}
// set the email field to be updated
$userdata->set('email', $vbulletin->GPC['email']);
// generate an activation ID if required
if ($vbulletin->options['verifyemail'] and !can_moderate()) {
$userdata->set('usergroupid', 3);
$userdata->set_info('override_usergroupid', true);
$activate = true;
// wait lets check if we have an entry first!
$activation_exists = $db->query_first("\n\t\t\t\tSELECT * FROM " . TABLE_PREFIX . "useractivation\n\t\t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\tAND type = 0\n\t\t\t");
if (!empty($activation_exists['usergroupid']) and $vbulletin->userinfo['usergroupid'] == 3) {
$usergroupid = $activation_exists['usergroupid'];
} else {
$usergroupid = $vbulletin->userinfo['usergroupid'];
}
$activateid = build_user_activation_id($vbulletin->userinfo['userid'], $usergroupid, 0, 1);
$username = unhtmlspecialchars($vbulletin->userinfo['username']);
$userid = $vbulletin->userinfo['userid'];
eval(fetch_email_phrases('activateaccount_change'));
vbmail($vbulletin->GPC['email'], $subject, $message, true);
} else {
$activate = false;
}
} else {
$userdata->verify_useremail($vbulletin->userinfo['email']);
}
($hook = vBulletinHook::fetch_hook('profile_updatepassword_complete')) ? eval($hook) : false;
// save the data
$userdata->save();
if ($activate) {
$vbulletin->url = 'usercp.php' . $vbulletin->session->vars['sessionurl_q'];
/**
* protected void associateAccount(array $user, int $vbnexus_userid)
* Forces GFC users to choose a password (and a valid email too for
* users of vbnexus3). The change is then flagged in the database with
* field vbnexus_user.associated set to 2.
*
* @param array $user
* @param int $vbnexus_userid
* @return void
*/
protected function associateAccount($user, $vbnexus_userid)
{
global $vbulletin, $vboptions, $vbphrase, $stylevar, $vbnexus_loc;
if (!intval($user['userid'])) {
return false;
}
// If the user is submitting email and/or password, process it
if (isset($_POST['vbnexus_gfc_fix'])) {
// Validate input
if (empty($_POST['email'])) {
$vbnexus_error = "A valid email is required";
} elseif (empty($_POST['password'])) {
$vbnexus_error = "A valid password is required";
} elseif (empty($_POST['password2']) || $_POST['password'] != $_POST['password2']) {
$vbnexus_error = "Passwords do not match";
} else {
$require_activation = $vbulletin->options['verifyemail'] && $user['email'] != $_POST['email'];
$userdata =& datamanager_init('user', $vbulletin, ERRTYPE_SILENT);
$userdata->set_existing(fetch_userinfo($user['userid']));
$userdata->set('password', $_POST['password']);
// We can ignore validation of the email if it wasn't changed
$user['email'] == $_POST['email'] || $userdata->set('email', $_POST['email']);
if ($require_activation) {
$userdata->set('usergroupid', 3);
}
if ($userdata->has_errors(false)) {
$vbnexus_error = join('</li><li>', $userdata->errors);
} elseif ($userdata->save()) {
if ($require_activation) {
// Email phrase 'activateaccount' expects vars called $userid, $username
// and $activateid to be defined and meaningfull
$userid = $user['userid'];
$username = $user['username'];
$activateid = build_user_activation_id($userid, $user['usergroupid'], 0);
eval(fetch_email_phrases('activateaccount', $languageid));
// After eval'ing activateaccount we have vars $subject and $message set
vbmail($_POST['email'], $subject, $message, true);
}
// The user was updated, there's now a valid password and email, so let's flag it
$sql = "UPDATE `" . TABLE_PREFIX . "vbnexus_user`\r\n SET `associated` = 2\r\n WHERE `nonvbid` = '{$vbnexus_userid}'\r\n AND `service` = 'gfc'";
$vbulletin->db->query_write($sql);
if ($vbulletin->db->query_write($sql)) {
// Returning since we're done here and execution should go on normally
return;
} else {
