protected function _bio_publish($address, $key) { global $warning; if (empty($address)) { $warning->set('no_bio_address'); } if (empty($key)) { $warning->set('no_bio_key'); } $v['field'] = email_format($address) !== false ? 'address' : 'alias'; // sql $sql = 'SELECT bio_id, bio_key, bio_fails FROM _bio WHERE bio_?? = ? AND bio_status = ?'; if ($_bio = sql_fieldrow(sql_filter($sql, $v['field'], $address, 1))) { if ($_bio->bio_key === _password($key)) { if ($_bio->bio_fails) { $sql = 'UPDATE _bio SET bio_fails = 0 WHERE bio_id = ?'; sql_query(sql_filter($sql, $_bio->bio_id)); } $bio->session_create($_bio->bio_id); return true; } if ($_bio->bio_fails == $core->v('bio_maxfails')) { // TODO: Captcha system if maxfail reached _fatal(508); } $sql = 'UPDATE _bio SET bio_fails = bio_fails + 1 WHERE bio_id = ?'; sql_query(sql_filter($sql, $_bio->bio_id)); sleep(5); $warning->set('login_error'); } $alias = _low($this->extract_alias($address)); $alias_len = strlen($v['nickname']); if ($alias_len < 1 || $alias_len > 20) { $warning->set('alias_len'); } // TODO: Continue work return; }
protected function _password_home() { global $bio; $v = $this->__(w('k')); if (f($v['k'])) { // TODO: Password reset from email link } if (_button()) { $v = $this->__(w('address')); if (!f($v['address'])) { $this->_error('#NO_SUCH_BIO'); } $v['field'] = email_format($v['address']) !== false ? 'address' : 'alias'; if ($v['field'] == 'alias' && !_low($v['address'])) { $this->_error('#NO_SUCH_BIO'); } $sql = 'SELECT bio_alias, bio_name, bio_email, bio_lang FROM _bio WHERE bio_?? = ? AND bio_active = ?'; if (!($_bio = _fieldrow(sql_filter($sql, $v['field'], $v['address'], 1)))) { $this->_error('#NO_SUCH_BIO'); } $actkey = substr(unique_id(), 0, 6); $sql = 'UPDATE _bio SET bio_actkey = ? WHERE bio_id = ?'; _sql(sql_filter($sql, $actkey, $_bio['bio_id'])); // $properties = array('to' => $userdata['bio_address'], 'template' => 'user_activate_passwd', 'vars' => array('USERNAME' => $userdata['username'], 'PASSWORD' => $user_password, 'U_ACTIVATE' => _link('my', array('password', 'k' => $user_actkey)))); _sendmail($properties); $this->_error('PASSWD_SENT'); } return; }
protected function _up_home() { global $bio, $warning; $v = $this->__(w('send address')); if (!empty($v->send)) { $v = _array_merge($v, $this->__(array_merge(w('password firstname lastname country status'), _array_keys(w('gender birth_day birth_month birth_year'), 0)))); if (empty($v->address)) { $warning->set('empty_address'); } if (empty($v->password)) { $warning->set('empty_password'); } if (!email_format($v->address)) { $warning->set('bad_address'); } if (!($v->alias = _low($v->firstname . $v->lastname))) { $warning->set('bad_alias'); } if ($this->alias_exists($v->alias)) { $warning->set('record_alias'); } if (!($v->country = $this->country_exists($v->country))) { $warning->set('bad_country'); } if (!$v->birth_day || !$v->birth_month || !