err_msg($language["ERROR"], $language["INS_NEW_PWD"]); stdfoot(); exit; } elseif ($_POST["new_pwd"] != $_POST["new_pwd1"]) { err_msg($language["ERROR"], $language["DIF_PASSWORDS"]); stdfoot(); exit; } else { $respwd = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}users WHERE id={$uid} AND password='******' AND username="******"username"]) . ""); if (!$respwd || mysql_num_rows($respwd) == 0) { err_msg($language["ERROR"], $language["ERR_RETR_DATA"]); } else { $arr = mysql_fetch_assoc($respwd); do_sqlquery("UPDATE {$TABLE_PREFIX}users SET password='******' WHERE id={$uid} AND password='******' AND username="******"username"]) . "") or die(mysql_error()); if ($GLOBALS["FORUMLINK"] == "smf") { $passhash = smf_passgen($CURUSER["username"], $_POST["new_pwd"]); do_sqlquery("UPDATE {$db_prefix}members SET passwd='{$passhash['0']}', passwordSalt='{$passhash['1']}' WHERE ID_MEMBER=" . $arr["smf_fid"]) or die(mysql_error()); } success_msg($language["PWD_CHANGED"], "" . $language["NOW_LOGIN"] . "<br /><a href=\"index.php?page=login\">Go</a>"); stdfoot(true, false); } } break; case '': case 'change': default: $pwdtpl = array(); $pwdtpl["frm_action"] = "index.php?page=usercp&do=pwd&action=post&uid=" . $uid . ""; $pwdtpl["frm_cancel"] = "index.php?page=usercp&uid=" . $uid . ""; $usercptpl->set("pwd", $pwdtpl); break;
function aggiungiutente() { global $SITENAME, $SITEEMAIL, $BASEURL, $VALIDATION, $USERLANG, $USE_IMAGECODE, $TABLE_PREFIX, $XBTT_USE, $language, $THIS_BASEPATH, $FORUMLINK, $db_prefix; $utente = mysql_escape_string($_POST["user"]); $pwd = mysql_escape_string($_POST["pwd"]); $pwd1 = mysql_escape_string($_POST["pwd1"]); $email = mysql_escape_string($_POST["email"]); $idlangue = intval($_POST["language"]); $idstyle = intval($_POST["style"]); $idflag = intval($_POST["flag"]); $timezone = intval($_POST["timezone"]); if (strtoupper($utente) == strtoupper("Guest")) { err_msg($language["ERROR"], $language["ERR_GUEST_EXISTS"]); stdfoot(); exit; } if ($pwd != $pwd1) { err_msg($language["ERROR"], $language["DIF_PASSWORDS"]); stdfoot(); exit; } if ($VALIDATION == "none") { $idlevel = 3; } else { $idlevel = 2; } # Create Random number $floor = 100000; $ceiling = 999999; srand((double) microtime() * 1000000); $random = rand($floor, $ceiling); if ($utente == "" || $pwd == "" || $email == "") { return -1; exit; } $res = do_sqlquery("SELECT email FROM {$TABLE_PREFIX}users WHERE email='{$email}'"); if (mysql_num_rows($res) > 0) { return -2; exit; } // valid email check - by vibes $regex = "^[_+a-z0-9-]+(\\.[_+a-z0-9-]+)*" . "@[a-z0-9-]+(\\.[a-z0-9-]{1,})*" . "\\.([a-z]{2,}){1}\$"; if (!eregi($regex, $email)) { return -3; exit; } // valid email check end // duplicate username $res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE username='******'"); if (mysql_num_rows($res) > 0) { return -4; exit; } // duplicate username if (strpos(mysql_escape_string($utente), " ") == true) { return -7; exit; } if ($USE_IMAGECODE) { if (extension_loaded('gd')) { $arr = gd_info(); if ($arr['FreeType Support'] == 1) { $public = $_POST['public_key']; $private = $_POST['private_key']; $p = new ocr_captcha(); if ($p->check_captcha($public, $private) != true) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } $bannedchar = array("\\", "/", ":", "*", "?", "\"", "@", "\$", "'", "`", ",", ";", ".", "<", ">", "!", "£", "%", "^", "&", "(", ")", "+", "=", "#", "~"); if (straipos(mysql_escape_string($utente), $bannedchar) == true) { return -8; exit; } if (strlen(mysql_real_escape_string($pwd)) < 4) { return -9; exit; } $pid = md5(uniqid(rand(), true)); do_sqlquery("INSERT INTO {$TABLE_PREFIX}users (username, password, random, id_level, email, style, language, flag, joined, lastconnect, pid, time_offset) VALUES ('{$utente}', '" . md5($pwd) . "', {$random}, {$idlevel}, '{$email}', {$idstyle}, {$idlangue}, {$idflag}, NOW(), NOW(),'{$pid}', '" . $timezone . "')", true); $newuid = mysql_insert_id(); // Continue to create smf members if they disable smf mode // $test=do_sqlquery("SELECT COUNT(*) FROM {$db_prefix}members"); $test = do_sqlquery("SHOW TABLES LIKE '{$db_prefix}members'"); if ($FORUMLINK == "smf" || mysql_num_rows($test)) { $smfpass = smf_passgen($utente, $pwd); $flevel = $idlevel + 10; do_sqlquery("INSERT INTO {$db_prefix}members (memberName, dateRegistered, ID_GROUP, realName, passwd, emailAddress, memberIP, memberIP2, is_activated, passwordSalt) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')"); $fid = mysql_insert_id(); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = {$fid} WHERE `variable` = 'latestMember'"); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = '{$utente}' WHERE `variable` = 'latestRealName'"); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = UNIX_TIMESTAMP() WHERE `variable` = 'memberlist_updated'"); do_sqlquery("UPDATE {$TABLE_PREFIX}users SET smf_fid={$fid} WHERE id={$newuid}"); } // xbt if ($XBTT_USE) { $resin = do_sqlquery("INSERT INTO xbt_users (uid, torrent_pass) VALUES ({$newuid},'{$pid}')"); } if ($VALIDATION == "user") { ini_set("sendmail_from", ""); if (mysql_errno() == 0) { send_mail($email, $language["ACCOUNT_CONFIRM"], $language["ACCOUNT_MSG"] . "\n\n" . $BASEURL . "/index.php?page=account&act=confirm&confirm={$random}&language={$idlangue}"); write_log("Signup new user {$utente} ({$email})", "add"); } else { die(mysql_error()); } } return mysql_errno(); }