// This should never happen, it's mostly for debugging if something goes wrong
$errmsg = "An error occurred trying to update your GFC information. Please try again." . " If the problem persists please report it to an admin.";
return eval(standard_error($errmsg));
// Prints and exits
}
} else {
// This should never happen, it's mostly for debugging if something goes wrong
$errmsg = "An error occurred trying to update the account information. Please try again." . " If the problem persists please report it to an admin.";
return eval(standard_error($errmsg));
// Prints and exits
}
}
$user['email'] = $_POST['email'];
}
$vBNexusUser = $user;
// No need to show mock emails from old vbnexus (< 3)
if (empty($_POST['email']) && preg_match("/apps\\+|{$vbnexus_userid}[@\\.]/", $user['email'])) {
$vBNexusUser['email'] = '';
}
$vbnexus_loc = $_GET['loc'];
// This will print a Message box (not really an error, but the actual form) and exit
eval('$html = "' . fetch_template('vbnexus_3_gfc_invalid_email') . '";');
eval(standard_error($html));
}
/**
* For registration without existing account, create a new vb user
* If a user is successfully created, her userid is written to $userid
*/
private function createUser($data, &$userid)
{
global $vbulletin;
$moderated = $vbulletin->options['moderatenewmembers'];
$languageid = $vbulletin->userinfo['languageid'];
$require_activation = $vbulletin->options['verifyemail'] && $data['default_email'] != $data['coded_email'];
// Create a vB user with default permissions -- code from register.php
if (!$vbulletin->options['allowregistration']) {
eval(standard_error(fetch_error('noregister')));
}
// Init user datamanager class
$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
$userdata->set_info('coppauser', false);
$userdata->set_info('coppapassword', '');
$userdata->set_bitfield('options', 'coppauser', '');
$userdata->set('username', $data['username']);
$userdata->set('password', md5($this->genPasswd()));
$userdata->set('email', $data['email']);
$userdata->set('languageid', $languageid);
$userdata->set('ipaddress', IPADDRESS);
// UserGroupId: Registered Users (2) or Users Awaiting Email Confirmation (3)
$userdata->set('usergroupid', $require_activation ? 3 : 2);
$userdata->set_usertitle('', false, $vbulletin->usergroupcache["{$newusergroupid}"], false, false);
$userdata->presave_called = true;
// If any error happened, we abort and return the error message(s)
if ($userdata->has_errors(false)) {
// $die := false
return join('</li><li>', $userdata->errors);
}
// Save the data
$userid = $userdata->save();
// Did we get a valid vb userid?
if (!$userid) {
return 'vbnexus_registration_failed';
}
// If the user changed the email given by the external service, we follow
// the regular steps for email activation
if ($require_activation) {
// Email phrase 'activateaccount' expects vars called $userid, $username
// and $activateid to be defined and meaningfull
$username = $data['username'];
$activateid = build_user_activation_id($userid, $moderated ? 4 : 2, 0);
eval(fetch_email_phrases('activateaccount', $languageid));
// After eval'ing activateaccount we have vars $subject and $message set
vbmail($data['email'], $subject, $message, true);
}
// Force a new session to prevent potential issues with guests from the same IP, see bug #2459
$vbulletin->session->created = false;
return true;
}
if (fetch_require_hvcheck('lostpw')) {
require_once DIR . '/includes/class_humanverify.php';
$verify =& vB_HumanVerify::fetch_library($vbulletin);
if (!$verify->verify_token($vbulletin->GPC['humanverify'])) {
standard_error(fetch_error($verify->fetch_error()));
}
}
require_once DIR . '/includes/functions_user.php';
