public static function generate($userId, $lenght)
{
if (!Activation::get($userId)) {
$activationCode = substr(md5(rand() . microtime()), 0, $lenght);
$activation = new Activation();
$activation->user = $userId;
$activation->code = $activationCode;
$activation->active = 0;
$activation->insert();
return $activation->code;
} else {
return Activation::get($userId);
}
}
'key' => FILTER_SANITIZE_STRING,
'activation-password' => FILTER_UNSAFE_RAW,
'activation-passwordv' => FILTER_UNSAFE_RAW,
'activation-submit' => FILTER_SANITIZE_STRING,
);
$filtered = filter_input_array(INPUT_POST, $filter);
$filteredG = filter_input_array(INPUT_GET, $filter);
$aAccount = new Activation();
if ($filteredG['activation-id']) {
$aAccount->get($filteredG['activation-id']);
// The account they're trying to activate exists.
if ($aAccount->id) {
if ($aAccount->success) {
// It's already activated
header('Location: index.php?e=2');
exit;
}
else {
// Still needs to activate
$t->activationId = $aAccount->id;
$t->username = $aAccount->username;
}
}
}
try {
if (isset($_POST['register-captcha'])) {
$inputValue[4] = "";
/* we need to always clear the captcha field, because it will regenerate after a reresh*/
if ($Error->captcha($_POST['register-captcha'])) {
$errorClass[4] = 'success';
} else {
$errorClass[4] = 'error';
}
} else {
if (isset($_POST['action'])) {
$Error->add('error', 'Captcha cannot be left empty');
$errorClass[4] = 'error';
}
}
// Instantiontiate the erroring before we need to refresh the page
$msg = $Error->alert();
// Check if the form was submitted without any errors.
if (isset($_POST['register-username']) && isset($_POST['register-password']) && isset($_POST['register-confirm']) && isset($_POST['register-email']) && isset($_POST['register-captcha']) && !$Error->ok()) {
$complete = true;
// Create the actual user
Auth::createNewUser($_POST['register-username'], $_POST['register-password'], $_POST['register-email']);
$userId = Auth::userId($_POST['register-username']);
$link = full_url_to_script('activate.php') . "?action=activate&code=" . Activation::get($userId) . "&id=" . $userId;
//echo $link;
Emailtemplate::setBaseDir('./assets/email_templates');
$html = Emailtemplate::loadTemplate('activation', array('title' => 'Activation Email', 'prettyName' => Options::get('prettyName'), 'name' => $_POST['register-username'], 'siteName' => Options::get('emailName'), 'activationLink' => $link, 'footerLink' => Options::get('siteName'), 'footerEmail' => Options::get('emailInfo')));
send_html_mail(array($_POST['register-username'] => $_POST['register-email']), 'Activation Email', $html, array(Options::get('siteName') => Options::get('emailAdmin')));
}
Template::setBaseDir('./assets/tmpl');
$html = Template::loadTemplate('layout', array('header' => Template::loadTemplate('header', array('title' => $title, 'user' => $user, 'admin' => $isadmin, 'msg' => $msg, 'meta' => $meta, 'selected' => 'register')), 'content' => Template::loadTemplate('register', array('errorClass' => $errorClass, 'inputValue' => $inputValue, 'complete' => $complete, 'callback' => $callback)), 'footer' => Template::loadTemplate('footer', array('time_start' => $time_start))));
echo $html;
// Instantiontiate the erroring before we need to refresh the page
$msg = $Error->alert();
// Check if the form was submitted without any errors.
if (isset($detail) && Auth::resetPasswordCheck($detail) !== false) {
$userId = Auth::resetPasswordCheck($detail);
$activationCode = Activation::get($userId);
$complete = true;
$u = new User($userId);
$link = full_url_to_script('forgot.php') . "?action=resetpassword&code=" . Activation::get($userId) . "&uid=" . $userId;
// Select the Email tempalte and replace the relevant values
Emailtemplate::setBaseDir('./assets/email_templates');
$html = Emailtemplate::loadTemplate('forgot', array('title' => 'Reset Password Email', 'prettyName' => Options::get('prettyName'), 'name' => $u->username, 'siteName' => Options::get('emailName'), 'link' => $link, 'footerLink' => Options::get('siteName'), 'footerEmail' => Options::get('emailInfo')));
// Replace the relevant values and send the HTML email
send_html_mail(array($u->username => $u->email), 'Reset Password Email', $html, array(Options::get('siteName') => Options::get('emailAdmin')));
}
// Otherwise if the email link is followed lets reset the password and email it to the user.
if (isset($_GET['action']) && $_GET['action'] == 'resetpassword' && isset($_GET['uid']) && isset($_GET['code']) and Activation::get($_GET['uid']) == $_GET['code']) {
$u = new User($_GET['uid']);
$userId = $u->id;
$newPassword = Auth::generateStrongPassword(6, false, 'ld');
Auth::changePassword($userId, $newPassword);
$reset = true;
// Select the Email tempalte and replace the relevant values
Emailtemplate::setBaseDir('./assets/email_templates');
$html = Emailtemplate::loadTemplate('reset', array('title' => 'Password Successfully Reset', 'prettyName' => Options::get('prettyName'), 'name' => $u->username, 'siteName' => Options::get('emailName'), 'password' => $newPassword, 'footerLink' => Options::get('siteName'), 'footerEmail' => Options::get('emailInfo')));
// Replace the relevant values and send the HTML email
send_html_mail(array($u->username => $u->email), 'New Password', $html, array(Options::get('siteName') => Options::get('emailAdmin')));
}
Template::setBaseDir('./assets/tmpl');
$html = Template::loadTemplate('layout', array('header' => Template::loadTemplate('header', array('title' => $title, 'user' => $user, 'admin' => $isadmin, 'msg' => $msg, 'meta' => $meta, 'selected' => 'forgot')), 'content' => Template::loadTemplate('forgot', array('inputValue' => $inputValue, 'complete' => $complete, 'reset' => $reset, 'password' => $newPassword)), 'footer' => Template::loadTemplate('footer', array('time_start' => $time_start))));
echo $html;
$errorClass[0] = 'error';
$Error->add('error', 'Invalid username.');
}
}
if (isset($_REQUEST['code']) && $_REQUEST['code'] !== $inputValue[1]) {
$code = $_REQUEST['code'];
$inputValue[1] = $code;
} else {
$errorClass[1] = 'error';
$Error->add('error', 'Invalid activation code');
}
}
if ($uid and $code) {
// First check the client's username and get the id if it's not one
$userId = Auth::userId($uid);
$activationCode = Activation::get($userId);
/*echo $uid . "<br />";
echo $userId . "<br />";
echo $activationCode . "<br />";
echo $code . "<br />";*/
if ($activationCode !== $code) {
$errorClass[0] = 'error';
$errorClass[1] = 'error';
$Error->add('error', 'Activation unsuccessfull, please confirm that the details are correct or follow the link in the activation email sent to you.');
}
}
$msg = $Error->alert();
if (!$Error->ok() && ($uid and $code)) {
$complete = true;
echo Activation::activate($userId);
}