/**
* nv_check_username_reg()
* Ham kiem tra ten dang nhap kha dung
*
* @param mixed $login
* @return
*/
function nv_check_username_reg($login)
{
global $db, $db_config, $lang_module;
$error = nv_check_valid_login($login, NV_UNICKMAX, NV_UNICKMIN);
if ($error != '') {
return preg_replace('/\\&(l|r)dquo\\;/', '', strip_tags($error));
}
if ("'" . $login . "'" != $db->quote($login)) {
return sprintf($lang_module['account_deny_name'], $login);
}
$sql = "SELECT content FROM " . NV_USERS_GLOBALTABLE . "_config WHERE config='deny_name'";
$result = $db->query($sql);
$deny_name = $result->fetchColumn();
$result->closeCursor();
if (!empty($deny_name) and preg_match('/' . $deny_name . '/i', $login)) {
return sprintf($lang_module['account_deny_name'], $login);
}
$stmt = $db->prepare('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . ' WHERE md5username= :md5username');
$stmt->bindValue(':md5username', nv_md5safe($login), PDO::PARAM_STR);
$stmt->execute();
if ($stmt->fetchColumn()) {
return sprintf($lang_module['account_registered_name'], $login);
}
$stmt = $db->prepare('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . '_reg WHERE md5username= :md5username');
$stmt->bindValue(':md5username', nv_md5safe($login), PDO::PARAM_STR);
$stmt->execute();
if ($stmt->fetchColumn()) {
return sprintf($lang_module['account_registered_name'], $login);
}
return '';
}
/**
* nv_check_username_change()
*
* @param mixed $login
* @return
*/
function nv_check_username_change($login)
{
global $db, $lang_module, $user_info, $db_config;
$error = nv_check_valid_login($login, NV_UNICKMAX, NV_UNICKMIN);
if ($error != '') {
return preg_replace('/\\&(l|r)dquo\\;/', '', strip_tags($error));
}
if ("'" . $login . "'" != $db->quote($login)) {
return sprintf($lang_module['account_deny_name'], $login);
}
$sql = "SELECT content FROM " . NV_USERS_GLOBALTABLE . "_config WHERE config='deny_name'";
$result = $db->query($sql);
$deny_name = $result->fetchColumn();
$result->closeCursor();
if (!empty($deny_name) and preg_match('/' . $deny_name . '/i', $login)) {
return sprintf($lang_module['account_deny_name'], $login);
}
$sql = "SELECT userid FROM " . NV_USERS_GLOBALTABLE . " WHERE userid!=" . $user_info['userid'] . " AND md5username='******'";
if ($db->query($sql)->fetchColumn()) {
return sprintf($lang_module['account_registered_name'], $login);
}
$sql = "SELECT userid FROM " . NV_USERS_GLOBALTABLE . "_reg WHERE userid!=" . $user_info['userid'] . " AND md5username='******'";
if ($db->query($sql)->fetchColumn()) {
return sprintf($lang_module['account_registered_name'], $login);
}
return '';
}
function nv_check_username_change($login)
{
global $db, $lang_module, $user_info;
$error = nv_check_valid_login($login, NV_UNICKMAX, NV_UNICKMIN);
if ($login != $db->fixdb($login)) {
return sprintf($lang_module['account_deny_name'], '<strong>' . $login . '</strong>');
}
if ($error != "") {
return $error;
}
$sql = "SELECT `content` FROM `" . NV_USERS_GLOBALTABLE . "_config` WHERE `config`='deny_name'";
$result = $db->sql_query($sql);
list($deny_name) = $db->sql_fetchrow($result);
$db->sql_freeresult();
if (!empty($deny_name) and preg_match("/" . $deny_name . "/i", $login)) {
return sprintf($lang_module['account_deny_name'], '<strong>' . $login . '</strong>');
}
$sql = "SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `userid`!=" . $user_info['userid'] . " AND `username`=" . $db->dbescape($login);
if ($db->sql_numrows($db->sql_query($sql)) != 0) {
return sprintf($lang_module['account_registered_name'], '<strong>' . $login . '</strong>');
}