} // If we've reached this point we can set the cookies // call the logoutcookie function for good measure, just in case we have some old cookies that need destroying. logoutcookie(); // Then login logincookie($row, $user); if (substr($FORUMLINK, 0, 3) == "smf" && $smf_pass == $row["passwd"]) { $new_smf_salt = substr(md5(rand()), 0, 4); do_sqlquery("UPDATE `{$db_prefix}members` SET " . ($FORUMLINK == "smf" ? "`passwordSalt`" : "`password_salt`") . "='" . $new_smf_salt . "' WHERE " . ($FORUMLINK == "smf" ? "`ID_MEMBER`" : "`id_member`") . "=" . $row["smf_fid"], true); set_smf_cookie($row["smf_fid"], $row["passwd"], $new_smf_salt); } elseif (substr($FORUMLINK, 0, 3) == "smf" && $row["pass_type"] == 1 && $row["password"] == $row["passwd"]) { $salt = substr(md5(rand()), 0, 4); do_sqlquery("UPDATE `{$db_prefix}members` SET `passwd`='{$smf_pass}', " . ($FORUMLINK == "smf" ? "`passwordSalt`='{$salt}' WHERE `ID_MEMBER`" : "`password_salt`='{$salt}' WHERE `id_member`") . "=" . $row["smf_fid"]); set_smf_cookie($row["smf_fid"], $smf_pass, $salt); } elseif (substr($FORUMLINK, 0, 3) == "smf" && $row["passwd"] == "ffffffffffffffffffffffffffffffffffffffff") { $fix_pass = smf_passgen($user, $pwd); do_sqlquery("UPDATE `{$db_prefix}members` SET `passwd`='" . $fix_pass[0] . "', " . ($FORUMLINK == "smf" ? "`passwordSalt`='" . $fix_pass[1] . "' WHERE `ID_MEMBER`" : "`password_salt`='" . $fix_pass[1] . "' WHERE `id_member`") . "=" . $row["smf_fid"]); set_smf_cookie($row["smf_fid"], $fix_pass[0], $fix_pass[1]); } elseif ($FORUMLINK == "ipb") { if ($row["members_pass_hash"] == "ffffffffffffffffffffffffffffffff") { if (!defined('IPS_ENFORCE_ACCESS')) { define('IPS_ENFORCE_ACCESS', true); } if (!defined('IPB_THIS_SCRIPT')) { define('IPB_THIS_SCRIPT', 'public'); } if (!isset($THIS_BASEPATH) || empty($THIS_BASEPATH)) { $THIS_BASEPATH = dirname(__FILE__); } require_once $THIS_BASEPATH . '/ipb/initdata.php'; require_once IPS_ROOT_PATH . 'sources/base/ipsRegistry.php';
} elseif (preg_match($pattern4, substr($pass, $pass_position, 1), $matches)) { $sym_count++; } } $newpassword = pass_the_salt(30); if ($lct_count < $pass_min_req[1] || $uct_count < $pass_min_req[2] || $num_count < $pass_min_req[3] || $sym_count < $pass_min_req[4]) { stderr($language["ERROR"], $language["ERR_PASS_TOO_WEAK_1A"] . ":<br /><br />" . ($pass_min_req[1] > 0 ? "<li><span style='color:blue;font-weight:bold;'>" . $pass_min_req[1] . "</span> " . ($pass_min_req[1] == 1 ? $language["ERR_PASS_TOO_WEAK_2"] : $language["ERR_PASS_TOO_WEAK_2A"]) . "</li>" : "") . ($pass_min_req[2] > 0 ? "<li><span style='color:blue;font-weight:bold;'>" . $pass_min_req[2] . "</span> " . ($pass_min_req[2] == 1 ? $language["ERR_PASS_TOO_WEAK_3"] : $language["ERR_PASS_TOO_WEAK_3A"]) . "</li>" : "") . ($pass_min_req[3] > 0 ? "<li><span style='color:blue;font-weight:bold;'>" . $pass_min_req[3] . "</span> " . ($pass_min_req[3] == 1 ? $language["ERR_PASS_TOO_WEAK_4"] : $language["ERR_PASS_TOO_WEAK_4A"]) . "</li>" : "") . ($pass_min_req[4] > 0 ? "<li><span style='color:blue;font-weight:bold;'>" . $pass_min_req[4] . "</span> " . ($pass_min_req[4] == 1 ? $language["ERR_PASS_TOO_WEAK_5"] : $language["ERR_PASS_TOO_WEAK_5A"]) . "</li>" : "") . "<br />" . $language["ERR_PASS_TOO_WEAK_6"] . ":<br /><br /><span style='color:blue;font-weight:bold;'>" . $newpassword . "</span><br />"); } $un = !empty($new_username) && $new_username != $curu["username"] ? $new_username : $curu["username"]; $multipass = hash_generate(array("salt" => ""), $pass, $un); $j = $btit_settings["secsui_pass_type"]; $set[] = "`password`=" . sqlesc($multipass[$j]["rehash"]); $set[] = "`salt`=" . sqlesc($multipass[$j]["salt"]); $set[] = "`pass_type`=" . sqlesc($j); $set[] = "`dupe_hash`=" . sqlesc($multipass[$j]["dupehash"]); $passhash = smf_passgen($un, $pass); $smfset[] = '`passwd`=' . sqlesc($passhash[0]); $smfset[] = '`password' . ($FORUMLINK == "smf" ? "S" : "_s") . 'alt`=' . sqlesc($passhash[1]); if ($FORUMLINK == "ipb") { $ipbhash = ipb_passgen($pass); IPSMember::save($ipb_fid, array("members" => array("member_login_key" => "", "member_login_key_expire" => "0", "members_pass_hash" => "{$ipbhash['0']}", "members_pass_salt" => "{$ipbhash['1']}"))); } } $set[] = "block_comment='" . (isset($_POST["block_comment"]) ? "yes" : "no") . "'"; $set[] = "sbox='" . (isset($_POST["sbox"]) ? "yes" : "no") . "'"; //user images $set[] = "dona='" . (isset($_POST["dona"]) ? "yes" : "no") . "'"; $set[] = "donb='" . (isset($_POST["donb"]) ? "yes" : "no") . "'"; $set[] = "birt='" . (isset($_POST["birt"]) ? "yes" : "no") . "'"; $set[] = "mal='" . (isset($_POST["mal"]) ? "yes" : "no") . "'"; $set[] = "fem='" . (isset($_POST["fem"]) ? "yes" : "no") . "'";
