Exemple #1
0
function log_fullsize_access_fullsize_html($fullsize_html)
{
    global $CONFIG, $pid, $USER_DATA;
    if ($pid) {
        cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}plugin_log_fullsize_access (pid, user_id, timestamp) VALUES ('{$pid}', '" . USER_ID . "', UNIX_TIMESTAMP())");
        if ($CONFIG['plugin_log_fullsize_access_email']) {
            preg_match('/alt="(.*)"/U', $fullsize_html, $matches);
            cpg_mail($CONFIG['gallery_admin_email'], 'Fullsize access', $USER_DATA['user_name'] . "\t" . $matches[1]);
        }
    }
    return $fullsize_html;
}
 } else {
     $reasons .= "{$lang_report_php['no_reason_given']}";
 }
 $reason_list = substr($reason_list, 0, -2);
 //remove trailing comma and space
 $reasons .= $reason_list;
 $msg_content = nl2br(strip_tags($message));
 $data = array('sn' => $sender_name, 'se' => $sender_email, 'p' => $n_picname, 'su' => $subject, 'm' => $message, 'r' => $reasons, 'c' => $comment, 'cid' => $cid, 'pid' => $pid, 't' => $what);
 $encoded_data = urlencode(base64_encode(serialize($data)));
 $params = array('{LANG_DIR}' => $lang_text_dir, '{TITLE}' => sprintf($lang_report_php['report_subject'], $sender_name, $type), '{CHARSET}' => $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset'], '{VIEW_REPORT_TGT}' => "{$gallery_url_prefix}displayreport.php?data={$encoded_data}", '{VIEW_REPORT_LNK}' => $lang_report_php['view_report'], '{VIEW_REPORT_LNK_PLAINTEXT}' => $lang_report_php['view_report_plaintext'], '{PIC_URL}' => $n_picname, '{URL_PREFIX}' => $gallery_url_prefix, '{PIC_TGT}' => "{$CONFIG['ecards_more_pic_target']}displayimage.php?pid=" . $pid, '{SUBJECT}' => $subject, '{MESSAGE}' => $msg_content, '{PLAINTEXT_MESSAGE}' => $message, '{SENDER_EMAIL}' => $sender_email, '{SENDER_NAME}' => $sender_name, '{VIEW_MORE_TGT}' => $CONFIG['ecards_more_pic_target'], '{VIEW_MORE_LNK}' => $lang_report_php['view_more_pics'], '{REASON}' => $reasons, '{COMMENT}' => $comment, '{COMMENT_ID}' => $cid, '{VIEW_COMMENT_LNK}' => $lang_report_php['view_comment'], '{COMMENT_TGT}' => "{$CONFIG['ecards_more_pic_target']}displayimage.php?pid={$pid}#comment{$cid}", '{PID}' => $pid);
 $message = template_eval($template, $params);
 $plaintext_message = template_eval($template_report_plaintext, $params);
 $tempTime = time();
 $message .= sprintf($lang_report_php['report_footer'], $sender_name, $raw_ip, localised_date(-1, $lang_date['comment']));
 $subject = sprintf($lang_report_php['report_subject'], $sender_name, $type);
 $result = cpg_mail('admin', $subject, $message, 'text/html', $sender_name, $sender_email, $plaintext_message);
 /*//write log
   if ($CONFIG['log_ecards'] == 1) {
       $result_log = cpg_db_query("INSERT INTO {$CONFIG['TABLE_ECARDS']} (sender_name, sender_email, recipient_name, recipient_email, link, date, sender_ip) VALUES ('$sender_name', '$sender_email', '$recipient_name', '$recipient_email',   '$encoded_data', '$tempTime', '$raw_ip')");
   }*/
 if (!USER_ID) {
     $USER['name'] = $sender_name;
     $USER['email'] = $sender_email;
 }
 if ($result) {
     pageheader($lang_report_php['title'], "<meta http-equiv=\"refresh\" content=\"3;url=displayimage.php?pid={$pid}\" />");
     msg_box($lang_cpg_die[INFORMATION], $lang_report_php['send_success'], $lang_common['continue'], "displayimage.php?pid={$pid}");
     pagefooter();
     exit;
 } else {
     cpg_die(ERROR, $lang_report_php['send_failed'], __FILE__, __LINE__);
                $sender_email = $email_address;
                $sender_name = $user_name;
            } else {
                $sender_email = $CONFIG['gallery_admin_email'];
                $sender_name = $CONFIG['gallery_admin_email'];
            }
        }
        $html_message = $message_header . '<br />' . $LINEBREAK . sprintf($lang_contact_php['user_info'], $visitor_status, $html_user_name, $email_address) . '<br />' . $LINEBREAK . '<div style="border:1px solid black">' . $html_message . '</div>';
        $html_message = nl2br($html_message);
        $message = $message_header . $LINEBREAK . sprintf($lang_contact_php['user_info'], $visitor_status, $text_user_name, $email_address) . $LINEBREAK . $message;
        if ($superCage->server->testip('REMOTE_ADDR')) {
            $ip = $superCage->server->getRaw('REMOTE_ADDR');
        } else {
            $ip = 'Unknown';
        }
        if (!cpg_mail($CONFIG['gallery_admin_email'], $subject, $html_message, 'text/html', $sender_name, $sender_email, $message)) {
            if ($CONFIG['log_mode'] != CPG_NO_LOGGING) {
                log_write("Sending an email using the contact form failed (name: {$sender_name}, email: {$sender_email}, subject: {$original_subject}, IP: {$ip}", CPG_MAIL_LOG);
            }
            cpg_die(ERROR, $lang_contact_php['failed_sending_email'], __FILE__, __LINE__);
        } else {
            // sending the email has been successfull, redirect the user
            if ($CONFIG['log_mode'] == CPG_LOG_ALL) {
                log_write("Sending email from contact form successful (name: {$sender_name}, email: {$sender_email}, subject: {$original_subject}, IP: {$ip}", CPG_MAIL_LOG);
            }
            cpgRedirectPage($CONFIG['ecards_more_pic_target'] . $CPG_REFERER, $lang_common['information'], $lang_contact_php['email_sent']);
        }
    }
    // beyond this point an error must have happened - let the visitor review his input
} else {
    // the form has not been submit yet - populate default values
Exemple #4
0
function photo_shop_send_password($message, $subject, $pass, $name, $email, $hash)
{
    global $CONFIG, $SHOP_CONFIG;
    $template_vars = array('{PASSWORD}' => $pass, '{USER_NAME}' => $name, '{ADMIN}' => $CONFIG['gallery_name'], '{LINK}' => $CONFIG['ecards_more_pic_target'] . "index.php?file=photo_shop/photo_shop_download_order&order=" . $hash);
    $mail_body = nl2br(strtr($message, $template_vars));
    if (cpg_mail($email, $subject, $mail_body, 'text/plain', $CONFIG['gallery_name'], $CONFIG['gallery_admin_email'])) {
        return true;
    }
    return false;
}
 $results = db_query("SELECT user_group,user_active,user_name, user_password, user_email  FROM {$CONFIG['TABLE_USERS']} WHERE (user_name = '" . addslashes($HTTP_POST_VARS['username']) . "' OR  user_email = '" . addslashes($HTTP_POST_VARS['username']) . "') AND user_active = 'YES'");
 if (mysql_num_rows($results)) {
     // something has been found start
     $USER_DATA = mysql_fetch_array($results);
     // check if we have an admin account (with empty email address)
     if ($USER_DATA['user_email'] == '') {
         // the password is empty. Is the current user the gallery admin?