$sql = "SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `userid`!=" . $user_info['userid'] . " AND `username`=" . $db->dbescape($login);
if ($db->sql_numrows($db->sql_query($sql)) != 0) {
return sprintf($lang_module['account_registered_name'], '<strong>' . $login . '</strong>');
}
return "";
}
function nv_check_username_reg($login)
{
global $db, $lang_module;
$error = nv_check_valid_login($login, NV_UNICKMAX, NV_UNICKMIN);
if ($error != "") {
return preg_replace("/\\&(l|r)dquo\\;/", "", strip_tags($error));
}
if ($login != $db->fixdb($login)) {
return sprintf($lang_module['account_deny_name'], '<strong>' . $login . '</strong>');
}
$sql = "SELECT `content` FROM `" . NV_USERS_GLOBALTABLE . "_config` WHERE `config`='deny_name'";
$result = $db->sql_query($sql);
list($deny_name) = $db->sql_fetchrow($result);
$db->sql_freeresult();
if (!empty($deny_name) and preg_match("/" . $deny_name . "/i", $login)) {
return sprintf($lang_module['account_deny_name'], '<strong>' . $login . '</strong>');
}
$sql = "SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `md5username`=" . $db->dbescape(md5($login));
if ($db->sql_numrows($db->sql_query($sql)) != 0) {
return sprintf($lang_module['account_registered_name'], '<strong>' . $login . '</strong>');
}
$sql = "SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `md5username`=" . $db->dbescape(md5($login));
if ($db->sql_numrows($db->sql_query($sql)) != 0) {
return sprintf($lang_module['account_registered_name'], '<strong>' . $login . '</strong>');
}
return "";
}
} elseif ($step == 6) {
$nextstep = 0;
$error = '';
define('NV_USERS_GLOBALTABLE', $db_config['prefix'] . '_users');
// Bat dau phien lam viec cua MySQL
$db = new NukeViet\Core\Database($db_config);
if (!empty($db->error)) {
$error = !empty($db->error['user_message']) ? $db->error['user_message'] : $db->error['message'];
}
$array_data['site_name'] = $nv_Request->get_title('site_name', 'post', $array_data['site_name'], 1);
$array_data['nv_login'] = nv_substr($nv_Request->get_title('nv_login', 'post', $array_data['nv_login'], 1), 0, NV_UNICKMAX);
$array_data['nv_email'] = $nv_Request->get_title('nv_email', 'post', $array_data['nv_email']);
$array_data['nv_password'] = $nv_Request->get_title('nv_password', 'post', $array_data['nv_password']);
$array_data['re_password'] = $nv_Request->get_title('re_password', 'post', $array_data['re_password']);
$array_data['lang_multi'] = (int) $nv_Request->get_bool('lang_multi', 'post', $array_data['lang_multi']);
$check_login = nv_check_valid_login($array_data['nv_login'], NV_UNICKMAX, NV_UNICKMIN);
$check_pass = nv_check_valid_pass($array_data['nv_password'], NV_UPASSMAX, NV_UPASSMIN);
$check_email = nv_check_valid_email($array_data['nv_email']);
$array_data['question'] = $nv_Request->get_title('question', 'post', $array_data['question'], 1);
$array_data['answer_question'] = $nv_Request->get_title('answer_question', 'post', $array_data['answer_question'], 1);
$global_config['site_email'] = $array_data['nv_email'];
if ($nv_Request->isset_request('nv_login,nv_password', 'post')) {
if (empty($array_data['site_name'])) {
$error = $lang_module['err_sitename'];
} elseif (!empty($check_login)) {
$error = $check_login;
} elseif ("'" . $array_data['nv_login'] . "'" != $db->quote($array_data['nv_login'])) {
$error = sprintf($lang_module['account_deny_name'], '<strong>' . $array_data['nv_login'] . '</strong>');
} elseif (!empty($check_email)) {
$error = $check_email;
} elseif (!empty($check_pass)) {
} else {
$_user['password1'] = $_user['password2'] = '';
}
$_user['question'] = nv_substr($nv_Request->get_title('question', 'post', '', 1), 0, 255);
