function insert_coder()
{
if ($_POST['coderpass'] != $_POST['coderpass2']) {
die('error: The coder passwords do not match!');
}
$username = $_POST['coderuser'];
$usermail = $_POST['codermail'];
$secret = mksecret();
$wantpasshash = md5($secret . $_POST['coderpass'] . $secret);
$editsecret = mksecret();
$ret = mysql_query("INSERT INTO users (username, class, passhash, secret, editsecret, email, status, added) VALUES (" . implode(",", array_map("sqlesc", array($username, 8, $wantpasshash, $secret, $editsecret, $usermail, 'confirmed'))) . ",'" . get_date_time() . "')");
$rndpasshash = createRandomPassword();
$rndsecret = createRandomPassword();
$rndeditsecret = createRandomPassword();
$rex = mysql_query("INSERT INTO users (id, username, class, passhash, secret, editsecret, email, status, added) VALUES (" . implode(",", array_map("sqlesc", array(2, 'System', 1, $rndpasshash, $rndsecret, $rndeditsecret, '*****@*****.**', 'confirmed'))) . ",'" . get_date_time() . "')");
}
function createUser($profile, $groups)
{
global $modx;
$username = createUniqueUsername((string) $profile->preferredUsername);
$user_fields = array('username' => $modx->db->escape($username), 'password' => createRandomPassword());
$user_attribute_fields = array('fullname' => $modx->db->escape((string) $profile->displayName), 'email' => $modx->db->escape((string) $profile->verifiedEmail), 'country' => isset($profile->address) ? $profile->address->country->text : '');
$key = $modx->db->insert($user_fields, $modx->getFullTableName('web_users'));
$user_attribute_fields['internalKey'] = $key;
$modx->db->insert($user_attribute_fields, $modx->getFullTableName('web_user_attributes'));
// add user to web groups
if (count($groups) > 0) {
$results = $modx->db->makeArray($modx->db->select('id', $modx->getFullTableName("webgroup_names"), "name IN ('" . implode("','", $groups) . "')"));
foreach ($results as $fields) {
$modx->db->insert(array('webgroup' => $fields['id'], 'webuser' => $key), $modx->getFullTableName("web_groups"));
}
}
return $key;
}
}
return $pass;
}
// Usage
$password = createRandomPassword();
echo "Your random password is: $password <br />";
$q = Doctrine_Query::create()
->select("d.*, l.*, c.*, p.*, partido.*")
->from("Domicilio d, d.Localidad l, d.Calle c, d.Provincia p, d.PartidoDepto partido")
->where("d.ente_id = ?", "32135988")
->orderBy("d.id DESC");
$domicilioAnterior = $q->execute()->get(1);
if($domicilioAnterior->exists())
echo "existe";
$fields['debug'] = 'on';
$fields['query'] = $querystring;
// print("<!--$querystring-->\n");
$rdf = curl_post_contents($server_import, $fields);
// print("<!--$rdf-->\n");
if (preg_match_all('/<rdf:Description.*?rdf:Description>/', $rdf, $matches)) {
foreach ($matches[0] as $line) {
$strOutput .= "\n{$line}";
}
}
}
}
if (empty($fileNames) && sizeof($str_inputs2) == 1) {
$fileName = $finalFile;
} else {
$fileName = createRandomPassword();
}
$tmpOutputURI = "http://ontofox.hegroup.org/{$fileName}.owl";
if (empty($fileNames) && $outputURI != '' && sizeof($str_inputs2) == 1) {
$tmpOutputURI = $outputURI;
}
$strOutput .= "\r\n\t\t<owl:Ontology rdf:about=\"{$tmpOutputURI}\"/>\r\n\t\t</rdf:RDF>";
foreach ($outputNSs as $NSTmp => $prefixTmp) {
$strOutput = "\r\n\t\txmlns:{$prefixTmp}=\"{$NSTmp}\"" . $strOutput;
}
$strOutput = '<?xml version="1.0" encoding="utf-8" ?>
<rdf:RDF
' . $strOutput;
// $strOutput = preg_replace('/rdf:nodeID="/', 'rdf:nodeID="b', $strOutput);
