/**
* reminder post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Reminder
* @author Henry Ruhs
*/
function reminder_post()
{
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/reminder'] == 'visited') {
$email = clean($_POST['email'], 3);
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* validate post */
if ($email == '') {
$error = l('email_empty');
} else {
if ($emailValidator->validate($email) == Redaxscript\Validator\Validator::FAILED) {
$error = l('email_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\Validator::FAILED) {
$error = l('captcha_incorrect');
} else {
if (retrieve('id', 'users', 'email', $email) == '') {
$error = l('email_unknown');
} else {
/* query users */
$query = 'SELECT id, user, password FROM ' . PREFIX . 'users WHERE email = \'' . $email . '\' && status = 1';
$result = mysql_query($query);
if ($result) {
while ($r = mysql_fetch_assoc($result)) {
if ($r) {
foreach ($r as $key => $value) {
${$key} = stripslashes($value);
}
}
/* send reminder information */
$passwordResetRoute = ROOT . '/' . REWRITE_ROUTE . 'password_reset/' . $id . '/' . $password;
$passwordResetLink = anchor_element('external', '', '', $passwordResetRoute, $passwordResetRoute);
$toArray = array(s('author') => s('email'));
$fromArray = array($name => $email);
$subject = l('reminder');
$bodyArray = array('<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<br />', '<strong>' . l('password_reset') . l('colon') . '</strong> ' . $passwordResetLink);
/* mailer object */
$mailer = new Redaxscript\Mailer($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), 'reminder');
} else {
notification(l('operation_completed'), l('reminder_sent'), l('login'), 'login');
}
$_SESSION[ROOT . '/reminder'] = '';
}
/**
* reminder post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Reminder
* @author Henry Ruhs
*/
function reminder_post()
{
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/reminder'] == 'visited') {
$email = clean($_POST['email'], 3);
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* validate post */
if ($email == '') {
$error = l('email_empty');
} else {
if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('email_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('captcha_incorrect');
} else {
if (Redaxscript\Db::forTablePrefix('users')->where('email', $email)->findOne()->id == '') {
$error = l('email_unknown');
} else {
/* query users */
$result = Redaxscript\Db::forTablePrefix('users')->where(array('email' => $email, 'status' => 1))->findArray();
if ($result) {
foreach ($result as $r) {
if ($r) {
foreach ($r as $key => $value) {
${$key} = stripslashes($value);
}
}
/* send reminder information */
$passwordResetRoute = ROOT . '/' . REWRITE_ROUTE . 'password_reset/' . $id . '/' . sha1($password);
$passwordResetLink = anchor_element('external', '', '', $passwordResetRoute, $passwordResetRoute);
$toArray = array(s('author') => s('email'));
$fromArray = array($name => $email);
$subject = l('reminder');
$bodyArray = array('<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<br />', '<strong>' . l('password_reset') . l('colon') . '</strong> ' . $passwordResetLink);
/* mailer object */
$mailer = new Redaxscript\Mailer();
$mailer->init($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), 'reminder');
} else {
notification(l('operation_completed'), l('reminder_sent'), l('login'), 'login');
}
$_SESSION[ROOT . '/reminder'] = '';
}
/**
* login post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Login
* @author Henry Ruhs
*/
function login_post()
{
$passwordValidator = new Redaxscript\Validator\Password();
$loginValidator = new Redaxscript\Validator\Login();
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/login'] == 'visited') {
$post_user = $_POST['user'];
$post_password = $_POST['password'];
$task = $_POST['task'];
$solution = $_POST['solution'];
$login_by_email = 0;
$users = Redaxscript\Db::forTablePrefix('users');
if ($emailValidator->validate($post_user) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$post_user = clean($post_user, 0);