$_user['answer'] = nv_substr($nv_Request->get_title('answer', 'post', '', 1), 0, 255);
$_user['first_name'] = nv_substr($nv_Request->get_title('first_name', 'post', '', 1), 0, 255);
$_user['last_name'] = nv_substr($nv_Request->get_title('last_name', 'post', '', 1), 0, 255);
$_user['gender'] = nv_substr($nv_Request->get_title('gender', 'post', '', 1), 0, 1);
$_user['photo'] = nv_substr($nv_Request->get_title('photo', 'post', '', 1), 0, 255);
$_user['view_mail'] = $nv_Request->get_int('view_mail', 'post', 0);
$_user['sig'] = $nv_Request->get_textarea('sig', '', NV_ALLOWED_HTML_TAGS);
$_user['birthday'] = $nv_Request->get_title('birthday', 'post');
$_user['in_groups'] = $nv_Request->get_typed_array('group', 'post', 'int');
$_user['delpic'] = $nv_Request->get_int('delpic', 'post', 0);
$custom_fields = $nv_Request->get_array('custom_fields', 'post');
if ($_user['username'] != $row['username'] and ($error_username = nv_check_valid_login($_user['username'], NV_UNICKMAX, NV_UNICKMIN)) != '') {
$error = $error_username;
} elseif ("'" . $_user['username'] . "'" != $db->quote($_user['username'])) {
$error = sprintf($lang_module['account_deny_name'], '<strong>' . $_user['username'] . '</strong>');
} elseif (($error_xemail = nv_check_valid_email($_user['email'])) != '') {
$error = $error_xemail;
} elseif ($db->query('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . ' WHERE userid!=' . $userid . ' AND md5username='******'username'])))->fetchColumn()) {
$error = $lang_module['edit_error_username_exist'];
} elseif ($db->query('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . ' WHERE userid!=' . $userid . ' AND email=' . $db->quote($_user['email']))->fetchColumn()) {
$error = $lang_module['edit_error_email_exist'];
} elseif ($db->query('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . '_reg WHERE email=' . $db->quote($_user['email']))->fetchColumn()) {
$error = $lang_module['edit_error_email_exist'];
} elseif ($db->query('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . '_openid WHERE userid!=' . $userid . ' AND email=' . $db->quote($_user['email']))->fetchColumn()) {
$error = $lang_module['edit_error_email_exist'];
} elseif (!empty($_user['password1']) and ($check_pass = nv_check_valid_pass($_user['password1'], NV_UPASSMAX, NV_UPASSMIN)) != '') {
$error = $check_pass;
$_user['telephone'] = filter_text_input('telephone', 'post', '', 1, 100);
$_user['fax'] = filter_text_input('fax', 'post', '', 1, 100);
$_user['mobile'] = filter_text_input('mobile', 'post', '', 1, 100);
$_user['view_mail'] = $nv_Request->get_int('view_mail', 'post', 0);
$_user['sig'] = filter_text_textarea('sig', '', NV_ALLOWED_HTML_TAGS);
$_user['birthday'] = filter_text_input('birthday', 'post', '', 1, 10);
$_user['in_groups'] = $nv_Request->get_typed_array('group', 'post', 'int');
if (!empty($_user['website'])) {
if (!preg_match("#^(http|https|ftp|gopher)\\:\\/\\/#", $_user['website'])) {
$_user['website'] = "http://" . $_user['website'];
}
if (!nv_is_url($_user['website'])) {
$_user['website'] = "";
}
}
if (($error_username = nv_check_valid_login($_user['username'], NV_UNICKMAX, NV_UNICKMIN)) != "") {
$error = $error_username;
} elseif ($_user['username'] != $db->fixdb($_user['username'])) {
$error = sprintf($lang_module['account_deny_name'], '<strong>' . $_user['username'] . '</strong>');
} elseif (($error_xemail = nv_check_valid_email($_user['email'])) != "") {
$error = $error_xemail;
} elseif ($db->sql_numrows($db->sql_query("SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `md5username`=" . $db->dbescape(md5($_user['username'])))) != 0) {