file_put_contents("{$userfiles}/{$fileName}.in.owl", $strOutput);
$json_settings = array();
$i++;
}
return $pass;
}
$Categoryname = $_POST['categoryname'];
$Roomid = $_POST['roomid'];
$arrival = $_POST['start'];
$departure = $_POST['end'];
$numberofdays = $_POST['numberofdays'];
$status = 'Pending';
$addonpayable = 0;
$downpayment = 0;
$total = $_POST['total'];
$adult = $_POST['nadult'];
$child = $_POST['nchild'];
$confirmation = 'wv-' . createRandomPassword();
if ($adult == '' || $child == '') {
echo "please select the number of Adult or Child";
} else {
if (isset($_SESSION['Customerid'])) {
$Customerid = $_SESSION['Customerid'];
$sql = "select * from tblusers where Customer_ID='{$Customerid}'";
$query = mysqli_query($conn, $sql);
$row = mysqli_fetch_assoc($query);
$fname = $row['FirstName'];
$lname = $row['LastName'];
$balance = 90000;
$datenow = date('Y-m-d');
$Reservation = new Reservation($Customerid, $Categoryname, $Roomid, $arrival, $departure, $numberofdays, $adult, $child, $status, $addonpayable, $downpayment, $total, $confirmation, null);
if ($Reservation->AddReserve()) {
$transaction = new Transaction($Customerid, $datenow, null, null, $total, $status, 'None');
$_POST['package_id'] = (int) @$_POST['package_id'];
if ($u_id > 0) {
#/ users
$sql_users = "UPDATE users SET package_id='{$_POST['package_id']}', email_add='{$_POST['email_add']}',\n screen_name='{$_POST['screen_name']}', first_name='{$_POST['first_name']}', middle_name='{$_POST['middle_name']}', last_name='{$_POST['last_name']}',\n company_name='{$_POST['company_name']}', account_activated='{$account_activated}', is_blocked='{$is_blocked}'\n WHERE id='{$u_id}'";
mysql_exec($sql_users, 'save');
#/ user_info
$sql_user_info = "UPDATE user_info SET country_code='{$_POST['country_code']}', state='{$_POST['state']}',\n city='{$_POST['city']}', address_ln_1='{$_POST['address_ln_1']}', address_ln_2='{$_POST['address_ln_2']}',\n \tzip='{$_POST['zip']}', phone_number='{$_POST['phone_number']}'\n WHERE user_id='{$u_id}'";
mysql_exec($sql_user_info, 'save');
$_SESSION["CUSA_ADMIN_MSG_GLOBAL"] = array(true, 'The User data was successfully Updated..');
//redirect_me("{$consts['DOC_ROOT_ADMIN']}admin_users_opp.php{$param2}&u_id={$u_id}", true);
////////////////-------
} else {
////////////////-------
#/ encrypt password
include_once '../../includes/func_enc.php';
$new_pass = (string) createRandomPassword();
$pass_w = md5_encrypt($new_pass);
###/ Updating Database
#/ users
$sql_users = "INSERT INTO users\n \t(package_id, email_add, pass_w, screen_name, first_name, middle_name, last_name, company_name, account_activated, is_blocked, joined_on)\n \tvalues('{$_POST['package_id']}', '{$_POST['email_add']}', '{$pass_w}', '{$_POST['screen_name']}', '{$_POST['first_name']}', '{$_POST['middle_name']}', '{$_POST['last_name']}', '{$_POST['company_name']}', '{$account_activated}', '{$is_blocked}', NOW())";
mysql_exec($sql_users, 'save');
$u_id = (int) @mysql_insert_id();
#-
if ($u_id > 0) {
#/ user_info
$sql_user_info = "INSERT INTO user_info\n \t(user_id, country_code, state, city, address_ln_1, address_ln_2, zip, phone_number)\n \tvalues('{$u_id}', '{$_POST['country_code']}', '{$_POST['state']}', '{$_POST['city']}', '{$_POST['address_ln_1']}', '{$_POST['address_ln_2']}', '{$_POST['zip']}', '{$_POST['phone_number']}')";
mysql_exec($sql_user_info, 'save');
#/acc_verifications
$verification_str = mt_rand() . md5(uniqid(rand())) . mt_rand();