         if ($USER_DATA['user_group'] == 1) {
             $USER_DATA['user_email'] = $CONFIG['gallery_admin_email'];
         } else {
             cpg_die(CRITICAL_ERROR, $lang_forgot_passwd_php['failed_sending_email'], __FILE__, __LINE__);
             //not the gallery admin account
         }
     }
     // send the email
     if (!cpg_mail($USER_DATA['user_email'], sprintf($lang_forgot_passwd_php['passwd_reminder_subject'], $CONFIG['gallery_name']), sprintf($lang_forgot_passwd_php['passwd_reminder_body'], $USER_DATA['user_name'], $USER_DATA['user_password'], $CONFIG['ecards_more_pic_target'] . 'login.php'))) {
         cpg_die(CRITICAL_ERROR, $lang_forgot_passwd_php['failed_sending_email'], __FILE__, __LINE__);
     }
     // output the message
     pageheader($lang_forgot_passwd_php['forgot_passwd'], "<META http-equiv=\"refresh\" content=\"3;url=login.php\">");
     $referer = 'login.php';
     msg_box($lang_forgot_passwd_php['forgot_passwd'], sprintf($lang_forgot_passwd_php['email_sent'], $USER_DATA['user_email']), $lang_continue, $referer);
     $USER_DATA['user_password'] = '******';
     pagefooter();
     exit;
     // something has been found end
 } else {
     $lookup_failed = <<<EOT
               <tr>
                       <td colspan="2" align="center" class="tableh2">
                     <font size="1" color="red"><b>{$lang_forgot_passwd_php['err_unk_user']}<b></font>
    }
    $result->free();
    $sql = "SELECT {$cpg_udb->field['username']}, {$cpg_udb->field['email']} FROM {$cpg_udb->usertable} WHERE {$cpg_udb->field['user_id']} = {$CLEAN['id']}";
    $result = cpg_db_query($sql);
    if (!$result->numRows()) {
        cpg_die($lang_forgot_passwd_php['forgot_passwd'], $lang_forgot_passwd_php['err_unk_user']);
    }
    $row = $result->fetchAssoc(true);
    // Reset Password
    $new_password = $cpg_udb->make_password();
    require 'include/passwordhash.inc.php';
    $sql = "UPDATE {$cpg_udb->usertable} SET " . cpg_password_create_update_string($new_password) . " WHERE {$cpg_udb->field['email']} = '{$row['user_email']}'";
    cpg_db_query($sql);
    $template_vars = array('{USER_NAME}' => $row['user_name'], '{PASSWORD}' => $new_password, '{SITE_LINK}' => $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . 'login.php', '{SITE_NAME}' => $CONFIG['gallery_name']);
    // send the password
    if (!cpg_mail($row['user_email'], sprintf($lang_forgot_passwd_php['passwd_reset_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_forgot_passwd_php['reset_email'], $template_vars)))) {
        cpg_die(CRITICAL_ERROR, $lang_forgot_passwd_php['failed_sending_email'], __FILE__, __LINE__);
    }
    $sql = "DELETE FROM {$cpg_udb->sessionstable} WHERE session_id = '" . md5($CLEAN['key'] . $CLEAN['id']) . "'";
    cpg_db_query($sql);
    // output the message
    pageheader($lang_forgot_passwd_php['forgot_passwd'], "<META http-equiv=\"refresh\" content=\"3;url=login.php\">");
    $referer = 'login.php';
    msg_box($lang_forgot_passwd_php['forgot_passwd'], sprintf($lang_forgot_passwd_php['email_sent'], $row['user_email']), $lang_common['continue'], $referer);
    $USER_DATA['user_password'] = '******';
    pagefooter();
    exit;
}
pageheader($lang_forgot_passwd_php['forgot_passwd']);
echo '<form action="forgot_passwd.php" method="post" name="passwordreminder" id="cpgform">';
$email_icon = cpg_fetch_icon('mail', 2);
    cpg_die(ERROR, $lang_send_activation_php['err_already_logged_in'], __FILE__, __LINE__);
}
if ($CONFIG['reg_requires_valid_email'] == 0) {
    cpg_die(ERROR, $lang_send_activation_php['activation_not_required']);
}
$lookup_failed = '';
if (!empty($_POST['email'])) {
    $emailaddress = addslashes($_POST['email']);
    $sql = "SELECT user_id, user_group,user_active,user_name, user_email, user_actkey FROM {$CONFIG['TABLE_USERS']} WHERE user_email = '{$emailaddress}' AND user_active = 'NO'";
    $results = cpg_db_query($sql);
    if (mysql_num_rows($results)) {
        // something has been found start
        $USER_DATA = mysql_fetch_array($results);
        $act_link = rtrim($CONFIG['site_url'], '/') . '/register.php?activate=' . $USER_DATA['user_actkey'];
        $template_vars = array('{SITE_NAME}' => $CONFIG['gallery_name'], '{USER_NAME}' => $USER_DATA['user_name'], '{ACT_LINK}' => $act_link);
        if (!cpg_mail($USER_DATA['user_email'], sprintf($lang_register_php['confirm_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_confirm_email, $template_vars)))) {
            cpg_die(CRITICAL_ERROR, $lang_register_php['failed_sending_email'], __FILE__, __LINE__);
        }
        // output the message
        pageheader($lang_send_activation_php['resend_act_link'], "<META http-equiv=\"refresh\" content=\"3;url=index.php\">");
        $referer = 'index.php';
        msg_box($lang_send_activation_php['resend_act_link'], sprintf($lang_send_activation_php['activation_email_sent'], $USER_DATA['user_email']), $lang_common['continue'], $referer);
        pagefooter();
        exit;
        // something has been found end
    } else {
        $lookup_failed = <<<EOT
                  <tr>
                          <td colspan="2" align="center" class="tableh2">
                        <span style="color:red"><b>{$lang_send_activation_php['err_unk_user']}<b></span>
                        </td>
Exemple #8
0
 } else {
     $n_picname = get_pic_url($row, 'fullsize');
 }
 if (!stristr($n_picname, 'http:')) {
     $n_picname = $gallery_url_prefix . $n_picname;
 }
 $msg_content = process_smilies($message, $gallery_url_prefix);
 $data = array('rn' => $superCage->post->noTags('recipient_name'), 'sn' => $superCage->post->noTags('sender_name'), 'se' => $sender_email, 'p' => $n_picname, 'g' => $greetings, 'm' => $message, 'pid' => $pid, 'pt' => $pic_title, 'pc' => $pic_caption);
 $encoded_data = urlencode(base64_encode(serialize($data)));
 $params = array('{LANG_DIR}' => $lang_text_dir, '{TITLE}' => sprintf($lang_ecard_php['ecard_title'], $sender_name), '{CHARSET}' => $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset'], '{VIEW_ECARD_TGT}' => "{$gallery_url_prefix}displayecard.php?data={$encoded_data}", '{VIEW_ECARD_LNK}' => $lang_ecard_php['view_ecard'], '{VIEW_ECARD_LNK_PLAINTEXT}' => $lang_ecard_php['view_ecard_plaintext'], '{PIC_URL}' => $n_picname, '{URL_PREFIX}' => $gallery_url_prefix, '{GREETINGS}' => $greetings, '{MESSAGE}' => bb_decode($msg_content), '{PLAINTEXT_MESSAGE}' => $message, '{SENDER_EMAIL}' => $sender_email, '{SENDER_NAME}' => $sender_name, '{VIEW_MORE_TGT}' => $CONFIG['ecards_more_pic_target'], '{VIEW_MORE_LNK}' => $lang_ecard_php['view_more_pics'], '{PID}' => $pid, '{PIC_TITLE}' => $pic_title, '{PIC_CAPTION}' => bb_decode($pic_caption), '{PIC_MARKUP}' => $pic_markup);
 $message = template_eval($template_ecard, $params);
 $plaintext_message = template_eval($template_ecard_plaintext, $params);
 $tempTime = time();
 $message .= sprintf($lang_ecard_php['ecards_footer'], $sender_name, $raw_ip, localised_date(-1, $lang_date['comment']));
 $subject = sprintf($lang_ecard_php['ecard_title'], $sender_name);
 $result = cpg_mail($recipient_email, $subject, $message, 'text/html', $sender_name, $sender_email, $plaintext_message);
 if (!USER_ID) {
     $USER['name'] = $sender_name;
     $USER['email'] = $sender_email;
 }
 if ($result) {
     // write ecard log, only if mail was sent
     if ($CONFIG['log_ecards'] == 1) {
         $sender_name = addslashes($sender_name);
         $recipient_name = addslashes($recipient_name);
         cpg_db_query("INSERT INTO {$CONFIG['TABLE_ECARDS']} (sender_name, sender_email, recipient_name, recipient_email, link, date, sender_ip) VALUES ('{$sender_name}', '{$sender_email}', '{$recipient_name}', '{$recipient_email}', '{$encoded_data}', '{$tempTime}', '{$raw_ip}')");
     }
     msg_box($lang_common['information'], $lang_ecard_php['send_success'], $lang_common['continue'], "displayimage.php?album={$album}&amp;pid={$pid}");
     echo '<br />';
     starttable('100%', $icon_array['preview_table'] . $lang_ecard_php['preview']);
     echo '<tr><td>';
 function generatepassword($addusername, $pass_key)
 {
     global $DBS, $CF, $LANG, $CONFIG;
     // Check for user in users table
     $sql = "SELECT {$DBS->field['user_id']}, {$DBS->field['username']}, {$DBS->field['email']} FROM {$DBS->usertable}";
     $sql .= " WHERE {$DBS->field['username']} = '{$addusername}' AND {$DBS->field['act_key']} = '{$pass_key}'";
     $results = $DBS->sql_query($sql);
     if (mysql_num_rows($results)) {
         $password = $CF->str_makerand(8, 12, true, false, true);
         $pass_key = $CF->str_makerand(15, 25, true, false, true);
         $email = mysql_result($results, 0, $DBS->field['email']);
         $login_link = rtrim($CONFIG['site_url'], '/') . '/index.htm#pg=logindiv';
         if (!cpg_mail($email, sprintf($LANG['forgot_passwd']['passwd_reset_subject'], $CONFIG['gallery_name']), nl2br(sprintf($LANG['forgot_passwd']['passwd_reset_body'], $addusername, $password, $login_link)))) {
             $USER_DATA = array();
             $USER_DATA['error'] = true;
             $USER_DATA['messagecode'] = "failed_sending_email";
             return $USER_DATA;
         }
         $sql = "UPDATE {$DBS->usertable} SET {$DBS->field['password']}= md5('{$password}'), {$DBS->field['act_key']}='{$pass_key}' WHERE {$DBS->field['username']}='{$addusername}'";
         $DBS->sql_update($sql);
         return $this->getpersonaldata($addusername);
     } else {
         $USER_DATA = array();
         $USER_DATA['error'] = true;
         $USER_DATA['messagecode'] = "forgotpassword_error";
         return $USER_DATA;
     }
 }
Exemple #10
0
function newsletter_mailqueue()
{
    if (defined('CPG_PLUGIN_NEWSLETTER_MAILQUEUE')) {
        return;
    }
    global $CONFIG, $lang_plugin_newsletter, $newsletter_icon_array;