$users = $db->query_read_slave("\n\t\tSELECT userid, username, email, languageid\n\t\tFROM " . TABLE_PREFIX . "user\n\t\tWHERE email = '" . $db->escape_string($vbulletin->GPC['email']) . "'\n\t");
if ($db->num_rows($users)) {
while ($user = $db->fetch_array($users)) {
if ($vbulletin->GPC['userid'] and $vbulletin->GPC['userid'] != $user['userid']) {
continue;
}
$user['username'] = unhtmlspecialchars($user['username']);
$user['activationid'] = build_user_activation_id($user['userid'], 2, 1);
eval(fetch_email_phrases('lostpw', $user['languageid']));
vbmail($user['email'], $subject, $message, true);
}
$vbulletin->url = str_replace('"', '', $vbulletin->url);
eval(print_standard_redirect('redirect_lostpw', true, true));
} else {
eval(standard_error(fetch_error('invalidemail', $vbulletin->options['contactuslink'])));
}
}
// ############################### start reset password ###############################
if ($vbulletin->GPC['a'] == 'pwd' or $_REQUEST['do'] == 'resetpassword') {
$vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT, 'u' => TYPE_UINT, 'activationid' => TYPE_STR, 'i' => TYPE_STR));
if (!$vbulletin->GPC['userid']) {
$vbulletin->GPC['userid'] = $vbulletin->GPC['u'];
}
function do_register()
{
global $vbulletin, $vbphrase, $db;
if ($vbulletin->userinfo['userid']) {
json_error(ERR_NO_PERMISSION);
}
if (!$vbulletin->options['forumrunner_enable_registration']) {
json_error(ERR_NO_PERMISSION);
}
$vbulletin->input->clean_array_gpc('r', array('username' => TYPE_STR, 'email' => TYPE_STR, 'password' => TYPE_STR, 'password_md5' => TYPE_STR, 'birthday' => TYPE_STR, 'timezoneoffset' => TYPE_NUM));
// They are registering. Lets find out what fields are required.
if (!$vbulletin->options['allowregistration']) {
standard_error(fetch_error('noregister'));
}
$out = array();
if ($vbulletin->GPC['username']) {
// Registering.
$userdata =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY);
$vbulletin->GPC['coppauser'] = false;
$userdata->set_info('coppauser', false);
$userdata->set_info('coppapassword', $vbulletin->GPC['password']);
$userdata->set_bitfield('options', 'coppauser', false);
$userdata->set('parentemail', '');
if (empty($vbulletin->GPC['username']) || empty($vbulletin->GPC['email']) || empty($vbulletin->GPC['password']) && empty($vbulletin->GPC['password_md5'])) {
standard_error(fetch_error('fieldmissing'));
}
$vbulletin->GPC['password_md5'] = strtolower($vbulletin->GPC['password_md5']);
$vbulletin->GPC['passwordconfirm_md5'] = strtolower($vbulletin->GPC['password_md5']);
$userdata->set('email', $vbulletin->GPC['email']);
$userdata->set('username', $vbulletin->GPC['username']);
$userdata->set('password', $vbulletin->GPC['password_md5'] ? $vbulletin->GPC['password_md5'] : $vbulletin->GPC['password']);
$userdata->set_bitfield('options', 'adminemail', 1);
if ($vbulletin->options['verifyemail']) {
$newusergroupid = 3;
} else {
if ($vbulletin->options['moderatenewmembers'] || $vbulletin->GPC['coppauser']) {
$newusergroupid = 4;
} else {
$newusergroupid = 2;
}
}
$userdata->set('usergroupid', $newusergroupid);
$userdata->set('languageid', $vbulletin->userinfo['languageid']);
$userdata->set_usertitle('', false, $vbulletin->usergroupcache["{$newusergroupid}"], false, false);
$parts = preg_split('#/#', $vbulletin->GPC['birthday']);
$day = $month = $year = '';
if ($parts[1]) {
$day = $parts[1];
}
if ($parts[0]) {
$month = $parts[0];
}
if ($parts[2]) {
$year = $parts[2];
}
$userdata->set('showbirthday', 0);
$userdata->set('birthday', array('day' => $day, 'month' => $month, 'year' => $year));
$dst = 2;
$userdata->set_dst($dst);
$userdata->set('timezoneoffset', $vbulletin->GPC['timezoneoffset']);
// register IP address
$userdata->set('ipaddress', IPADDRESS);
$userdata->pre_save();
if (count($userdata->errors)) {
// Just return one error for now.