$sql_veri = "INSERT INTO acc_verifications (user_id, verification_str)\n VALUES ('{$u_id}', '{$verification_str}')";
@mysql_exec($sql_veri, 'save');
$last_name = cleanInput($fb_fetch['last_name']);
$is_admin = intval($fb_fetch['is_admin']);
try {
$fb_update = "UPDATE `members` SET `access` = :access_date, `fb_id` = :temp_fb_id WHERE `id` = :userid";
$fb_update_do = $db->prepare($fb_update);
$fb_update_do->bindParam(':access_date', $access_date, PDO::PARAM_STR);
$fb_update_do->bindParam(':temp_fb_id', $temp_fb_id, PDO::PARAM_INT);
$fb_update_do->bindParam(':userid', $userid, PDO::PARAM_INT);
$fb_update_do->execute();
} catch (PDOException $e) {
/* catch and log errors over here. */
}
} else {
/* creating a random key for the user */
$temp_key = getGuid();
$temp_password = createRandomPassword();
$temp_password = generate_encrypted_password($temp_password);
/* fetching the user's first and last name from their facebook profile. */
$first_name = $user->first_name;
$last_name = $user->last_name;
try {
$fb_insert = "INSERT INTO `members`(`first_name`, `last_name`, `password`, `email`, `key`, `verified`, `join`, `access`, `fb_id`) VALUE(:first_name, :last_name, :temp_password, :fb_email, :temp_key, 1, :access_date, :access_date, :temp_fb_id)";
$fb_insert_do = $db->prepare($fb_insert);
$fb_insert_do->bindParam(':first_name', $first_name, PDO::PARAM_STR);
$fb_insert_do->bindParam(':last_name', $last_name, PDO::PARAM_STR);
$fb_insert_do->bindParam(':temp_password', $temp_password, PDO::PARAM_STR);
$fb_insert_do->bindParam(':fb_email', $fb_email, PDO::PARAM_STR);
$fb_insert_do->bindParam(':temp_key', $temp_key, PDO::PARAM_STR);
$fb_insert_do->bindParam(':access_date', $access_date, PDO::PARAM_STR);
$fb_insert_do->bindParam(':temp_fb_id', $temp_fb_id, PDO::PARAM_INT);
$fb_insert_do->execute();
$show_form = false;
}
#/ Check if account is blocked
if ($qa_res['is_blocked'] == 1) {
$fv_errors[] = array("Your Account has <b>BLOCKED</b> by the Admin! Consequently, you will NOT be able to Access your Account.");
$show_form = false;
}
}
}
#-
if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
$user_info = $qa_res;
if (is_array($user_info) && array_key_exists('email_add', $user_info)) {
#/ create & encrypt temp password
include_once '../includes/func_enc.php';
$new_pass = @createRandomPassword();
$pass_w = @md5_encrypt($new_pass);
#/save users
$sql_users = "UPDATE users SET pass_w='{$pass_w}'\n WHERE email_add='{$user_info['email_add']}' AND id='{$user_info['user_id']}'";
@mysql_exec($sql_users, 'save');
#/ Send Emails to User
include_once '../includes/email_templates.php';
include_once '../includes/send_mail.php';
$subject = $heading = "Account Access Recovery from collaborateUSA.com";
$body_in = account_recover_access($user_info, $new_pass);
send_mail($_POST['email_add'], $subject, $heading, $body_in);
#/ Redirect
reset_attempt_counts();
redirect_me($seo_tag . '/success');
} else {
$_SESSION["CUSA_MSG_GLOBAL"] = array(false, 'Unable to process your request at this moment! Please try again later.');
} else {
$civi = "MM";
}
switch ($prof[$cpt]["civilite"]) {
case 1:
$civi = "M.";
break;
case 2:
$civi = "MM";
break;
case 3:
$civi = "ML";
break;
}
if ($_POST['mdp'] == "alea") {
$mdp = createRandomPassword();
} else {
$date = str_replace("-", "", $prof[$cpt]["date_naissance"]);
$mdp = $date;
}
//echo $prof[$cpt]["nom_usage"].";".$prof[$cpt]["prenom"].";".$civi.";"."P".$prof[$cpt]["id"].";"."ENS".";".$date."<br />\n";