    require_once 'include/mailer.inc.php';
    $output_array = array();
    $query = "SELECT * \n               FROM {$CONFIG['TABLE_PREFIX']}plugin_newsletter_queue \n               AS queue \n               INNER JOIN {$CONFIG['TABLE_PREFIX']}plugin_newsletter_mailings \n               AS mailings\n               ON mailings.mailing_id = queue.mailing_id\n               INNER JOIN {$CONFIG['TABLE_PREFIX']}plugin_newsletter_subscriptions \n               AS subscriptions\n               ON subscriptions.subscriber_id = queue.subscriber_id\n               WHERE queue.attempts <= {$CONFIG['plugin_newsletter_mails_per_page']}\n               ORDER BY queue.attempts,queue.time \n               LIMIT {$CONFIG['plugin_newsletter_mails_per_page']}";
    $result = cpg_db_query($query);
    $mailqueue_array = cpg_db_fetch_rowset($result);
    mysql_free_result($result);
    foreach ($mailqueue_array as $mailqueue) {
        if ($mailqueue['user_id'] == '') {
            // Guest
            $salutation = $CONFIG['plugin_newsletter_salutation_for_guests'];
        } else {
            // Registered user
            $salutation = str_replace('{USERNAME}', $mailqueue['subscriber_name'], $mailqueue['salutation']);
        }
        $mailing_message_plain = $salutation . $LINEBREAK . $mailqueue['body'] . $LINEBREAK . $LINEBREAK;
        // Add the unsubscribe link at the bottom
        $mailing_message_plain .= $lang_plugin_newsletter['unsubscribe_text'];
        $mailing_message_plain .= ' ' . $CONFIG['site_url'] . 'index.php?file=newsletter/unsubscribe';
        $mailing_message_html = newsletter_text2html($mailqueue['subject'], $salutation, $mailqueue['body']);
        if (!cpg_mail($mailqueue['subscriber_email'], $mailqueue['subject'], $mailing_message_html, 'text/plain', $CONFIG['plugin_newsletter_from_name'], $CONFIG['plugin_newsletter_from_email'], $mailing_message_plain)) {
            // sending the email has failed --- start
            $output_array[] = '<span class="important">' . $newsletter_icon_array['failure'] . sprintf($lang_plugin_newsletter['sending_email_failed'], '<a href="index.php?file=newsletter/archive&amp;mailing="' . $mailqueue['mailing_id'] . '">' . $mailqueue['subject'] . '</a>', '<a href="index.php?file=newsletter/subscribe&amp;subscriber=' . $mailqueue['subscriber_id'] . '">' . $mailqueue['subscriber_email'] . '</a>', $mailqueue['attempts'] + 1) . '</span>';
            cpg_db_query("UPDATE {$CONFIG['TABLE_PREFIX']}plugin_newsletter_queue SET attempts = attempts + 1 WHERE queue_id={$mailqueue['queue_id']}");
            if ($CONFIG['log_mode'] != CPG_NO_LOGGING) {
                log_write("Sending an email using the newsletter plugin failed (recipient email: {$mailqueue['subscriber_email']}, subscriber ID: {$mailqueue['subscriber_id']}, Mailing ID: {$mailqueue['mailing_id']}, Attempt: {$mailqueue['attempts']})", CPG_MAIL_LOG);
            }
        } else {
            // sending the email has failed --- end // sending the email has been successfull --- start
            $output_array[] = $newsletter_icon_array['success'] . sprintf($lang_plugin_newsletter['sending_email_succeeded'], '<a href="index.php?file=newsletter/archive&amp;mailing="' . $mailqueue['mailing_id'] . '>' . $mailqueue['subject'] . '</a>', '<a href="index.php?file=newsletter/subscribe&amp;subscriber=' . $mailqueue['subscriber_id'] . '">' . $mailqueue['subscriber_email'] . '</a>');
            $processed_records_counter++;
            cpg_db_query("DELETE FROM {$CONFIG['TABLE_PREFIX']}plugin_newsletter_queue WHERE queue_id={$mailqueue['queue_id']}");
            if ($CONFIG['log_mode'] == CPG_LOG_ALL) {
                log_write("Sending email from newsletter plugin successful (recipient email: {$mailqueue['subscriber_email']}, subscriber ID: {$mailqueue['subscriber_id']}, Mailing ID: {$mailqueue['mailing_id']})", CPG_MAIL_LOG);
            }
        }
        // sending the email has been successfull --- end
    }
    define('CPG_PLUGIN_NEWSLETTER_MAILQUEUE', true);
    return $output_array;
}
                    // this will only happen in case of echeck.
                    $body = $lang_photoshop_ipn['ipn_email_failed'] . $body;
                    cpg_mail('admin', $lang_photoshop_ipn['ipn_email_admin_ipn_failed'] . " [{$date}]", nl2br(make_clickable($body)), 'text/plain', $CONFIG['gallery_name'], $CONFIG['gallery_admin_email'], $body);
                    break;
                case 'Denied':
                    $body = $lang_photoshop_ipn['ipn_email_denied'] . $body;
                    cpg_mail('admin', $lang_photoshop_ipn['ipn_email_admin_ipn_failed'] . " [{$date}]", nl2br(make_clickable($body)), 'text/plain', $CONFIG['gallery_name'], $CONFIG['gallery_admin_email'], $body);
                    break;
                case 'Refunded':
                    $body = $lang_photoshop_ipn['ipn_email_refunded'] . $body;
                    cpg_mail('admin', $lang_photoshop_ipn['ipn_email_admin_ipn_failed'] . " [{$date}]", nl2br(make_clickable($body)), 'text/plain', $CONFIG['gallery_name'], $CONFIG['gallery_admin_email'], $body);
                    break;
                case 'Canceled':
                    // mark the payment as dispute cancelled
                    $body = $lang_photoshop_ipn['ipn_email_canc-rev'] . $body;
                    cpg_mail('admin', $lang_photoshop_ipn['ipn_email_admin_ipn_failed'] . " [{$date}]", nl2br(make_clickable($body)), 'text/plain', $CONFIG['gallery_name'], $CONFIG['gallery_admin_email'], $body);
                    break;
                default:
                    // order is not good
                    $body = $lang_photoshop_ipn['ipn_email_unknown'] . $p->ipn_data['payment_status'] . "\n\n";
                    cpg_mail('admin', $lang_photoshop_ipn['ipn_email_admin_ipn_failed'], nl2br(make_clickable($body)), 'text/plain', $CONFIG['gallery_name'], $CONFIG['gallery_admin_email'], $body);
                    break;
            }
            // end switch
        } else {
            //Paypal didn't verify
            $body = $lang_photoshop_ipn['ipn_email_invalid'] . $p->ipn_response . "\n\n";
            cpg_mail('admin', $lang_photoshop_ipn['ipn_email_admin_ipn_failed'], nl2br(make_clickable($body)), 'text/plain', $CONFIG['gallery_name'], $CONFIG['gallery_admin_email'], $body);
        }
        break;
}
function photoshop_email_the_user($message, $subject, $admin = '')
{
    global $CONFIG, $SHOP_CONFIG, $lang_photoshop, $cd_price, $order_id, $discount, $shipping_price;
    $user_info = photoshop_user_details(USER_ID);
    $email = $user_info['user_email'];
    if ($admin) {
        $user_info['user_email'] = 'admin';
    }
    $template_vars = array('{ORDER_ID}' => $order_id, '{SITE_NAME}' => $CONFIG['gallery_name'], '{PRICE}' => number_format($cd_price[0] + $cd_price[1] + $shipping_price - $discount, 2), '{USER_NAME}' => USER_NAME, '{USER_EMAIL}' => $email, '{ADMIN}' => $CONFIG['gallery_name'], '{LINK}' => $CONFIG['ecards_more_pic_target'], '{USER_PROFILE1}' => $user_info['user_profile1'], '{USER_PROFILE2}' => $user_info['user_profile2'], '{USER_PROFILE3}' => $user_info['user_profile3'], '{USER_PROFILE4}' => $user_info['user_profile4'], '{USER_PROFILE5}' => $user_info['user_profile5'], '{USER_PROFILE6}' => $user_info['user_profile6']);
    $mail_body = nl2br(strtr($message, $template_vars));
    if (cpg_mail($user_info['user_email'], $subject, $mail_body, 'text/plain', $CONFIG['gallery_name'], $CONFIG['gallery_admin_email'])) {
        return true;
    }
    return false;
}
     }
     // Image is ok
 }
 // Upload is ok
 // Create thumbnail and internediate image and add the image into the DB
 $result = add_picture($album, $filepath, $picture_name, $title, $caption, $keywords, $user1, $user2, $user3, $user4, $category, $raw_ip, $hdr_ip, (int) $_POST['width'], (int) $_POST['height']);
 if (!$result) {
     @unlink($uploaded_pic);
     cpg_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_insert_pic'], $uploaded_pic) . '<br /><br />' . $ERROR, __FILE__, __LINE__, true);
 } elseif ($PIC_NEED_APPROVAL) {
     pageheader($lang_info);
     msg_box($lang_info, $lang_db_input_php['upload_success'], $lang_continue, 'index.php');
     // start: send admin approval mail added by gaugau: 03-11-09
     if ($CONFIG['upl_notify_admin_email']) {
         include_once 'include/mailer.inc.php';
         cpg_mail($CONFIG['gallery_admin_email'], sprintf($lang_db_input_php['notify_admin_email_subject'], $CONFIG['gallery_name']), sprintf($lang_db_input_php['notify_admin_email_body'], USER_NAME, $CONFIG['ecards_more_pic_target'] . '/editpics.php?mode=upload_approval'));
     }
     // end: send admin approval mail
     ob_end_flush();
 } else {
     $header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: ';
     $redirect = "displayimage.php?pos=" . -mysql_insert_id();
     header($header_location . $redirect);
     pageheader($lang_info, "<META http-equiv=\"refresh\" content=\"1;url={$redirect}\">");
     msg_box($lang_info, $lang_db_input_php['upl_success'], $lang_continue, $redirect);
     pagefooter();
     ob_end_flush();
     exit;
 }
 break;
 // Unknow event
Exemple #14
0
    }
    $row = mysql_fetch_assoc($result);
    mysql_free_result($sql);
    // Reset Password
    $new_password = $cpg_udb->make_password();
    if ($CONFIG['enable_encrypted_passwords']) {
        $password = md5($new_password);
    } else {
        $password = $new_password;
    }
    $sql = "update {$cpg_udb->usertable} set ";
    $sql .= "{$cpg_udb->field['password']}='{$password}' ";
    $sql .= "where {$cpg_udb->field['email']}='{$row['user_email']}'";
    cpg_db_query($sql);
    // send the password
    if (!cpg_mail($row['user_email'], sprintf($lang_forgot_passwd_php['passwd_reset_subject'], $CONFIG['gallery_name']), sprintf($lang_forgot_passwd_php['passwd_reset_body'], $row['user_name'], $new_password, $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . 'login.php'))) {
