function fs_get_hit_data($fsdb, $user_id, $site_id)
{
$d = new stdClass();
if ($user_id != null) {
$user_id = $fsdb->escape($user_id);
}
$remoteaddr = $useragent = $url = $referer = "'unknown'";
$site_id = $fsdb->escape($site_id);
$real_ip = fs_get_ip_address();
if (isset($_SERVER['REMOTE_ADDR'])) {
$remoteaddr = $fsdb->escape(fs_limited_htmlentities($real_ip));
}
if (isset($_SERVER['HTTP_USER_AGENT'])) {
$useragent = $fsdb->escape(fs_limited_htmlentities($_SERVER['HTTP_USER_AGENT']));
}
if (isset($_SERVER['REQUEST_URI'])) {
$url = $fsdb->escape(fs_limited_htmlentities(fs_get_absolute_url($_SERVER['REQUEST_URI'])));
}
if (isset($_SERVER['HTTP_REFERER'])) {
// if referrer is relative, convert it to absolute using the requested URI (see RFC 2616 section 14.36)
$ref = fs_get_absolute_url($_SERVER['HTTP_REFERER'], $_SERVER['REQUEST_URI']);
$referer = $fsdb->escape(fs_limited_htmlentities($ref));
}
$d->ip_address = $real_ip;
$d->user_id = $user_id;
$d->site_id = $site_id;
$d->remoteaddr = $remoteaddr;
$d->useragent = $useragent;
$d->url = $url;
$d->referer = $referer;
return $d;
}
function fs_format_link($url, $link_text = null, $max_length = null, $break_at = 30, $tooltip = null)
{
if ($url == "unknown") {
return fs_r('unknown');
} else {
// if the url is relative, make it absoulte.
$full_url = fs_get_absolute_url($url);
$relative = fs_get_relative_url($full_url);
if ($link_text == null) {
$link_text = $relative;
}
// for the display, use the relative and line splited version.
$text = fs_prepare_string($link_text, $break_at, "<br/>", $max_length);
// ' tends to mess up the url, encode it. (not using full urlencode because this really makes a mess in this case).
$url = str_replace(array('\''), array('%27'), $full_url);
if (!$tooltip) {
return "<a target='_blank' href='{$url}'>{$text}</a>";
} else {
return "<a target='_blank' title='{$tooltip}' href='{$url}'>{$text}</a>";
}
}
}
$msg = "Error starting session";
if (is_string($ok)) {
$msg .= " :{$ok}";
}
$msg .= "<br/>";
echo $msg;
return false;
}
global $FS_SESSION;
$FS_SESSION['user'] = $user;
fs_store_session();
$sid = fs_get_session_id();
$headers = "Content-Type: text/html; charset=\"UTF-8\"\r\n";
$headers .= "MIME-Version: 1.0 ";
$subject = "=?UTF-8?B?" . base64_encode(fs_r("FireStats password recovery")) . "?=";
$msg = sprintf(fs_r("Click %s to change your FireStats password, this link will work for a short time"), fs_link(fs_get_absolute_url($_SERVER['REQUEST_URI'] . "&reset&sid={$sid}"), fs_r("here"), true));
$res = mail($email, $subject, $msg, $headers);
if ($res === true) {
echo "<div class='info'>" . fs_r("Email sent") . "</div>";
} else {
echo "<div class='error'>" . fs_r("Failed to send email") . "</div>";
}
} else {
echo "<div class='error'>" . $user . "</div>";
}
}
?>
<?php
} else {
if (isset($_GET['reset'])) {
$res = fs_resume_user_session();
function fs_ajax_change_password(&$response)
{
$id = $_POST['id'];
$username = $_POST['username'];
$pass1 = !empty($_POST['pass1']) ? $_POST['pass1'] : null;
$pass2 = !empty($_POST['pass2']) ? $_POST['pass2'] : null;
if (empty($username)) {
return ajax_error($response, fs_r("User name not specified"));
}
if ($pass1 !== $pass2) {
return ajax_error($response, fs_r("Passwords did not match"));
}
if (empty($pass1)) {
return ajax_error($response, fs_r("Empty password"));
}
// not translated
require_once FS_ABS_PATH . '/php/auth.php';
$res = fs_change_password($id, $username, $pass1);
if ($res !== true) {
return ajax_error($response, $res);
} else {
$base = fs_get_absolute_url(dirname(dirname($_SERVER['REQUEST_URI'])));
$response['redirect'] = $base;
}
}