$chaine = $prof[$cpt]["nom_usage"] . ";" . $prof[$cpt]["prenom"] . ";" . $civi . ";" . "P" . $prof[$cpt]["id"] . ";" . "ENS" . ";" . $mdp;
if ($fich) {
fwrite($fich, html_entity_decode($chaine) . "\n");
}
if ($_POST['mdp'] == "alea") {
fwrite($fich2, "<tr>\n<td>" . $prof[$cpt]["nom_usage"] . "</td>\n<td>" . $prof[$cpt]["prenom"] . "</td>\n<td>{$civi}</td>\n<td>{$mdp}</td>\n</tr>\n");
}
echo $chaine . "<br />\n";
}
$cpt++;
curl_setopt($ch, CURLOPT_URL, $serverUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Ringside API PHP5 Client 1.1 (curl) ' . phpversion());
$result = curl_exec($ch);
$errno = curl_errno($ch);
curl_close($ch);
if ($errno == 0) {
writeLine(" API server was located and responds. {$serverUrl} ");
} else {
writeError(" API server failed to respond (Error {$errno}). Validate the server url : {$serverUrl} ");
writeLink("drop.php", "Drop Schema, Start Again");
return;
}
echo "<hr />";
writeLine("<h1>Step 5: Setting up initial data.</h1>");
$adminPassword = createRandomPassword();
$result = loadBasicData('ringside', $adminPassword, $database);
if ($result == true) {
writeLine(" Basic setup information and some sample data was written to the database.");
// writeLine( " Admin user name is <b>admin</b> and password is <b>$adminPassword</b>" );
writeLine(" The following example users were created as well, all with password <b>ringside</b>");
echo "<table cellpadding='4' width='80%'> ";
writeRow('*****@*****.**', '*****@*****.**', '*****@*****.**', 1);
writeRow('*****@*****.**', '*****@*****.**', '*****@*****.**', 2);
writeRow('*****@*****.**', '*****@*****.**', '*****@*****.**', 3);
echo "</table>";
} else {
writeError(" While everything seems to be setup we could not add the data to the database. <br />" . "<b>Maybe do some clean up of an old install/version first?</b>");
writeLink("drop.php", "Drop Schema, Start Again");
return;
}
session_start();
function createRandomPassword()
{
$chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
srand((double) microtime() * 1000000);
$i = 0;
$pass = '';
while ($i <= 3) {
$num = rand() % 33;
$tmp = substr($chars, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
$letter = createRandomPassword();
function numberletter()
{
$chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
srand((double) microtime() * 1000000);
$i = 0;
$passii = '';
while ($i <= 2) {
$num = rand() % 33;
$tmp = substr($chars, $num, 1);
$passii = $passii . $tmp;
$i++;
}
return $passii;
}
$ccnumbers = numberletter();
echo "Inserting Medals<br>";
$db->Execute("INSERT INTO $dbtables[medals] VALUES ('Game Winner', 'Given to the winner of a game. Retained forever.', 1, 'winner.gif')");
$db->Execute("INSERT INTO $dbtables[medals] VALUES ('Three Time Winner', 'This medal is given to those special players who have won 3 games of SKT', 2, '3x.gif')");
$db->Execute("INSERT INTO $dbtables[medals] VALUES ('MVP Award', 'This medal is for anyone who has won an MVP award. This award is either given by the admin or voted by players. Kept for life of character but can only be won once.', 3, 'mvp.gif')");
$db->Execute("INSERT INTO $dbtables[medals] VALUES ('Medal of Darkness', 'This medal is awarded to the most evil player of the previous game.', 4, 'dark.gif')");
$db->Execute("INSERT INTO $dbtables[medals] VALUES ('Medal of Light', 'This medal is awarded to the most saintly player of the previous game.', 5, 'light.gif')");
$db->Execute("INSERT INTO $dbtables[medals] VALUES ('Silver Medal', 'Runner-up in last game', 6, 'silver.gif')");