        cpg_die(CRITICAL_ERROR, $lang_forgot_passwd_php['failed_sending_email'], __FILE__, __LINE__);
    }
    $sql = "delete from {$cpg_udb->sessionstable} where session_id=md5('{$CLEAN['key']}{$CLEAN['id']}');";
    cpg_db_query($sql);
    // output the message
    pageheader($lang_forgot_passwd_php['forgot_passwd'], "<META http-equiv=\"refresh\" content=\"3;url=login.php\">");
    $referer = 'login.php';
    msg_box($lang_forgot_passwd_php['forgot_passwd'], sprintf($lang_forgot_passwd_php['email_sent'], $row['user_email']), $lang_common['continue'], $referer);
    $USER_DATA['user_password'] = '******';
    pagefooter();
    exit;
}
pageheader($lang_forgot_passwd_php['forgot_passwd']);
echo '<form action="forgot_passwd.php" method="post" name="passwordreminder" id="cpgform">';
starttable('-1', $lang_forgot_passwd_php['forgot_passwd'], 2);
Exemple #15
0
 function reply()
 {
     include BASE_DIR . 'include' . DS . 'smilies.inc.php';
     include BASE_DIR . 'include' . DS . 'mailer.inc.php';
     $vars = array();
     $errors = array();
     $authorizer = check_model::getInstance();
     $vars['topic_id'] = $this->validate->get->getInt('id');
     if (!$authorizer->is_topic_id($vars['topic_id'])) {
         cpg_die(ERROR, Lang::item('error.wrong_topic_id'), __FILE__, __LINE__);
     }
     if (!$authorizer->can_reply($vars['topic_id'])) {
         cpg_die(ERROR, Lang::item('error.perm_denied'), __FILE__, __LINE__);
     }
     $vars['nagavitor'] = $this->forum->get_nagavitor();
     $vars['icons'] = $this->forum->get_icons();
     $topic = $this->forum->get_topic_data($vars['topic_id'], 'board_id');
     $messages = $this->forum->get_message($vars['topic_id'], 'subject', 'msg_id asc', '1');
     $data = array('icon' => 'icon1', 'subject' => Lang::item('topic.re') . $messages[0]['subject']);
     if ($this->validate->post->keyExists('submit')) {
         $data = array('topic_id' => $vars['topic_id'], 'icon' => $this->validate->post->getRaw('icon'), 'subject' => $this->validate->post->getEscaped('subject'), 'body' => $this->validate->post->getRaw('body'), 'board_id' => $topic['board_id'], 'poster_time' => time(), 'poster_id' => USER_ID, 'poster_name' => USER_NAME, 'poster_ip' => Config::item('hdr_ip'), 'smileys_enabled' => 1);
         if (Config::item('fr_msg_icons') == 0 && $data['icon'] == '') {
             $data['icon'] = 'icon1';
         }
         if ($data['subject'] == '') {
             $errors[] = Lang::item('error.empty_subject');
         }
         if ($data['icon'] == '') {
             $errors[] = Lang::item('error.no_msg_icon');
         }
         if ($data['body'] == '') {
             $errors[] = Lang::item('error.empty_body');
         }
         if (strlen($data['body']) > Config::item('fr_msg_max_size') && Config::item('fr_msg_max_size')) {
             $data['body'] = substr($data['body'], 0, Config::item('fr_msg_max_size'));
         }
         global $CONFIG;
         if ($CONFIG['comment_captcha'] == 1 || $CONFIG['comment_captcha'] == 2 && !USER_ID) {
             if (!captcha_plugin_enabled('comment')) {
                 global $lang_errors;
                 $superCage = Inspekt::makeSuperCage();
                 require "include/captcha.inc.php";
                 $matches = $superCage->post->getMatched('confirmCode', '/^[a-zA-Z0-9]+$/');
                 if (!$matches[0] || !PhpCaptcha::Validate($matches[0])) {
                     $errors[] = $lang_errors['captcha_error'];
                 }
             } else {
                 CPGPluginAPI::action('captcha_comment_validate', null);
             }
         }
         if (count($errors) == 0) {
             if ($authorizer->double_post()) {
                 cpg_die(ERROR, Lang::item('error.already_post'), __FILE__, __LINE__);
             } else {
                 $msg_id = $this->forum->insert_message($data);
                 // to-do: send notify email
                 $users = $this->forum->get_notify_user('', $vars['topic_id']);
                 foreach ($users as $user) {
                     if ($user['user_id'] == USER_ID) {
                         continue;
                     }
                     $user = $this->forum->get_user_data($user['user_id'], 'user_email');
                     // prepare email
                     $email_subject = Lang::item('topic.topic_reply') . $data['subject'];
                     $email_body = sprintf(Lang::item('topic.notify_email'), Config::item('fr_prefix_url') . 'profile.php?uid=' . USER_ID, USER_NAME, Config::item('fr_prefix_url') . forum::link('message', '', $msg_id), Config::item('fr_prefix_url') . forum::link('message', '', $msg_id), Config::item('fr_prefix_url') . forum::link('topic', 'notify', $vars['topic_id']), Config::item('fr_prefix_url') . forum::link('topic', 'notify', $vars['topic_id']), Config::item('fr_title'));
                     // send mail
                     cpg_mail($user['user_email'], $email_subject, $email_body, 'text/html', Config::item('fr_title'), Config::item('gallery_admin_email'));
                     // set send = 0
                     $this->forum->set_topic_notify($vars['topic_id'], 0, $user['user_id']);
                 }
                 if ($this->validate->post->getInt('notify') === 1) {
                     $this->forum->set_topic_notify($vars['topic_id'], $this->validate->post->getInt('notify'));
                 }
                 if ($this->validate->post->getInt('notify') === 0) {
                     $this->forum->unnotify_topic($vars['topic_id']);
                 }
                 forum::message(Lang::item('common.message'), sprintf(Lang::item('message.new_msg_success'), $data['subject']), 'forum.php?c=message&id=' . $msg_id);
             }
         }
     }
     $vars['errors'] = $errors;
     $vars['form'] = $data;
     $this->view->render('topic/reply', $vars);
 }
Exemple #16
0
                    // The submit email address doesn't exist in the db --- start
                    // Perform a look up in the user db of coppermine to see if the email address belongs to a registered user who hasn't subscribed so far
                    // Perform a category check
                    // Write the registration into the database
                    // Send the verification email
                    // Tell the subscriber to check his email
                } else {
                    // The submit email address doesn't exist in the db --- end // There already is a record for the submit email address --- start
                    if ($existing_subscription_array['user_id'] != 0) {
                        $registration_message = '<div class="cpg_message_error">' . sprintf($lang_plugin_newsletter['email_address_belongs_to_registered_subscriber'], '<a href="login.php?referer=index.php%3Ffile%3Dnewsletter%2Fsubscribe">', '</a>') . '</div>';
                    } else {
                        $registration_message = sprintf($lang_plugin_newsletter['subscription_exists_for_email_address'], $submit_email_address, '<a href="index.php?file=newsletter/subscribe&amp;action=mailsent">', '</a>');
                        $message_plain = $lang_plugin_newsletter['click_to_edit_subscription'];
                        $message_plain .= 'Edit later';
                        $message_html = newsletter_text2html($lang_plugin_newsletter['newsletter_subscription_authentification'], $CONFIG['plugin_newsletter_salutation_for_guests'], $message_plain);
                        cpg_mail($submit_email_address, $lang_plugin_newsletter['newsletter_subscription_authentification'], $message_html, 'text/plain', $CONFIG['plugin_newsletter_from_name'], $CONFIG['plugin_newsletter_from_email'], $message_plain);
                        if ($CONFIG['log_mode'] != CPG_NO_LOGGING) {
                            log_write("Newsletter plugin: {$submit_email_address} requested an authentification email from the subscribe page", CPG_MAIL_LOG);
                        }
                    }
                }
                // There already is a record for the submit email address --- end
                // The email Address is valid --- end
            } else {
                $subscriber_email_warning = '<div class="cpg_message_validation">' . $lang_plugin_newsletter['email_address_invalid'] . '</div>';
            }
        }
    }
    // guest --- end
}
pageheader($lang_plugin_newsletter['newsletter-subscription']);
Exemple #17
0
             print '<td class="tableb"><strong>';
             print $user_data['user_name'];
             print '</strong></td>';
             print '<td class="tableb">';
             if ($user_data['user_active'] == 'YES') {
                 // user is already active
                 print $lang_delete_php['user_already_active'];
             } else {
                 // activate this user
                 cpg_db_query("UPDATE {$CONFIG['TABLE_USERS']} SET user_active = 'YES', user_actkey = '' WHERE user_id = '{$key}'");
                 print $lang_delete_php['activated'];
                 if ($user_data['user_actkey']) {
                     // send activation confirmation email (only once)
                     require_once 'include/mailer.inc.php';
                     $template_vars = array('{SITE_LINK}' => $CONFIG['site_url'], '{USER_NAME}' => $user_data['user_name'], '{SITE_NAME}' => $CONFIG['gallery_name']);
                     cpg_mail($user_data['user_email'], sprintf($lang_register_php['notify_user_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_php['activated_email'], $template_vars)));
                 }
             }
             print '</strong></td>';
         }
         $result->free();
     }
     // foreach --- end