$users->where('user', $post_user);
} else {
$post_user = clean($post_user, 3);
$login_by_email = 1;
$users->where('email', $post_user);
}
$users_result = $users->findArray();
foreach ($users_result as $r) {
foreach ($r as $key => $value) {
$key = 'my_' . $key;
${$key} = stripslashes($value);
}
}
}
/* validate post */
if ($post_user == '') {
$error = l('user_empty');
} else {
if ($post_password == '') {
$error = l('password_empty');
} else {
if ($login_by_email == 0 && $loginValidator->validate($post_user) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('user_incorrect');
} else {
if ($login_by_email == 1 && $emailValidator->validate($post_user) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('email_incorrect');
} else {
if ($passwordValidator->validate($post_password, $my_password) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('password_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('captcha_incorrect');
} else {
if ($my_id == '') {
$error = l('login_incorrect');
} else {
if ($my_status == 0) {
$error = l('access_no');
} else {
/* setup login session */
$_SESSION[ROOT . '/logged_in'] = TOKEN;
$_SESSION[ROOT . '/my_id'] = $my_id;
$_SESSION[ROOT . '/my_name'] = $my_name;
$_SESSION[ROOT . '/my_user'] = $my_user;
$_SESSION[ROOT . '/my_email'] = $my_email;
if (file_exists('languages/' . $my_language . '.php')) {
$_SESSION[ROOT . '/language'] = $my_language;
$_SESSION[ROOT . '/language_selected'] = 1;
}
$_SESSION[ROOT . '/my_groups'] = $my_groups;
/* query groups */
$groups_result = Redaxscript\Db::forTablePrefix('groups')->whereIdIn(explode(',', $my_groups))->where('status', 1)->findArray();
if ($groups_result) {
$num_rows = count($groups_result);
foreach ($groups_result as $r) {
if ($r) {
foreach ($r as $key => $value) {
$key = 'groups_' . $key;
${$key} .= stripslashes($value);
if (++$counter < $num_rows) {
${$key} .= ', ';
}
}
}
}
}
/* setup access session */
$access_array = array('categories', 'articles', 'extras', 'comments', 'groups', 'users');
foreach ($access_array as $value) {
$groups_value = 'groups_' . $value;
$position_new = strpos(${$groups_value}, '1');
$position_edit = strpos(${$groups_value}, '2');
$position_delete = strpos(${$groups_value}, '3');
$_SESSION[ROOT . '/' . $value . '_delete'] = $_SESSION[ROOT . '/' . $value . '_edit'] = $_SESSION[ROOT . '/' . $value . '_new'] = 0;
if ($position_new > -1) {
$_SESSION[ROOT . '/' . $value . '_new'] = 1;
}
if ($position_edit > -1) {
$_SESSION[ROOT . '/' . $value . '_edit'] = 1;
}
if ($position_delete > -1) {
$_SESSION[ROOT . '/' . $value . '_delete'] = 1;
}
}
$position_modules_install = strpos($groups_modules, '1');
$position_modules_edit = strpos($groups_modules, '2');
$position_modules_uninstall = strpos($groups_modules, '3');
$position_settings_edit = strpos($groups_settings, '1');
$position_filter = strpos($groups_filter, '0');
$_SESSION[ROOT . '/filter'] = 1;
$_SESSION[ROOT . '/settings_edit'] = $_SESSION[ROOT . '/modules_uninstall'] = $_SESSION[ROOT . '/modules_edit'] = $_SESSION[ROOT . '/modules_install'] = 0;
if ($position_modules_install > -1) {
$_SESSION[ROOT . '/modules_install'] = 1;
}
if ($position_modules_edit > -1) {
$_SESSION[ROOT . '/modules_edit'] = 1;
}
if ($position_modules_uninstall > -1) {
$_SESSION[ROOT . '/modules_uninstall'] = 1;
}
if ($position_settings_edit > -1) {
$_SESSION[ROOT . '/settings_edit'] = 1;
}
if ($position_filter > -1) {
$_SESSION[ROOT . '/filter'] = 0;
}
$_SESSION[ROOT . '/update'] = NOW;
}
}
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), 'login');
} else {
notification(l('welcome'), l('logged_in'), l('continue'), 'admin');
}
$_SESSION[ROOT . '/login'] = '';
}
/**
* comment post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Comments
* @author Henry Ruhs
*/
function comment_post()
{
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
$urlValidator = new Redaxscript\Validator\Url();
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/comment'] == 'visited') {
