<?php
//logs a user in
if (is_logged_in()) {
return false;
}
//user already logged in
//get variables
$user = set_post('user', '');
$password = set_post('password', '');
//check if ready
if (!isset($_POST['user']) && !isset($_POST['password'])) {
return false;
}
//variables not set yet
//error checking
$terror = false;
//if an error occurred
if (empty($user)) {
notices_set('Please provide an email or username', 'error');
$terror = true;
}
if (!password_is_valid($password)) {
notices_set('Invalid password - Passwords must be at least ' . REQ_PASSWORD_LENGTH, 'error');
$terror = true;
}
//last error check
if ($terror) {
//exit script
echo notices_get();
//show errors
<?php
//send a password reset request to a user
//check if form submitted
if (!isset($_POST['email'])) {
return false;
}
//variables not set yet
//get variables
$email = set_post('email', '');
if (empty($email) || !email_is_valid($email)) {
notices_set('Invalid email.', 'error');
return false;
}
//check if it is valid
$sql = sql_query(" SELECT id FROM `users` WHERE email='{$email}' LIMIT 1 ");
if (sql_count($sql) <= 0) {
notices_set('Invalid email.', 'error');
return false;
}
$data = sql_fetch($sql);
//create code
$confirm = confirm_token_create($email);
//delete all tokens for that email
sql_query(" DELETE FROM `password_reset` WHERE user='******'id']}' LIMIT 1 ");
//insert
sql_query(" INSERT INTO `password_reset` (user, token) VALUES('{$data['id']}' , '{$confirm}') \n\t\t\tON DUPLICATE KEY UPDATE token='{$confirm}' ");
//send email
email_send('password_reset', 'Planling Password Reset', array($email => $email), array('{{%LINK%}}' => 'http://' . MAIN_URL . '/password?e=' . $email . '&t=' . $confirm));
//set message
notices_set('Instructions on how to reset your password has been sent to <strong>' . $email . '</strong>.', 'success');
</table>
<a href="" class="btn btn-simple col-bg-sky-blue view-all full">View All</a>
</article>
</div>';
} else {
echo '
<div id="latest-shell">
<article>
<form action="" method="post">
<table class="center" style="background-color: #e6e6e6; border-radius: 6px; padding: 12px">
<tr>
<td>
<label for="_user">Login:</label>
</td>
<td>
<input type="text" name="user" id="_user" value="' . set_post('user', '') . '" autocomplete="on" maxlength="255" placeholder="email or username" required>
</td>
</tr>
<tr>
<td>
<label for="_password">Password:</label>
</td>
<td>
<input type="password" name="password" id="_password" autocomplete="on" minlength="' . REQ_PASSWORD_LENGTH . '" maxlength="255" required>
</td>
</tr>
<tr>
<td colspan="2">
<input type="submit" class="full col-bg-blue" value="Login">
<br>
<a href="password">Forgot your password?</a>
<?php
//creates a user account
//get variables
$email1 = strtolower(set_post('email1', ''));
$email2 = strtolower(set_post('email2', ''));
$password1 = set_post('password1', '');
$password2 = set_post('password2', '');
//check if form submitted
if (!isset($_POST['email1']) || !isset($_POST['email2']) || !isset($_POST['password1']) || !isset($_POST['password2'])) {
return false;
}
//variables not set yet
//error checking
$terror = false;
//if an error occurred
if (!email_is_valid($email1) || !email_is_valid($email2)) {
notices_set('Invalid email address', 'error');
$terror = true;
}
if ($email1 != $email2) {
notices_set('Emails do not match', 'error');
$terror = true;
}
if (!password_is_valid($password1) || !password_is_valid($password2)) {
notices_set('Invalid password - Passwords must be at least ' . REQ_PASSWORD_LENGTH, 'error');
$terror = true;
}
if ($password1 != $password2) {
notices_set('Passwords do not match', 'error');
$terror = true;
<div class="col name">
<label for="_email1">
Email:
</label>
</div>
<div class="col data">