$db->Execute("INSERT INTO $dbtables[medals] VALUES ('Team Medal', 'Winning Alliance member from last game', 7, 'team.gif')");
$db->Execute("INSERT INTO $dbtables[medals] VALUES ('Best Newcomer', 'A medal for the best new player from the last game', 8, 'newbie.gif')");
$db->Execute("INSERT INTO $dbtables[medals] VALUES ('Furangee Quasher', 'An award for the player who for better or for worse destroys the most Furangee', 9, 'fur.gif')");
echo "Done<br>";
$password = substr($admin_mail, 0, $maxlen_password);
echo "Inserting Unowned user into players<br>";
$db->Execute("INSERT INTO $dbtables[players] SET character_name='Unowned'");
// Create a random email and password
$UnownedPassword = createRandomPassword();
$db->Execute("UPDATE `$dbtables[players]` SET `player_id` = '0', `cleared_defences` = NULL, `subscribed` = NULL, email = '$UnownedPassword', password = '******' WHERE `character_name` = 'Unowned' LIMIT 1");
echo "<BR><BR><center><B>Your admin login is: <BR>";
echo "<BR>Username: $admin_mail";
echo "<BR>Password: $password<BR></B></center>";
newplayer($admin_mail, "The Federation", $password, "The Orb");
$db->Execute("UPDATE $dbtables[players] SET player_id = '1', `cleared_defences` = NULL, `subscribed` = NULL WHERE `email` = '$admin_mail' LIMIT 1");
$db->Execute("UPDATE $dbtables[ships] SET player_id = '1' WHERE player_id=2 LIMIT 1");
PrintFlush("<BR><BR><center><BR><B>Congratulations! Universe created successfully.<BR>");
PrintFlush("Click <A HREF=login.php>here</A> to return to the login screen.</B></center>");
break;
// Pre-stage, What's the password?
default:
echo "<form action=create_universe.php method=post>";
echo "Password: <input type=password name=swordfish size=20 maxlength=20> ";
//Sanitize the POST values
function createRandomPassword()
{
$chars = "abcdefghijkmnopqrstuvwxyz023456789";
srand((double) microtime() * 1000000);
$i = 0;
$pass = '';
while ($i <= 7) {
$num = rand() % 33;
$tmp = substr($chars, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
$confirmation = createRandomPassword();
$login = clean($_POST['user']);
$password = clean($_POST['password']);
//Create query
$qry = "SELECT * FROM members WHERE email='{$login}' AND password='******'";
$result = mysql_query($qry);
//while($row = mysql_fetch_array($result))
// {
// $level=$row['position'];
// }
//Check whether the query was successful or not
if ($result) {
if (mysql_num_rows($result) > 0) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
} else {
$cookie = "You are log in as " . $_COOKIE['first_name'] . "!<br/><br/>";
$profile = "<a href='chooseProfile.php'> Manage my profile </a><br/><br/>";
$dologout = "<a href='dologout.php'> Click here to Log out </a><br/><br/>";
}
} else {
$form = "<form id=form1 method=post action=dologin.php>\r\n\t\t\t\t\t\r\n\t\t\t<label for='inputtext1'>Email:</label>\r\n\t\t\t<input id='email_add' type=text name='email_add' />\r\n\t\t\t<label for='inputtext2'>Password:</label>\r\n\t\t\t<input id='password' type='password' name='password' /><br/><br/>\t\r\n\t\t\t<input id='checkbox' name='checkbox' type=checkbox value='on' /> Remember Me<br/><br/>\r\n\t\t\t<input id=inputsubmit1 type=submit name=submit value='Sign In' /><br/>\r\n\t\t\t\t\t\r\n\t\t\t<p><a href='forgetpass.php'>Forget password.</a></p>\t\t\r\n\t\t\t\t\t\r\n\t\t\t\t</form>";
}
// check if user is logged in, if yes, can't access; if not then the email will be sent.