     echo '<tr><td colspan="2" class="tablef" align="center">' . $LINEBREAK;
     echo '<a href="usermgr.php" class="admin_menu">' . $icon_array['ok'] . $lang_common['continue'] . '</a>' . $LINEBREAK;
     echo '</td></tr>';
     endtable();
     pagefooter();
     break;
     // end case "activate"
 // end case "activate"
Exemple #18
0
            if (mysql_result(cpg_db_query("select count(user_id) from {$CONFIG['TABLE_USERS']} where UPPER(user_name) = UPPER('{$msg_author}')"), 0, 0)) {
                enl_die($lang_db_input_php['com_author_error']);
            }
            $insert = cpg_db_query("INSERT INTO {$CONFIG['TABLE_COMMENTS']} (pid, msg_author, msg_body, msg_date, author_md5_id, author_id, msg_raw_ip, msg_hdr_ip) VALUES ('{$pid}', '{$CONFIG['comments_anon_pfx']}{$msg_author}', '{$msg_body}', NOW(), '{$USER['ID']}', '0', '{$raw_ip}', '{$hdr_ip}')");
            $USER['name'] = $_POST['msg_author'];
            $redirect = "displayimage.php?pos=" . -$pid;
            if ($CONFIG['email_comment_notification']) {
                $mail_body = "<p>" . bb_decode(process_smilies($msg_body, $CONFIG['ecards_more_pic_target'])) . "</p>\n\r " . $lang_db_input_php['email_comment_body'] . " " . $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . $redirect;
                cpg_mail('admin', $lang_db_input_php['email_comment_subject'], make_clickable($mail_body));
            }
            enl_message($lang_db_input_php['com_added']);
            ob_end_flush();
            exit;
        } else {
            // Registered users, we can use Location to redirect
            $insert = cpg_db_query("INSERT INTO {$CONFIG['TABLE_COMMENTS']} (pid, msg_author, msg_body, msg_date, author_md5_id, author_id, msg_raw_ip, msg_hdr_ip) VALUES ('{$pid}', '" . addslashes(USER_NAME) . "', '{$msg_body}', NOW(), '', '" . USER_ID . "', '{$raw_ip}', '{$hdr_ip}')");
            $redirect = "displayimage.php?pos=" . -$pid;
            if ($CONFIG['email_comment_notification'] && !USER_IS_ADMIN) {
                $mail_body = "<p>" . bb_decode(process_smilies($msg_body, $CONFIG['ecards_more_pic_target'])) . "</p>\n\r " . $lang_db_input_php['email_comment_body'] . " " . $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . $redirect;
                cpg_mail('admin', $lang_db_input_php['email_comment_subject'], make_clickable($mail_body));
            }
            enl_message($lang_db_input_php['com_added']);
            ob_end_flush();
            exit;
        }
        break;
        // Unknow event
    // Unknow event
    default:
        enl_die($lang_errors['param_missing']);
}
Exemple #19
0
function check_user_info(&$error)
{
    // function check_user_info - start
    global $CONFIG;
    //, $PHP_SELF;
    global $lang_register_php, $lang_register_confirm_email, $lang_common, $lang_register_approve_email;
    global $lang_register_activated_email, $lang_register_user_login, $lang_errors;
    $superCage = Inspekt::makeSuperCage();
    //$CONFIG['admin_activation'] = FALSE;
    //$CONFIG['admin_activation'] = TRUE;
    $user_name = trim(get_post_var('username'));
    $password = trim(get_post_var('password'));
    $password_again = trim(get_post_var('password_verification'));
    $email = trim(get_post_var('email'));
    $profile1 = $superCage->post->getEscaped('user_profile1');
    $profile2 = $superCage->post->getEscaped('user_profile2');
    $profile3 = $superCage->post->getEscaped('user_profile3');
    $profile4 = $superCage->post->getEscaped('user_profile4');
    $profile5 = $superCage->post->getEscaped('user_profile5');
    $profile6 = $superCage->post->getEscaped('user_profile6');
    $agree_disclaimer = $superCage->post->getEscaped('agree');
    $captcha_confirmation = $superCage->post->getEscaped('confirmCode');
    $sql = "SELECT user_id " . "FROM {$CONFIG['TABLE_USERS']} " . "WHERE user_name = '" . $user_name . "'";
    $result = cpg_db_query($sql);
    if (mysql_num_rows($result)) {
        $error = '<li>' . $lang_register_php['err_user_exists'] . '</li>';
        return false;
    }
    mysql_free_result($result);
    if (utf_strlen($user_name) < 2) {
        $error .= '<li>' . $lang_register_php['err_uname_short'] . '</li>';
    }
    if (!empty($CONFIG['global_registration_pw'])) {
        $global_registration_pw = get_post_var('global_registration_pw');
        if ($global_registration_pw != $CONFIG['global_registration_pw']) {
            $error .= '<li>' . $lang_register_php['err_global_pw'] . '</li>';
        } elseif ($password == $CONFIG['global_registration_pw']) {
            $error .= '<li>' . $lang_register_php['err_global_pass_same'] . '</li>';
        }
    }
    if (utf_strlen($password) < 2) {
        $error .= '<li>' . $lang_register_php['err_password_short'] . '</li>';
    }
    if ($password == $user_name) {
        $error .= '<li>' . $lang_register_php['err_uname_pass_diff'] . '</li>';
    }
    if ($password != $password_again) {
        $error .= '<li>' . $lang_register_php['err_password_mismatch'] . '</li>';
    }
    if (!eregi("^[_\\.0-9a-z\\-]+@([0-9a-z][0-9a-z-]+\\.)+[a-z]{2,6}\$", $email)) {
        $error .= '<li>' . $lang_register_php['err_invalid_email'] . '</li>';
    }
    if ($CONFIG['user_registration_disclaimer'] == 2 && $agree_disclaimer != 1) {
        $error .= '<li>' . $lang_register_php['err_disclaimer'] . '</li>';
    }
    // check captcha
    if ($CONFIG['registration_captcha'] != 0) {
        require "include/captcha.inc.php";
        if (!PhpCaptcha::Validate($captcha_confirmation)) {
            $error .= '<li>' . $lang_errors['captcha_error'] . '</li>';
        }
    }
    if ($error != '') {
        return false;
    }
    if (!$CONFIG['allow_duplicate_emails_addr']) {
        $sql = "SELECT user_id " . "FROM {$CONFIG['TABLE_USERS']} " . "WHERE user_email = '" . addslashes($email) . "'";
        $result = cpg_db_query($sql);
        if (mysql_num_rows($result)) {
            $error = '<li>' . $lang_register_php['err_duplicate_email'] . '</li>';
            return false;
        }
        mysql_free_result($result);
    }
    if ($CONFIG['reg_requires_valid_email'] || $CONFIG['admin_activation']) {
        $active = 'NO';
        list($usec, $sec) = explode(' ', microtime());
        $seed = (double) $sec + (double) $usec * 100000;
        srand($seed);
        $act_key = md5(uniqid(rand(), 1));
    } else {
        $active = 'YES';
        $act_key = '';
    }
    if ($CONFIG['enable_encrypted_passwords']) {
        $encpassword = md5($password);
    } else {
        $encpassword = $password;
    }
    $sql = "INSERT INTO {$CONFIG['TABLE_USERS']} " . "(user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6) " . "VALUES (NOW(), '{$active}', '{$act_key}', '{$user_name}', '{$encpassword}', '{$email}', '{$profile1}', '{$profile2}', '{$profile3}', '{$profile4}', '{$profile5}', '{$profile6}')";
    if ($CONFIG['log_mode']) {
        log_write('New user "$user_name" created on ' . date("F j, Y, g:i a"), CPG_ACCESS_LOG);
    }
    $result = cpg_db_query($sql);
    // Create a personal album if corresponding option is enabled
    if ($CONFIG['personal_album_on_registration'] == 1) {
        print 'sub<br />';
        $catid = mysql_insert_id() + FIRST_USER_CAT;
        print $catid;
        cpg_db_query("INSERT INTO {$CONFIG['TABLE_ALBUMS']} (`title`, `category`) VALUES ('{$user_name}', {$catid})");
        print "INSERT INTO {$CONFIG['TABLE_ALBUMS']} (`title`, `category`) VALUES ('{$user_name}', {$catid})";
    }
    if ($CONFIG['reg_requires_valid_email']) {
        if (!$CONFIG['admin_activation'] == 1) {
            //user gets activation email
            $act_link = rtrim($CONFIG['site_url'], '/') . '/register.php?activate=' . $act_key;
            $template_vars = array('{SITE_NAME}' => $CONFIG['gallery_name'], '{USER_NAME}' => $user_name, '{ACT_LINK}' => $act_link);
            if (!cpg_mail($email, sprintf($lang_register_php['confirm_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_confirm_email, $template_vars)))) {
                cpg_die(CRITICAL_ERROR, $lang_register_php['failed_sending_email'], __FILE__, __LINE__);
            }
        }
        if ($CONFIG['admin_activation'] == 1) {
            msg_box($lang_register_php['information'], $lang_register_php['thank_you_admin_activation'], $lang_common['continue'], 'index.php');
        } else {
            msg_box($lang_register_php['information'], $lang_register_php['thank_you'], $lang_common['continue'], 'index.php');
        }
    } else {
        msg_box($lang_register_php['information'], $lang_register_php['acct_active'], $lang_common['continue'], 'index.php');
    }
    // email notification to admin
    if ($CONFIG['reg_notify_admin_email']) {
        // get default language in which to inform the admin
        $lang_register_php_def = cpg_get_default_lang_var('lang_register_php');
        $lang_register_approve_email_def = cpg_get_default_lang_var('lang_register_approve_email');
        if ($CONFIG['admin_activation'] == 1) {
            $act_link = rtrim($CONFIG['site_url'], '/') . '/register.php?activate=' . $act_key;
            $template_vars = array('{SITE_NAME}' => $CONFIG['gallery_name'], '{USER_NAME}' => $user_name, '{ACT_LINK}' => $act_link);
            cpg_mail('admin', sprintf($lang_register_php_def['notify_admin_request_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_approve_email_def, $template_vars)));
        } else {
            cpg_mail('admin', sprintf($lang_register_php_def['notify_admin_email_subject'], $CONFIG['gallery_name']), sprintf($lang_register_php_def['notify_admin_email_body'], $user_name));
        }
    }
    return true;
}
Exemple #20
0
 function cpg_send_upload_notification()
 {
     global $CONFIG;
     $lang_db_input_php = cpg_get_default_lang_var('lang_db_input_php');
     // Get the mail files.
