protected function _bio_publish($address, $key)
{
global $warning;
if (empty($address)) {
$warning->set('no_bio_address');
}
if (empty($key)) {
$warning->set('no_bio_key');
}
$v['field'] = email_format($address) !== false ? 'address' : 'alias';
// sql
$sql = 'SELECT bio_id, bio_key, bio_fails
FROM _bio
WHERE bio_?? = ?
AND bio_status = ?';
if ($_bio = sql_fieldrow(sql_filter($sql, $v['field'], $address, 1))) {
if ($_bio->bio_key === _password($key)) {
if ($_bio->bio_fails) {
$sql = 'UPDATE _bio SET bio_fails = 0
WHERE bio_id = ?';
sql_query(sql_filter($sql, $_bio->bio_id));
}
$bio->session_create($_bio->bio_id);
return true;
}
if ($_bio->bio_fails == $core->v('bio_maxfails')) {
// TODO: Captcha system if maxfail reached
_fatal(508);
}
$sql = 'UPDATE _bio SET bio_fails = bio_fails + 1
WHERE bio_id = ?';
sql_query(sql_filter($sql, $_bio->bio_id));
sleep(5);
$warning->set('login_error');
}
$alias = _low($this->extract_alias($address));
$alias_len = strlen($v['nickname']);
if ($alias_len < 1 || $alias_len > 20) {
$warning->set('alias_len');
}
// TODO: Continue work
return;
}
protected function _password_home()
{
global $bio;
$v = $this->__(w('k'));
if (f($v['k'])) {
// TODO: Password reset from email link
}
if (_button()) {
$v = $this->__(w('address'));
if (!f($v['address'])) {
$this->_error('#NO_SUCH_BIO');
}
$v['field'] = email_format($v['address']) !== false ? 'address' : 'alias';
if ($v['field'] == 'alias' && !_low($v['address'])) {
$this->_error('#NO_SUCH_BIO');
}
$sql = 'SELECT bio_alias, bio_name, bio_email, bio_lang
FROM _bio
WHERE bio_?? = ?
AND bio_active = ?';
if (!($_bio = _fieldrow(sql_filter($sql, $v['field'], $v['address'], 1)))) {
$this->_error('#NO_SUCH_BIO');
}
$actkey = substr(unique_id(), 0, 6);
$sql = 'UPDATE _bio SET bio_actkey = ?
WHERE bio_id = ?';
_sql(sql_filter($sql, $actkey, $_bio['bio_id']));
//
$properties = array('to' => $userdata['bio_address'], 'template' => 'user_activate_passwd', 'vars' => array('USERNAME' => $userdata['username'], 'PASSWORD' => $user_password, 'U_ACTIVATE' => _link('my', array('password', 'k' => $user_actkey))));
_sendmail($properties);
$this->_error('PASSWD_SENT');
}
return;
}
protected function _up_home()
{
global $bio, $warning;
$v = $this->__(w('send address'));
if (!empty($v->send)) {
$v = _array_merge($v, $this->__(array_merge(w('password firstname lastname country status'), _array_keys(w('gender birth_day birth_month birth_year'), 0))));
if (empty($v->address)) {
$warning->set('empty_address');
}
if (empty($v->password)) {
$warning->set('empty_password');
}
if (!email_format($v->address)) {
$warning->set('bad_address');
}
if (!($v->alias = _low($v->firstname . $v->lastname))) {
$warning->set('bad_alias');
}
if ($this->alias_exists($v->alias)) {
$warning->set('record_alias');
}
if (!($v->country = $this->country_exists($v->country))) {
$warning->set('bad_country');
}
if (!$v->birth_day || !$v->birth_month || !$v->birth_year) {
$warning->set('bad_birth');
}
$v->birth = _timestamp($v->birth_month, $v->birth_day, $v->birth_year);
$v->name = trim($v->firstname) . ' ' . trim($v->lastname);