$author = $r['author'] = clean($_POST['author'], 0);
$email = $r['email'] = clean($_POST['email'], 3);
$url = $r['url'] = clean($_POST['url'], 4);
$text = break_up($_POST['text']);
$text = $r['text'] = clean($text, 1);
$r['language'] = clean($_POST['language'], 0);
$r['date'] = clean($_POST['date'], 5);
$article = $r['article'] = clean($_POST['article'], 0);
$r['rank'] = Redaxscript\Db::forTablePrefix('comments')->max('rank') + 1;
$r['access'] = Redaxscript\Db::forTablePrefix('articles')->whereIdIs($article)->access;
if ($r['access'] == '') {
$r['access'] = null;
}
$task = $_POST['task'];
$solution = $_POST['solution'];
$route = build_route('articles', $article);
}
/* validate post */
if ($author == '') {
$error = l('author_empty');
} else {
if ($email == '') {
$error = l('email_empty');
} else {
if ($text == '') {
$error = l('comment_empty');
} else {
if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('email_incorrect');
} else {
if ($url && $urlValidator->validate($url) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('url_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('captcha_incorrect');
} else {
if (COMMENTS_NEW == 0 && s('moderation') == 1) {
$r['status'] = 0;
$success = l('comment_moderation');
} else {
$r['status'] = 1;
$success = l('comment_sent');
}
/* send comment notification */
if (s('notification') == 1) {
/* prepare body parts */
$emailLink = anchor_element('email', '', '', $email);
if ($url) {
$urlLink = anchor_element('external', '', '', $url);
}
$articleRoute = ROOT . '/' . REWRITE_ROUTE . $route;
$articleLink = anchor_element('external', '', '', $articleRoute, $articleRoute);
/* prepare mail inputs */
$toArray = array(s('author') => s('email'));
$fromArray = array($author => $email);
$subject = l('comment_new');
$bodyArray = array('<strong>' . l('author') . l('colon') . '</strong> ' . $author, '<br />', '<strong>' . l('email') . l('colon') . '</strong> ' . $emailLink, '<br />', '<strong>' . l('url') . l('colon') . '</strong> ' . $urlLink, '<br />', '<strong>' . l('article') . l('colon') . '</strong> ' . $articleLink, '<br />', '<br />', '<strong>' . l('comment') . l('colon') . '</strong> ' . $text);
/* mailer object */
$mailer = new Redaxscript\Mailer();
$mailer->init($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
}
/* create comment */
Redaxscript\Db::forTablePrefix('comments')->create()->set($r)->save();
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), $route);
} else {
notification(l('operation_completed'), $success, l('continue'), $route);
}
$_SESSION[ROOT . '/comment'] = '';
}
/**
* login post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Login
* @author Henry Ruhs
*/
function login_post()
{
$loginValidator = new Redaxscript\Validator\Login();
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/login'] == 'visited') {
$post_user = $_POST['user'];
$post_password = $_POST['password'];
$task = $_POST['task'];
$solution = $_POST['solution'];
$login_by_email = 0;
$users_query = 'SELECT id, name, user, email, password, language, status, groups FROM ' . PREFIX . 'users ';
if ($emailValidator->validate($post_user) == Redaxscript\Validator\Validator::FAILED) {
$post_user = clean($post_user, 0);
$users_query .= 'WHERE user = \'' . $post_user . '\' LIMIT 1';
} else {
$post_user = clean($post_user, 3);
$login_by_email = 1;
$users_query .= 'WHERE email = \'' . $post_user . '\' LIMIT 1';
}
$users_result = mysql_query($users_query);
while ($r = mysql_fetch_assoc($users_result)) {
foreach ($r as $key => $value) {
$key = 'my_' . $key;
${$key} = stripslashes($value);
}
}
}
/* validate post */
if ($post_user == '') {
$error = l('user_empty');
} else {
if ($post_password == '') {
$error = l('password_empty');
} else {
if ($login_by_email == 0 && $loginValidator->validate($post_user) == Redaxscript\Validator\Validator::FAILED) {
$error = l('user_incorrect');
} else {
if ($login_by_email == 1 && $emailValidator->validate($post_user) == Redaxscript\Validator\Validator::FAILED) {
$error = l('email_incorrect');
} else {