$v->birth_year) { $warning->set('bad_birth'); } $v->birth = _timestamp($v->birth_month, $v->birth_day, $v->birth_year); $v->name = trim($v->firstname) . ' ' . trim($v->lastname); $sql_insert = array('type' => 0, 'level' => 0, 'active' => 1, 'alias' => $v->alias, 'name' => $v->firstname . ' ' . $v->lastname, 'first' => $v->firstname, 'last' => $v->lastname, 'key' => HashPassword($v->password), 'address' => $v->address, 'gender' => $v->gender, 'birth' => $v->birth, 'birthlast' => 0, 'regip' => $bio->v('ip'), 'regdate' => time(), 'session_time' => time(), 'lastpage' => '', 'timezone' => -6, 'dst' => 0, 'dateformat' => 'd M Y H:i', 'lang' => 'sp', 'country' => $v->country, 'avatar' => '', 'actkey' => '', 'recovery' => 0, 'fails' => 0); $bio->id = sql_put('_bio', prefix('bio', $sql_insert)); $sql_insert = array('bio' => $bio->id, 'name' => $v->address, 'primary' => 1); sql_put('_bio_address', prefix('address', $sql_insert)); echo 'OK'; exit; } //$gi = geoip_open(XFS.XCOR . 'store/geoip.dat', GEOIP_STANDARD); $geoip_code = ''; if ($bio->v('ip') != '127.0.0.1') { // GeoIP if (!@function_exists('geoip_country_code_by_name')) { //require_once(XFS.XCOR . 'geoip.php'); } //$geoip_code = @geoip_country_code_by_name($bio->v('ip')); } for ($i = 1; $i < 32; $i++) { if ($i == 1) { _style('birth_day'); } _style('birth_day.row', array('DAY' => $i)); } for ($i = 1; $i < 13; $i++) { if ($i == 1) { _style('birth_month'); } _style('birth_month.row', array('MONTH' => $i)); } for ($i = date('Y'); $i > 1900; $i--) { if ($i == date('Y')) { _style('birth_year'); } _style('birth_year.row', array('YEAR' => $i)); } //_pre($geoip_code, true); /* $sql = 'SELECT * FROM _countries ORDER BY country_name'; $countries = sql_rowset($sql); $v->country = ($v->country) ? $v->country : ((isset($country_codes[$geoip_code])) ? $country_codes[$geoip_code] : $country_codes['gt']); foreach ($countries as $i => $row) { if (!$i) _style('countries'); _style('countries.row', array( 'V_ID' => $row->country_id, 'V_NAME' => $row->country_name, 'V_SEL' => 0) ); } * */ return; }
protected function _up_home() { $v = $this->__(w('address')); if (_button()) { $v = array_merge($v, $this->__(array_merge(w('alias nickname ref_in'), _array_keys(w('gender country birth_day birth_month birth_year aup ref'), 0)))); if (empty($v->nickname) && !empty($v->address) && !is_email($v->address)) { $v->nickname = $v->address; } if (empty($v->nickname)) { $warning->set('empty_username'); } if (bio_length($v - nickname)) { $warning->set('len_alias'); } if (!($v->alias = _low($v->nickname))) { $warning->set('bad_alias'); } if ($this->alias_exists($v->alias)) { $warning->set('record_alias'); } if (!$this->country_exists($v->country)) { $warning->set('bad_country'); } if (!$v->birth_day || !$v->birth_month || !$v->birth_year) { $this->_error('BAD_BIRTH'); } $v->birth = _timestamp($v->birth_month, $v->birth_day, $v->birth_year); $sql_insert = array('alias' => $v->alias, 'nickname' => $v->nickname, 'address' => $v->address, 'gender' => $v->gender, 'country' => $v->country, 'birth' => $v->birth); sql_put('_bio', prefix('user', $sql_insert)); } // GeoIP require_once XFS . XCOR . 'geoip.php'; $gi = geoip_open(XFS . XCOR . 'store/geoip.dat', GEOIP_STANDARD); $geoip_code = strtolower(geoip_country_code_by_addr($gi, $bio->ip)); $sql = 'SELECT * FROM _countries ORDER BY country_name'; $countries = _rowset($sql); $v2->country = $v2->country ? $v2->country : (isset($country_codes[$geoip_code]) ? $country_codes[$geoip_code] : $country_codes['gt']); foreach ($countries as $i => $row) { if (!$i) { _style('countries'); } _style('countries.row', array('V_ID' => $row->country_id, 'V_NAME' => $row->country_name, 'V_SEL' => 0)); } return; }