<?php
// old function for switching users for Lisa
require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php';
auth();
$return = array('error' => false, 'errorText' => '');
if ($_SESSION['user_id'] == '1' || $_SESSION['user_id'] == '3') {
$id = intval($_POST['id']);
if ($id > 0) {
// switch user
$q = new myQuery("SELECT * FROM user WHERE id={$id}");
$user = $q->get_one_array();
$return['name'] = $user['firstname'] . ' ' . $user['lastname'];
$return['email'] = $user['email'];
$_SESSION['user_id'] = $id;
$return['user_id'] = $id;
setcookie('user_id', $id, false, '/', $_SERVER['SERVER_NAME']);
setcookie('id_hash', md5($id), false, '/', $_SERVER['SERVER_NAME']);
}
} else {
$return['error'] = true;
$return['errorText'] = "You don't have permission to switch users. ({$_SESSION['user_id']})";
}
scriptReturn($return);
exit;
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php';
date_default_timezone_set('Europe/London');
include DOC_ROOT . '/include/classes/PHPMailer/PHPMailerAutoload.php';
$return = array('error' => false, 'errorText' => '');
$email = my_clean($_POST['email']);
$q = new myQuery("SELECT id, firstname, lastname FROM user WHERE LCASE(email)=LCASE('{$email}')");
if ($q->get_num_rows() == 1) {
$res = $q->get_one_array();
$id = $res['id'];
// create a new password
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ123456789123456789";
$password = substr(str_shuffle($chars), 0, 10);
$salt = '$2y$10$' . substr(md5(microtime()), 0, 21) . '$';
$hash = crypt($password, $salt);
$q = new myQuery("UPDATE user SET password='******' WHERE LCASE(email)=LCASE('{$email}') AND id='{$id}'");
if (DEBUG) {
$return['newpass'] = $password;
}
// only for debugging!!!!
// email new password to the user
$to = $email;
$subject = 'WebMorph.org password change';
$headers = "From: lisa.debruine@glasgow.ac.uk\r\n";
$headers .= "Reply-To: lisa.debruine@glasgow.ac.uk\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
$message = "<html><body style='color: rgb(50,50,50); font-family:\"Lucida Grande\"';>" . "<p>Hi {$email},</p>\n" . "<p>You (or someone) just reset your password at <a href='http://webmorph.org'>WebMorph</a>.</p>\n" . "<div style='border: 3px solid hsl(200,100%,20%); " . " box-shadow: 2px 2px 4px rgba(0,0,0,0.5);border-radius: 1em; padding: 1em; " . " text-align: center; width: 18em; margin: auto;'>\n" . " Your new password:\n" . " <div style='font-size: 200%; margin-top: 0.5em;'>{$password}</div>\n" . "</div>\n" . "<p>You can reset your password after logging in by going to the Preferences menu option.</p>\n" . "<p>Kind regards,</p>\n" . "<p>Lisa DeBruine</p>\n" . "</body></html>\n.";
$text_message = "Hi {$email},\n" . "You (or someone) just reset your password at <a href='http://webmorph.org'>WebMorph</a>.\n\n" . "Your new password: {$password} \n\n" . "You can reset your password after logging in by going to the Preferences menu option.</p>\n\n" . "Kind regards,\n" . "Lisa DeBruine\n.";
//mail($to, $subject, $message, $headers);
<?php
// get a user's preferences and personal data
require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php';
auth();
$return = array('error' => false, 'errorText' => '', 'prefs' => array('mask_color' => 'rgb(255,255,255)', 'cross_color' => 'rgb(0,255,0)', 'selcross_color' => 'rgb(255,0,0)', 'line_color' => 'rgb(0,0,255)', 'defaultLineWidth' => 1, 'texture' => 'true', 'sample_contours' => 'true', 'show_thumbs' => 'false', 'align_pt1' => 0, 'align_pt2' => 1, 'align_x1' => 496.98, 'align_y1' => 825.688, 'align_x2' => 853.02, 'align_y2' => 825.688, 'align_w' => 1350, 'align_h' => 1800, 'defaultTem' => 1, 'normalisation' => 'none', 'warp' => 'multiscale', 'default_imageformat' => 'jpg', 'batch_names' => 'folder', 'default_project' => NULL, 'theme' => 0), 'defaultTemplates' => array('id' => 1, 'name' => 'FRL-189'), 'fm' => array());
$user = $_SESSION['user_id'];
$return['user'] = $user;
if (empty($user)) {
$return['error'] = true;
} else {
$q = new myQuery("SELECT pref, prefval FROM pref WHERE user_id='{$user}'");
$myprefs = $q->get_assoc(false, 'pref', 'prefval');
foreach ($myprefs as $pref => $val) {
$return['prefs'][$pref] = $val;
}
$q = new myQuery("SELECT * FROM user WHERE id='{$user}'");
$userinfo = $q->get_one_array();
unset($userinfo['password']);
$return['prefs'] = array_merge($return['prefs'], $userinfo);
$q = new myQuery("SELECT id, tem.name, notes, \n COUNT(DISTINCT l.n) as `lines`, \n COUNT(DISTINCT p.n) AS points\n FROM tem\n LEFT JOIN point AS p ON (tem.id=p.tem_id)\n LEFT JOIN line AS l ON (tem.id=l.tem_id)\n WHERE user_id='{$user}' OR public=TRUE\n GROUP BY tem.id");
$return['defaultTemplates'] = $q->get_assoc();
$_SESSION['theme'] = $return['prefs']['theme'];
$q = new myQuery("SELECT name, description, equation FROM fm WHERE user_id='{$user}'");
$return['fm'] = $q->get_assoc();
}
scriptReturn($return);
exit;
function check_eligible()
{
$user_sex = $_SESSION['sex'];
$user_sexpref = $_SESSION['sexpref'];
$user_age = $_SESSION['age'];
$query = new myQuery('SELECT lower_age, upper_age, sex, sexpref FROM quest WHERE id=' . $this->id);
$expinfo = $query->get_one_array();
$eligible = true;
$eligible = $eligible && (is_null($expinfo['lower_age']) || $user_age >= $expinfo['lower_age']);
$eligible = $eligible && (is_null($expinfo['upper_age']) || $user_age <= $expinfo['upper_age']);
$eligible = $eligible && (is_null($expinfo['sex']) || $expinfo['sex'] == 'both' || $user_sex == $expinfo['sex']);
$eligible = $eligible && (is_null($expinfo['sexpref']) || $user_sexpref == $expinfo['sexpref']);
return $eligible;
}