$error = $lang_module['edit_error_username_exist'];
} elseif ($db->sql_numrows($db->sql_query("SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `email`=" . $db->dbescape($_user['email']))) != 0) {
$error = $lang_module['edit_error_email_exist'];
} elseif ($db->sql_numrows($db->sql_query("SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `email`=" . $db->dbescape($_user['email']))) != 0) {
$error = $lang_module['edit_error_email_exist'];
} elseif ($db->sql_numrows($db->sql_query("SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "_openid` WHERE `email`=" . $db->dbescape($_user['email']))) != 0) {
$error = $lang_module['edit_error_email_exist'];
} elseif (($check_pass = nv_check_valid_pass($_user['password1'], NV_UPASSMAX, NV_UPASSMIN)) != "") {
$error = $check_pass;
* @License GNU/GPL version 2 or any later version
* @Createdate 3/24/2010 23:58
*/
if (!defined('NV_IS_MOD_BANNERS')) {
die('Stop!!!');
}
if (defined('NV_IS_BANNER_CLIENT')) {
die(' ');
}
if ($nv_Request->get_int('save', 'post') == '1') {
$login = strip_tags($nv_Request->get_string('login', 'post', ''));
$password = strip_tags($nv_Request->get_string('password', 'post', ''));
if ($global_config['gfx_chk']) {
$seccode = strip_tags($nv_Request->get_string('seccode', 'post', ''));
}
$check_login = nv_check_valid_login($login, NV_UNICKMAX, NV_UNICKMIN);
$check_pass = nv_check_valid_pass($password, NV_UPASSMAX, NV_UPASSMIN);
if (!empty($check_login)) {
die('action');
} elseif (!empty($check_pass)) {
die('action');
} elseif ($global_config['gfx_chk'] and !nv_capcha_txt($seccode)) {
die('action');
} else {
$stmt = $db->prepare('SELECT * FROM ' . NV_BANNERS_GLOBALTABLE . '_clients WHERE login = :login AND act=1');
$stmt->bindParam(':login', $login, PDO::PARAM_STR);
$stmt->execute();
$row = $stmt->fetch();
if (empty($row)) {
die('action');
} else {
$query = "REPLACE INTO `" . NV_CONFIG_GLOBALTABLE . "` (`lang`, `module`, `config_name`, `config_value`) VALUES('sys', 'global', " . $db->dbescape($config_name) . ", " . $db->dbescape($config_value) . ")";
$db->sql_query($query);
}
nv_save_file_config_global();
nv_insert_logs(NV_LANG_DATA, $module_name, $lang_module['save'] . " " . $lang_module['config'], "config", $admin_info['userid']);
Header('Location: ' . NV_BASE_ADMINURL . 'index.php?' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=' . $op . '&rand=' . nv_genpass());
exit;
}
if ($nv_Request->isset_request('submituser', 'post')) {
$uid = $nv_Request->get_int('uid', 'post', 0);
$username = filter_text_input('username', 'post', '', 1);
$password = filter_text_input('password', 'post', '', 1);
$password2 = filter_text_input('password2', 'post', '', 1);
$begintime1 = filter_text_input('begintime1', 'post', 0, 1);
$endtime1 = filter_text_input('endtime1', 'post', 0, 1);
$errorlogin = nv_check_valid_login($username, NV_UNICKMAX, NV_UNICKMIN);
if (!empty($errorlogin)) {
$error[] = $errorlogin;
} elseif (preg_match("/[^a-zA-Z0-9_-]/", $username)) {
$error[] = $lang_module['rule_user'];
}
if (!empty($password) or empty($uid)) {
$errorpassword = nv_check_valid_pass($password, NV_UPASSMAX, NV_UPASSMIN);
if (!empty($errorpassword)) {
$error[] = $errorpassword;
}
if ($password != $password2) {
$error[] = $lang_module['passwordsincorrect'];
} elseif (preg_match("/[^a-zA-Z0-9_-]/", $password)) {
$error[] = $lang_module['rule_pass'];
}
$key_words = $module_info['keywords'];
$data = array();
$data['checkss'] = md5($client_info['session_id'] . $global_config['sitekey']);
