function get_user_nav_menu_items()
{
global $db, $luna_config, $luna_user;
$items = array();
if ($luna_user['is_guest']) {
$items['guest'] = array('register' => array('url' => 'register.php', 'title' => __('Register', 'luna')), 'login' => array('url' => '#', 'title' => __('Login', 'luna')));
} else {
if ($luna_user['is_admmod']) {
$items['backstage'] = array('url' => 'backstage/', 'title' => __('Backstage', 'luna'));
}
// Check for new notifications
$result = $db->query('SELECT COUNT(id) FROM ' . $db->prefix . 'notifications WHERE viewed = 0 AND user_id = ' . $luna_user['id']) or error('Unable to load notifications', __FILE__, __LINE__, $db->error());
$num_notifications = intval($db->result($result));
$items['notifications'] = array('url' => $luna_config['o_notification_flyout'] ? '#' : 'notifications.php', 'title' => $num_notifications > 0 ? __('Notifications', 'luna') : __('No new notifications', 'luna'), 'num' => $num_notifications, 'flyout' => 1 == $luna_config['o_notification_flyout']);
if ($luna_config['o_pms_enabled'] == '1' && $luna_user['g_pm'] == '1' && $luna_user['use_pm'] == '1') {
// Check for new messages
$result = $db->query('SELECT COUNT(id) FROM ' . $db->prefix . 'messages WHERE showed=0 AND show_message=1 AND owner=' . $luna_user['id']) or error('Unable to check the availibility of new messages', __FILE__, __LINE__, $db->error());
$num_new_pm = intval($db->result($result));
$items['inbox'] = array('url' => 'inbox.php', 'title' => 'Inbox', 'num' => $num_new_pm);
}
$items['user'] = array('profile' => array('url' => 'profile.php?id=' . $luna_user['id'], 'title' => __('Profile', 'luna')), 'settings' => array('url' => 'settings.php', 'title' => __('Settings', 'luna')), 'help' => array('url' => 'help.php', 'title' => __('Help', 'luna')), 'logout' => array('url' => 'login.php?action=out&id=' . $luna_user['id'] . '&csrf_token=' . luna_hash($luna_user['id'] . luna_hash(get_remote_address())), 'title' => __('Logout', 'luna')));
}
return $items;
}
/**
* Create a nonce.
*
* Build a secret string with previously set values, hash it and return
* a truncated, 12 chars long string.
*
* @since 1.1
*
* @return string Nonce value
*/
private function _create()
{
$secret = $this->tick . '|' . $this->action . '|' . $this->user . '|' . $this->seed;
$this->nonce = substr(luna_hash($secret, 'nonce'), -12, 12);
return $this->nonce;
}
function load_admin_nav($section, $page)
{
global $luna_user, $luna_config, $is_admin;
// What page are we on?
if ($page == 'index') {
$page_title = '<span class="fa fa-fw fa-tachometer"></span> ' . __('Backstage', 'luna');
} elseif ($page == 'stats') {
$page_title = '<span class="fa fa-fw fa-info-circle"></span> ' . __('System info', 'luna');
} elseif ($page == 'update') {
$page_title = '<span class="fa fa-fw fa-cloud-upload"></span> ' . __('Luna software update', 'luna');
} elseif ($page == 'about') {
$page_title = '<span class="fa fa-fw fa-moon-o"></span> ' . __('About Luna', 'luna');
} elseif ($page == 'board') {
$page_title = '<span class="fa fa-fw fa-sort-amount-desc"></span> ' . __('Board', 'luna');
} elseif ($page == 'moderate') {
$page_title = '<span class="fa fa-fw fa-tasks"></span> ' . __('Moderate', 'luna');
} elseif ($page == 'censoring') {
$page_title = '<span class="fa fa-fw fa-eye-slash"></span> ' . __('Censoring', 'luna');
} elseif ($page == 'reports') {
$page_title = '<span class="fa fa-fw fa-exclamation-triangle"></span> ' . __('Reports', 'luna');
} elseif ($page == 'users') {
$page_title = '<span class="fa fa-fw fa-search"></span> ' . __('Search', 'luna');