srand((double) microtime() * 1000000); $random = rand($floor, $ceiling); // finally insert new user $pid = md5(uniqid(rand(), true)); $multipass = hash_generate(array("salt" => ""), $_POST["pwd"], $_POST["username"]); $i = $btit_settings["secsui_pass_type"]; do_sqlquery("INSERT INTO `{$TABLE_PREFIX}users` (`username`, `password`, `salt`, `pass_type`, `dupe_hash`, `random`, `id_level`, `email`, `style`, `language`, `joined`, `lastconnect`, `pid`) VALUES ('" . $username . "', '" . mysqli_real_escape_string($DBDT, $multipass[$i]["rehash"]) . "', '" . mysqli_real_escape_string($DBDT, $multipass[$i]["salt"]) . "', '" . $i . "', '" . mysqli_real_escape_string($DBDT, $multipass[$i]["dupehash"]) . "', " . $random . ", " . $idlevel . ", '" . $email . "', " . $idstyle . ", " . $idlangue . ", NOW(), NOW(),'" . $pid . "')", true); $newuid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res; if (!isset($db_prefix)) { $db_prefix = "smf_"; } // Continue to create smf members if they disable smf mode // $test=do_sqlquery("SELECT COUNT(*) FROM {$db_prefix}members"); $test = do_sqlquery("SHOW TABLES LIKE '{$db_prefix}members'"); if (substr($FORUMLINK, 0, 3) == "smf" || mysqli_num_rows($test)) { $smfpass = smf_passgen($username, $pwd); $check_lev = get_result("SELECT `smf_group_mirror` FROM `{$TABLE_PREFIX}users_level` WHERE `id`=" . $idlevel); $flevel = $checklev[0]["smf_group_mirror"] > 0 ? $checklev[0]["smf_group_mirror"] : $idlevel + 10; if ($FORUMLINK == "smf") { do_sqlquery("INSERT INTO `{$db_prefix}members` (`memberName`, `dateRegistered`, `ID_GROUP`, `realName`, `passwd`, `emailAddress`, `memberIP`, `memberIP2`, `is_activated`, `passwordSalt`) VALUES ('{$username}', UNIX_TIMESTAMP(), {$flevel}, '{$username}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')"); } else { do_sqlquery("INSERT INTO `{$db_prefix}members` (`member_name`, `date_registered`, `id_group`, `real_name`, `passwd`, `email_address`, `member_ip`, `member_ip2`, `is_activated`, `password_salt`) VALUES ('{$username}', UNIX_TIMESTAMP(), {$flevel}, '{$username}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')"); } $fid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res; do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = {$fid} WHERE `variable` = 'latestMember'"); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = '{$username}' WHERE `variable` = 'latestRealName'"); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = UNIX_TIMESTAMP() WHERE `variable` = 'memberlist_updated'"); do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `smf_fid`={$fid} WHERE `id`={$newuid}"); } // Continue to create ipb members if they disable ipb mode $test = do_sqlquery("SHOW TABLES LIKE '{$ipb_prefix}members'");
} if ($uploaded != $curu['uploaded']) { $xbtset[] = 'uploaded=' . $uploaded; $set[] = 'uploaded=0'; } } else { if ($uploaded != $curu['uploaded']) { $set[] = 'uploaded=' . $uploaded; } if ($downloaded != $curu['downloaded']) { $set[] = 'downloaded=' . $downloaded; } } if ($chpass) { $set[] = 'password='******'passwd=' . sqlesc($passhash[0]); $smfset[] = 'passwordSalt=' . sqlesc($passhash[1]); } $updateset = isset($set) ? implode(',', $set) : ''; $updatesetxbt = isset($xbtset) ? implode(',', $xbtset) : ''; $updatesetsmf = isset($smfset) ? implode(',', $smfset) : ''; if ($updateset != '') { if ($XBTT_USE && $updatesetxbt != '') { quickQuery('UPDATE xbt_users SET ' . $updatesetxbt . ' WHERE uid=' . $uid . ' LIMIT 1;'); } if ($FORUMLINK == 'smf' && $updatesetsmf != '' && !is_bool($smf_fid)) { quickQuery('UPDATE ' . $db_prefix . 'members SET ' . $updatesetsmf . ' WHERE ID_MEMBER=' . $smf_fid . ' LIMIT 1;'); } quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET ' . $updateset . ' WHERE id=' . $uid . ' LIMIT 1;'); success_msg($language['SUCCESS'], $language['INF_CHANGED'] . $note . '<br /><a href="index.php?page=admin&user='******'uid'] . '&code=' . $CURUSER['random'] . '">' . $language['MNU_ADMINCP'] . '</a>');