<input type="email" name="email1" id="_email1" value="' . set_post('email1', '') . '" autocomplete="off" maxlength="255" placeholder="*****@*****.**" required>
<div class="description">Please enter your email address. You will use this to login.</div>
</div>
<div class="col name">
<label for="_email2">
Confirm Email:
</label>
</div>
<div class="col data">
<input type="email" name="email2" id="_email2" value="' . set_post('email2', '') . '" autocomplete="off" maxlength="255" placeholder="*****@*****.**" required>
<div class="description">Confirm your email address above.</div>
</div>
<div class="col name">
<label for="_password1">
Password:
</label>
</div>
<div class="col data">
<input type="password" name="password1" id="_password1" class="short" autocomplete="off" minlength="' . REQ_PASSWORD_LENGTH . '" maxlength="255" required>
<div class="description">Passwords must be a minimum of ' . REQ_PASSWORD_LENGTH . ' characters. </div>
</div>
<div class="col name">
<label for="_password2">
Confirm Password:
</label>
function forward($cb_before = null, $cb_after = null, $url = '')
{
//生成url
if ($url === '') {
$url = "http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
} else {
if (!preg_match("/https?:/i", $url)) {
if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") {
$url = "https://" . $_SERVER['HTTP_HOST'] . "/" . ltrim($url, "/");
} else {
$url = "http://" . $_SERVER['HTTP_HOST'] . "/" . ltrim($url, "/");
}
}
}
//获取转发需要的头内容
$headers = get_request_headers();
//转发POST内容
$data_to_post = null;
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (in_array(get_content_type($headers), array('application/x-www-form-urlencoded', 'multipart/form-data'))) {
$data_to_post = $_POST;
} else {
//就抓出原始的post数据即可
$fp = fopen('php://input', 'r');
$post = stream_get_contents($fp);
fclose($fp);
$data_to_post = $post;
}
}
if ($cb_before) {
call_user_func_array($cb_before, [&$url, &$data_to_post, &$headers]);
}
//初始化curl选项
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
@curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_MAXREDIRS, 10);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, REQUEST_TIMEOUT);
//将生成的头,设置在curl中
set_request_headers($ch, $headers);
//设置POST数据
if ($data_to_post) {
set_post($ch, $data_to_post);
}
//执行curl请求
//要防止长连接用这种方法 fixme
$data = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);
//获取返回的body内容
$body = $info["size_download"] ? substr($data, $info["header_size"], $info["size_download"]) : "";
$headers_str = substr($data, 0, $info["header_size"]);
$headers = get_response_headers($headers_str);
if ($cb_after) {
$encoding = get_content_encoding($headers);
$body_str = $body;
if ($encoding === 'deflate') {
$body_str = gzinflate($body);
}
if ($encoding === 'gzip') {
$body_str = gzdecode($body);
}
//调用过滤钩子,检测是否有修改内容
$old_md5 = md5($body_str);
call_user_func_array($cb_after, [$info, &$headers, &$body_str]);
$new_md5 = md5($body_str);
//如果内容有修改,则需要从新打包,和计算内容长度
if ($old_md5 !== $new_md5) {
switch ($encoding) {
case 'deflate':
$body = gzdeflate($body_str);
break;
case 'gzip':
$body = gzencode($body_str);
break;
default:
$body = $body_str;
}
//修正发出的内容长度
$headers = set_content_length($headers, strlen($body));
}
}
//转发返回的头内
set_response_headers($headers);
//输出html内容到浏览器
echo $body;
//函数返回结果给缓存使用
return [$headers, $body];
}
/**
* @brief Crée un inpute pour saisir de long texte
* @param name nom donné a la requete POST ou GET envoyé
* @param row nombre de ligne
* @param cols nombre de colones
* */
function form_textarea($label, $name, $rows, $cols)
{
set_post($name);
return ($label ? '<label for="' . $name . '">' . $label . '</label>' : '') . '<textarea ' . ($cols ? 'cols="' . $cols . '" ' : '') . ($rows ? 'rows="' . $rows . '" ' : '') . 'name="' . $name . '"
id="' . $name . '">' . post2text($_POST[$name]) . '</textarea>';
}
