/**
* CB's own UTF-8-compatible output-charset-dependent strtolower()
*
* @param string $str
* @return string
*/
function cbIsoUtf_strtolower($str)
{
global $_CB_framework;
if ($_CB_framework->outputCharset() == 'UTF-8') {
return cbutf8_strtolower($str);
} else {
return strtolower($str);
}
}
/**
* @param bool $updateNulls
* @return bool
*/
public function store( $updateNulls = false )
{
global $_PLUGINS;
$new = ( $this->get( 'id' ) ? false : true );
$old = new self();
$this->set( 'value', cbutf8_strtolower( preg_replace( '/[^-a-zA-Z0-9_.]/', '', $this->get( 'value' ) ) ) );
if ( ! $new ) {
$old->load( (int) $this->get( 'id' ) );
$_PLUGINS->trigger( 'activity_onBeforeUpdateEmote', array( &$this, $old ) );
} else {
$_PLUGINS->trigger( 'activity_onBeforeCreateEmote', array( &$this ) );
}
if ( ! parent::store( $updateNulls ) ) {
return false;
}
if ( ! $new ) {
$_PLUGINS->trigger( 'activity_onAfterUpdateEmote', array( $this, $old ) );
} else {
$_PLUGINS->trigger( 'activity_onAfterCreateEmote', array( $this ) );
}
return true;
}
/**
* Translates meridiem
*
* @param string $meridiem The meridiem (am/pm) to translate
* @return string
*/
private function meridiemToString( $meridiem )
{
switch ( $meridiem ) {
case 'am':
return cbutf8_strtolower( CBTxt::T( 'UE_HALF_DAY_AM', 'AM' ) );
break;
case 'AM':
return CBTxt::T( 'UE_HALF_DAY_AM', 'AM' );
break;
case 'pm':
return cbutf8_strtolower( CBTxt::T( 'UE_HALF_DAY_PM', 'PM' ) );
break;
case 'PM':
return CBTxt::T( 'UE_HALF_DAY_PM', 'PM' );
break;
}
return '';
}
function sendNewPass($option)
{
global $_CB_framework, $ueConfig, $_PLUGINS, $_POST;
$loginType = isset($ueConfig['login_type']) ? (int) $ueConfig['login_type'] : 0;
if ($loginType == 4) {
cbRedirect($_CB_framework->viewUrl('done', false), CBTxt::Th('UE_NOT_AUTHORIZED', 'You are not authorized to view this page!'), 'error');
return;
}
// simple spoof check security
checkCBPostIsHTTPS();
cbSpoofCheck('lostPassForm');
cbRegAntiSpamCheck();
$liveSite = $_CB_framework->getCfg('live_site');
$usernameExists = $loginType != 2;
// ensure no malicous sql gets past
$checkusername = trim(cbGetParam($_POST, 'checkusername', ''));
$confirmEmail = trim(cbGetParam($_POST, 'checkemail', ''));
$_PLUGINS->loadPluginGroup('user');
$_PLUGINS->trigger('onStartNewPassword', array(&$checkusername, &$confirmEmail));
if ($_PLUGINS->is_errors()) {
cbRedirect($_CB_framework->viewUrl('lostpassword', false), $_PLUGINS->getErrorMSG(), 'error');
return;
}
$checkusername = stripslashes($checkusername);
$confirmEmail = stripslashes($confirmEmail);
$res = false;
$error = null;
if ($usernameExists && $confirmEmail != '' && !$checkusername) {
$user = new UserTable();
if (!$user->loadByEmail($confirmEmail)) {
cbRedirect($_CB_framework->viewUrl('lostpassword', false), CBTxt::Th('UE_EMAIL_DOES_NOT_EXISTS_ON_SITE', "The email '[email]' does not exist on this site.", array('[email]' => htmlspecialchars($confirmEmail))), 'error');
}
$message = str_replace('\\n', "\n", sprintf(CBTxt::T('UE_USERNAMEREMINDER_MSG', 'Hello,\\nA username reminder has been requested for your %s account.\\n\\nYour username is: %s\\n\\nTo log in to your account, click on the link below:\\n%s\\n\\nThank you.\\n'), $_CB_framework->getCfg('sitename'), $user->username, $liveSite));
/*
'Hello,\n'
.'A username reminder has been requested for your %s account.\n\n'
.'Your username is: %s\n\n'
.'To log in to your account, click on the link below:\n'
.'%s\n\n'
.'Thank you.\n'
*/
$subject = sprintf(CBTxt::T('UE_USERNAMEREMINDER_SUB', 'Username reminder for %s'), $user->username);
$_PLUGINS->trigger('onBeforeUsernameReminder', array($user, &$subject, &$message));
if ($_PLUGINS->is_errors()) {
cbRedirect($_CB_framework->viewUrl('lostpassword', false), $_PLUGINS->getErrorMSG(), 'error');
return;
}
$cbNotification = new cbNotification();
$res = $cbNotification->sendFromSystem($user->id, $subject, $message);
$error = $cbNotification->errorMSG;
$_PLUGINS->trigger('onAfterUsernameReminder', array($user, &$res));
if ($res) {