if ($random != $arr["random"]) { stderr($language["ERROR"], $language["ERR_UPDATE_USER"]); } $email = $arr["email"]; // generate new password; $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; $newpassword = ""; for ($i = 0; $i < 10; $i++) { $newpassword .= $chars[mt_rand(0, strlen($chars) - 1)]; } do_sqlquery("UPDATE {$TABLE_PREFIX}users SET password='******' WHERE id={$id} AND random={$random}", true); if (!mysql_affected_rows()) { stderr($language["ERROR"], $language["ERR_UPDATE_USER"]); } if ($GLOBALS["FORUMLINK"] == "smf") { $passhash = smf_passgen($arr["username"], $newpassword); do_sqlquery("UPDATE {$db_prefix}members SET passwd='{$passhash['0']}', passwordSalt='{$passhash['1']}' WHERE ID_MEMBER=" . $arr["smf_fid"], true); } $body = sprintf($language["RECOVER_EMAIL_2"], $arr["username"], $newpassword, "{$BASEURL}/index.php?page=login", $SITENAME); send_mail($email, "{$SITENAME} " . $language["ACCOUNT_DETAILS"], $body) or stderr($language["ERROR"], $language["ERR_SEND_EMAIL"]); redirect("index.php?page=recover&act=recover_ok&id={$id}&random={$random}"); die; } elseif ($act == "recover_ok") { $id = intval(0 + $_GET["id"]); $random = intval($_GET["random"]); if (!$id || !$random || empty($random) || $random == 0) { stderr($language["ERROR"], $language["ERR_UPDATE_USER"]); } $res = do_sqlquery("SELECT username, email, random" . ($GLOBALS["FORUMLINK"] == "smf" ? ", smf_fid" : "") . " FROM {$TABLE_PREFIX}users WHERE id = {$id}", true); $arr = mysql_fetch_array($res); if ($random != $arr["random"]) {
function aggiungiutente() { global $DBDT, $INVITATIONSON, $VALID_INV, $SITENAME, $SITEEMAIL, $BASEURL, $VALIDATION, $USERLANG, $USE_IMAGECODE, $TABLE_PREFIX, $XBTT_USE, $language, $THIS_BASEPATH, $FORUMLINK, $db_prefix, $btit_settings; $dobdate = $_POST["datepicker"]; $parts = explode('-', $dobdate); $dobday = $parts[0]; $dobmonth = $parts[1]; $dobyear = $parts[2]; $utente = mysqli_real_escape_string($DBDT, $_POST["user"]); $pwd = mysqli_real_escape_string($DBDT, $_POST["pwd"]); $pwd1 = mysqli_real_escape_string($DBDT, $_POST["pwd1"]); $email = mysqli_real_escape_string($DBDT, $_POST["email"]); if (isset($_POST["language"])) { $idlangue = intval($_POST["language"]); } else { $idlangue = max(1, $btit_settings["default_language"]); } if (isset($_POST["style"])) { $idstyle = intval($_POST["style"]); } else { $idstyle = max(1, $btit_settings["default_style"]); } $idflag = intval($_POST["flag"]); $timezone = intval($_POST["timezone"]); $heard = mysqli_real_escape_string($DBDT, $_POST["heardaboutus"]); // Dt Referral if ($btit_settings["ref_on"] == true) { $rid = intval($_POST["refa"]); } // Dt Referral if (strtoupper($utente) == strtoupper("Guest")) { err_msg($language["ERROR"], $language["ERR_GUEST_EXISTS"]); stdfoot(); exit; } if ($pwd != $pwd1) { err_msg($language["ERROR"], $language["DIF_PASSWORDS"]); stdfoot(); exit; } if ($VALIDATION == "none") { $idlevel = 3; } else { $idlevel = 2; } //begin invitation system by dodge if ($INVITATIONSON == "true") { if ($VALID_INV == "true") { $idlevel = 2; } else { $idlevel = 3; } } //end invitation system # Create Random number $floor = 100000; $ceiling = 999999; srand((double) microtime() * 1000000); $random = rand($floor, $ceiling); if ($utente == "" || $pwd == "" || $email == "") { return -1; exit; } $res = do_sqlquery("SELECT email FROM {$TABLE_PREFIX}users WHERE email='{$email}'", true); if (mysqli_num_rows($res) > 0) { return -2; exit; } // valid email check - by vibes $regex = '/\\b[\\w\\.-]+@[\\w\\.-]+\\.\\w{2,4}\\b/i'; if (!preg_match($regex, $email)) { return -3; exit; } // valid email check end //Function changed by fatepower so now the variable checks the right data. //Added the image also. Cheers boys // check if IP is already in use if ($btit_settings["dupip"] == "true") { $ip = getip(); $i = @mysqli_fetch_row(@mysqli_query($GLOBALS["___mysqli_ston"], "SELECT count(*) FROM {$TABLE_PREFIX}users WHERE cip='{$ip}'")) or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); if ($i[0] != 0) { err_msg(ERROR, "[" . $ip . "]<br /><img src=\"images/shared_ip.gif\" border=\"0\" alt=\"\" />"); block_end(); stdfoot(); exit; } } // duplicate username $res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE username='******'", true); if (mysqli_num_rows($res) > 0) { return -4; exit; } // duplicate username if (strpos(mysqli_real_escape_string($DBDT, $utente), " ") == true) { return -7; exit; } if ($btit_settings["gcsw"] == false) { if ($USE_IMAGECODE) { if (extension_loaded('gd')) { $arr = gd_info(); if ($arr['FreeType Support'] == 1) { $public = $_POST['public_key']; $private = $_POST['private_key']; $p = new ocr_captcha(); if ($p->check_captcha($public, $private) != true) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } } else { require_once "include/recaptchalib.php"; // reCAPTCHA supported 40+ languages listed here: https://developers.google.com/recaptcha/docs/language $lang = "en"; // The response from reCAPTCHA $resp = null; // The error code from reCAPTCHA, if any $error = null; $reCaptcha = new ReCaptcha($btit_settings["gcsekk"]); if ($_POST["g-recaptcha-response"]) { $resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], $_POST["g-recaptcha-response"]); } else { err_msg($language["ERROR"], "Recaptcha Not submitted"); stdfoot(); exit; } if ($resp != null && $resp->success) { } else { err_msg($language["ERROR"], "Google reports , you are a Robot !"); stdfoot(); exit; } } $bannedchar = array("\\", "/", ":", "*", "?", "\"", "@", "\$", "'", "`", ",", ";", ".", "<", ">", "!", "£", "%", "^", "&", "(", ")", "+", "=", "#", "~"); if (straipos(mysqli_real_escape_string($DBDT, $utente), $bannedchar) == true) { return -8; exit; } $pass_to_test = $_POST["pwd"]; $pass_min_req = explode(",", $btit_settings["secsui_pass_min_req"]); if (strlen($pass_to_test) < $pass_min_req[0]) { return -9; exit; } $exploded = explode("@", $email); $exploded2 = explode(".", $exploded[1]); $cheapmail = mysqli_real_escape_string($DBDT, $exploded[1]); $cheapmail2 = mysqli_real_escape_string($DBDT, "@" . $exploded2[0] . "."); $mailischeap = do_sqlquery("SELECT `domain` FROM `{$TABLE_PREFIX}cheapmail` WHERE `domain`='" . $cheapmail . "' OR `domain`='" . $cheapmail2 . "'", true); if (@mysqli_num_rows($mailischeap) > 0) { return -999; } $userip = getip(); $signupipblock = @mysqli_fetch_assoc(@mysqli_query($GLOBALS["___mysqli_ston"], "SELECT `id` FROM `{$TABLE_PREFIX}signup_ip_block` WHERE `first_ip` <=INET_ATON('{$userip}') AND `last_ip` >=INET_ATON('{$userip}')")); if ($signupipblock) { return -99; exit; } $lct_count = 0; $uct_count = 0; $num_count = 0; $sym_count = 0; $pass_end = (int) (strlen($pass_to_test) - 1); $pass_position = 0; $pattern1 = '#[a-z]#'; $pattern2 = '#[A-Z]#'; $pattern3 = '#[0-9]#'; $pattern4 = '/[¬!"£$%^&*()`{}\\[\\]:@~;\'#<>?,.\\/\\-=_+\\|]/'; for ($pass_position = 0; $pass_position <= $pass_end; $pass_position++) { if (preg_match($pattern1, substr($pass_to_test, $pass_position, 1), $matches)) { $lct_count++; } elseif (preg_match($pattern2, substr($pass_to_test, $pass_position, 1), $matches)) { $uct_count++; } elseif (preg_match($pattern3, substr($pass_to_test, $pass_position, 1), $matches)) { $num_count++; } elseif (preg_match($pattern4, substr($pass_to_test, $pass_position, 1), $matches)) { $sym_count++; } } if ($lct_count < $pass_min_req[1] || $uct_count < $pass_min_req[2] || $num_count < $pass_min_req[3] || $sym_count < $pass_min_req[4]) { return -998; exit; } $multipass = hash_generate(array("salt" => ""), $_POST["pwd"], $_POST["user"]); $i = $btit_settings["secsui_pass_type"]; $sql = "SELECT value FROM {$TABLE_PREFIX}settings WHERE `key` = \"donate_upload\""; $req = mysqli_query($GLOBALS["___mysqli_ston"], $sql) or die('Erreur SQL !<br />' . $sql . '<br />' . (is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false))); $result = mysqli_fetch_array($req); $credit = $result['value']; $sql = "SELECT value FROM {$TABLE_PREFIX}settings WHERE `key` = \"unit\""; $req = mysqli_query($GLOBALS["___mysqli_ston"], $sql) or die('Erreur SQL !<br />' . $sql . '<br />' . (is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false))); $result = mysqli_fetch_array($req); $unit = $result['value']; mysqli_free_result($req) || is_object($req) && get_class($req) == "mysqli_result" ? true : false; $kb = 1024; $mb = 1024 * 1024; $gb = 1024 * 1024 * 1024; $tb = 1024 * 1024 * 1024 * 1024; if ($unit == 'Kb') { $uploaded = $credit * $kb; } elseif ($unit == 'Mb') { $uploaded = $credit * $mb; } elseif ($unit == 'Gb') { $uploaded = $credit * $gb; } elseif ($unit == 'Tb') { $uploaded = $credit * $tb; } $realdate = checkdate($dobmonth, $dobday, $dobyear); if ($realdate) { $dob = $dobyear . "-" . $dobmonth . "-" . $dobday; $age = userage($dobyear, $dobmonth, $dobday); $dobtime = mktime(0, 0, 0, $dobmonth, $dobday, $dobyear); if ($dobtime > time()) { err_msg($language["ERROR"], $language["ERR_BORN_IN_FUTURE"]); stdfoot(); exit; } elseif ($age < $btit_settings["birthday_lower_limit"]) { err_msg($language["ERROR"], $language["ERR_DOB_1"] . $age . $language["ERR_DOB_2"]); stdfoot(); exit; } elseif ($age > $btit_settings["birthday_upper_limit"]) { err_msg($language["ERROR"], $language["ERR_DOB_1"] . $age . $language["ERR_DOB_2"]); stdfoot(); exit; } } else { err_msg($language["ERROR"], $language["INVALID_DOB_1"] . $dobday . "/" . $dobmonth . "/" . $dobyear . $language["INVALID_DOB_2"]); stdfoot(); exit; } $mtpp = $btit_settings["max_torrents_per_page"]; $pid = md5(uniqid(rand(), true)); $gen = intval($_POST['gen']); do_sqlquery("INSERT INTO `{$TABLE_PREFIX}users` (`username`, `password`, `dob` ,`salt`, `pass_type`, `dupe_hash`, `random`, `id_level`, `email`, `style`, `language`, `flag`, `joined`, `lastconnect`, `pid`, `time_offset`, `whereheard`,`gender` , `torrentsperpage`) VALUES ('" . $utente . "', '" . mysqli_real_escape_string($DBDT, $multipass[$i]["rehash"]) . "', '" . $dob . "' , '" . mysqli_real_escape_string($DBDT, $multipass[$i]["salt"]) . "', '" . $i . "', '" . mysqli_real_escape_string($DBDT, $multipass[$i]["dupehash"]) . "', " . $random . ", " . $idlevel . ", '" . $email . "', " . $idstyle . ", " . $idlangue . ", " . $idflag . ", NOW(), NOW(),'" . $pid . "', '" . $timezone . "','" . $heard . "','" . $gen . "','" . $mtpp . "')", true); $newuid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res; // DT reputation system start $reput = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}reputation_settings WHERE id =1"); $setrep = mysqli_fetch_array($reput); $plus = $setrep["rep_default"]; if ($setrep["rep_is_online"] == 'false') { //do nothing } else { @mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET reputation = reputation + '{$plus}' WHERE id='{$newuid}'"); } // DT reputation system end //begin invitation system by dodge if ($INVITATIONSON == "true") { $inviter = 0 + $_POST["inviter"]; $code = unesc($_POST["code"]); $res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE id = {$inviter}", true); $arr = mysqli_fetch_assoc($res); $invusername = $arr["username"]; do_sqlquery("UPDATE {$TABLE_PREFIX}users SET invited_by='" . $inviter . "' WHERE id='" . $newuid . "'", true); do_sqlquery("UPDATE {$TABLE_PREFIX}invitations SET confirmed='true' WHERE hash='{$code}'", true); $msg = sqlesc($language["WELCOME MESSAGE"]); } //end invitation system //DT referral system start if ($btit_settings["ref_on"] == true) { $rup = $btit_settings["ref_gb"] * 1024 * 1024 * 1024; $rap = $btit_settings["ref_sb"]; do_sqlquery("UPDATE {$TABLE_PREFIX}users SET referral={$rid} where id={$newuid}", true); if ($btit_settings["ref_switch"] == true) { do_sqlquery("UPDATE {$TABLE_PREFIX}users SET uploaded=uploaded + '{$rup}' where id='{$rid}'"); } else { do_sqlquery("UPDATE {$TABLE_PREFIX}users SET seedbonus=seedbonus + '{$rap}' where id='{$rid}'"); } } //DT referral system end do_sqlquery("UPDATE {$TABLE_PREFIX}users SET uploaded={$uploaded} WHERE id={$newuid}", true); // begin - announce new confirmed user in shoutbox if ($btit_settings["sbtwo"] == true) { $al = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}chat ORDER BY id DESC LIMIT 1"); $rw = mysqli_fetch_assoc($al); $ct = $rw["count"] + 1; do_sqlquery("INSERT INTO {$TABLE_PREFIX}chat (uid, time, name, text,count) VALUES (0," . time() . ", 'System','[color=green]Welcome New User :[/color][url={$BASEURL}/index.php?page=userdetails&id={$newuid}]" . $utente . "[/url]'," . $ct . ")"); } // end - announce new confirmed user in shoutbox // Continue to create smf members if they disable smf mode $test = do_sqlquery("SHOW TABLES LIKE '{$db_prefix}members'", true); if (substr($FORUMLINK, 0, 3) == "smf" || mysqli_num_rows($test)) { $smfpass = smf_passgen($utente, $pwd); $fetch = get_result("SELECT `smf_group_mirror` FROM `{$TABLE_PREFIX}users_level` WHERE `id`=" . $idlevel, true, $btit_settings["cache_duration"]); $flevel = $fetch[0]["smf_group_mirror"] > 0 ? $fetch[0]["smf_group_mirror"] : $idlevel + 10; if ($FORUMLINK == "smf") { do_sqlquery("INSERT INTO `{$db_prefix}members` (`memberName`, `dateRegistered`, `ID_GROUP`, `realName`, `passwd`, `emailAddress`, `memberIP`, `memberIP2`, `is_activated`, `passwordSalt`) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')", true); } else { do_sqlquery("INSERT INTO `{$db_prefix}members` (`member_name`, `date_registered`, `id_group`, `real_name`, `passwd`, `email_address`, `member_ip`, `member_ip2`, `is_activated`, `password_salt`) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')", true); } $fid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res; do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = {$fid} WHERE `variable` = 'latestMember'", true); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = '{$utente}' WHERE `variable` = 'latestRealName'", true); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = UNIX_TIMESTAMP() WHERE `variable` = 'memberlist_updated'", true); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = `value` + 1 WHERE `variable` = 'totalMembers'", true); do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `smf_fid`={$fid} WHERE `id`={$newuid}", true); } // Continue to create ipb members if they disable