} elseif ($page == 'tools') {
$page_title = '<span class="fa fa-fw fa-wrench"></span> ' . __('Tools', 'luna');
} elseif ($page == 'ranks') {
$page_title = '<span class="fa fa-fw fa-chevron-up"></span> ' . __('Ranks', 'luna');
} elseif ($page == 'groups') {
$page_title = '<span class="fa fa-fw fa-group"></span> ' . __('Groups', 'luna');
} elseif ($page == 'permissions') {
$page_title = '<span class="fa fa-fw fa-check-circle"></span> ' . __('Permissions', 'luna');
} elseif ($page == 'bans') {
$page_title = '<span class="fa fa-fw fa-ban"></span> ' . __('Bans', 'luna');
} elseif ($page == 'settings') {
$page_title = '<span class="fa fa-fw fa-cogs"></span> ' . __('Settings', 'luna');
} elseif ($page == 'features') {
$page_title = '<span class="fa fa-fw fa-sliders"></span> ' . __('Features', 'luna');
} elseif ($page == 'appearance') {
$page_title = '<span class="fa fa-fw fa-eye"></span> ' . __('Appearance', 'luna');
} elseif ($page == 'registration') {
$page_title = '<span class="fa fa-fw fa-plus-circle"></span> ' . __('Registration', 'luna');
} elseif ($page == 'email') {
$page_title = '<span class="fa fa-fw fa-envelope"></span> ' . __('Email', 'luna');
} elseif ($page == 'menu') {
$page_title = '<span class="fa fa-fw fa-bars"></span> ' . __('Menu', 'luna');
} elseif ($page == 'theme') {
$page_title = '<span class="fa fa-fw fa-paint-brush"></span> ' . __('Theme', 'luna');
} elseif ($page == 'maintenance') {
$page_title = '<span class="fa fa-fw fa-coffee"></span> ' . __('Maintenance', 'luna');
} elseif ($page == 'prune') {
$page_title = '<span class="fa fa-fw fa-recycle"></span> ' . __('Prune', 'luna');
} elseif ($page == 'database') {
$page_title = '<span class="fa fa-fw fa-database"></span> ' . __('Database management', 'luna');
} elseif ($page == 'info') {
$page_title = '<span class="fa fa-fw fa-info-circle"></span> ' . __('Info', 'luna');
} else {
$page_title = $page;
}
?>
<nav class="navbar navbar-fixed-top navbar-default" role="navigation">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="../index.php"><span class="fa fa-fw fa-arrow-left hidden-xs"></span><span class="visible-xs-inline"><?php
echo $page_title;
?>
</span></a>
</div>
<div class="navbar-collapse collapse">
<ul class="nav navbar-nav">
<li class="<?php
if ($section == 'backstage') {
echo 'active';
}
?>
"><a href="index.php"><span class="fa fa-fw fa-dashboard"></span> <?php
_e('Backstage', 'luna');
?>
</a></li>
<?php
if ($is_admin) {
?>
<li class="<?php
if ($section == 'content') {
echo 'active';
}
?>
"><a href="board.php"><span class="fa fa-fw fa-file"></span> <?php
_e('Content', 'luna');
?>
</a></li>
<?php
} else {
?>
<li class="<?php
if ($section == 'content') {
echo 'active';
}
?>
"><a href="reports.php"><span class="fa fa-fw fa-file"></span> <?php
_e('Content', 'luna');
?>
</a></li>
<?php
}
?>
<li class="<?php
if ($section == 'users') {
echo 'active';
}
?>
"><a href="users.php"><span class="fa fa-fw fa-users"></span> <?php
_e('Users', 'luna');
?>
</a></li>
<?php
if ($is_admin) {
?>
<li class="<?php
if ($section == 'settings') {
echo 'active';
}
?>
"><a href="settings.php"><span class="fa fa-fw fa-cog"></span> <?php
_e('Settings', 'luna');
?>
</a></li><?php
}
?>
<?php
if ($is_admin) {
?>
<li class="<?php
if ($section == 'maintenance') {
echo 'active';
}
?>
"><a href="maintenance.php"><span class="fa fa-fw fa-coffee"></span> <?php
_e('Maintenance', 'luna');
?>
</a></li> <?php
}
// See if there are any plugins
$plugins = forum_list_plugins($is_admin);
// Did we find any plugins?