cbRedirect($_CB_framework->viewUrl('done', false), sprintf(CBTxt::Th('UE_USERNAME_REMINDER_SENT', 'Username reminder sent to your email address %s. Please check your email (and if needed your spambox too)!'), htmlspecialchars($confirmEmail)));
} else {
cbRedirect($_CB_framework->viewUrl('done', false), $error ? CBTxt::Th('SENDING_EMAIL_FAILED_ERROR_ERROR', 'Sending Email Failed! Error: [error]', array('[error]' => $error)) : CBTxt::Th('UE_EMAIL_SENDING_ERROR', 'Error sending email'), 'error');
}
} elseif ($confirmEmail != '') {
$user = new UserTable();
if ($usernameExists) {
$foundUser = $user->loadByUsername($checkusername);
if ($foundUser && cbutf8_strtolower($user->email) != cbutf8_strtolower($confirmEmail)) {
$foundUser = false;
}
} else {
$foundUser = $user->loadByEmail($confirmEmail);
}
if (!$foundUser) {
cbRedirect($_CB_framework->viewUrl('lostpassword', false), CBTxt::Th('ERROR_PASS', 'Sorry, no corresponding user was found'), 'error');
}
$resetTime = (int) $_CB_framework->getCfg('reset_time');
$resetCount = (int) $_CB_framework->getCfg('reset_count');
$hoursSinceLastReset = ($_CB_framework->getUTCNow() - (int) $_CB_framework->getUTCTimestamp($user->lastResetTime)) / 3600;
if ($hoursSinceLastReset > $resetTime) {
$user->lastResetTime = $_CB_framework->getUTCDate();
$user->resetCount = 1;
} else {
$user->resetCount = $user->resetCount + 1;
}
if ($resetCount && $user->resetCount > $resetCount) {
cbRedirect($_CB_framework->viewUrl('lostpassword', false), CBTxt::Th('EXCEEDED_MAXIMUM_PASSWORD_RESETS', 'You have exceeded the maximum number of password resets allowed. Please try again in %%COUNT%% hours.|You have exceeded the maximum number of password resets allowed. Please try again in 1 hour.', array('%%COUNT%%' => $resetTime)), 'error');
}
$newpass = $user->getRandomPassword();
$message = str_replace('\\n', "\n", sprintf(CBTxt::T('UE_NEWPASS_MSG', 'The user account %s has this email associated with it.\\nA web user from %s has just requested that a new password be sent.\\n\\nYour New Password is: %s\\n\\nIf you didn\'t ask for this, don\'t worry. You are seeing this message, not them. If this was an error just log in with your new password and then change your password to what you would like it to be.'), $user->username, $liveSite, $newpass));
/*
'The user account %s has this email associated with it.\n'
.'A web user from %s has just requested that a new password be sent.\n\n'
.'Your New Password is: %s\n\n'
.'If you didn\'t ask for this, don\'t worry. You are seeing this message, not them. If this was an error just log in with your new password and then change your password to what you would like it to be.'
*/
$subject = sprintf(CBTxt::T('UE_NEWPASS_SUB', 'New password for: %s'), $user->username);
$_PLUGINS->trigger('onBeforeNewPassword', array($user, &$newpass, &$subject, &$message));
if ($_PLUGINS->is_errors()) {
cbRedirect($_CB_framework->viewUrl('lostpassword', false), $_PLUGINS->getErrorMSG(), 'error');
}
$_PLUGINS->trigger('onNewPassword', array($user, $newpass));
$storeValues = array('password' => $newpass, 'lastResetTime' => $user->lastResetTime, 'resetCount' => $user->resetCount);
if (!$user->storeDatabaseValues($storeValues)) {
cbRedirect($_CB_framework->viewUrl('lostpassword', false), $user->getError(), 'error');
} else {
$cbNotification = new cbNotification();
$res = $cbNotification->sendFromSystem($user->id, $subject, $message);
$error = $cbNotification->errorMSG;
}
$_PLUGINS->trigger('onAfterPasswordReminder', array($user, $newpass, &$res));
if ($res) {
cbRedirect($_CB_framework->viewUrl('done', false), sprintf(CBTxt::Th('UE_NEWPASS_SENT', 'New User Password created and sent to your email address %s. Please check your email (and if needed your spambox too)!'), htmlspecialchars($confirmEmail)));
} else {
cbRedirect($_CB_framework->viewUrl('done', false), $error ? CBTxt::Th('PASSWORD_RESET_FAILED_ERROR_ERROR', 'Password Reset Failed! Error: [error]', array('[error]' => $error)) : CBTxt::Th('UE_NEWPASS_FAILED', 'Password Reset Failed!'), 'error');
}
} else {
cbRedirect($_CB_framework->viewUrl('done', false), CBTxt::Th('UE_NEWPASS_FAILED', 'Password Reset Failed!'), 'error');
}
}