$data['userField'] = nv_substr($nv_Request->get_title('userField', 'post', '', 1), 0, 100);
$data['answer'] = nv_substr($nv_Request->get_title('answer', 'post', '', 1), 0, 255);
$data['send'] = $nv_Request->get_bool('send', 'post', false);
$data['nv_seccode'] = $nv_Request->get_title('nv_seccode', 'post', '');
$checkss = $nv_Request->get_title('checkss', 'post', '');
$seccode = $nv_Request->get_string('lostactivelink_seccode', 'session', '');
$step = 1;
$error = $question = '';
if ($checkss == $data['checkss']) {
if (!empty($seccode) and md5($data['nv_seccode']) == $seccode or nv_capcha_txt($data['nv_seccode'])) {
if (!empty($data['userField'])) {
$check_email = nv_check_valid_email($data['userField']);
$check_login = nv_check_valid_login($data['userField'], NV_UNICKMAX, NV_UNICKMIN);
if (!empty($check_email) and !empty($check_login)) {
$step = 1;
$nv_Request->unset_request('lostactivelink_seccode', 'session');
$error = $lang_module['lostactivelink_no_info2'];
} else {
$exp = NV_CURRENTTIME - 86400;
if (empty($check_email)) {
$sql = 'SELECT * FROM ' . NV_USERS_GLOBALTABLE . '_reg WHERE email= :userField AND regdate>' . $exp;
} else {
$sql = 'SELECT * FROM ' . NV_USERS_GLOBALTABLE . '_reg WHERE username= :userField AND regdate>' . $exp;
}
$stmt = $db->prepare($sql);
$stmt->bindParam(':userField', $data['userField'], PDO::PARAM_STR);
$stmt->execute();
$row = $stmt->fetch();
/**
* openidLogin_Res1()
* Function thuc hien khi OpenID duoc nhan dien
*
* @param mixed $attribs
* @return
*/
function openidLogin_Res1($attribs)
{
global $page_title, $key_words, $mod_title, $db, $crypt, $nv_Request, $lang_module, $lang_global, $module_name, $module_info, $global_config, $gfx_chk, $nv_redirect;
$email = (isset($attribs['contact/email']) and nv_check_valid_email($attribs['contact/email']) == "") ? $attribs['contact/email'] : "";
if (empty($email)) {
$nv_Request->unset_request('openid_attribs', 'session');
openidLogin_Res0($lang_module['logged_in_failed']);
die;
}
$opid = $crypt->hash($attribs['id']);
$query = "SELECT a.userid AS uid, a.email AS uemail, b.active AS uactive FROM `" . NV_USERS_GLOBALTABLE . "_openid` a, `" . NV_USERS_GLOBALTABLE . "` b \r\n WHERE a.opid=" . $db->dbescape($opid) . " \r\n AND a.email=" . $db->dbescape($email) . " \r\n AND a.userid=b.userid";
$result = $db->sql_query($query);
$numrows = $db->sql_numrows($result);
if ($numrows) {
list($user_id, $op_email, $user_active) = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$nv_Request->unset_request('openid_attribs', 'session');
if ($op_email != $email) {
openidLogin_Res0($lang_module['not_logged_in']);
die;
}
if (!$user_active) {
openidLogin_Res0($lang_module['login_no_active']);
die;
}
$query = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `userid`=" . $db->dbescape($user_id);
$result = $db->sql_query($query);
$row = $db->sql_fetchrow($result);
validUserLog($row, 1, $opid);
$nv_redirect = !empty($nv_redirect) ? nv_base64_decode($nv_redirect) : NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name;
Header("Location: " . $nv_redirect);
die;
}
$query = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `email`=" . $db->dbescape($email);
$result = $db->sql_query($query);
$numrows = $db->sql_numrows($result);
if ($numrows) {
$nv_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$login_allowed = false;
if (empty($nv_row['password'])) {
$nv_Request->unset_request('openid_attribs', 'session');
$login_allowed = true;
}
if ($nv_Request->isset_request('openid_account_confirm', 'post')) {
$nv_Request->unset_request('openid_attribs', 'session');
