function updatepasswordFromToken($pass, $token)
{
global $db, $db_table_prefix;
$new_activation_token = generateactivationtoken();
$sql = "UPDATE " . $db_table_prefix . "profiles\n\t\t\t\tSET password = '******',\n\t\t\t\tactivationtoken = '" . $new_activation_token . "'\n\t\t\t\tWHERE\n\t\t\t\tactivationtoken = '" . $db->sql_escape(sanitize($token)) . "'";
return $db->sql_query($sql);
}
function updatepasswordFromToken($pass, $token)
{
global $db;
$new_activation_token = generateactivationtoken();
$sql = "UPDATE {$db->users} SET password = '******', activationtoken = '" . $new_activation_token . "' WHERE activationtoken = '" . $db->sql_escape(sanitize($token)) . "'";
return $db->sql_query($sql);
}
public function userPieAddUser()
{
global $db, $emailActivation, $websiteUrl, $db_table_prefix;
//Prevent this function being called if there were construction errors
if ($this->status) {
//Construct a secure hash for the plain text password
$secure_pass = generateHash($this->clean_password);
//Construct a unique activation token
$this->activation_token = generateactivationtoken();
if (!$this->mail_failure) {
//Insert the user into the database providing no errors have been found.
$sql = "INSERT INTO `" . $db_table_prefix . "users` (\n\t\t\t\t\t\t\t`username`,\n\t\t\t\t\t\t\t`username_clean`,\n\t\t\t\t\t\t\t`password`,\n\t\t\t\t\t\t\t`email`,\n\t\t\t\t\t\t\t`activationtoken`,\n\t\t\t\t\t\t\t`last_activation_request`,\n\t\t\t\t\t\t\t`LostpasswordRequest`, \n\t\t\t\t\t\t\t`active`,\n\t\t\t\t\t\t\t`group_id`,\n\t\t\t\t\t\t\t`sign_up_date`,\n\t\t\t\t\t\t\t`last_sign_in`\n\t\t\t\t\t\t\t)\n\t\t\t\t\t \t\tVALUES (\n\t\t\t\t\t\t\t'" . $db->sql_escape($this->unclean_username) . "',\n\t\t\t\t\t\t\t'" . $db->sql_escape($this->clean_username) . "',\n\t\t\t\t\t\t\t'" . $secure_pass . "',\n\t\t\t\t\t\t\t'" . $db->sql_escape($this->clean_email) . "',\n\t\t\t\t\t\t\t'" . $this->activation_token . "',\n\t\t\t\t\t\t\t'" . time() . "',\n\t\t\t\t\t\t\t'0',\n\t\t\t\t\t\t\t'1',\n\t\t\t\t\t\t\t'1',\n\t\t\t\t\t\t\t'" . time() . "',\n\t\t\t\t\t\t\t'0'\n\t\t\t\t\t\t\t)";
return $db->sql_query($sql);
}
}
}
public function userPieAddUser()
{
global $db, $emailActivation, $websiteUrl, $db_table_prefix;
//Prevent this function being called if there were construction errors
if ($this->status) {
//Construct a secure hash for the plain text password
$secure_pass = generateHash($this->clean_password);
//Construct a unique activation token
$this->activation_token = generateactivationtoken();
//Do we need to send out an activation email?
if ($emailActivation) {
//User must activate their account first
$this->user_active = 0;
$mail = new userPieMail();
//Build the activation message
$activation_message = lang("ACTIVATION_MESSAGE", array($websiteUrl, $this->activation_token));
//Define more if you want to build larger structures
$hooks = array("searchStrs" => array("#ACTIVATION-MESSAGE", "#ACTIVATION-KEY", "#USERNAME#"), "subjectStrs" => array($activation_message, $this->activation_token, $this->unclean_username));
/* Build the template - Optional, you can just use the sendMail function
Instead to pass a message. */
if (!$mail->newTemplateMsg("new-registration.txt", $hooks)) {
$this->mail_failure = true;
} else {
//Send the mail. Specify users email here and subject.
//SendMail can have a third parementer for message if you do not wish to build a template.
if (!$mail->sendMail($this->clean_email, "New User")) {
$this->mail_failure = true;
}
}
} else {
//Instant account activation
$this->user_active = 1;
}
if (!$this->mail_failure) {
//Insert the user into the database providing no errors have been found.