if (!empty($plugins)) {
?>
<li class="dropdown<?php
if ($section == ' extensions') {
echo 'active';
}
?>
">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
<span class="fa fa-fw fa-cogs"></span> <?php
_e('Extensions', 'luna');
?>
<span class="fa fa-fw fa-angle-down">
</a>
<ul class="dropdown-menu">
<?php
foreach ($plugins as $plugin_name => $plugin) {
echo "\t\t\t\t\t" . '<li><a href="loader.php?plugin=' . $plugin_name . '">' . str_replace('_', ' ', $plugin) . '</a></li>' . "\n";
}
?>
</ul>
</li>
<?php
}
?>
</ul>
<ul class="nav navbar-nav navbar-right">
<li class="dropdown usermenu">
<a href="#" class="dropdown-toggle dropdown-user" data-toggle="dropdown">
<span class="hidden-sm"><?php
print luna_htmlspecialchars($luna_user['username']);
?>
</span><?php
echo draw_user_avatar($luna_user['id'], true, 'avatar');
?>
<span class="fa fa-fw fa-angle-down"></span>
</a>
<ul class="dropdown-menu">
<li><a href="../profile.php?id=<?php
echo $luna_user['id'];
?>
"><?php
_e('Profile', 'luna');
?>
</a></li>
<li><a href="../settings.php?id=<?php
echo '' . $luna_user['id'];
?>
"><?php
_e('Settings', 'luna');
?>
</a></li>
<li class="divider"></li>
<li><a href="../help.php"><?php
_e('Help', 'luna');
?>
</a></li>
<li><a href="http://getluna.org"><?php
_e('Support', 'luna');
?>
</a></li>
<li class="divider"></li>
<li><a href="../login.php?action=out&id=<?php
echo '' . $luna_user['id'] . '&csrf_token=' . luna_hash($luna_user['id'] . luna_hash(get_remote_address()));
?>
"><?php
_e('Logout', 'luna');
?>
</a></li>
</ul>
</li>
</ul>
</div>
</div>
</nav>
<div class="jumbotron jumboheader">
<div class="container">
<div class="row">
<h2 class="hidden-xs">
<?php
echo $page_title;
if ($luna_config['o_update_ring'] > 1) {
echo '<span class="pull-right" style="font-size: 70%;">Core ' . Version::FORUM_CORE_VERSION . '</span>';
}
?>
</h2>
<?php
if ($section == 'backstage') {
?>
<ul class="nav nav-tabs" role="tablist">
<li<?php
if ($page == 'index') {
echo ' class="active"';
}
?>
><a href="index.php"><span class="fa fa-fw fa-tachometer"></span><span class="hidden-xs"> <?php
_e('Backstage', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'stats') {
echo ' class="active"';
}
?>
><a href="system.php"><span class="fa fa-fw fa-info-circle"></span><span class="hidden-xs"> <?php
_e('System info', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'update') {
echo ' class="active"';
}
?>
><a href="update.php"><span class="fa fa-fw fa-cloud-upload"></span><span class="hidden-xs"> <?php
_e('Update', 'luna');
?>
</span></a></li>
<li class="pull-right<?php
if ($page == 'about') {
echo ' active';
}
?>
"><a href="about.php"><span class="fa fa-fw fa-moon-o"></span><span class="hidden-xs"> <?php
_e('About', 'luna');
?>
</span></a></li>
</ul>
<?php
}
if ($section == 'content') {
?>
<ul class="nav nav-tabs" role="tablist">
<li<?php
if ($page == 'board') {
echo ' class="active"';
}
?>
><a href="board.php"><span class="fa fa-fw fa-sort-amount-desc"></span><span class="hidden-xs"> <?php
_e('Board', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'moderate') {
echo ' class="active"';
}
?>
><a href="moderate.php"><span class="fa fa-fw fa-tasks"></span><span class="hidden-xs"> <?php
_e('Moderate', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'censoring') {
echo ' class="active"';
}
?>
><a href="censoring.php"><span class="fa fa-fw fa-eye-slash"></span><span class="hidden-xs"> <?php
_e('Censoring', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'reports') {
echo ' class="active"';
}
?>
><a href="reports.php"><span class="fa fa-fw fa-exclamation-triangle"></span><span class="hidden-xs"> <?php
_e('Reports', 'luna');
?>
</span></a></li>
</ul>
<?php
}
if ($section == 'users') {
?>
<ul class="nav nav-tabs" role="tablist">
<li<?php
if ($page == 'users') {
echo ' class="active"';
}
?>
><a href="users.php"><span class="fa fa-fw fa-search"></span><span class="hidden-xs"> <?php
_e('Search', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'tools') {
echo ' class="active"';
}