ipb mode $test = do_sqlquery("SHOW TABLES LIKE '{$ipb_prefix}members'"); if ($FORUMLINK == "ipb" || mysqli_num_rows($test)) { ipb_create($utente, $email, $pwd, $idlevel, $newuid); } // xbt if ($XBTT_USE) { $resin = do_sqlquery("INSERT INTO xbt_users (uid, torrent_pass) VALUES ({$newuid},'{$pid}')", true); } include "include/userstuff.php"; $sub = sqlesc("{$GLOBALS['welcome_sub']}"); $mess = sqlesc("{$GLOBALS['welcome_msg']}"); send_pm(0, $newuid, $sub, $mess); if ($INVITATIONSON == "true") { send_pm('2', $newuid, '" . $language["WELCOME"] . "', $msg); if ($VALID_INV == "true") { send_mail($email, "{$SITENAME} " . $language["REG_CONFIRM"] . "", $language["INVIT_MSGINFO"] . "{$email}" . $language["INVIT_MSGINFO1"] . " {$utente}\n" . $language["INVIT_MSGINFO2"] . " {$pwd}\n\n" . $language["INVIT_MSGINFO3"], "From: {$SITENAME} <{$SITEEMAIL}>"); } else { send_mail($email, "{$SITENAME} " . $language["REG_CONFIRM"] . "", $language["INVIT_MSGINFO"] . "{$email}" . $language["INVIT_MSGINFO1"] . " {$utente}\n" . $language["INVIT_MSGINFO2"] . " {$pwd}\n\n\n" . $language["INVIT_MSG_AUTOCONFIRM3"], "From: {$SITENAME} <{$SITEEMAIL}>"); } write_log("Signup new user {$utente} ({$email})", "add"); } else { if ($VALIDATION == "user") { ini_set("sendmail_from", ""); if ((is_object($GLOBALS["___mysqli_ston"]) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false)) == 0) { send_mail($email, $language["ACCOUNT_CONFIRM"], $language["ACCOUNT_MSG"] . "\n\n" . $BASEURL . "/index.php?page=account&act=confirm&confirm={$random}&language={$idlangue}"); write_log("Signup new user {$utente} ({$email})", "add"); } else { die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); } } } return is_object($GLOBALS["___mysqli_ston"]) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false); }
function aggiungiutente() { global $SITENAME, $SITEEMAIL, $BASEURL, $VALIDATION, $USERLANG, $USE_IMAGECODE, $TABLE_PREFIX, $XBTT_USE, $language, $THIS_BASEPATH, $FORUMLINK, $db_prefix, $btit_settings; $utente = isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $_POST["user"]) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : ""); $pwd = isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $_POST["pwd"]) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : ""); $pwd1 = isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $_POST["pwd1"]) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : ""); $email = isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $_POST["email"]) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : ""); $idlangue = intval($_POST["language"]); $idstyle = intval($_POST["style"]); $idflag = intval($_POST["flag"]); $timezone = intval($_POST["timezone"]); if (strtoupper($utente) == strtoupper("Guest")) { err_msg($language["ERROR"], $language["ERR_GUEST_EXISTS"]); stdfoot(); exit; } if ($pwd != $pwd1) { err_msg($language["ERROR"], $language["DIF_PASSWORDS"]); stdfoot(); exit; } if ($VALIDATION == "none") { $idlevel = 3; } else { $idlevel = 2; } # Create Random number $floor = 100000; $ceiling = 999999; srand((double) microtime() * 1000000); $random = rand($floor, $ceiling); if ($utente == "" || $pwd == "" || $email == "") { return -1; exit; } $res = do_sqlquery("SELECT email FROM {$TABLE_PREFIX}users WHERE email='{$email}'", true); if (mysqli_num_rows($res) > 0) { return -2; exit; } // valid email check - by vibes $regex = '/\\b[\\w\\.-]+@[\\w\\.-]+\\.\\w{2,4}\\b/i'; if (!preg_match($regex, $email)) { return -3; exit; } // valid email check end // duplicate username $res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE username='******'", true); if (mysqli_num_rows($res) > 0) { return -4; exit; } // duplicate username if (strpos(isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $utente) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : ""), " ") == true) { return -7; exit; } if ($USE_IMAGECODE) { if (extension_loaded('gd')) { $arr = gd_info(); if ($arr['FreeType Support'] == 1) { $public = $_POST['public_key']; $private = $_POST['private_key']; $p = new ocr_captcha(); if ($p->check_captcha($public, $private) != true) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } $bannedchar = array("\\", "/", ":", "*", "?", "\"", "@", "\$", "'", "`", ",", ";", ".", "<", ">", "!", "£", "%", "^", "&", "(", ")", "+", "=", "#", "~"); if (straipos(isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $utente) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : ""), $bannedchar) == true) { return -8; exit; } $pass_to_test = $_POST["pwd"]; $pass_min_req = explode(",", $btit_settings["secsui_pass_min_req"]); if (strlen($pass_to_test) < $pass_min_req[0]) { return -9; exit; } $lct_count = 0; $uct_count = 0; $num_count = 0; $sym_count = 0; $pass_end = (int) (strlen($pass_to_test) - 1); $pass_position = 0; $pattern1 = '#[a-z]#'; $pattern2 = '#[A-Z]#'; $pattern3 = '#[0-9]#'; $pattern4 = '/[¬!"