public static function userInit()
{
global $user, $config;
MCRAuth::LoadSession();
if ($config['p_sync']) {
self::start();
$id = self::userLoad();
if ($id) {
$user = new User($id);
if ($user->lvl() <= 0) {
$user = false;
} else {
$user->login(randString(15), GetRealIp());
}
} elseif (!empty($user)) {
$user->logout();
$user = false;
}
}
}
case 'restore':
case 'load_info':
case 'upload':
case 'like':
case 'delete_file':
loadTool('ajax.php');
loadTool('user.class.php');
if ($method == 'upload' or $method == 'delete_file') {
loadTool('upload.class.php');
} elseif ($method == 'profile') {
loadTool('skin.class.php');
} elseif ($method == 'restore' and $config['p_logic'] != 'usual' and $config['p_logic'] != 'xauth' and $config['p_logic'] != 'authme') {
aExit(1, 'Change password is not available');
}
DBinit('action_' . $method);
MCRAuth::userLoad();
break;
case 'download':
loadTool('upload.class.php');
DBinit('action_download');
break;
default:
exit;
break;
}
switch ($method) {
case 'upload':
// TODO Список последних добавленых файлов
if (empty($user) or $user->lvl() < 15) {
break;
}
public static function userInit()
{
MCRAuth::LoadSession();
}
}
if (strlen($input['email']) > 50) {
$rcodes[] = 13;
}
if (strcmp($input['pass'], $input['repass'])) {
$rcodes[] = 9;
}
tryExit();
$verification = (bool) sqlConfigGet('email-verification');
if ($verification) {
$group = 4;
} else {
$group = 1;
}
$sql = "INSERT INTO `{$bd_names['users']}` (" . "`{$bd_users['login']}`," . "`{$bd_users['password']}`," . "`{$bd_users['ip']}`," . "`{$bd_users['female']}`," . "`{$bd_users['ctime']}`," . "`{$bd_users['group']}`) VALUES(:login, :pass, :ip, '{$female}', NOW(),'{$group}')";
$result = getDB()->ask($sql, array('login' => $input['login'], 'pass' => MCRAuth::createPass($input['pass']), 'ip' => GetRealIp()));
if (!$result) {
aExit(14);
}
$tmp_user = new User(getDB()->lastInsertId());
$tmp_user->setDefaultSkin();
$next_reg = (int) sqlConfigGet('next-reg-time');
if ($next_reg > 0) {
getDB()->ask("INSERT INTO `{$bd_names['ip_banning']}` (`IP`,`time_start`,`ban_until`) " . "VALUES (:ip, NOW(), NOW()+INTERVAL {$next_reg} HOUR)", array('ip' => $_SERVER['REMOTE_ADDR']));
}
if ($tmp_user->changeEmail($input['email'], $verification) > 1) {
aExit(14, lng('MAIL_FAIL'));
}
if (!$verification) {
aExit(0, lng('REG_COMPLETE') . '. <a href="#" class="btn" onclick="Login();">' . lng('ENTER') . '</a>');
} else {
public function changePassword($newpass, $repass = false, $pass = false)
{
global $bd_users;
if (!$this->id) {
return 0;
}
if (!is_bool($repass)) {
if (strcmp($repass, $newpass)) {
return 1504;
}
$regular = "/^[a-zA-Z0-9_-]+\$/";
if (!preg_match($regular, $pass) or !preg_match($regular, $newpass)) {
return 1501;
}
$line = getDB()->fetchRow("SELECT `{$bd_users['password']}` FROM `{$this->db}` " . "WHERE `{$bd_users['id']}`='{$this->id}'", false, 'num');
if ($line == NULL or !MCRAuth::checkPass(array('pass_db' => $line[0], 'pass' => $pass, 'user_id' => $this->id, 'user_name' => $this->name))) {
return 1502;
}
}
$minlen = 4;
$maxlen = 15;
$len = strlen($newpass);
if ($len < $minlen or $len > $maxlen) {
return 1503;
}
getDB()->ask("UPDATE `{$this->db}` " . "SET `{$bd_users['password']}`='" . MCRAuth::createPass($newpass) . "' " . "WHERE `{$bd_users['id']}`='{$this->id}'");
return 1;
}