Example #1
0
function main()
{
    try {
        global $pageTitle;
        global $editable;
        global $session;
        global $user;
        $post = $_POST['blnPost'];
        $username = $_GET['username'];
        $selUser = new User("username = '******'");
        $logout = $_GET['logout'];
        if ($selUser->IsEmpty()) {
            print GetCap('capUserNotFound');
            $session->ViewedNotFound("Movie", $username);
            UpdateObject($session, false);
            Dump();
        }
        if ($logout) {
            $selUser->Logout();
            $session->ForcedLogout($selUser->ID());
        }
        if (isset($user)) {
            if ($user->ID() == $selUser->ID()) {
                $sameUser = true;
            }
        }
        if (!$editable && !$selUser->Enabled()) {
            echo GetCap('capThisAccountHasBeenDisabled');
            Dump();
        }
        if ($post) {
            if (!$editable && !$sameUser) {
                BlockIfViolation('update');
            }
            ThrowExceptionOnMaliciousInput($_POST['txtInfo'], 'USER_INFO');
            if ($editable) {
                $selUser->Enabled($_POST['chkEnabled'] == '1' ? 1 : 0);
            }
            $selUser->PlayTimesLocation($_POST['txtPlayTimesLocation']);
            $selUser->Email($_POST['txtEmail']);
            $selUser->Info(strip_tags($_POST['txtInfo']));
            UpdateObject($selUser);
        } else {
            $session->Viewed("User", $selUser->ID());
        }
        $username = $selUser->UserName();
        $pageTitle = $username;
        $email = $selUser->Email();
        $playTimesLocation = $selUser->PlayTimesLocation();
        $enabled = $selUser->Enabled();
        $info = $selUser->Info();
        ?>
        <br />
        <form name="frm" method="post" action="<?php 
        echo $PHP_SELF . "?username="******">
            <table>
                <tr> 
                    <td>
                        <font size=6><b><?php 
        echo $username;
        ?>
</b></font>
                        <?php 
        if (!$sameUser) {
            echo PublicizedInfo($info);
        }
        ?>
                    </td>
                </tr> 
                    <?php 
        if ($editable || $sameUser) {
            ?>
                        <tr> 
                            <td>
                                <b><?php 
            echo GetCap('capEmailAddress');
            ?>
: </b>
                            </td>
                            <td>
                                <input type="text" size=50 name="txtEmail" value="<?php 
            echo $email;
            ?>
"/>
                                <?php 
            echo "<i>(" . GetCap('capPrivate') . ")</i>";
            ?>
                            </td>
                        </tr> 
                     <?php 
        }
        if ($editable || $sameUser) {
            ?>
                    <tr> 
                        <td>
                            <b><?php 
            echo GetCap('capPlayTimesLocation');
            ?>
: </b>
                        </td>
                        <td>
                            <input type="text" size=50 name="txtPlayTimesLocation" value="<?php 
            echo $playTimesLocation;
            ?>
"/>
                            <?php 
            echo "<i>(" . GetCap('capPrivate') . ")</i>";
            ?>
                        </td>
                    </tr> 
                <?php 
        }
        if ($editable || $sameUser) {
            ?>
                <tr> 
                        <td valign=top>
                            <b><?php 
            echo GetCap('capTellUsAboutYourself');
            ?>
: </b>
                            <br/>
                            <i>(<?php 
            echo GetCap('capEditAnywayYouWish');
            ?>
)</i>
                        </td>
                        <td valign=top>
                            <textarea rows="10" cols="57" name="txtInfo"><?php 
            echo $info;
            ?>
</textarea>
                            <?php 
            echo "<i>(" . GetCap('capPublic') . ")</i>";
            ?>
                        </td>
                </tr> 
                <tr valign=top> 
                        <td>
                            <b><?php 
            echo GetCap('capPublicView');
            ?>
: </b>
                        </td>
                        <td>
                            <?php 
            echo PublicizedInfo($info);
            ?>
                        </td>
                </tr> 
                <?php 
        }
        if ($editable) {
            ?>
                    <tr> 
                        <td>
                            <b><?php 
            echo GetCap('capLoggedIn');
            ?>
: </b>
                            <?php 
            if ($selUser->LoggedIn()) {
                print GetCap("capYes");
                if ($admin) {
                    print "<a href=\"user.php?username={$username}&logout=1\">[" . GetCap('capLogout') . "]</a>";
                }
            } else {
                print GetCap("capNo");
            }
            ?>
                    </tr> 
                    <tr> 
                        <td>
                            <b><?php 
            echo GetCap('capEnabled');
            ?>
: </b>
                            <?php 
            print "<input type=\"checkbox\" name=\"chkEnabled\" value=\"1\" " . ($enabled ? 'checked="checked"' : '') . "/>";
            ?>
                    </tr> 
                <?php 
        }
        if ($editable || $sameUser) {
            ?>
                    <tr> 
                        <td>
                            <input type="submit" name="btnLogin" value="<?php 
            echo GetCap('capSave');
            ?>
"/>
                        </td>
                        <td>
                            <input type="hidden" name="blnPost" value="1"/>
                        </td>
                    </tr> 
                <?php 
        }
        ?>
        </table>
    </form>
    <?php 
    } catch (Exception $ex) {
        ProcessException($ex);
    }
}
Example #2
0
function main()
{
    try {
        global $sid;
        global $session;
        global $returnURI;
        global $DOMAIN;
        global $FROM_ADDR;
        global $X_MAILER;
        $PHP_SELF = $_SERVER['PHP_SELF'];
        $message = $_REQUEST['message'];
        $captchaCode = $_REQUEST['txtCaptchaCode'];
        $random = $_REQUEST['txtRandom'];
        $post = $_POST['blnPost'];
        $username = $_POST['txtUsername'];
        $password = $_POST['txtPassword'];
        $repassword = $_POST['txtRePassword'];
        $email = $_POST['txtEmail'];
        $emailPassword = $_POST['btnEmailPassword'] != "";