     include_once 'include/mailer.inc.php';
     // Send the message.
     cpg_mail('admin', sprintf($lang_db_input_php['notify_admin_email_subject'], $CONFIG['gallery_name']), sprintf($lang_db_input_php['notify_admin_email_body'], USER_NAME, $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . 'editpics.php?mode=upload_approval'));
 }
Exemple #21
0
function check_user_info(&$error)
{
    global $CONFIG;
    //, $PHP_SELF;
    global $lang_register_php, $lang_register_confirm_email, $lang_continue, $lang_register_approve_email, $lang_register_activated_email, $lang_register_user_login;
    //$CONFIG['admin_activation'] = FALSE;
    //$CONFIG['admin_activation'] = TRUE;
    $user_name = trim(get_post_var('username'));
    $password = trim(get_post_var('password'));
    $password_again = trim(get_post_var('password_verification'));
    $email = trim(get_post_var('email'));
    $profile1 = addslashes($_POST['user_profile1']);
    $profile2 = addslashes($_POST['user_profile2']);
    $profile3 = addslashes($_POST['user_profile3']);
    $profile4 = addslashes($_POST['user_profile4']);
    $profile5 = addslashes($_POST['user_profile5']);
    $profile6 = addslashes($_POST['user_profile6']);
    $sql = "SELECT user_id " . "FROM {$CONFIG['TABLE_USERS']} " . "WHERE user_name = '" . addslashes($user_name) . "'";
    $result = cpg_db_query($sql);
    if (mysql_num_rows($result)) {
        $error = '<li>' . $lang_register_php['err_user_exists'];
        return false;
    }
    mysql_free_result($result);
    if (utf_strlen($user_name) < 2) {
        $error .= '<li>' . $lang_register_php['err_uname_short'];
    }
    if (utf_strlen($password) < 2) {
        $error .= '<li>' . $lang_register_php['err_password_short'];
    }
    if ($password == $user_name) {
        $error .= '<li>' . $lang_register_php['err_uname_pass_diff'];
    }
    if ($password != $password_again) {
        $error .= '<li>' . $lang_register_php['err_password_mismatch'];
    }
    if (!eregi("^[_\\.0-9a-z\\-]+@([0-9a-z][0-9a-z-]+\\.)+[a-z]{2,6}\$", $email)) {
        $error .= '<li>' . $lang_register_php['err_invalid_email'];
    }
    if ($error != '') {
        return false;
    }
    if (!$CONFIG['allow_duplicate_emails_addr']) {
        $sql = "SELECT user_id " . "FROM {$CONFIG['TABLE_USERS']} " . "WHERE user_email = '" . addslashes($email) . "'";
        $result = cpg_db_query($sql);
        if (mysql_num_rows($result)) {
            $error = '<li>' . $lang_register_php['err_duplicate_email'];
            return false;
        }
        mysql_free_result($result);
    }
    if ($CONFIG['reg_requires_valid_email'] || $CONFIG['admin_activation']) {
        $active = 'NO';
        list($usec, $sec) = explode(' ', microtime());
        $seed = (double) $sec + (double) $usec * 100000;
        srand($seed);
        $act_key = md5(uniqid(rand(), 1));
    } else {
        $active = 'YES';
        $act_key = '';
    }
    if ($CONFIG['enable_encrypted_passwords']) {
        $encpassword = md5($password);
    } else {
        $encpassword = $password;
    }
    $sql = "INSERT INTO {$CONFIG['TABLE_USERS']} " . "(user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6) " . "VALUES (NOW(), '{$active}', '{$act_key}', '" . addslashes($user_name) . "', '" . addslashes($encpassword) . "', '" . addslashes($email) . "', '{$profile1}', '{$profile2}', '{$profile3}', '{$profile4}', '{$profile5}', '{$profile6}')";
    if ($CONFIG['log_mode']) {
        log_write('New user "' . addslashes($user_name) . '" created on ' . date("F j, Y, g:i a"), CPG_ACCESS_LOG);
    }
    $result = cpg_db_query($sql);
    if ($CONFIG['reg_requires_valid_email']) {
        if (!$CONFIG['admin_activation'] == 1) {
            //user gets activation email
            $act_link = rtrim($CONFIG['site_url'], '/') . '/register.php?activate=' . $act_key;
            $template_vars = array('{SITE_NAME}' => $CONFIG['gallery_name'], '{USER_NAME}' => $user_name, '{ACT_LINK}' => $act_link);
            if (!cpg_mail($email, sprintf($lang_register_php['confirm_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_confirm_email, $template_vars)))) {
                cpg_die(CRITICAL_ERROR, $lang_register_php['failed_sending_email'], __FILE__, __LINE__);
            }
        }
        if ($CONFIG['admin_activation'] == 1) {
            msg_box($lang_register_php['information'], $lang_register_php['thank_you_admin_activation'], $lang_continue, 'index.php');
        } else {
            msg_box($lang_register_php['information'], $lang_register_php['thank_you'], $lang_continue, 'index.php');
        }
    } else {
        msg_box($lang_register_php['information'], $lang_register_php['acct_active'], $lang_continue, 'index.php');
    }
    // email notification to admin
    if ($CONFIG['reg_notify_admin_email']) {
        // get default language in which to inform the admin
        $lang_register_php_def = cpg_get_default_lang_var('lang_register_php');
        $lang_register_approve_email_def = cpg_get_default_lang_var('lang_register_approve_email');
        if ($CONFIG['admin_activation'] == 1) {
            $act_link = rtrim($CONFIG['site_url'], '/') . '/register.php?activate=' . $act_key;
            $template_vars = array('{SITE_NAME}' => $CONFIG['gallery_name'], '{USER_NAME}' => $user_name, '{ACT_LINK}' => $act_link);
            cpg_mail('admin', sprintf($lang_register_php_def['notify_admin_request_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_approve_email_def, $template_vars)));
        } else {
            cpg_mail('admin', sprintf($lang_register_php_def['notify_admin_email_subject'], $CONFIG['gallery_name']), sprintf($lang_register_php_def['notify_admin_email_body'], $user_name));
        }
    }
    return true;
}
function check_user_info(&$error)
{
    global $CONFIG;
    global $lang_register_php, $lang_common, $lang_register_approve_email;
    global $lang_register_user_login, $lang_errors;
    $superCage = Inspekt::makeSuperCage();
    $user_name = trim(get_post_var('username'));
    $password = trim(get_post_var('password'));
    $password_again = trim(get_post_var('password_verification'));
    $email = trim(get_post_var('email'));
    $profile1 = $superCage->post->getEscaped('user_profile1');
    $profile2 = $superCage->post->getEscaped('user_profile2');
    $profile3 = $superCage->post->getEscaped('user_profile3');
    $profile4 = $superCage->post->getEscaped('user_profile4');
    $profile5 = $superCage->post->getEscaped('user_profile5');
    $profile6 = $superCage->post->getEscaped('user_profile6');
    $agree_disclaimer = $superCage->post->getEscaped('agree');
    $captcha_confirmation = $superCage->post->getEscaped('confirmCode');
    $sql = "SELECT null FROM {$CONFIG['TABLE_USERS']} WHERE user_name = '{$user_name}'";
    $result = cpg_db_query($sql);
    if (mysql_num_rows($result)) {
        $error = '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_user_exists'] . '</li>';
        return false;
    }
    mysql_free_result($result);
    if (utf_strlen($user_name) < 2) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['username_warning2'] . '</li>';
    }
    if (!empty($CONFIG['global_registration_pw'])) {
        $global_registration_pw = get_post_var('global_registration_pw');
        if ($global_registration_pw != $CONFIG['global_registration_pw']) {
            $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_global_pw'] . '</li>';
        } elseif ($password == $CONFIG['global_registration_pw']) {
            $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_global_pass_same'] . '</li>';
        }
    }
    if (utf_strlen($password) < 2) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['password_warning1'] . '</li>';
    }
    if ($password == $user_name) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['password_warning2'] . '</li>';
    }
    if ($password != $password_again) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['password_verification_warning1'] . '</li>';
    }
    if (!Inspekt::isEmail($email)) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['email_warning2'] . '</li>';
    }
    if ($CONFIG['user_registration_disclaimer'] == 2 && $agree_disclaimer != 1) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_disclaimer'] . '</li>';
    }
    // Perform the ban check against email address and username
    $result = cpg_db_query("SELECT null FROM {$CONFIG['TABLE_BANNED']} WHERE user_name = '{$user_name}' AND brute_force = 0 LIMIT 1");
    if (mysql_num_rows($result)) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['user_name_banned'] . '</li>';
    }
    mysql_free_result($result);
    $result = cpg_db_query("SELECT null FROM {$CONFIG['TABLE_BANNED']} WHERE email = '{$email}' AND brute_force = 0 LIMIT 1");
    if (mysql_num_rows($result)) {
        $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['email_address_banned'] . '</li>';
    }
    mysql_free_result($result);
    // check captcha
    if ($CONFIG['registration_captcha'] != 0) {
        if (!captcha_plugin_enabled('register')) {
            require "include/captcha.inc.php";
            if (!PhpCaptcha::Validate($captcha_confirmation)) {
                $error .= '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_errors['captcha_error'] . '</li>';
            }
        } else {
            $error = CPGPluginAPI::filter('captcha_register_validate', $error);
        }
    }
    if (!$CONFIG['allow_duplicate_emails_addr']) {
        $sql = "SELECT null FROM {$CONFIG['TABLE_USERS']} WHERE user_email = '{$email}'";