$sql_insert = array('type' => 0, 'level' => 0, 'active' => 1, 'alias' => $v->alias, 'name' => $v->firstname . ' ' . $v->lastname, 'first' => $v->firstname, 'last' => $v->lastname, 'key' => HashPassword($v->password), 'address' => $v->address, 'gender' => $v->gender, 'birth' => $v->birth, 'birthlast' => 0, 'regip' => $bio->v('ip'), 'regdate' => time(), 'session_time' => time(), 'lastpage' => '', 'timezone' => -6, 'dst' => 0, 'dateformat' => 'd M Y H:i', 'lang' => 'sp', 'country' => $v->country, 'avatar' => '', 'actkey' => '', 'recovery' => 0, 'fails' => 0);
$bio->id = sql_put('_bio', prefix('bio', $sql_insert));
$sql_insert = array('bio' => $bio->id, 'name' => $v->address, 'primary' => 1);
sql_put('_bio_address', prefix('address', $sql_insert));
echo 'OK';
exit;
}
//$gi = geoip_open(XFS.XCOR . 'store/geoip.dat', GEOIP_STANDARD);
$geoip_code = '';
if ($bio->v('ip') != '127.0.0.1') {
// GeoIP
if (!@function_exists('geoip_country_code_by_name')) {
//require_once(XFS.XCOR . 'geoip.php');
}
//$geoip_code = @geoip_country_code_by_name($bio->v('ip'));
}
for ($i = 1; $i < 32; $i++) {
if ($i == 1) {
_style('birth_day');
}
_style('birth_day.row', array('DAY' => $i));
}
for ($i = 1; $i < 13; $i++) {
if ($i == 1) {
_style('birth_month');
}
_style('birth_month.row', array('MONTH' => $i));
}
for ($i = date('Y'); $i > 1900; $i--) {
if ($i == date('Y')) {
_style('birth_year');
}
_style('birth_year.row', array('YEAR' => $i));
}
//_pre($geoip_code, true);
/*
$sql = 'SELECT *
FROM _countries
ORDER BY country_name';
$countries = sql_rowset($sql);
$v->country = ($v->country) ? $v->country : ((isset($country_codes[$geoip_code])) ? $country_codes[$geoip_code] : $country_codes['gt']);
foreach ($countries as $i => $row) {
if (!$i) _style('countries');
_style('countries.row', array(
'V_ID' => $row->country_id,
'V_NAME' => $row->country_name,
'V_SEL' => 0)
);
}
*
*/
return;
}
protected function _up_home()
{
$v = $this->__(w('address'));
if (_button()) {
$v = array_merge($v, $this->__(array_merge(w('alias nickname ref_in'), _array_keys(w('gender country birth_day birth_month birth_year aup ref'), 0))));
if (empty($v->nickname) && !empty($v->address) && !is_email($v->address)) {
$v->nickname = $v->address;
}
if (empty($v->nickname)) {
$warning->set('empty_username');
}
if (bio_length($v - nickname)) {
$warning->set('len_alias');
}
if (!($v->alias = _low($v->nickname))) {
$warning->set('bad_alias');
}
if ($this->alias_exists($v->alias)) {
$warning->set('record_alias');
}
if (!$this->country_exists($v->country)) {
$warning->set('bad_country');
}
if (!$v->birth_day || !$v->birth_month || !$v->birth_year) {
$this->_error('BAD_BIRTH');
}
$v->birth = _timestamp($v->birth_month, $v->birth_day, $v->birth_year);
$sql_insert = array('alias' => $v->alias, 'nickname' => $v->nickname, 'address' => $v->address, 'gender' => $v->gender, 'country' => $v->country, 'birth' => $v->birth);
sql_put('_bio', prefix('user', $sql_insert));
}
// GeoIP
require_once XFS . XCOR . 'geoip.php';
$gi = geoip_open(XFS . XCOR . 'store/geoip.dat', GEOIP_STANDARD);
$geoip_code = strtolower(geoip_country_code_by_addr($gi, $bio->ip));
$sql = 'SELECT *
FROM _countries
ORDER BY country_name';
$countries = _rowset($sql);
$v2->country = $v2->country ? $v2->country : (isset($country_codes[$geoip_code]) ? $country_codes[$geoip_code] : $country_codes['gt']);
foreach ($countries as $i => $row) {
if (!$i) {
_style('countries');
}
_style('countries.row', array('V_ID' => $row->country_id, 'V_NAME' => $row->country_name, 'V_SEL' => 0));
}
return;
}