        $create = $_POST['btnCreateAccount'] != "";
        if (!$create) {
            $create = $_GET['create'] != "";
        }
        if (!$emailPassword) {
            $emailPassword = $_GET['emailPassword'] != "";
        }
        if ($post) {
            if ($emailPassword) {
                $user = new User("username='******'");
                if ($user->Email() != '') {
                    $capLogin = GetCap('capLogin');
                    $sub = GetCap('capPassword');
                    $path = dirname($_SERVER['SCRIPT_NAME']);
                    $msg = GetCap('capBelowAreYourCredentials') . "\r\n";
                    $msg .= "Username: "******"\r\n";
                    $msg .= 'Password: '******'capEmailHasBeenSent') . '</center></b>';
                } else {
                    print "<b><center>" . GetCap('capUserAccountDoesn\'tHaveEmailAddress</center></b>');
                }
                $username = $user->UserName();
                $email = $user->Email();
            } elseif ($create) {
                $captcha = new CaptchasDotNet('demo', 'secret');
                if (!$captcha->validate($random)) {
                    $password = $_POST['txtPassword'];
                    $rePassword = $_POST['txtRePassword'];
                    print "<center>" . GetCap('capCaptchaWasReused') . "</center>";
                    $session->ReusedCaptcha("session", $session->ID(), $random);
                } elseif (!$captcha->verify($captchaCode)) {
                    $password = $_POST['txtPassword'];
                    $rePassword = $_POST['txtRePassword'];
                    print "<center>" . GetCap('capInvalidConfirmationCode') . "</center>";
                    $session->InvalidConfirmationCode($captchCode);
                } elseif ($password == $repassword) {
                    $user = new User();
                    $user->UserName($username);
                    $user->Password($password);
                    $user->Email($email);
                    if (UpdateObject($user)) {
                        $session->UserID($user->ID());
                        $session->LoggedIn(true);
                        UpdateObject($session);
                        $username = $user->UserName();
                        $email = $user->Email();
                        ReturnURI();
                        print '<center>' . GetCap("capUpdateSucceded") . '</center>';
                    }
                } else {
                    $password = $_POST['txtPassword'];
                    $rePassword = $_POST['txtRePassword'];
                    print "<center>" . GetCap('capPasswordsDoNotMatch') . "</center>";
                }
            }
        }
        /* TODO:PREROLL Go to captcha.net and register an actual account (not demo) before rolling
           to production */
        if ($create) {
            $captcha = new CaptchasDotNet('demo', 'secret');
        }
        ?>
        <form name="frm" method="post" action="<?php 
        echo "login.php?returnURI={$returnURI}";
        ?>
">
            <table>
                <tr> 
                    <td>
                        <b><?php 
        echo GetCap('capUsername');
        ?>
: </b>
                    </td>
                    <td>
                        <input type="text" name="txtUsername" value="<?php 
        echo $username;
        ?>
"/>
                    </td>
                </tr> 
                <?php 
        if ($create) {
            ?>
                    <tr> 
                        <td>
                            <b><?php 
            echo GetCap('capPassword');
            ?>
: </b>
                        </td>
                        <td>
                            <input type="password" name="txtPassword" value="<?php 
            echo $password;
            ?>
"/>
                        </td>
                    </tr> 
                    <tr> 
                        <td>
                            <b><?php 
            echo GetCap('capRe-typePassword');
            ?>
: </b>
                        </td>
                        <td>
                            <input type="password" name="txtRePassword" value="<?php 
            echo $_POST['txtRePassword'];
            ?>
"/>
                        </td>
                    </tr> 
                    <tr> 
                        <td>
                            <b><?php 
            echo GetCap('capEmail (optional)');
            ?>
: </b>
                        </td>
                        <td>
                            <input type="text" name="txtEmail" value="<?php 
            echo $email;
            ?>
"/>
                        </td>
                        <td>
                            <i><?php 
            echo GetCap('capIn case you forget your password we can email you a new one.');
            ?>
</i>
                        </td>
                    </tr> 
                    <tr valign="top">
                        <td>
                            <b><?php 
            echo GetCap('capEnterConfirmationCodeFromPicture');
            ?>
: </b>
                        </td>
                        <td>
                            <input type="text" name="txtCaptchaCode"/>
                            <input type="hidden" name="txtRandom" value="<?php 
            echo $captcha->random();
            ?>
" />
                            <br /><br/><br/> 
                            <a href="<?php 
            echo $captcha->audio_url();
            ?>
"><?php 
            echo GetCap('capPhoenieticSpelling(mp3)');
            ?>
</a>
                        </td>
                        <td>
                            <?php 
            echo $captcha->Image(false, 'captchas.net', GetCap('capLoadingCaptcha...'));
            ?>
                        </td>
                    </tr> 
                    <tr> 
                        <td>
                            <input type="submit" name="btnCreateAccount" value="<?php 
            echo GetCap('capCreateAccount');
            ?>
"/>
                        </td>
                    </tr> 
                <?php 
        }
        if ($emailPassword) {
            ?>
                    <tr>
                        <td>&nbsp;</td>
                        <td>
                            <input type="submit" name="btnEmailPassword" value="<?php 
            echo GetCap('capEmailMePassword');
            ?>
"/>
                        </td>
                    </tr>
                <?php 
        }
        ?>
                <tr>
                    <td>
                        <input type="hidden" name="blnPost" value="1"/>
                    </td>
                </tr> 
            </table>
         </form>
        <?php 
    } catch (Exception $ex) {
        ProcessException($ex);
    }
}