function set_new_nickname() { global $C, $I, $U, $db; if (!isset($_REQUEST['new_pass']) || !valid_pass($_REQUEST['new_pass'])) { send_profile(sprintf($I['nopass'], get_setting('minpass'))); } if (!valid_nick($_REQUEST['newnickname'])) { send_profile(sprintf($I['invalnick'], get_setting('maxname'))); } $U['passhash'] = md5(sha1(md5($_REQUEST['newnickname'] . $_REQUEST['new_pass']))); $stmt = $db->prepare("SELECT id FROM {$C['prefix']}sessions WHERE nickname=? UNION SELECT id FROM {$C['prefix']}members WHERE nickname=?;"); $stmt->execute(array($_REQUEST['newnickname'], $_REQUEST['newnickname'])); if ($stmt->fetch(PDO::FETCH_NUM)) { send_profile($I['nicknametaken']); } else { if ($U['status'] > 1) { $entry = 0; } else { $entry = $U['entry']; } $stmt = $db->prepare("UPDATE {$C['prefix']}members SET nickname=?, passhash=? WHERE nickname=?;"); $stmt->execute(array($_REQUEST['newnickname'], $U['passhash'], $U['nickname'])); $stmt = $db->prepare("UPDATE {$C['prefix']}sessions SET nickname=?, passhash=? WHERE nickname=?;"); $stmt->execute(array($_REQUEST['newnickname'], $U['passhash'], $U['nickname'])); $stmt = $db->prepare("UPDATE {$C['prefix']}messages SET poster=? WHERE poster=? AND postdate>?;"); $stmt->execute(array($_REQUEST['newnickname'], $U['nickname'], $entry)); $stmt = $db->prepare("UPDATE {$C['prefix']}messages SET recipient=? WHERE recipient=? AND postdate>?;"); $stmt->execute(array($_REQUEST['newnickname'], $U['nickname'], $entry)); $stmt = $db->prepare("UPDATE {$C['prefix']}ignored SET ignby=? WHERE ignby=?;"); $stmt->execute(array($_REQUEST['newnickname'], $U['nickname'])); $stmt = $db->prepare("UPDATE {$C['prefix']}ignored SET ign=? WHERE ign=?;"); $stmt->execute(array($_REQUEST['newnickname'], $U['nickname'])); $U['nickname'] = $_REQUEST['newnickname']; } }
<?php include "../classes/user.php"; include "../includes/varchecks.php"; /* moves all varibles to to the user class */ $newuser = new user($_POST['reg_nickname'], $_POST['reg_password'], $_POST['reg_email'], $_POST['reg_mess_net'], $_POST['reg_mess_id'], $_POST['reg_distro'], $this_date); /* Checking if nickname is right */ if ($newuser->nickname == "") { give_error("301"); } /*לא הכנסת כינוי */ /* Checks if the nickname is valid */ if (valid_nick($newuser->nickname)) { give_error("308"); } /* Checks if the passwords match*/ if ($newuser->password == "") { give_error("302"); } else { if ($_POST['reg_password2'] == "") { give_error("303"); } else { if ($newuser->password != $_POST['reg_password2']) { give_error("304"); } } } /* סיסמאות אינן תואמות */ /* Checks if the password is valid */ if (valid_password($newuser->password)) { give_error("309");