if ($submit) {
if (isset($_SESSION['email_add']) || $_COOKIE['email_add']) {
$login = "******";
} else {
$email_add = $_POST['email_add'];
include 'dbFunctions.php';
$randompass = createRandomPassword();
//generate random password for user and updating the database accordingly
mysqli_query($connect, "UPDATE `registereduser` SET `password` = SHA1('{$randompass}') WHERE email_add = '{$email_add}' ") or die(mysql_error());
mysqli_query($connect, "UPDATE `teacher` SET `password` = SHA1('{$randompass}') WHERE email_add = '{$email_add}' ") or die(mysql_error());
mysqli_query($connect, "UPDATE `portalmanager` SET `password` = SHA1('{$randompass}') WHERE email_add = '{$email_add}' ") or die(mysql_error());
//Getting the name of the user.
$sql = mysqli_query($connect, "(SELECT `first_name` FROM registereduser WHERE `email_add` ='{$email_add}') UNION (SELECT `first_name` FROM teacher WHERE email_add ='{$email_add}') UNION (SELECT `first_name` FROM portalmanager WHERE email_add ='{$email_add}')");
while ($runrows = mysqli_fetch_array($sql)) {
$teacher_first_name = $runrows['first_name'];
}
// generate email to notify user of new generate password
$to = $email_add;
$subject = "Reset of Password from Portal Manager.";
$message = "\r\n\t\t<html>\r\n\t\t<head>\r\n\t\t<title>Reset of Password</title>\r\n\t\t</head>\r\n\t\t<body>\r\n\t\t<p>This email contains your new password!</p>\r\n\t\t<br/>\r\n\t\t<p>Hi {$teacher_first_name}!</p>\r\n\t\t<br/>\r\n\t\t<p>This is your new password {$randompass}.</p>\r\n\t\t<br/>\r\n\t\t<p>Please log in with this password and change your password. Thank you. <p>\r\n\t\t<br/>\r\n\t\t<br/>\r\n\t\t<br/>\r\n\t\t<p>Best regards,</p>\r\n\t\t<p>Portal Manager</p>\r\n\t\t<p>Management of Portal Learners</p>\r\n\t\t</body>\r\n\t\t</html>\r\n\t\t";
// HTML headers
$headers = "MIME-Version: 1.0" . "\r\n";
if ($customerId == '' && $carId == '') {
if ($customerId == '') {
$iresult["code"] = "100";
$iresult["msg"] = "Don't have customer ID";
}
if ($carId == '') {
$iresult["code"] = "300";
$iresult["msg"] = "Don't have car ID";
}
} else {
//Select Data
$sql = " SELECT * FROM transportsection WHERE carId = '" . $carId . "'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
$invID = str_pad($customerId, 4, '0', STR_PAD_LEFT);
$genCode = 'G' . $invID . createRandomPassword();
//Update driverhistory Data
$sql_status = "UPDATE driverhistory ";
$sql_status .= "SET carId = '" . $carId . "', ";
$sql_status .= "mobileId = '" . $row['mobileId'] . "', ";
$sql_status .= "driverId = '" . $row['driverId'] . "', ";
$sql_status .= "garageId = '" . $row['garageId'] . "', ";
$sql_status .= "generateCode = '" . $genCode . "', ";
$sql_status .= "statusWork = '4' ";
$sql_status .= "WHERE statusWork = '' AND customerId='" . $customerId . "'";
mysql_query($sql_status);
//echo $sql_status;
//Update Car Status
$sql_status_car = "UPDATE car SET carStatusId = '4' WHERE carId='" . $carId . "'";
mysql_query($sql_status_car);
$iresult["code"] = "200";
if (isset($id) && isset($p)) {
if ($user = get_record("user", array("id" => $id))) {
if ($user->description == $p) {
$datam = array();
$datam['password'] = md5($p);
$datam['id'] = $user->id;
$id = insert_record("user", $datam);
echo 'Your new password is: ' . $p . '';
die;
}
}
}
if ($email) {
if ($user = get_record("user", array("email" => $email))) {
$datam = array();
$datam['description'] = createRandomPassword();
$datam['id'] = $user->id;
$id = insert_record("user", $datam);
$subject = "Password Restore";
$message = "Hello!\n\nIf you need new password, please open this link in your browser: " . $CFG['wwwroot'] . "/admin/login.php?id=" . $id . "&p=" . $datam['description'] . "\n\n";
$to = $email;
//$headers = 'From: support@netcourse.org' . "\r\n" .
