case 2:
$name = '';
$email = '';
if (!empty($_POST['nutz'])) {
$name = escape($_POST['nutz'], 'string');
}
if (!empty($_POST['email'])) {
$email = escape($_POST['email'], 'string');
}
$ch_name = false;
$xname = escape_nickname($name);
if (!empty($name) and $xname == $name and 0 == db_result(db_query("SELECT COUNT(*) FROM `prefix_user` WHERE `name_clean` = BINARY '" . get_lower($name) . "'"), 0)) {
$ch_name = true;
}
$ch_email = false;
$xemail = escape_for_email($email);
if (!empty($email) and $xemail == $email and 0 == db_result(db_query("SELECT COUNT(*) FROM `prefix_user` WHERE `email` = BINARY '" . get_lower($email) . "'"), 0)) {
$ch_email = true;
}
if (empty($name) or empty($email) or $name != $xname or $ch_name == false or $email != $xemail or $ch_email == false) {
$title = $allgAr['title'] . ' :: Users :: Registrieren :: Step 2 von 3';
$hmenu = $extented_forum_menu . '<a class="smalfont" href="?user">User</a><b> » </b><a class="smalfont" href="?user-regist">Registrieren</a><b> » </b>Step 2 von 3' . $extented_forum_menu_sufix;
$header = array('jquery/pstrength-min.1.2.js', 'jquery/pstrength.css', 'jquery/jquery.validate.js', 'forms/regist.js');
$design = new design($title, $hmenu, 1);
$design->header($header);
if (empty($name) or empty($email)) {
$fehler = $lang['yourdata'];
} elseif ($name != $xname) {
$fehler = $lang['wrongnickname'];
} elseif ($ch_name == false) {
$fehler = $lang['namealreadyinuse'];
<td class="Cmite">Deine eMail</td>
<td class="Cnorm"><input type="text" name="email" value="<?php
echo $_POST['email'];
?>
"></td>
</tr><tr class="Cnorm">
<td class="Cmite" v>Nachricht</td>
<td class="Cnorm"><textarea cols="40" rows="10" name="txt"><?php
echo $_POST['txt'];
?>
</textarea></td>
</tr><tr class="Cdark">
<td></td>
<td><input type="submit" name="send" value="<?php
echo $lang['formsub'];
?>
"></td>
</tr>
</table></form>
<?php
} else {
$_SESSION['klicktime'] = time();
if (1 == $row['opt_mail']) {
icmail($row['email'], strip_tags($_POST['bet']), strip_tags($_POST['txt']), 'SeitenKontakt <' . escape_for_email($_POST['email']) . '>');
wd('index.php?forum', 'Die eMail wurde erfolgreich versendet');
} else {
header('location: index.php?' . $allAr['smodul']);
exit;
}
}
$design->footer();
$hmenu = 'Kontakt';
$design = new design($title, $hmenu);
$design->header();
$erg = db_query("SELECT v2,t1,v1 FROM prefix_allg WHERE k = 'kontakt'");
$row = db_fetch_assoc($erg);
$k = explode('#', $row['t1']);
$name = '';
$mail = '';
$subject = '';
$wer = '';
$text = '';
if (!empty($_POST['wer']) and !empty($_POST['mail']) and !empty($_POST['txt']) and !empty($_POST['name']) and !empty($_POST['subject']) and chk_antispam('contact')) {
$name = escape_for_email($_POST['name']);
$mail = escape_for_email($_POST['mail']);
$subject = escape_for_email($_POST['subject'], true);
$wer = escape_for_email($_POST['wer']);
$text = $_POST['txt'];
$wero = FALSE;
foreach ($k as $a) {
$e = explode('|', $a);
if (md5($e[0]) == $wer) {
$wero = TRUE;
$wer = $e[0];
break;
}
}
if (strpos($text, 'Content-Type:') === FALSE and strpos($text, 'MIME-Version:') === FALSE and strpos($mail, '@') !== FALSE and $wero === TRUE and strlen($name) <= 30 and strlen($mail) <= 30 and strlen($text) <= 5000 and $mail != $name and $name != $text and $text != $mail) {