if ($loginValidator->validate($post_password) == Redaxscript\Validator\Validator::FAILED) {
$error = l('password_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\Validator::FAILED) {
$error = l('captcha_incorrect');
} else {
if ($my_id == '' || md5($post_password) . SALT != $my_password && sha1($post_password) . SALT != $my_password) {
$error = l('login_incorrect');
} else {
if ($my_status == 0) {
$error = l('access_no');
} else {
/* setup login session */
$_SESSION[ROOT . '/logged_in'] = TOKEN;
$_SESSION[ROOT . '/my_id'] = $my_id;
$_SESSION[ROOT . '/my_name'] = $my_name;
$_SESSION[ROOT . '/my_user'] = $my_user;
$_SESSION[ROOT . '/my_email'] = $my_email;
if (file_exists('languages/' . $my_language . '.php')) {
$_SESSION[ROOT . '/language'] = $my_language;
$_SESSION[ROOT . '/language_selected'] = 1;
}
$_SESSION[ROOT . '/my_groups'] = $my_groups;
/* query groups */
$groups_query = 'SELECT categories, articles, extras, comments, groups, users, modules, settings, filter FROM ' . PREFIX . 'groups WHERE id IN (' . $my_groups . ') && status = 1';
$groups_result = mysql_query($groups_query);
if ($groups_result) {
$num_rows = mysql_num_rows($groups_result);
while ($r = mysql_fetch_assoc($groups_result)) {
if ($r) {
foreach ($r as $key => $value) {
$key = 'groups_' . $key;
${$key} .= stripslashes($value);
if (++$counter < $num_rows) {
${$key} .= ', ';
}
}
}
}
}
/* setup access session */
$access_array = array('categories', 'articles', 'extras', 'comments', 'groups', 'users');
foreach ($access_array as $value) {
$groups_value = 'groups_' . $value;
$position_new = strpos(${$groups_value}, '1');
$position_edit = strpos(${$groups_value}, '2');
$position_delete = strpos(${$groups_value}, '3');
$_SESSION[ROOT . '/' . $value . '_delete'] = $_SESSION[ROOT . '/' . $value . '_edit'] = $_SESSION[ROOT . '/' . $value . '_new'] = 0;
if ($position_new > -1) {
$_SESSION[ROOT . '/' . $value . '_new'] = 1;
}
if ($position_edit > -1) {
$_SESSION[ROOT . '/' . $value . '_edit'] = 1;
}
if ($position_delete > -1) {
$_SESSION[ROOT . '/' . $value . '_delete'] = 1;
}
}
$position_modules_install = strpos($groups_modules, '1');
$position_modules_edit = strpos($groups_modules, '2');
$position_modules_uninstall = strpos($groups_modules, '3');
$position_settings_edit = strpos($groups_settings, '1');
$position_filter = strpos($groups_filter, '0');
$_SESSION[ROOT . '/filter'] = 1;
$_SESSION[ROOT . '/settings_edit'] = $_SESSION[ROOT . '/modules_uninstall'] = $_SESSION[ROOT . '/modules_edit'] = $_SESSION[ROOT . '/modules_install'] = 0;
if ($position_modules_install > -1) {
$_SESSION[ROOT . '/modules_install'] = 1;
}
if ($position_modules_edit > -1) {
$_SESSION[ROOT . '/modules_edit'] = 1;
}
if ($position_modules_uninstall > -1) {
$_SESSION[ROOT . '/modules_uninstall'] = 1;
}
if ($position_settings_edit > -1) {
$_SESSION[ROOT . '/settings_edit'] = 1;
}
if ($position_filter > -1) {
$_SESSION[ROOT . '/filter'] = 0;
}
$_SESSION[ROOT . '/update'] = NOW;
}
}
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), 'login');
} else {
notification(l('welcome'), l('logged_in'), l('continue'), 'admin');
}
$_SESSION[ROOT . '/login'] = '';
}
/**
* registration post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Registration
* @author Henry Ruhs
*/
function registration_post()
{
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/registration'] == 'visited') {
$name = $r['name'] = clean($_POST['name'], 0);
$user = $r['user'] = clean($_POST['user'], 0);
$email = $r['email'] = clean($_POST['email'], 3);
$password = substr(sha1(uniqid()), 0, 10);
$passwordHash = new Redaxscript\Hash(Redaxscript\Config::getInstance());
$passwordHash->init($password);
$r['password'] = $passwordHash->getHash();
$r['description'] = '';
$r['language'] = Redaxscript\Registry::get('language');
$r['first'] = $r['last'] = NOW;
$r['groups'] = Redaxscript\Db::forTablePrefix('groups')->where('alias', 'members')->findOne()->id;
if ($r['groups'] == '') {
$r['groups'] = 0;
}
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* validate post */