if (defined('NV_IS_USER_FORUM') and file_exists(NV_ROOTDIR . '/' . DIR_FORUM . '/nukeviet/login.php')) {
$nv_username = $nv_row['username'];
$nv_password = $password;
require_once NV_ROOTDIR . '/' . DIR_FORUM . '/nukeviet/login.php';
if (empty($error)) {
$login_allowed = true;
} else {
openidLogin_Res0($lang_module['openid_confirm_failed']);
die;
}
} else {
$password = $nv_Request->get_string('password', 'post', '');
$nv_seccode = filter_text_input('nv_seccode', 'post', '');
$nv_seccode = !$gfx_chk ? 1 : (nv_capcha_txt($nv_seccode) ? 1 : 0);
if ($crypt->validate($password, $nv_row['password']) and $nv_seccode) {
$login_allowed = true;
} else {
openidLogin_Res0($lang_module['openid_confirm_failed']);
die;
}
}
}
if ($login_allowed) {
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "_openid` VALUES (" . intval($nv_row['userid']) . ", " . $db->dbescape($attribs['id']) . ", " . $db->dbescape($opid) . ", " . $db->dbescape($email) . ")";
$db->sql_query($sql);
if (intval($nv_row['active']) != 1) {
openidLogin_Res0($lang_module['login_no_active']);
} else {
validUserLog($nv_row, 1, $opid);
Header("Location: " . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name);
}
die;
}
$page_title = $lang_module['openid_login'];
$key_words = $module_info['keywords'];
$mod_title = $lang_module['openid_login'];
$lang_module['login_info'] = sprintf($lang_module['openid_confirm_info'], $email);
$contents = openid_account_confirm($gfx_chk, $attribs);
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
}
if ($global_config['allowuserreg'] == 2 or $global_config['allowuserreg'] == 3) {
$query = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `email`=" . $db->dbescape($email);
if ($global_config['allowuserreg'] == 2) {
$query .= " AND `regdate`>" . (NV_CURRENTTIME - 86400);
}
$result = $db->sql_query($query);
$numrows = $db->sql_numrows($result);
if ($numrows) {
if ($global_config['allowuserreg'] == 2) {
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($nv_Request->isset_request('openid_active_confirm', 'post')) {
$nv_Request->unset_request('openid_attribs', 'session');
$password = $nv_Request->get_string('password', 'post', '');
$nv_seccode = filter_text_input('nv_seccode', 'post', '');
$nv_seccode = !$gfx_chk ? 1 : (nv_capcha_txt($nv_seccode) ? 1 : 0);
if ($crypt->validate($password, $row['password']) and $nv_seccode) {
$reg_attribs = set_reg_attribs($attribs);
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "` (\r\n `userid`, `username`, `password`, `email`, `full_name`, `gender`, `photo`, `birthday`, `regdate`, `website`, \r\n `location`, `yim`, `telephone`, `fax`, `mobile`, `question`, `answer`, `passlostkey`, `view_mail`, `remember`, `in_groups`, \r\n `active`, `checknum`, `last_login`, `last_ip`, `last_agent`, `last_openid`) VALUES (\r\n NULL, \r\n " . $db->dbescape($row['username']) . ", \r\n " . $db->dbescape($row['password']) . ", \r\n " . $db->dbescape($row['email']) . ", \r\n " . $db->dbescape(!empty($row['full_name']) ? $row['full_name'] : $reg_attribs['full_name']) . ", \r\n " . $db->dbescape($reg_attribs['gender']) . ", \r\n '', 0, \r\n " . $db->dbescape($row['regdate']) . ", \r\n '', '', \r\n " . $db->dbescape($reg_attribs['yim']) . ", \r\n '', '', '', \r\n " . $db->dbescape($row['question']) . ", \r\n " . $db->dbescape($row['answer']) . ", \r\n '', 1, 1, '', 1, '', 0, '', '', '')";
$userid = $db->sql_query_insert_id($sql);
if (!$userid) {
openidLogin_Res0($lang_module['account_active_error']);
die;
}
$sql = "DELETE FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `userid`=" . $db->dbescape($row['userid']);
$db->sql_query($sql);