?>
><a href="tools.php"><span class="fa fa-fw fa-wrench"></span><span class="hidden-xs"> <?php
_e('Tools', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'ranks') {
echo ' class="active"';
}
?>
><a href="ranks.php"><span class="fa fa-fw fa-chevron-up"></span><span class="hidden-xs"> <?php
_e('Ranks', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'groups') {
echo ' class="active"';
}
?>
><a href="groups.php"><span class="fa fa-fw fa-group"></span><span class="hidden-xs"> <?php
_e('Groups', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'permissions') {
echo ' class="active"';
}
?>
><a href="permissions.php"><span class="fa fa-fw fa-check-circle"></span><span class="hidden-xs"> <?php
_e('Permissions', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'bans') {
echo ' class="active"';
}
?>
><a href="bans.php"><span class="fa fa-fw fa-ban"></span><span class="hidden-xs"> <?php
_e('Bans', 'luna');
?>
</span></a></li>
</ul>
<?php
}
if ($section == 'settings') {
?>
<ul class="nav nav-tabs" role="tablist">
<li<?php
if ($page == 'settings') {
echo ' class="active"';
}
?>
><a href="settings.php"><span class="fa fa-fw fa-cogs"></span><span class="hidden-xs"> <?php
_e('Settings', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'features') {
echo ' class="active"';
}
?>
><a href="features.php"><span class="fa fa-fw fa-sliders"></span><span class="hidden-xs"> <?php
_e('Features', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'appearance') {
echo ' class="active"';
}
?>
><a href="appearance.php"><span class="fa fa-fw fa-eye"></span><span class="hidden-xs"> <?php
_e('Appearance', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'registration') {
echo ' class="active"';
}
?>
><a href="registration.php"><span class="fa fa-fw fa-plus-circle"></span><span class="hidden-xs"> <?php
_e('Registration', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'email') {
echo ' class="active"';
}
?>
><a href="email.php"><span class="fa fa-fw fa-envelope"></span><span class="hidden-xs"> <?php
_e('Email', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'menu') {
echo ' class="active"';
}
?>
><a href="menu.php"><span class="fa fa-fw fa-bars"></span><span class="hidden-xs"> <?php
_e('Menu', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'theme') {
echo ' class="active"';
}
?>
><a href="theme.php"><span class="fa fa-fw fa-paint-brush"></span><span class="hidden-xs"> <?php
_e('Theme', 'luna');
?>
</span></a></li>
</ul>
<?php
}
if ($section == 'maintenance') {
?>
<ul class="nav nav-tabs" role="tablist">
<li<?php
if ($page == 'maintenance') {
echo ' class="active"';
}
?>
><a href="maintenance.php"><span class="fa fa-fw fa-coffee"></span><span class="hidden-xs"> <?php
_e('Maintenance', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'prune') {
echo ' class="active"';
}
?>
><a href="prune.php"><span class="fa fa-fw fa-recycle"></span><span class="hidden-xs"> <?php
_e('Prune', 'luna');
?>
</span></a></li>
<li<?php
if ($page == 'database') {
echo ' class="active"';
}
?>
><a href="database.php"><span class="fa fa-fw fa-database"></span><span class="hidden-xs"> <?php
_e('Database', 'luna');
?>
</span></a></li>
</ul>
<?php
}
?>
</div>
</div>
</div>
<div class="content">
<div class="container">
<div class="row">
<?php
}
public static function insert_default_users($username, $password, $email, $language, $style)
{
global $db, $db_type;
$now = time();
$db->start_transaction();
// Insert guest and first admin user
$db->query('INSERT INTO ' . $db->prefix . 'users (group_id, username, password, email) VALUES(3, \'' . $db->escape(__('Guest', 'luna')) . '\', \'' . $db->escape(__('Guest', 'luna')) . '\', \'' . $db->escape(__('Guest', 'luna')) . '\')') or error('Unable to add guest user. Please check your configuration and try again', __FILE__, __LINE__, $db->error());