£$%^&*()`{}\\[\\]:@~;\'#<>?,.\\/\\-=_+\\|]/'; for ($pass_position = 0; $pass_position <= $pass_end; $pass_position++) { if (preg_match($pattern1, substr($pass_to_test, $pass_position, 1), $matches)) { $lct_count++; } elseif (preg_match($pattern2, substr($pass_to_test, $pass_position, 1), $matches)) { $uct_count++; } elseif (preg_match($pattern3, substr($pass_to_test, $pass_position, 1), $matches)) { $num_count++; } elseif (preg_match($pattern4, substr($pass_to_test, $pass_position, 1), $matches)) { $sym_count++; } } if ($lct_count < $pass_min_req[1] || $uct_count < $pass_min_req[2] || $num_count < $pass_min_req[3] || $sym_count < $pass_min_req[4]) { return -998; exit; } $multipass = hash_generate(array("salt" => ""), $_POST["pwd"], $_POST["user"]); $i = $btit_settings["secsui_pass_type"]; $pid = md5(uniqid(rand(), true)); do_sqlquery("INSERT INTO `{$TABLE_PREFIX}users` (`username`, `password`, `salt`, `pass_type`, `dupe_hash`, `random`, `id_level`, `email`, `style`, `language`, `flag`, `joined`, `lastconnect`, `pid`, `time_offset`) VALUES ('" . $utente . "', '" . (isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $multipass[$i]["rehash"]) : (trigger_error("[MySQLConverterToo] Fix the mysqli_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : "")) . "', '" . (isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $multipass[$i]["salt"]) : (trigger_error("[MySQLConverterToo] Fix the mysqli_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : "")) . "', '" . $i . "', '" . (isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $multipass[$i]["dupehash"]) : (trigger_error("[MySQLConverterToo] Fix the mysqli_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : "")) . "', " . $random . ", " . $idlevel . ", '" . $email . "', " . $idstyle . ", " . $idlangue . ", " . $idflag . ", NOW(), NOW(),'" . $pid . "', '" . $timezone . "')", true); $newuid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res; // Continue to create smf members if they disable smf mode $test = do_sqlquery("SHOW TABLES LIKE '{$db_prefix}members'", true); if (substr($FORUMLINK, 0, 3) == "smf" || mysqli_num_rows($test)) { $smfpass = smf_passgen($utente, $pwd); $fetch = get_result("SELECT `smf_group_mirror` FROM `{$TABLE_PREFIX}users_level` WHERE `id`=" . $idlevel, true, $btit_settings["cache_duration"]); $flevel = $fetch[0]["smf_group_mirror"] > 0 ? $fetch[0]["smf_group_mirror"] : $idlevel + 10; if ($FORUMLINK == "smf") { do_sqlquery("INSERT INTO `{$db_prefix}members` (`memberName`, `dateRegistered`, `ID_GROUP`, `realName`, `passwd`, `emailAddress`, `memberIP`, `memberIP2`, `is_activated`, `passwordSalt`) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')", true); } else { do_sqlquery("INSERT INTO `{$db_prefix}members` (`member_name`, `date_registered`, `id_group`, `real_name`, `passwd`, `email_address`, `member_ip`, `member_ip2`, `is_activated`, `password_salt`) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')", true); } $fid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res; do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = {$fid} WHERE `variable` = 'latestMember'", true); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = '{$utente}' WHERE `variable` = 'latestRealName'", true); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = UNIX_TIMESTAMP() WHERE `variable` = 'memberlist_updated'", true); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = `value` + 1 WHERE `variable` = 'totalMembers'", true); do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `smf_fid`={$fid} WHERE `id`={$newuid}", true); } // Continue to create ipb members if they disable ipb mode $test = do_sqlquery("SHOW TABLES LIKE '{$ipb_prefix}members'"); if ($FORUMLINK == "ipb" || mysqli_num_rows($test)) { ipb_create($utente, $email, $pwd, $idlevel, $newuid); } // xbt if ($XBTT_USE) { $resin = do_sqlquery("INSERT INTO xbt_users (uid, torrent_pass) VALUES ({$newuid},'{$pid}')", true); } if ($VALIDATION == "user") { ini_set("sendmail_from", ""); if ((is_object($GLOBALS["___mysqli_ston"]) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false)) == 0) { send_mail($email, $language["ACCOUNT_CONFIRM"], $language["ACCOUNT_MSG"] . "\n\n" . $BASEURL . "/index.php?page=account&act=confirm&confirm={$random}&language={$idlangue}"); write_log("Signup new user {$utente} ({$email})", "add"); } else { die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); } } return is_object($GLOBALS["___mysqli_ston"]) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false); }