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "_openid` VALUES (" . $userid . ", " . $db->dbescape($attribs['id']) . ", " . $db->dbescape($opid) . ", " . $db->dbescape($email) . ")";
$db->sql_query($sql);
$query = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `userid`=" . $db->dbescape($userid);
$result = $db->sql_query($query);
$row = $db->sql_fetchrow($result);
validUserLog($row, 1, $opid);
$info = $lang_module['account_active_ok'] . "<br /><br />\n";
$info .= "<img border=\"0\" src=\"" . NV_BASE_SITEURL . "images/load_bar.gif\"><br /><br />\n";
$info .= "[<a href=\"" . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "\">" . $lang_module['redirect_to_home'] . "</a>]";
$contents .= user_info_exit($info);
$contents .= "<meta http-equiv=\"refresh\" content=\"2;url=" . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "\" />";
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
} else {
openidLogin_Res0($lang_module['openid_confirm_failed']);
die;
}
}
$page_title = $mod_title = $lang_module['openid_active_title'];
$key_words = $module_info['keywords'];
$lang_module['login_info'] = sprintf($lang_module['openid_active_confirm_info'], $email);
$contents = openid_active_confirm($gfx_chk, $attribs);
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
} else {
$nv_Request->unset_request('openid_attribs', 'session');
openidLogin_Res0($lang_module['account_register_to_admin']);
die;
}
}
}
$option = $nv_Request->get_int('option', 'get', 0);
if (!$global_config['allowuserreg']) {
$option = 3;
}
$contents = "";
if ($option == 3) {
$error = "";
if ($nv_Request->isset_request('nv_login', 'post')) {
$nv_username = filter_text_input('nv_login', 'post', '');
$nv_password = filter_text_input('nv_password', 'post', '');
$nv_seccode = filter_text_input('nv_seccode', 'post', '');
$check_login = nv_check_valid_login($nv_username, NV_UNICKMAX, NV_UNICKMIN);
$check_pass = nv_check_valid_pass($nv_password, NV_UPASSMAX, NV_UPASSMIN);
$check_seccode = !$gfx_chk ? true : (nv_capcha_txt($nv_seccode) ? true : false);
if (!$check_seccode) {
$error = $lang_global['securitycodeincorrect'];
} elseif (!empty($check_login)) {
$error = $check_login;
} elseif (!empty($check_pass)) {
$error = $check_pass;
} else {
$sql = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `username`=" . $db->dbescape($nv_username);
$result = $db->sql_query($sql);
$numrows = $db->sql_numrows($result);
if ($numrows != 1) {
$error = $lang_global['loginincorrect'];
} else {
$row = $db->sql_fetchrow($result);
if (empty($row['password']) or !$crypt->validate($nv_password, $row['password'])) {
$error = $lang_global['loginincorrect'];
} else {
if (!$row['active']) {
$error = $lang_module['login_no_active'];
} else {
$nv_Request->unset_request('openid_attribs', 'session');
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "_openid` VALUES (" . intval($row['userid']) . ", " . $db->dbescape($attribs['id']) . ", " . $db->dbescape($opid) . ", " . $db->dbescape($email) . ")";
$db->sql_query($sql);
validUserLog($row, 1, $opid);
}
}
}
}
if (empty($error)) {
$nv_redirect = !empty($nv_redirect) ? nv_base64_decode($nv_redirect) : NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name;
$info = $lang_module['login_ok'] . "<br /><br />\n";
$info .= "<img border=\"0\" src=\"" . NV_BASE_SITEURL . "images/load_bar.gif\"><br /><br />\n";
$info .= "[<a href=\"" . $nv_redirect . "\">" . $lang_module['redirect_to_back'] . "</a>]";
$contents .= user_info_exit($info);
$contents .= "<meta http-equiv=\"refresh\" content=\"2;url=" . $nv_redirect . "\" />";