// 'Reply-To: support@netcourse.org';
mail($to, $subject, $message);
echo "Please check your email now";
die;
} else {
echo "Incorrect email!";
die;
}
}
function password($email)
{
global $a, $text_passreset_mail_body, $text_passreset_mail_subject;
$res = $a->user->select("login='******' and email='{$email}'");
if ($res != null) {
$clave = createRandomPassword();
$sql = "update user set password='******' where login='******' and email='{$email}'";
$a->conn->query($sql);
$res->fetch($tuser);
$asunto = sprintf($text_passreset_mail_subject, $this->web->domain);
$ip = get_client_ip();
$printIP = '<br /><br />-----------------------<br />Recibido el <b>' . date('d M Y H:i:s') . '</b> desde la ip remota <a href="http://geoiptool.com/en/?IP=' . $ip . '"><b>' . $ip . '</b></a><br />-----------------------<br /><br />';
require_once 'admin/emails/header.php';
$body = $htmlHeader;
$body .= sprintf($text_passreset_mail_body, $tuser->name . ' ' . $tuser->surname, $this->web->domain, $clave);
$res = "";
$body .= $htmlFooter;
$resultado = mandar_email($asunto, $body, $email, "", "", "", "", "0");
return 2;
} else {
return 0;
}
}
function Main()
{
header('Content-Type: text/html; charset=iso-8859-1');
if ($_POST['txtEmail'] && $_POST['txtNome'] && $_POST['txtResposta'] && $_SESSION['resp_perg']) {
if ($_SESSION['resp_perg'] == $_POST['txtResposta']) {
$senha = createRandomPassword();
$intRet = AlteraSenha($senha);
switch ($intRet) {
case 1:
$tpl = file_get_contents("tpl/frm-recover-ok.html");
break;
case -1:
$tpl = file_get_contents("tpl/frm-recover-dadosinc.html");
break;
case -2:
case -3:
case -4:
$tpl = file_get_contents("tpl/frm-recover-erro.html");
break;
}
} else {
$tpl = MontaJanela(true);
}
} else {
$tpl = MontaJanela(false);
}
echo Comuns::Idioma($tpl);
}
$err .= i18n_r('WEBSITEURL_ERROR') . '<br />';
}
if ($_POST['user'] != '') {
$USR = strtolower($_POST['user']);
} else {
$err .= i18n_r('USERNAME_ERROR') . '<br />';
}
if (!check_email_address($_POST['email'])) {
$err .= i18n_r('EMAIL_ERROR') . '<br />';
} else {
$EMAIL = $_POST['email'];
}
# if there were no errors, continue setting up the site
if ($err == '') {
# create new password
$random = createRandomPassword();
$PASSWD = passhash($random);
# create user xml file
$file = _id($USR) . '.xml';
createBak($file, GSUSERSPATH, GSBACKUSERSPATH);
$xml = new SimpleXMLElement('<item></item>');
$xml->addChild('USR', $USR);
$xml->addChild('PWD', $PASSWD);
$xml->addChild('EMAIL', $EMAIL);
$xml->addChild('HTMLEDITOR', '1');
$xml->addChild('TIMEZONE', $TIMEZONE);
$xml->addChild('LANG', $LANG);
if (!XMLsave($xml, GSUSERSPATH . $file)) {
$kill = i18n_r('CHMOD_ERROR');
}