json_error(strip_tags($userdata->errors[0]));
}
$vbulletin->userinfo['userid'] = $userid = $userdata->save();
if ($userid) {
$userinfo = fetch_userinfo($userid);
$userdata_rank =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT);
$userdata_rank->set_existing($userinfo);
$userdata_rank->set('posts', 0);
$userdata_rank->save();
require_once DIR . '/includes/functions_login.php';
$vbulletin->session->created = false;
process_new_login('', false, '');
// send new user email
if ($vbulletin->options['newuseremail'] != '') {
$username = $vbulletin->GPC['username'];
$email = $vbulletin->GPC['email'];
if ($birthday = $userdata->fetch_field('birthday')) {
$bday = explode('-', $birthday);
$year = vbdate('Y', TIMENOW, false, false);
$month = vbdate('n', TIMENOW, false, false);
$day = vbdate('j', TIMENOW, false, false);
if ($year > $bday[2] and $bday[2] > 1901 and $bday[2] != '0000') {
require_once DIR . '/includes/functions_misc.php';
$vbulletin->options['calformat1'] = mktimefix($vbulletin->options['calformat1'], $bday[2]);
if ($bday[2] >= 1970) {
$yearpass = $bday[2];
} else {
$yearpass = $bday[2] + 28 * ceil((1970 - $bday[2]) / 28);
}
$birthday = vbdate($vbulletin->options['calformat1'], mktime(0, 0, 0, $bday[0], $bday[1], $yearpass), false, true, false);
} else {
$birthday = vbdate($vbulletin->options['calformat2'], mktime(0, 0, 0, $bday[0], $bday[1], 1992), false, true, false);
}
if ($birthday == '') {
if ($bday[2] == '0000') {
$birthday = "{$bday['0']}-{$bday['1']}";
} else {
$birthday = "{$bday['0']}-{$bday['1']}-{$bday['2']}";
}
}
}
if ($userdata->fetch_field('referrerid') and $vbulletin->GPC['referrername']) {
$referrer = unhtmlspecialchars($vbulletin->GPC['referrername']);
} else {
$referrer = $vbphrase['n_a'];
}
$ipaddress = IPADDRESS;
eval(fetch_email_phrases('newuser', 0));
$newemails = explode(' ', $vbulletin->options['newuseremail']);
foreach ($newemails as $toemail) {
if (trim($toemail)) {
vbmail($toemail, $subject, $message);
}
}
}
$username = htmlspecialchars_uni($vbulletin->GPC['username']);
$email = htmlspecialchars_uni($vbulletin->GPC['email']);
// sort out emails and usergroups
if ($vbulletin->options['verifyemail']) {
$activateid = build_user_activation_id($userid, ($vbulletin->options['moderatenewmembers'] or $vbulletin->GPC['coppauser']) ? 4 : 2, 0);
eval(fetch_email_phrases('activateaccount'));
vbmail($email, $subject, $message, true);
} else {
if ($newusergroupid == 2) {
if ($vbulletin->options['welcomemail']) {
eval(fetch_email_phrases('welcomemail'));
vbmail($email, $subject, $message);
}
}
}
($hook = vBulletinHook::fetch_hook('register_addmember_complete')) ? eval($hook) : false;
// Let them log in again.