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
}
$array_login = array("nv_login" => $nv_username, "nv_password" => $nv_password, "nv_redirect" => $nv_redirect, 'login_info' => "<span style=\"color:#fb490b;\">" . $error . "</span>");
} else {
$array_login = array("nv_login" => '', "nv_password" => '', 'login_info' => $lang_module['openid_note1'], "nv_redirect" => $nv_redirect);
}
$contents .= user_openid_login($gfx_chk, $array_login, $attribs);
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
} elseif ($option == 1 or $option == 2) {
$nv_Request->unset_request('openid_attribs', 'session');
$reg_attribs = set_reg_attribs($attribs);
if (empty($reg_attribs['username'])) {
openidLogin_Res0($lang_module['logged_in_failed']);
die;
}
if ($option == 2) {
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "` \r\n (`userid`, `username`, `password`, `email`, `full_name`, `gender`, `photo`, `birthday`, \r\n `regdate`, `website`, `location`, `yim`, `telephone`, `fax`, `mobile`, `question`, `answer`, `passlostkey`, \r\n `view_mail`, `remember`, `in_groups`, `active`, `checknum`, `last_login`, `last_ip`, `last_agent`, `last_openid`) VALUES \r\n (\r\n NULL, \r\n " . $db->dbescape($reg_attribs['username']) . ", \r\n '', \r\n " . $db->dbescape($reg_attribs['email']) . ", \r\n " . $db->dbescape($reg_attribs['full_name']) . ", \r\n " . $db->dbescape(ucfirst($reg_attribs['gender'])) . ", \r\n '', 0, " . NV_CURRENTTIME . ", '', '', \r\n " . $db->dbescape($reg_attribs['yim']) . ", \r\n '', '', '', '', '', '', 0, 0, '', 1, '', 0, '', '', ''\r\n )";
$userid = $db->sql_query_insert_id($sql);
if (!$userid) {
openidLogin_Res0($lang_module['err_no_save_account']);
die;
}
$query = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `userid`=" . $userid . " AND `active`=1";
$result = $db->sql_query($query);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "_openid` VALUES (" . intval($row['userid']) . ", " . $db->dbescape($reg_attribs['openid']) . ", " . $db->dbescape($reg_attribs['opid']) . ", " . $db->dbescape($reg_attribs['email']) . ")";
$db->sql_query($sql);
validUserLog($row, 1, $reg_attribs['opid']);
$nv_redirect = !empty($nv_redirect) ? nv_base64_decode($nv_redirect) : NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name;
Header("Location: " . $nv_redirect);
exit;
} else {
$reg_attribs = serialize($reg_attribs);
$nv_Request->set_Session('reg_attribs', $reg_attribs);
Header("Location: " . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=register&openid=1&nv_redirect=" . $nv_redirect);
exit;
}
}
$array_user_login = array();
if (!defined('NV_IS_USER_FORUM')) {
$array_user_login[] = array("title" => $lang_module['openid_note3'], "link" => NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=login&server=" . $attribs['server'] . "&result=1&option=1&nv_redirect=" . $nv_redirect);
$array_user_login[] = array("title" => $lang_module['openid_note4'], "link" => NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=login&server=" . $attribs['server'] . "&result=1&option=2&nv_redirect=" . $nv_redirect);
} else {
$array_user_login[] = array("title" => $lang_module['openid_note6'], "link" => NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=register&nv_redirect=" . $nv_redirect);
}
$array_user_login[] = array("title" => $lang_module['openid_note5'], "link" => NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=login&server=" . $attribs['server'] . "&result=1&option=3&nv_redirect=" . $nv_redirect);
$contents .= user_openid_login2($attribs, $array_user_login);
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
}
