<?php
// $Id: addUser.php 23863 2015-09-14 00:27:14Z 1070356 $
require_once 'functions.php';
if (isset($_POST['nick']) && isset($_POST['pass1']) && isset($_POST['name']) && isset($_POST['mail'])) {
$pass = escapeString(getHash($_POST['pass1']));
$nick = escapeString($_POST['nick']);
$name = escapeString($_POST['name']);
$mail = escapeString($_POST['mail']);
sql("INSERT INTO users VALUES(null, '{$nick}', '{$pass}', '{$name}', '{$mail}')");
echo insertId();
}
if ($securimage->check($_POST['captcha_code']) == false) {
$err = __("You got the CAPTCHA wrong.");
}
}
}
}
}
}
if ($err) {
Alert($err);
} else {
$newsalt = Shake();
$sha = doHash($_POST['pass'] . $salt . $newsalt);
$sex = validateSex($_POST["sex"]);
$rUsers = Query("insert into {users} (name, password, pss, regdate, lastactivity, lastip, email, sex, theme) values ({0}, {1}, {2}, {3}, {3}, {4}, {5}, {6}, {7})", $_POST['name'], $sha, $newsalt, time(), $_SERVER['REMOTE_ADDR'], $_POST['email'], $sex, Settings::get("defaultTheme"));
$uid = insertId();
if ($uid == 1) {
Query("update {users} set powerlevel = 4 where id = 1");
}
recalculateKarma($uid);
logAction('register', array('user' => $uid));
$user = Fetch(Query("select * from {users} where id={0}", $uid));
$user["rawpass"] = $_POST["pass"];
$bucket = "newuser";
include "lib/pluginloader.php";
$sessionID = Shake();
setcookie("logsession", $sessionID, 0, $boardroot, "", false, true);
Query("INSERT INTO {sessions} (id, user, autoexpire) VALUES ({0}, {1}, {2})", doHash($sessionID . $salt), $user["id"], 0);
redirectAction("board");
}
}
$post = "<!-- ###MULTIREP:" . $_POST['to'] . " ### -->" . $post;
$rPMT = Query("update {pmsgs_text} set title = {0}, text = {1} where pid = {2}", $_POST['title'], $post, $pmid);
$rPM = Query("update {pmsgs} set userto = {0} where id = {1}", $firstTo, $pmid);
redirectAction("private", "", "show=2");
} else {
$post = $pm['text'];
$post = preg_replace("'/me '", "[b]* " . $loguser['name'] . "[/b] ", $post);
//to prevent identity confusion
$rPMT = Query("update {pmsgs_text} set title = {0}, text = {1} where pid = {2}", $_POST['title'], $post, $pmid);
$rPM = Query("update {pmsgs} set drafting = 0 where id = {0}", $pmid);
foreach ($recipIDs as $recipient) {
if ($recipient == $firstTo) {
continue;
}
$rPM = Query("insert into {pmsgs} (userto, userfrom, date, ip, msgread) values ({0}, {1}, {2}, {3}, 0)", $recipient, $loguserid, time(), $_SERVER['REMOTE_ADDR']);
$pid = insertId();
$rPMT = Query("insert into {pmsgs_text} (pid,title,text) values ({0}, {1}, {2})", $pid, $_POST['title'], $post);
}
redirectAction("private", "", "show=1");
exit;
}
} else {
Alert(__("Enter a message and try again."), __("Your PM is empty."));
}
} else {
Alert(__("Enter a title and try again."), __("Your PM is untitled."));
}
}
$prefill = $pm['text'];
$trefill = $pmtitle;
MakePost($pm, POST_PM);