        $result = cpg_db_query($sql);
        if (mysql_num_rows($result)) {
            $error = '<li style="list-style-image:url(images/icons/stop.png)">' . $lang_register_php['err_duplicate_email'] . '</li>';
        }
        mysql_free_result($result);
    }
    $error = CPGPluginAPI::filter('register_form_validate', $error);
    if ($error != '') {
        return false;
    }
    if ($CONFIG['reg_requires_valid_email'] || $CONFIG['admin_activation']) {
        $active = 'NO';
        list($usec, $sec) = explode(' ', microtime());
        $seed = (double) $sec + (double) $usec * 100000;
        srand($seed);
        $act_key = md5(uniqid(rand(), 1));
    } else {
        $active = 'YES';
        $act_key = '';
    }
    $encpassword = md5($password);
    $user_language = $CONFIG['lang'];
    $sql = "INSERT INTO {$CONFIG['TABLE_USERS']} (user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6, user_language) VALUES (NOW(), '{$active}', '{$act_key}', '{$user_name}', '{$encpassword}', '{$email}', '{$profile1}', '{$profile2}', '{$profile3}', '{$profile4}', '{$profile5}', '{$profile6}', '{$user_language}')";
    $result = cpg_db_query($sql);
    $user_array = array();
    $user_array['user_id'] = mysql_insert_id();
    $user_array['user_name'] = $user_name;
    $user_array['user_email'] = $email;
    $user_array['user_active'] = $active;
    CPGPluginAPI::action('register_form_submit', $user_array);
    if ($CONFIG['log_mode']) {
        log_write('New user "' . $user_name . '" registered', CPG_ACCESS_LOG);
    }
    // Create a personal album if corresponding option is enabled
    if ($CONFIG['personal_album_on_registration'] == 1) {
        $user_id = mysql_insert_id();
        $catid = $user_id + FIRST_USER_CAT;
        cpg_db_query("INSERT INTO {$CONFIG['TABLE_ALBUMS']} (`title`, `category`, `owner`) VALUES ('{$user_name}', {$catid}, {$user_id})");
    }
    // Registrations must be activated/verified by the user clicking a link in an email
    if ($CONFIG['reg_requires_valid_email']) {
        // Mail the user the activation/verification link
        $act_link = rtrim($CONFIG['site_url'], '/') . '/register.php?activate=' . $act_key;
        $template_vars = array('{SITE_NAME}' => $CONFIG['gallery_name'], '{USER_NAME}' => $user_name, '{ACT_LINK}' => $act_link);
        if (!cpg_mail($email, sprintf($lang_register_php['confirm_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_php['confirm_email'], $template_vars)))) {
            cpg_die(CRITICAL_ERROR, $lang_register_php['failed_sending_email'], __FILE__, __LINE__);
        }
        msg_box($lang_register_php['information'], $lang_register_php['thank_you'], $lang_common['continue'], 'index.php');
    } else {
        if ($CONFIG['admin_activation']) {
            // We need admin activation only
            msg_box($lang_register_php['information'], $lang_register_php['thank_you_admin_activation'], $lang_common['continue'], 'index.php');
        } else {
            // No activation required, account is ready for login
            msg_box($lang_register_php['information'], $lang_register_php['acct_active'], $lang_common['continue'], 'index.php');
        }
    }
    // email notification or actication link to admin
    if ($CONFIG['reg_notify_admin_email'] || $CONFIG['admin_activation'] && !$CONFIG['reg_requires_valid_email']) {
        if (UDB_INTEGRATION == 'coppermine') {
            // get default language in which to inform the admins
            $result = cpg_db_query("SELECT user_id, user_email, user_language FROM {$CONFIG['TABLE_USERS']} WHERE user_group = 1");
            while ($row = mysql_fetch_assoc($result)) {
                if (!empty($row['user_email'])) {
                    $admins[$row['user_id']] = array('email' => $row['user_email'], 'lang' => $row['user_language']);
                }
            }
        } else {
            //@todo: is it possible to get the language from bridged installs?
            $admins[] = array('email' => $CONFIG['gallery_admin_email'], 'lang' => 'english');
        }
        foreach ($admins as $admin) {
            //check if the admin language is available
            if (file_exists("lang/{$admin['lang']}.php")) {
                $lang_register_php_def = cpg_get_default_lang_var('lang_register_php', $admin['lang']);
                $lang_register_approve_email_def = cpg_get_default_lang_var('lang_register_approve_email', $admin['lang']);
            } else {
                $lang_register_php_def = cpg_get_default_lang_var('lang_register_php');
                $lang_register_approve_email_def = cpg_get_default_lang_var('lang_register_approve_email');
            }
            // if the admin has to activate the login, give them the link to do so; but only if users don't have to verify their email address
            if ($CONFIG['admin_activation'] && !$CONFIG['reg_requires_valid_email']) {
                $act_link = rtrim($CONFIG['site_url'], '/') . '/register.php?activate=' . $act_key;
                $template_vars = array('{SITE_NAME}' => $CONFIG['gallery_name'], '{USER_NAME}' => $user_name, '{ACT_LINK}' => $act_link);
                cpg_mail($admin['email'], sprintf($lang_register_php_def['notify_admin_request_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_approve_email_def, $template_vars)));
            } elseif ($CONFIG['reg_notify_admin_email']) {
                // otherwise, email is for information only
                cpg_mail($admin['email'], sprintf($lang_register_php_def['notify_admin_email_subject'], $CONFIG['gallery_name']), sprintf($lang_register_php_def['notify_admin_email_body'], $user_name));
            }
        }
    }
    return true;
}
        $result = cpg_db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$album}' and (uploads = 'YES' OR category = '" . (USER_ID + FIRST_USER_CAT) . "' OR owner = '" . USER_ID . "')");
        if (mysql_num_rows($result)) {
            $row = mysql_fetch_array($result);
            mysql_free_result($result);
            $category = $row['category'];
        }
    } else {
        $result = cpg_db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$album}'");
        if (mysql_num_rows($result)) {
            $row = mysql_fetch_array($result);
            mysql_free_result($result);
            $category = $row['category'];
        }
    }
    if (false !== $category) {
        // Test if picture requires approval
        if (GALLERY_ADMIN_MODE) {
            $approved = 'YES';
        } elseif (!$USER_DATA['priv_upl_need_approval'] && $category == FIRST_USER_CAT + USER_ID) {
            $approved = 'YES';
        } elseif (!$USER_DATA['pub_upl_need_approval'] && $category < FIRST_USER_CAT) {
            $approved = 'YES';
        } else {
            $approved = 'NO';
        }
        $PIC_NEED_APPROVAL = $approved == 'NO';
        if ($PIC_NEED_APPROVAL) {
            cpg_mail('admin', sprintf($lang_db_input_php['notify_admin_email_subject'], $CONFIG['gallery_name']), make_clickable(sprintf($lang_db_input_php['notify_admin_email_body'], USER_NAME, $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . 'editpics.php?mode=upload_approval')));
        }
    }
}
Exemple #24
0
function update_user($user_id)
{
    global $CONFIG;
    //, $PHP_SELF;
    global $lang_usermgr_php, $lang_register_php, $lang_send_login_data_email;
    $user_name = addslashes(trim($_POST['user_name']));
    $user_password = addslashes(trim($_POST['user_password']));
    $user_email = addslashes(trim($_POST['user_email']));
    $profile1 = addslashes($_POST['user_profile1']);
    $profile2 = addslashes($_POST['user_profile2']);
    $profile3 = addslashes($_POST['user_profile3']);
    $profile4 = addslashes($_POST['user_profile4']);
    $profile5 = addslashes($_POST['user_profile5']);
    $profile6 = addslashes($_POST['user_profile6']);
    $user_active = $_POST['user_active'];
    $user_group = $_POST['user_group'];
    $group_list = isset($_POST['group_list']) ? $_POST['group_list'] : '';
    $sql = "SELECT user_id " . "FROM {$CONFIG['TABLE_USERS']} " . "WHERE user_name = '" . addslashes($user_name) . "' AND user_id != {$user_id}";
    $result = cpg_db_query($sql);
    if (mysql_num_rows($result)) {
        cpg_die(ERROR, $lang_register_php['err_user_exists'], __FILE__, __LINE__);
        return false;
    }
    mysql_free_result($result);
    if (utf_strlen($user_name) < 2) {
        cpg_die(ERROR, $lang_register_php['err_uname_short'], __FILE__, __LINE__);
    }
    if ($user_password && utf_strlen($user_password) < 2) {
        cpg_die(ERROR, $lang_register_php['err_password_short'], __FILE__, __LINE__);
    }
    if (is_array($group_list)) {
        $user_group_list = '';
        foreach ($group_list as $group) {
            $user_group_list .= $group != $user_group ? $group . ',' : '';
        }
        $user_group_list = substr($user_group_list, 0, -1);
    } else {
        $user_group_list = '';
    }
    $sql_update = "UPDATE {$CONFIG['TABLE_USERS']} SET " . "user_name = '{$user_name}', " . "user_email = '{$user_email}', " . "user_active = '{$user_active}', " . "user_group = '{$user_group}', " . "user_profile1 = '{$profile1}', " . "user_profile2 = '{$profile2}', " . "user_profile3 = '{$profile3}', " . "user_profile4 = '{$profile4}', " . "user_profile5 = '{$profile5}', " . "user_profile6 = '{$profile6}', " . "user_group_list = '{$user_group_list}'";
    if (!empty($user_password)) {
        $sql_update .= ", user_password = '******'enable_encrypted_passwords'] ? md5($user_password) : $user_password) . "'";