$loginValidator = new Redaxscript\Validator\Login();
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
if ($name == '') {
$error = l('name_empty');
} else {
if ($user == '') {
$error = l('user_empty');
} else {
if ($email == '') {
$error = l('email_empty');
} else {
if ($loginValidator->validate($user) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('user_incorrect');
} else {
if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('email_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('captcha_incorrect');
} else {
if (Redaxscript\Db::forTablePrefix('users')->where('user', $user)->findOne()->id) {
$error = l('user_exists');
} else {
if (USERS_NEW == 0 && s('verification') == 1) {
$r['status'] = 0;
$success = l('registration_verification');
} else {
$r['status'] = 1;
$success = l('registration_sent');
}
/* send login information */
$loginRoute = ROOT . '/' . REWRITE_ROUTE . 'login';
$loginLink = anchor_element('external', '', '', $loginRoute, $loginRoute);
$toArray = array($name => $email);
if (s('notification') == 1) {
$toArray[s('author')] = s('email');
}
$fromArray = array($author => $email);
$subject = l('registration');
$bodyArray = array('<strong>' . l('name') . l('colon') . '</strong> ' . $name, '<br />', '<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<br />', '<strong>' . l('password') . l('colon') . '</strong> ' . $password, '<br />', '<strong>' . l('login') . l('colon') . '<strong> ' . $loginLink);
/* mailer object */
$mailer = new Redaxscript\Mailer();
$mailer->init($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
/* create user */
Redaxscript\Db::forTablePrefix('users')->create()->set($r)->save();
}
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), 'registration');
} else {
notification(l('operation_completed'), $success, l('login'), 'login');
}
$_SESSION[ROOT . '/registration'] = '';
}
/**
* password reset post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Password
* @author Henry Ruhs
*/
function password_reset_post()
{
$captchaValidator = new Redaxscript\Validator\Captcha();
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/password_reset'] == 'visited') {
$post_id = clean($_POST['id'], 0);
$post_password = clean($_POST['password'], 0);
$password = substr(sha1(uniqid()), 0, 10);
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* query user information */
if ($post_id && $post_password) {
$users_result = Redaxscript\Db::forTablePrefix('users')->where(array('id' => $post_id, 'status' => 1))->findArray();
foreach ($users_result as $r) {
foreach ($r as $key => $value) {
$key = 'my_' . $key;
${$key} = stripslashes($value);
}
}
}
/* validate post */
if ($post_id == '' || $post_password == '') {
$error = l('input_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('captcha_incorrect');
} else {
if ($my_id == '' || sha1($my_password) != $post_password) {
$error = l('access_no');
} else {
/* send new password */
$loginRoute = ROOT . '/' . REWRITE_ROUTE . 'login';
$loginLink = anchor_element('external', '', '', $loginRoute, $loginRoute);
$toArray = array($my_name => $my_email);
$fromArray = array(s('author') => s('email'));
$subject = l('password_new');
$bodyArray = array('<strong>' . l('password_new') . l('colon') . '</strong> ' . $password, '<br />', '<strong>' . l('login') . l('colon') . '</strong> ' . $loginLink);
/* mailer object */
$mailer = new Redaxscript\Mailer();
$mailer->init($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
/* update password */
$passwordHash = new Redaxscript\Hash(Redaxscript\Config::getInstance());
$passwordHash->init($password);
Redaxscript\Db::forTablePrefix('users')->where(array('id' => $post_id, 'status' => 1))->findOne()->set('password', $passwordHash->getHash())->save();
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
if ($post_id && $post_password) {
$back_route = 'password_reset/' . $post_id . '/' . $post_password;
} else {
$back_route = 'reminder';
}
notification(l('error_occurred'), $error, l('back'), $back_route);
} else {