$sql = "INSERT INTO `" . $db_table_prefix . "users` (\n\t\t\t\t\t\t\t`username`,\n\t\t\t\t\t\t\t`username_clean`,\n\t\t\t\t\t\t\t`password`,\n\t\t\t\t\t\t\t`email`,\n\t\t\t\t\t\t\t`activationtoken`,\n\t\t\t\t\t\t\t`last_activation_request`,\n\t\t\t\t\t\t\t`LostpasswordRequest`, \n\t\t\t\t\t\t\t`active`,\n\t\t\t\t\t\t\t`group_id`,\n\t\t\t\t\t\t\t`sign_up_date`,\n\t\t\t\t\t\t\t`last_sign_in`\n\t\t\t\t\t\t\t)\n\t\t\t\t\t \t\tVALUES (\n\t\t\t\t\t\t\t'" . $db->sql_escape($this->unclean_username) . "',\n\t\t\t\t\t\t\t'" . $db->sql_escape($this->clean_username) . "',\n\t\t\t\t\t\t\t'" . $secure_pass . "',\n\t\t\t\t\t\t\t'" . $db->sql_escape($this->clean_email) . "',\n\t\t\t\t\t\t\t'" . $this->activation_token . "',\n\t\t\t\t\t\t\t'" . time() . "',\n\t\t\t\t\t\t\t'0',\n\t\t\t\t\t\t\t'" . $this->user_active . "',\n\t\t\t\t\t\t\t'1',\n\t\t\t\t\t\t\t'" . time() . "',\n\t\t\t\t\t\t\t'0'\n\t\t\t\t\t\t\t)";
return $db->sql_query($sql);
}
}
}
public function UserAdminAddUser()
{
global $db, $emailActivation, $websiteUrl, $websiteName, $db_prefix;
//Prevent this function being called if there were construction errors
if ($this->status) {
//Construct a secure hash for the plain text password
$secure_pass = generateHash($this->clean_password);
//Construct a unique activation token
$this->activation_token = generateactivationtoken();
//Do we need to send out an activation email?
$user_count = $db->sql_query("SELECT * FROM {$db->users}");
if ($emailActivation && isset($user_count->num_rows) && $user_count->num_rows > 0) {
//User must activate their account first
$this->user_active = 0;
$mail = new UserAdminMail();
$activation_url = $websiteUrl . "lobby/activate-account.php?token=" . $this->activation_token;
//Define more if you want to build larger structures
$hooks = array("searchStrs" => array("#ACTIVATION-URL#", "#USERNAME#", "#WEBSITENAME#", "#WEBSITEURL#"), "subjectStrs" => array($activation_url, $this->unclean_username, $websiteName, $websiteUrl));
/* Build the template - Optional, you can just use the sendMail function
Instead to pass a message. */
if (!$mail->newTemplateMsg("new-registration.html", $hooks)) {
$this->mail_failure = true;
} else {
//Send the mail. Specify users email here and subject.
//SendMail can have a third parementer for message if you do not wish to build a template.
if (!$mail->sendMail($this->clean_email, "New User")) {
$this->mail_failure = true;
}
}
}
if (!$this->mail_failure) {
//Insert the user into the database providing no errors have been found.
$sql = "INSERT INTO {$db->users} (\r\n `username`,\r\n `username_clean`,\r\n `password`,\r\n `email`,\r\n `activationtoken`,\r\n `last_activation_request`,\r\n `LostpasswordRequest`, \r\n `active`,\r\n `group_id`,\r\n `sign_up_date`,\r\n `last_sign_in`\r\n )\r\n VALUES (\r\n '" . $db->sql_escape($this->unclean_username) . "',\r\n '" . $db->sql_escape($this->clean_username) . "',\r\n '" . $secure_pass . "',\r\n '" . $db->sql_escape($this->clean_email) . "',\r\n '" . $this->activation_token . "',\r\n '" . time() . "',\r\n '0',\r\n '" . $this->user_active . "',\r\n '" . $this->group_id . "',\r\n '" . time() . "',\r\n '0'\r\n )";
return $db->sql_query($sql);
}
}
}
if (count($errors) == 0) {
//Check that the username / email are associated to the same account
if (!emailusernameLinked($email, $username)) {
$errors[] = lang("ACCOUNT_USER_OR_EMAIL_INVALID");
} else {
$userdetails = fetchUserDetails($username);
//See if the user's account is activation
if ($userdetails["active"] == 1) {
$errors[] = lang("ACCOUNT_ALREADY_ACTIVE");
} else {
$hours_diff = round((time() - $userdetails["last_activation_request"]) / (3600 * $resend_activation_threshold), 0);
if ($resend_activation_threshold != 0 && $hours_diff <= $resend_activation_threshold) {
$errors[] = lang("ACCOUNT_LINK_ALREADY_SENT", array($resend_activation_threshold));
} else {
//For security create a new activation url;
$new_activation_token = generateactivationtoken();
if (!updatelast_activation_request($new_activation_token, $username, $email)) {
$errors[] = lang("SQL_ERROR");
} else {
$mail = new UserAdminMail();
$activation_url = $websiteUrl . "contests/activate-account.php?token=" . $new_activation_token;
//Setup our custom hooks
$hooks = array("searchStrs" => array("#ACTIVATION-URL#", "#USERNAME#"), "subjectStrs" => array($activation_url, $userdetails["username"]));
if (!$mail->newTemplateMsg("resend-activation.php", $hooks)) {
$errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR");
} else {
if (!$mail->sendMail($userdetails["email"], "Activate your UserAdmin Account")) {
$errors[] = lang("MAIL_ERROR");
} else {
//Success, user details have been updated in the db now mail this information out.
$success_message = lang("ACCOUNT_NEW_ACTIVATION_SENT");