    }
    $sql_update .= " WHERE user_id = '{$user_id}'";
    cpg_db_query($sql_update);
    // If send login data checkbox is checked then send the username and password to the user in an email
    if (isset($_POST['send_login_data']) && trim($_POST['user_email'])) {
        require 'include/mailer.inc.php';
        $template_vars = array('{SITE_NAME}' => $CONFIG['gallery_name'], '{SITE_LINK}' => $CONFIG['site_url'], '{USER_NAME}' => trim($_POST['user_name']), '{USER_PASS}' => trim($_POST['user_password']));
        if (!cpg_mail(trim($_POST['user_email']), $lang_usermgr_php['send_login_email_subject'], nl2br(strtr($lang_send_login_data_email, $template_vars)))) {
            cpg_die(CRITICAL_ERROR, $lang_usermgr_php['failed_sending_email'], __FILE__, __LINE__);
        }
    }
}
function update_user($user_id)
{
    global $CONFIG;
    global $lang_usermgr_php, $lang_register_php, $icon_array;
    $superCage = Inspekt::makeSuperCage();
    $user_name = $superCage->post->getEscaped('user_name');
    $user_password = $superCage->post->getEscaped('user_password');
    $user_email = $superCage->post->getEscaped('user_email');
    $profile1 = $superCage->post->getEscaped('user_profile1');
    $profile2 = $superCage->post->getEscaped('user_profile2');
    $profile3 = $superCage->post->getEscaped('user_profile3');
    $profile4 = $superCage->post->getEscaped('user_profile4');
    $profile5 = $superCage->post->getEscaped('user_profile5');
    $profile6 = $superCage->post->getEscaped('user_profile6');
    $user_active = $superCage->post->getAlpha('user_active');
    $user_group = $superCage->post->getInt('user_group');
    $group_list = $superCage->post->keyExists('group_list') ? $superCage->post->getInt('group_list') : '';
    if ($user_id == 'new_user') {
        cpg_db_query("INSERT INTO {$CONFIG['TABLE_USERS']} (user_regdate, user_profile6) VALUES (NOW(), '')");
        $user_id = mysql_insert_id();
        log_write('New user "' . $user_name . '" created', CPG_ACCESS_LOG);
        // Create a personal album if corresponding option is enabled
        if ($CONFIG['personal_album_on_registration'] == 1) {
            $catid = $user_id + FIRST_USER_CAT;
            cpg_db_query("INSERT INTO {$CONFIG['TABLE_ALBUMS']} (`title`, `category`) VALUES ('{$user_name}', {$catid})");
        }
    }
    $sql = "SELECT user_id FROM {$CONFIG['TABLE_USERS']} WHERE user_name = '{$user_name}' AND user_id != {$user_id}";
    $result = cpg_db_query($sql);
    if (mysql_num_rows($result)) {
        cpg_die(ERROR, $lang_register_php['err_user_exists'], __FILE__, __LINE__);
        return false;
    }
    mysql_free_result($result);
    if (utf_strlen($user_name) < 2) {
        cpg_die(ERROR, $lang_register_php['username_warning2'], __FILE__, __LINE__);
    }
    if ($user_password && utf_strlen($user_password) < 2) {
        cpg_die(ERROR, $lang_register_php['password_warning1'], __FILE__, __LINE__);
    }
    // Save old user data (we need it later to determine if we need to send the activation confirmation email)
    $user_data = mysql_fetch_assoc(cpg_db_query("SELECT user_name, user_active, user_email, user_actkey FROM {$CONFIG['TABLE_USERS']} WHERE user_id = '{$user_id}'"));
    if (is_array($group_list)) {
        $user_group_list = '';
        foreach ($group_list as $group) {
            $user_group_list .= $group != $user_group ? $group . ',' : '';
        }
        $user_group_list = substr($user_group_list, 0, -1);
    } else {
        $user_group_list = '';
    }
    $sql_update = "UPDATE {$CONFIG['TABLE_USERS']} SET " . "user_name = '{$user_name}', " . "user_email = '{$user_email}', " . "user_active = '{$user_active}', " . "user_group = '{$user_group}', " . "user_profile1 = '{$profile1}', " . "user_profile2 = '{$profile2}', " . "user_profile3 = '{$profile3}', " . "user_profile4 = '{$profile4}', " . "user_profile5 = '{$profile5}', " . "user_profile6 = '{$profile6}', " . "user_group_list = '{$user_group_list}'";
    if (!empty($user_password)) {
        require 'include/passwordhash.inc.php';
        $sql_update .= ', ' . cpg_password_create_update_string($user_password);
    }
    if ($user_active == 'YES') {
        $sql_update .= ", user_actkey = ''";
    }
    $sql_update .= " WHERE user_id = '{$user_id}'";
    cpg_db_query($sql_update);
    // Update comments' author name
    cpg_db_query("UPDATE {$CONFIG['TABLE_COMMENTS']} SET msg_author = '{$user_name}' WHERE author_id = {$user_id}");
    // If send login data checkbox is checked then send the username and password to the user in an email
    if ($superCage->post->keyExists('send_login_data') && trim($user_email)) {
        require 'include/mailer.inc.php';
        $template_vars = array('{SITE_NAME}' => $CONFIG['gallery_name'], '{SITE_LINK}' => $CONFIG['site_url'], '{USER_NAME}' => trim($user_name), '{USER_PASS}' => trim($user_password));
        if (!cpg_mail(trim($user_email), $lang_usermgr_php['send_login_email_subject'], nl2br(strtr($lang_usermgr_php['send_login_data_email'], $template_vars)))) {
            cpg_die(CRITICAL_ERROR, $lang_usermgr_php['failed_sending_email'], __FILE__, __LINE__);
        }
    } elseif ($user_data['user_actkey'] && $user_data['user_active'] == 'NO' && $user_active == 'YES') {
        // send activation confirmation email (only once)
        require 'include/mailer.inc.php';
        $template_vars = array('{SITE_LINK}' => $CONFIG['site_url'], '{USER_NAME}' => $user_data['user_name'], '{SITE_NAME}' => $CONFIG['gallery_name']);
        cpg_mail($user_data['user_email'], sprintf($lang_register_php['notify_user_email_subject'], $CONFIG['gallery_name']), nl2br(strtr($lang_register_php['activated_email'], $template_vars)));
    }
}
function check_user_info(&$error)
{
    global $CONFIG, $HTTP_SERVER_VARS, $PHP_SELF;
    global $lang_register_php, $lang_register_confirm_email, $lang_continue;
    $user_name = trim(get_post_var('username'));
    $password = trim(get_post_var('password'));
    $password_again = trim(get_post_var('password_verification'));
    $email = trim(get_post_var('email'));
    $location = addslashes(get_post_var('location'));
    $interests = addslashes(get_post_var('interests'));
    $website = addslashes(get_post_var('website'));
    $occupation = addslashes(get_post_var('occupation'));
    $sql = "SELECT user_id " . "FROM {$CONFIG['TABLE_USERS']} " . "WHERE user_name = '" . addslashes($user_name) . "'";
    $result = db_query($sql);
    if (mysql_num_rows($result)) {
        $error = '<li>' . $lang_register_php['err_user_exists'];
        return false;
    }
    mysql_free_result($result);
    if (strlen($user_name) < 2) {
        $error .= '<li>' . $lang_register_php['err_uname_short'];
    }
    if (strlen($password) < 2) {
        $error .= '<li>' . $lang_register_php['err_password_short'];
    }
    if ($password == $user_name) {
        $error .= '<li>' . $lang_register_php['err_uname_pass_diff'];
    }
    if ($password != $password_again) {
        $error .= '<li>' . $lang_register_php['err_password_mismatch'];
    }
    if (!eregi("^[_\\.0-9a-z\\-]+@([0-9a-z][0-9a-z-]+\\.)+[a-z]{2,6}\$", $email)) {
        $error .= '<li>' . $lang_register_php['err_invalid_email'];
    }
    if ($error != '') {
        return false;
    }
    if (!$CONFIG['allow_duplicate_emails_addr']) {
        $sql = "SELECT user_id " . "FROM {$CONFIG['TABLE_USERS']} " . "WHERE user_email = '" . addslashes($email) . "'";
        $result = db_query($sql);
        if (mysql_num_rows($result)) {
            $error = '<li>' . $lang_register_php['err_duplicate_email'];
            return false;
        }
        mysql_free_result($result);
    }
    if ($CONFIG['reg_requires_valid_email']) {
        $active = 'NO';
        list($usec, $sec) = explode(' ', microtime());
        $seed = (double) $sec + (double) $usec * 100000;
        srand($seed);
        $act_key = md5(uniqid(rand(), 1));
    } else {
        $active = 'YES';
        $act_key = '';
    }
    $sql = "INSERT INTO {$CONFIG['TABLE_USERS']} " . "(user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_location, user_interests, user_website, user_occupation) " . "VALUES (NOW(), '{$active}', '{$act_key}', '" . addslashes($user_name) . "', '" . addslashes($password) . "', '" . addslashes($email) . "', '{$location}', '{$interests}', '{$website}', '{$occupation}' )";
    $result = db_query($sql);
    if ($CONFIG['reg_requires_valid_email']) {
        $act_link = $CONFIG['ecards_more_pic_target'] . 'register.php?activate=' . $act_key;
        $template_vars = array('{SITE_NAME}' => $CONFIG['gallery_name'], '{USER_NAME}' => $user_name, '{PASSWORD}' => $password, '{ACT_LINK}' => $act_link);
        if (!cpg_mail($email, sprintf($lang_register_php['confirm_email_subject'], $CONFIG['gallery_name']), strtr($lang_register_confirm_email, $template_vars))) {
            cpg_die(CRITICAL_ERROR, $lang_register_php['failed_sending_email'], __FILE__, __LINE__);
        }
        msg_box($lang_register_php['information'], $lang_register_php['thank_you'], $lang_continue, 'index.php');
    } else {
        msg_box($lang_register_php['information'], $lang_register_php['acct_active'], $lang_continue, 'index.php');
    }
    // email notification to admin
    if ($CONFIG['reg_notify_admin_email']) {
        cpg_mail($CONFIG['gallery_admin_email'], sprintf($lang_register_php['notify_admin_email_subject'], $CONFIG['gallery_name']), sprintf($lang_register_php['notify_admin_email_body'], $user_name));
    }
    return true;
}