notification(l('operation_completed'), l('password_sent'), l('login'), 'login');
}
$_SESSION[ROOT . '/password_reset'] = '';
}
/**
* contact post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Modules
* @author Henry Ruhs
*/
function contact_post()
{
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
$urlValidator = new Redaxscript\Validator\Url();
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/contact'] == 'visited') {
$author = clean($_POST['author'], 0);
$email = clean($_POST['email'], 3);
$url = clean($_POST['url'], 4);
$text = break_up($_POST['text']);
$text = clean($text, 1);
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* validate post */
if ($author == '') {
$error = l('author_empty');
} else {
if ($email == '') {
$error = l('email_empty');
} else {
if ($text == '') {
$error = l('message_empty');
} else {
if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('email_incorrect');
} else {
if ($url && $urlValidator->validate($url) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('url_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('captcha_incorrect');
} else {
/* prepare body parts */
$emailLink = anchor_element('email', '', '', $email, $email);
if ($url) {
$urlLink = anchor_element('external', '', '', $url, $url);
}
/* prepare mail inputs */
$toArray = array(s('author') => s('email'));
$fromArray = array($author => $email);
$subject = l('contact');
$bodyArray = array('<strong>' . l('author') . l('colon') . '</strong> ' . $author, '<br />', '<strong>' . l('email') . l('colon') . '</strong> ' . $emailLink, '<br />', '<strong>' . l('url') . l('colon') . '</strong> ' . $urlLink, '<br />', '<br />', '<strong>' . l('message') . l('colon') . '</strong> ' . $text);
/* mailer object */
$mailer = new Redaxscript\Mailer();
$mailer->init($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('home'), ROOT);
} else {
notification(l('operation_completed'), l('message_sent', '_contact'), l('home'), ROOT);
}
$_SESSION[ROOT . '/contact'] = '';
}
/**
* registration post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Registration
* @author Henry Ruhs
*/
function registration_post()
{
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/registration'] == 'visited') {
$name = $r['name'] = clean($_POST['name'], 0);
$user = $r['user'] = clean($_POST['user'], 0);
$email = $r['email'] = clean($_POST['email'], 3);
$password = hash_generator(10);
$r['password'] = sha1($password) . SALT;
$r['description'] = '';
$r['language'] = LANGUAGE;
$r['first'] = $r['last'] = NOW;
$r['groups'] = retrieve('id', 'groups', 'alias', 'members');
if ($r['groups'] == '') {
$r['groups'] = 0;
}
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* validate post */
$loginValidator = new Redaxscript\Validator\Login();
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
if ($name == '') {
$error = l('name_empty');
} else {
if ($user == '') {
$error = l('user_empty');
} else {
if ($email == '') {
$error = l('email_empty');
} else {
if ($loginValidator->validate($user) == Redaxscript\Validator\Validator::FAILED) {
$error = l('user_incorrect');
} else {
if ($emailValidator->validate($email) == Redaxscript\Validator\Validator::FAILED) {
$error = l('email_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\Validator::FAILED) {
$error = l('captcha_incorrect');
} else {
if (retrieve('id', 'users', 'user', $user)) {
$error = l('user_exists');
} else {
if (USERS_NEW == 0 && s('verification') == 1) {
$r['status'] = 0;
$success = l('registration_verification');
} else {
$r['status'] = 1;
$success = l('registration_sent');
}
/* send login information */
$loginRoute = ROOT . '/' . REWRITE_ROUTE . 'login';
$loginLink = anchor_element('external', '', '', $loginRoute, $loginRoute);
$toArray = array($name => $email);
if (s('notification') == 1) {
$toArray[s('author')] = s('email');
}
$fromArray = array($author => $email);
$subject = l('registration');