# create password change trigger file
function forgotPassSubmit()
{
global $debugMode, $optionValue, $config, $lang, $authors, $authorsEmail, $separator, $authorsPass, $blogPath, $authorsActCode, $authorsActStatus;
global $theme_main, $public_data, $SHP;
$theme_main['content'] = "";
$authorFileName = $config['authorFile'];
$theme_main['content'] .= "<h3>" . $lang['titleForgotPass'] . "</h3>";
$do = 1;
if (!isset($_SESSION['logged_in']) && !in_array('"' . $_POST['addAuthor'] . '"', $authors)) {
if (!$SHP->hooks_exist('hook-forgotpass-replace')) {
$addAuthor = $_POST['addAuthor'];
$addEmail = $authorsEmail[$addAuthor];
if (trim($addAuthor) == "") {
$theme_main['content'] .= $lang['errorAllFields'] . '<br>';
$do = 0;
}
if (strtolower(trim($addAuthor)) == "admin") {
$theme_main['content'] .= $lang['errorForbiddenAuthor'] . '<br>';
$do = 0;
}
}
unset($GLOBALS['$public_data']);
$public_data['do'] = $do;
if ($SHP->hooks_exist('hook-forgotpass-validate')) {
$SHP->execute_hooks('hook-forgotpass-validate', $public_data);
}
$do = $public_data['do'];
if ($do == 1) {
$fp = fopen($authorFileName, "w");
fwrite($fp, '<?php /*');
fwrite($fp, "\n");
foreach ($authors as $value) {
$authorsDelete = false;
if (strcmp($value, $addAuthor) == 0) {
$authorsPassText = createRandomPassword();
$authorsPass[$value] = md5($config['randomString'] . $authorsPassText);
}
$authorLine = $value . $separator . $authorsPass[$value] . $separator . $authorsEmail[$value] . $separator . $authorsActCode[$value] . $separator . $authorsActStatus[$value] . "\n";
fwrite($fp, $authorLine);
}
fwrite($fp, '*/ ?>');
fclose($fp);
$subject = "PRITLOG: " . $lang['titleForgotPassSub'];
$message = $addAuthor . ",\n\n" . $lang['msgMail10'] . "...\n\n" . $lang['pageAuthorsNewEmail'] . ": " . $addEmail . "\n" . $lang['pageAuthorsNew'] . ": " . $addAuthor . "\n" . $lang['pageNewPassword'] . ": " . $authorsPassText . "\n\n" . $lang['titleRegisterAutoMsg'] . "\n\n";
// To send HTML mail, the Content-type header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
//$headers .= 'To: '.$addEmail. "\r\n";
$headers = 'From: Pritlog <' . $config['sendMailWithNewCommentMail'] . '>' . "\r\n";
if (mail($addEmail, $subject, $message, $headers)) {
$theme_main['content'] .= '<br>' . $lang['titleForgotPassMsg'];
} else {
$theme_main['content'] .= '<br>' . $lang['msgMail9'] . '.<br>';
}
if ($SHP->hooks_exist('hook-forgotpass-success')) {
$SHP->execute_hooks('hook-forgotpass-success');
}
} else {
$theme_main['content'] .= $lang['errorPleaseGoBack'];
if ($SHP->hooks_exist('hook-forgotpass-fail')) {
$SHP->execute_hooks('hook-forgotpass-fail');
}
}
} else {
echo $lang['errorInvalidRequest'] . "<br>";
}
}