process_logout();
$out += array('emailverify' => $vbulletin->options['verifyemail'] ? true : false);
}
} else {
$rules = preg_replace('/<a href=\\"(.*?)\\">(.*?)<\\/a>/', "\\2", $vbphrase['fr_register_forum_rules']);
$out += array('rules' => prepare_utf8_string($rules), 'birthday' => $vbulletin->options['reqbirthday'] ? true : false);
}
return $out;
}
public function sendActivateEmail($userid)
{
$userinfo = vB_User::fetchUserinfo($userid);
if (empty($userinfo)) {
throw new vB_Exception_Api('invaliduserid');
}
if ($userinfo['usergroupid'] != 3) {
// Already activated
throw new vB_Exception_Api('activate_wrongusergroup');
}
$vboptions = vB::getDatastore()->getValue('options');
$coppauser = false;
if (!empty($userinfo['birthdaysearch'])) {
$birthday = $userinfo['birthdaysearch'];
} else {
//we want YYYY-MM-DD for the coppa check but normally we store MM-DD-YYYY
$birthday = $userinfo['birthday'];
if (strlen($birthday) >= 6 and $birthday[2] == '-' and $birthday[5] == '-') {
$birthday = substr($birthday, 6) . '-' . substr($birthday, 0, 2) . '-' . substr($birthday, 3, 2);
}
}
if ($vboptions['usecoppa'] == 1 and $this->needsCoppa($birthday)) {
$coppauser = true;
}
$username = trim(unhtmlspecialchars($userinfo['username']));
require_once DIR . '/includes/functions_user.php';
// Try to get existing activateid from useractivation table
$useractivation = vB::getDbAssertor()->getRow('useractivation', array('userid' => $userinfo['userid']));
if ($useractivation) {
$activateid = fetch_random_string(40);
vB::getDbAssertor()->update('useractivation', array('dateline' => vB::getRequest()->getTimeNow(), 'activationid' => $activateid), array('userid' => $userinfo['userid'], 'type' => 0));
} else {
$activateid = build_user_activation_id($userinfo['userid'], ($vboptions['moderatenewmembers'] or $coppauser) ? 4 : 2, 0);
}
$maildata = vB_Api::instanceInternal('phrase')->fetchEmailPhrases('activateaccount', array($username, $vboptions['bbtitle'], $vboptions['frontendurl'], $userinfo['userid'], $activateid, $vboptions['webmasteremail']), array($username), $userinfo['languageid']);
vB_Mail::vbmail($userinfo['email'], $maildata['subject'], $maildata['message'], true);
}
$url = "index.php";
}
}
}
}
}
$arr = array("valid_entries" => $valid_entries, "messages" => $messages, "url" => $url);
json_headers($arr);
break;
case 'resend_email':
if ($vbulletin->options['verifyemail']) {
if (isset($_SESSION['site_registration']['email'])) {
$username = $_SESSION['site_registration']['username'];
$email = $_SESSION['site_registration']['email'];
$userid = $_SESSION['site_registration']['userid'];
$activateid = build_user_activation_id($userid, ($vbulletin->options['moderatenewmembers'] or $_SESSION['site_registration']['coppauser']) ? 4 : 2, 0);
eval(fetch_email_phrases('activateaccount'));
if (empty($subject)) {
$subject = fetch_phrase('activate_your_account', 'threadmanage');
}
vbmail($email, $subject, $message, true);
$messages = "Email sent!";
} else {
$messages = "Unable to send email, please try again later.";
}
}
$arr = array("message" => $messages);
json_headers($arr);
break;
// create site account on register.php
// create site account on register.php
public function request_password($email)
{
//Get the userid from their email address
$getuserid = $this->db->query_first("\r\n\t\t\tSELECT userid\r\n\t\t\tFROM " . TABLE_PREFIX . "user\r\n\t\t\tWHERE email = '" . $this->db->escape_string($email) . "'");
//Gets list of users with the email address
$users = $this->db->query_read_slave("\r\n\t\tSELECT userid, username, email, languageid\r\n\t\tFROM " . TABLE_PREFIX . "user\r\n\t\tWHERE email = '" . $this->db->escape_string($email) . "'\r\n\t");
if ($this->db->num_rows($users)) {
//Loops through users
while ($user = $this->db->fetch_array($users)) {
//If the userid's do not match up with whats in the database
if ($getuserid['userid'] and $getuserid['userid'] != $user['userid']) {
//Exit the loop
continue;
}
//Set vb username
$user['username'] = unhtmlspecialchars($user['username']);
//Generate new activation id
$user['activationid'] = build_user_activation_id($user['userid'], 2, 1);
//Use custom phrase and send out lost password email
eval(fetch_email_phrases('lostpw', $user['languageid']));
vbmail($user['email'], $subject, $message, true);
}
//Return as a success
return false;
} else {
return "No account with that email address exists, please try again.";
}
}