$subject = "Kontakt: " . $subject;
if (icmail($wer, $subject, $text, $name . " <" . $mail . ">")) {
echo $lang['emailsuccessfullsend'];
} else {
function user_login_check($auto = false)
{
global $allgAr, $menu;
$formpassed = false;
$cn = session_und_cookie_name();
if (isset($_POST['user_login_sub']) and isset($_POST['email']) and isset($_POST['pass'])) {
debug('posts vorhanden');
// prüfen ob Eingabe = Email oder Username
if (preg_match('/^[^@]+@[a-zA-Z0-9._-]+\\.[a-zA-Z]+$/', $_POST['email'], $matsch)) {
$lower = get_lower($_POST['email']);
$value = escape_for_email($lower);
$term = "email = BINARY '" . $value . "'";
debug('Login mit Email: ' . $value);
} else {
$lower = get_lower($_POST['email']);
$value = escape($lower, 'string');
$term = "name_clean = '" . $value . "'";
debug('Login mit Nickname: ' . $value);
}
if ($lower != $value) {
return false;
}
$erg = db_query("SELECT `name`,`id`,`recht`,`pass`,`llogin`, `sperre` FROM `prefix_user` WHERE " . $term);
$formpassed = true;
} elseif ($auto) {
$dat = explode('=', $_COOKIE[$cn]);
$id = $pw = 0;
if (isset($dat[0])) {
$id = escape($dat[0], 'integer');
}
if (isset($dat[1])) {
$pw = $dat[1];
}
debug(' pw ' . $pw);
debug(' id ' . $id);
$erg = db_query("SELECT `name`,`id`,`recht`,`pass`,`llogin`,`sperre` FROM `prefix_user` WHERE `id` = " . $id);
}
if (isset($erg) and db_num_rows($erg) == 1) {
$row = db_fetch_assoc($erg);
debug('user gefunden... ' . $row['name']);
if ($row['sperre'] == 1) {
debug('user gesperrt... ' . $row['name']);
return false;
} elseif (!$auto and $row['pass'] == md5($_POST['pass']) or $auto and $row['pass'] == $pw) {
debug('passwort stimmt ... ' . $row['name']);
$_SESSION['authname'] = $row['name'];
$_SESSION['authid'] = (int) $row['id'];
$_SESSION['authright'] = (int) $row['recht'];
$_SESSION['authlang'] = $allgAr['lang'];
$_SESSION['lastlogin'] = (int) $row['llogin'];
$_SESSION['authsess'] = $cn;
$_SESSION['sperre'] = $row['sperre'];
db_query('DELETE FROM `prefix_online` WHERE `uid` = ' . $_SESSION['authid'] . ' AND `sid` != "' . session_id() . '"');
db_query('UPDATE `prefix_online` SET `uid` = ' . $_SESSION['authid'] . ' WHERE `sid` = "' . session_id() . '"');
$cookiepath = str_replace('\\', '/', dirname($_SERVER['SCRIPT_NAME']));
if (strlen($cookiepath) > 1) {
$cookiepath .= '/';
}
setcookie($cn, $row['id'] . '=' . $row['pass'], strtotime('+1 year'), $cookiepath, '', false, true);
user_set_grps_and_modules();
return true;
}
}
if ($formpassed) {
$menu->set_url(0, 'user');
$menu->set_url(1, 'login');
}
return false;
}
function icmail($mail, $bet, $txt, $from = '', $html = false)
{
global $allgAr;
include_once 'include/includes/libs/phpmailer/class.phpmailer.php';
$mailer = new PHPMailer();
if (empty($from)) {
$mailer->From = $allgAr['adminMail'];
$mailer->FromName = $allgAr['allg_default_subject'];
} elseif (preg_match('%(.*) <([\\w\\.-]*@[\\w\\.-]*)>%i', $from, $tmp)) {
$mailer->From = trim($tmp[2]);
$mailer->FromName = trim($tmp[1]);
} elseif (preg_match('%([\\w\\.-]*@[\\w\\.-]*)%i', $from, $tmp)) {
$mailer->From = trim($tmp[1]);
$mailer->FromName = '';
}
if ($allgAr['mail_smtp']) {
// SMTP Versand
$smtpser = @db_result(db_query('SELECT `t1` FROM `prefix_allg` WHERE `k` = "smtpconf"'));
if (empty($smtpser)) {