$db->query('INSERT INTO ' . $db->prefix . 'users (group_id, username, password, email, language, style, num_posts, last_post, registered, registration_ip, last_visit) VALUES(1, \'' . $db->escape($username) . '\', \'' . luna_hash($password) . '\', \'' . $email . '\', \'' . $db->escape($language) . '\', \'' . $db->escape($style) . '\', 1, ' . $now . ', ' . $now . ', \'' . $db->escape(get_remote_address()) . '\', ' . $now . ')') or error('Unable to add administrator user. Please check your configuration and try again', __FILE__, __LINE__, $db->error());
$db->end_transaction();
}
// The first row contains the subject
$first_crlf = strpos($mail_tpl, "\n");
$mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
$mail_message = trim(substr($mail_tpl, $first_crlf));
// Do the generic replacements first (they apply to all emails sent out here)
$mail_message = str_replace('<base_url>', get_base_url() . '/', $mail_message);
$mail_message = str_replace('<board_mailer>', $luna_config['o_board_title'], $mail_message);
// Loop through users we found
while ($cur_hit = $db->fetch_assoc($result)) {
if ($cur_hit['last_email_sent'] != '' && time() - $cur_hit['last_email_sent'] < 3600 && time() - $cur_hit['last_email_sent'] >= 0) {
message(sprintf(__('This account has already requested a password reset in the past hour. Please wait %s minutes before requesting a new password again.', 'luna'), intval((3600 - (time() - $cur_hit['last_email_sent'])) / 60)), true);
}
// Generate a new password and a new password activation code
$new_password = random_pass(12);
$new_password_key = random_pass(8);
$db->query('UPDATE ' . $db->prefix . 'users SET activate_string=\'' . luna_hash($new_password) . '\', activate_key=\'' . $new_password_key . '\', last_email_sent = ' . time() . ' WHERE id=' . $cur_hit['id']) or error('Unable to update activation data', __FILE__, __LINE__, $db->error());
// Do the user specific replacements to the template
$cur_mail_message = str_replace('<username>', $cur_hit['username'], $mail_message);
$cur_mail_message = str_replace('<activation_url>', get_base_url() . '/settings.php?id=' . $cur_hit['id'] . '&action=change_pass&key=' . $new_password_key, $cur_mail_message);
$cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message);
luna_mail($email, $mail_subject, $cur_mail_message);
}
message(__('An email has been sent to the specified address with instructions on how to change your password. If it does not arrive you can contact the forum administrator at', 'luna') . ' <a href="mailto:' . luna_htmlspecialchars($luna_config['o_admin_email']) . '">' . luna_htmlspecialchars($luna_config['o_admin_email']) . '</a>.', true);
} else {
message(__('There is no user registered with the email address', 'luna') . ' ' . htmlspecialchars($email) . '.');
}
}
}
}
// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to index.php after login)
if (!empty($_SERVER['HTTP_REFERER'])) {
} elseif (preg_match('#\\[b\\]|\\[/b\\]|\\[u\\]|\\[/u\\]|\\[i\\]|\\[/i\\]|\\[color|\\[/color\\]|\\[quote\\]|\\[quote=|\\[/quote\\]|\\[code\\]|\\[/code\\]|\\[img\\]|\\[/img\\]|\\[url|\\[/url\\]|\\[email|\\[/email\\]#i', $username)) {
message_backstage(__('Usernames may not contain any of the text formatting tags (BBCode) that the forum uses. Please choose another username.', 'luna'));
}
// Check that the username (or a too similar username) is not already registered
$result = $db->query('SELECT username FROM ' . $db->prefix . 'users WHERE username=\'' . $db->escape($username) . '\' OR username=\'' . $db->escape(preg_replace('/[^\\w]/', '', $username)) . '\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
if ($db->num_rows($result)) {
$busy = $db->result($result);
message_backstage(__('Someone is already registered with the username', 'luna') . ' ' . luna_htmlspecialchars($busy) . '. ' . __('The username you entered is too similar. The username must differ from that by at least one alphanumerical character (a-z or 0-9). Please choose a different username.', 'luna'));
}
$timezone = '0';
$language = $luna_config['o_default_lang'];
$email_setting = intval(1);
// Insert the new user into the database. We do this now to get the last inserted id for later use.