$bodyArray = array('<strong>' . l('name') . l('colon') . '</strong> ' . $name . ' (' . MY_IP . ')', '<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<strong>' . l('password') . l('colon') . '</strong> ' . $password, '<br />', '<strong>' . l('login') . l('colon') . '<strong> ' . $loginLink);
/* mailer object */
$mailer = new Redaxscript\Mailer($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
/* build key and value strings */
$r_keys = array_keys($r);
$last = end($r_keys);
foreach ($r as $key => $value) {
$key_string .= $key;
$value_string .= '\'' . $value . '\'';
if ($last != $key) {
$key_string .= ', ';
$value_string .= ', ';
}
}
/* insert user */
$query = 'INSERT INTO ' . PREFIX . 'users (' . $key_string . ') VALUES (' . $value_string . ')';
mysql_query($query);
}
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), 'registration');
} else {
notification(l('operation_completed'), $success, l('login'), 'login');
}
$_SESSION[ROOT . '/registration'] = '';
}
/**
* comment post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Comments
* @author Henry Ruhs
*/
function comment_post()
{
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
$urlValidator = new Redaxscript\Validator\Url();
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/comment'] == 'visited') {
$author = $r['author'] = clean($_POST['author'], 0);
$email = $r['email'] = clean($_POST['email'], 3);
$url = $r['url'] = clean($_POST['url'], 4);
$text = break_up($_POST['text']);
$text = $r['text'] = clean($text, 1);
$r['language'] = clean($_POST['language'], 0);
$r['date'] = clean($_POST['date'], 1);
$article = $r['article'] = clean($_POST['article'], 0);
$r['rank'] = query_plumb('rank', 'comments', 'max') + 1;
$r['access'] = clean($_POST['access'], 0);
if ($r['access'] == '') {
$r['access'] = 0;
}
$task = $_POST['task'];
$solution = $_POST['solution'];
$route = build_route('articles', $article);
}
/* validate post */
if ($author == '') {
$error = l('author_empty');
} else {
if ($email == '') {
$error = l('email_empty');
} else {
if ($text == '') {
$error = l('comment_empty');
} else {
if ($emailValidator->validate($email) == Redaxscript\Validator\Validator::FAILED) {
$error = l('email_incorrect');
} else {
if ($url && $urlValidator->validate($url) == Redaxscript\Validator\Validator::FAILED) {
$error = l('url_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\Validator::FAILED) {
$error = l('captcha_incorrect');
} else {
if (COMMENTS_NEW == 0 && s('moderation') == 1) {
$r['status'] = 0;
$success = l('comment_moderation');
} else {
$r['status'] = 1;
$success = l('comment_sent');
}
/* send comment notification */
if (s('notification') == 1) {
/* prepare body parts */
$emailLink = anchor_element('email', '', '', $email);
if ($url) {
$urlLink = anchor_element('external', '', '', $url);
}
$articleRoute = ROOT . '/' . REWRITE_ROUTE . $route;
$articleLink = anchor_element('external', '', '', $articleRoute, $articleRoute);
/* prepare mail inputs */
$toArray = array(s('author') => s('email'));
$fromArray = array($author => $email);
$subject = l('comment_new');
$bodyArray = array('<strong>' . l('author') . l('colon') . '</strong> ' . $author . ' (' . MY_IP . ')', '<strong>' . l('email') . l('colon') . '</strong> ' . $emailLink, '<strong>' . l('url') . l('colon') . '</strong> ' . $urlLink, '<br />', '<strong>' . l('comment') . l('colon') . '</strong> ' . $text, '<br />', '<strong>' . l('article') . l('colon') . '</strong> ' . $articleLink);
/* mailer object */
$mailer = new Redaxscript\Mailer($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
}
/* build key and value strings */
$r_keys = array_keys($r);
$last = end($r_keys);
foreach ($r as $key => $value) {
$key_string .= $key;
$value_string .= '\'' . $value . '\'';
if ($last != $key) {
$key_string .= ', ';
$value_string .= ', ';
}
}
/* insert comment */
$query = 'INSERT INTO ' . PREFIX . 'comments (' . $key_string . ') VALUES (' . $value_string . ')';
mysql_query($query);
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), $route);
} else {
notification(l('operation_completed'), $success, l('continue'), $route);
}
$_SESSION[ROOT . '/comment'] = '';
}