echo '<span style="font-size: 2em; color: red;">Mailversand muss konfiguriert werden!</span><br />';
} else {
$smtp = unserialize($smtpser);
$mailer->IsSMTP();
$mailer->Host = $smtp['smtp_host'];
$mailer->SMTPAuth = $smtp['smtp_auth'] == 'no' ? false : true;
if ($smtp['smtp_auth'] == 'ssl' or $smtp['smtp_auth'] == 'tls') {
$mailer->SMTPSecure = $smtp['smtp_auth'];
}
if (!empty($smtp['smtp_port'])) {
$mailer->Port = $smtp['smtp_port'];
}
$mailer->AddReplyTo($mailer->From, $mailer->FromName);
if ($smtp['smtp_changesubject'] and $mailer->From != $smtp['smtp_email']) {
$bet = '(For ' . $mailer->FromName . ' - ' . $mailer->From . ') ' . $bet;
$mailer->From = $smtp['smtp_email'];
}
$mailer->Username = $smtp['smtp_login'];
require_once 'include/includes/libs/AzDGCrypt.class.inc.php';
$cr64 = new AzDGCrypt(DBDATE . DBUSER . DBPREF);
$mailer->Password = $cr64->decrypt($smtp['smtp_pass']);
if ($smtp['smtp_pop3beforesmtp'] == 1) {
include_once 'include/includes/libs/phpmailer/class.pop3.php';
$pop = new POP3();
$pop3port = !empty($smpt['smtp_pop3port']) ? $smpt['smtp_pop3port'] : 110;
$pop->Authorise($smpt['smtp_pop3host'], $pop3port, 5, $mailer->Username, $mailer->Password, 1);
}
}
// $mailer->SMTPDebug = true;
}
if (is_array($mail)) {
if ($mail[0] == 'bcc') {
array_shift($mail);
foreach ($mail as $m) {
$mailer->AddBCC(escape_for_email($m));
}
$mailer->AddAddress($mailer->From);
} else {
foreach ($mail as $m) {
$mailer->AddAddress(escape_for_email($mail));
}
}
} else {
$mailer->AddAddress(escape_for_email($mail));
}
$mailer->Subject = escape_for_email($bet, true);
$txt = str_replace("\r", "\n", str_replace("\r\n", "\n", $txt));
if ($html) {
$mailer->IsHTML(true);
$mailer->AltBody = strip_tags($txt);
}
$mailer->Body = $txt;
if ($mailer->Send()) {
return true;
} else {
if (is_coadmin()) {
echo "<h2 style=\"color:red;\">Mailer Error: " . $mailer->ErrorInfo . '</h2>';
}
return false;
}
}
$flagsar = get_nationality_array();
foreach ($flagsar as $key => $value) {
if ($outar['nation'] == $key) {
$outar['nationen'] .= '<option value="' . $key . '" selected="selected">' . $value . '</option>';
} else {
$outar['nationen'] .= '<option value="' . $key . '" >' . $value . '</option>';
}
}
$outar['aktuellesLogo'] = '<img src="include/images/opponents/thumb_' . $outar['logo'] . '"/>';
if (isset($_POST['editsubmit']) and chk_antispam('adminuser_action', true)) {
$editclantag = @escape($_POST['editgegnertag'], 'string');
$editclanname = @escape($_POST['editclanname'], 'string');
$editurl = escape($_POST['editwebsite'], 'url');
$editnation = escape($_POST['editnation'], 'string');
$editicq = escape($_POST['editicq'], 'integer');
$editemail = escape_for_email($_POST['editemail']);
$updir = 'include/images/opponents/';
$this_id = $getid;
$outar['thumbwidth'] = 100;
if (!empty($_FILES['editlogo']['tmp_name'])) {
$uploadname = $getid . '_' . $_FILES["editlogo"]["name"];
if ($getpicname != '.no-image-opponent.png' and $getpicname != 'thumb_.no-image-opponent.png') {
@unlink('include/images/opponents/' . $getpicname . '');
@unlink('include/images/opponents/thumb_' . $getpicname . '');
}
move_uploaded_file($_FILES["editlogo"]["tmp_name"], $updir . $uploadname);
create_thumb($updir . $uploadname, $updir . 'thumb_' . $uploadname, $outar['thumbwidth']);
} else {
$uploadname = $getpicname;
}
// DB UPDATE