$now = time();
$intial_group_id = $_POST['random_pass'] == '0' ? $luna_config['o_default_user_group'] : LUNA_UNVERIFIED;
$password_hash = luna_hash($password);
// Add the user
$db->query('INSERT INTO ' . $db->prefix . 'users (username, group_id, password, email, email_setting, php_timezone, language, style, registered, registration_ip, last_visit) VALUES(\'' . $db->escape($username) . '\', ' . $intial_group_id . ', \'' . $password_hash . '\', \'' . $email1 . '\', ' . $email_setting . ', ' . $timezone . ' , \'' . $language . '\', \'' . $luna_config['o_default_style'] . '\', ' . $now . ', \'' . get_remote_address() . '\', ' . $now . ')') or error('Unable to create user', __FILE__, __LINE__, $db->error());
$new_uid = $db->insert_id();
// Must the user verify the registration?
if ($_POST['random_pass'] == '1') {
// Validate e-mail
require LUNA_ROOT . 'include/email.php';
// Load the "welcome" template
$mail_tpl = trim(__('Subject: Welcome to <board_title>!
Thank you for registering in the forums at <base_url>. Your account details are:
Username: <username>
Password: <password>
function luna_csrf_token()
{
global $luna_user;
return luna_hash($luna_user['id'] . luna_hash(get_remote_address()));
}
function luna_csrf_token()
{
global $luna_user;
static $token;
if (!isset($token)) {
return luna_hash($luna_user['id'] . $luna_user['password'] . luna_hash(get_remote_address()));
}
}
message(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden');
}
}
}
if (isset($_GET['key'])) {
$key = $_GET['key'];
$result = $db->query('SELECT activate_string, activate_key FROM ' . $db->prefix . 'users WHERE id=' . $id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error());
list($new_email, $new_email_key) = $db->fetch_row($result);
if ($key == '' || $key != $new_email_key) {
message(__('The specified email activation key was incorrect or has expired. Please re-request change of email address. If that fails, contact the forum administrator at', 'luna') . ' <a href="mailto:' . luna_htmlspecialchars($luna_config['o_admin_email']) . '">' . luna_htmlspecialchars($luna_config['o_admin_email']) . '</a>.');
} else {
$db->query('UPDATE ' . $db->prefix . 'users SET email=activate_string, activate_string=NULL, activate_key=NULL WHERE id=' . $id) or error('Unable to update email address', __FILE__, __LINE__, $db->error());
message(__('Your email address has been updated.', 'luna'), true);
}
} elseif (isset($_POST['form_sent'])) {
if (luna_hash($_POST['req_password']) !== $luna_user['password']) {
message(__('Wrong old password.', 'luna'));
}
// Make sure they got here from the site
confirm_referrer('settings.php');
require FORUM_ROOT . 'include/email.php';
// Validate the email address
$new_email = strtolower(luna_trim($_POST['req_new_email']));
if (!is_valid_email($new_email)) {
message(__('The email address you entered is invalid.', 'luna'));
}
// Check if it's a banned email address
if (is_banned_email($new_email)) {
if ($luna_config['p_allow_banned_email'] == '0') {
message(__('The email address you entered is banned in this forum. Please choose another email address.', 'luna'));
} elseif ($luna_config['o_mailing_list'] != '') {
function authenticate_user($user, $password, $password_is_hash = false)
{
global $db, $luna_user;
// Check if there's a user matching $user and $password
$result = $db->query('SELECT u.*, g.*, o.logged, o.idle FROM ' . $db->prefix . 'users AS u INNER JOIN ' . $db->prefix . 'groups AS g ON g.g_id=u.group_id LEFT JOIN ' . $db->prefix . 'online AS o ON o.user_id=u.id WHERE ' . (is_int($user) ? 'u.id=' . intval($user) : 'u.username=\'' . $db->escape($user) . '\'')) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
$luna_user = $db->fetch_assoc($result);
if (!isset($luna_user['id']) || $password_is_hash && $password != $luna_user['password'] || !$password_is_hash && luna_hash($password) != $luna_user['password']) {
set_default_user();
} else {
$luna_user['is_guest'] = false;
}
}
