dbUserNk, $dbUserNp); $fs = updateArray($updArr, $Tu, $dbUserNk, $confirmCode); $mes = $l_passwdUpdate; } if ($fs > 0) { $title .= $mes; $errorMSG = $mes; $correctErr = ''; } else { $title .= $l_itseemserror; $errorMSG = $l_itseemserror; $correctErr = ''; }