/**
* add a comment to a blog entry
*
* @return array entry status
*/
function Blog_commentAdd()
{
$ret = array();
$bid = (int) $_REQUEST['blog_entry_id'];
$pid = (int) $_REQUEST['page_id'];
$page = Page::getInstance($pid);
if (!$page->name) {
$ret['error'] = 'Invalid page id.';
return $ret;
}
$entry = dbRow('select * from blog_entry where id=' . $bid . ' and status>0 and allow_comments');
if (!$entry) {
$ret['error'] = 'Entry does not exist, is not yet public,' . ' or does not allow comments.';
return $ret;
}
$name = $_REQUEST['name'];
$email = $_REQUEST['email'];
$url = $_REQUEST['url'];
$comment = $_REQUEST['comment'];
$status = 0;
$uid = 0;
if (isset($_SESSION['userdata']['id'])) {
$name = $_SESSION['userdata']['name'];
$email = $_SESSION['userdata']['email'];
$status = 1;
$uid = $_SESSION['userdata']['id'];
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$ret['error'] = 'Invalid email address';
return $ret;
}
if ($url && !filter_var($url, FILTER_VALIDATE_URL)) {
$ret['error'] = 'Invalid URL';
return $ret;
}
$verification = '';
if (!$status && $entry['allow_comments'] == 1) {
$verification = md5(time() . rand());
}
dbQuery('insert into blog_comment set user_id=' . $uid . ', name="' . addslashes($name) . '"' . ', url="' . addslashes($url) . '"' . ', email="' . addslashes($email) . '"' . ', comment="' . addslashes($comment) . '"' . ', cdate=now(), blog_entry_id=' . $bid . ', status=' . $status . ', verification="' . $verification . '"');
if (!$status && $entry['allow_comments'] == 1) {
Core_mail($email, '[' . $_SERVER['HTTP_HOST'] . '] comment verification', 'A comment was posted on our website claiming to be from your email' . " address.\n\nIf it was not you, then please ignore this email.\n\n" . "To verify the comment, please click the following link:\n" . 'http://' . $_SERVER['HTP_HOST'] . '/a/p=blog/f=commentVerify/md5=' . $verification);
$ret['message'] = 'Please check your email for a verification code';
}
return $ret;
}
foreach ($_REQUEST['new_groups'] as $ng) {
$n = addslashes($ng);
dbQuery("insert into groups set name='{$n}',parent=0");
$_REQUEST['groups'][dbOne('select last_insert_id() as id', 'id')] = true;
}
}
// }
if (isset($_REQUEST['groups'])) {
foreach ($_REQUEST['groups'] as $k => $n) {
dbQuery("insert into users_groups set user_accounts_id={$id},groups_id=" . (int) $k);
}
}
echo '<em>users updated</em>';
if (isset($_REQUEST['email-to-send'])) {
$site = preg_replace('/www\\./', '', $_SERVER['HTTP_HOST']);
Core_mail($_REQUEST['email'], '[' . $site . '] user status update', $_REQUEST['email-to-send'], 'no-reply@' . $site);
}
Core_cacheSave('user-session-resets', $id, true);
}
}
// }
// { form
$r = dbRow("select * from user_accounts where id={$id}");
if (!is_array($r) || !count($r)) {
$r = array('id' => -1, 'email' => '', 'name' => '', 'contact' => '{}', 'active' => 0, 'address' => '[]', 'parent' => $_SESSION['userdata']['id']);
}
// { table of contents
echo '<div id="tabs"><ul>' . '<li><a href="#details">User Details</a></li>' . '<li><a href="#locations">Locations</a></li>' . '<li><a href="#custom">Custom Data</a></li>' . '</ul> <form action="siteoption' . 's.php?page=users&id=' . $id . '" method="post">';
echo '<input type="hidden" name="id" value="' . $id . '" />';
if (!isset($r['extras'])) {
$r['extras'] = '';
if (strcmp($res, "VERIFIED") == 0) {
$str = '';
foreach ($_POST as $key => $value) {
$str .= $key . " = " . $value . "\n";
}
if (!isset($_POST['item_number'])) {
Core_mail('*****@*****.**', $_SERVER['HTTP_HOST'] . ' problem with PayPal payment', "There was a problem marking a purchase as Paid. Please contact" . " your website provider with the following details:\n\n" . $str);
Core_quit();
}
$id = (int) $_POST['item_number'];
if ($id < 1) {
Core_quit();
}
// check that payment_amount/payment_currency are correct
$order = dbRow("SELECT * FROM online_store_orders WHERE id={$id}");
if (round($order['total']) != round($_POST['mc_gross'])) {
// TODO: you should be able to edit the email address here - e.g. test domains will have a strange email address
$eml = 'info@' . preg_replace('/^www\\./', '', $_SERVER['HTTP_HOST']);
Core_mail($eml, $_SERVER['HTTP_HOST'] . ' paypal hack', $str, $eml);
Core_quit();
}
// process payment
require dirname(__FILE__) . '/../order-status.php';
OnlineStore_processOrder($id, $order);
} else {
if (strcmp($res, "INVALID") == 0) {
}
}
}
fclose($fp);
}
/**
* sends an invoice if the status is right
*
* @param int $id ID of the order
* @param array $order details of the order
*
* @return null
*/
function OnlineStore_sendInvoiceEmail($id, $order = false)
{
if ($order === false) {
$order = dbRow("SELECT * FROM online_store_orders WHERE id={$id}");
}
$sendAt = (int) dbOne('select val from online_store_vars where name="invoices_by_email"', 'val');
if ($sendAt == 0 && $order['status'] != '1') {
return;
}
if ($sendAt == 1) {
// never send
return;
}
if ($sendAt == 2 && $order['status'] != '2') {
return;
}
if ($sendAt == 3 && $order['status'] != '4') {
return;
}
$form_vals = json_decode($order['form_vals']);
$items = json_decode($order['items']);
$short_domain = str_replace('www.', '', $_SERVER['HTTP_HOST']);
// { work out from/to
$page = Page::getInstanceByType('online-store');
$page->initValues();
$from = 'noreply@' . $short_domain;
$bcc = '';
if ($page && isset($page->vars['online_stores_admin_email']) && $page->vars['online_stores_admin_email']) {
$from = $page->vars['online_stores_admin_email'];
$bcc = $page->vars['online_stores_admin_email'];
}
if (isset($form_vals->billing_email)) {
$form_vals->Billing_Email = $form_vals->billing_email;
}
if (!isset($form_vals->Billing_Email) || !$form_vals->Billing_Email) {
$form_vals->Billing_Email = $form_vals->Email;
}
$headers = '';
if ($bcc) {
$sendToAdmin = (int) dbOne('select val from online_store_vars where name="invoices_by_email_admin"', 'val');
if (!$sendToAdmin) {
$headers .= 'BCC: ' . $bcc . "\r\n";
}
}
// }
Core_trigger('send-invoice', array($order));
// { send invoice
if ($form_vals->Billing_Email != '*****@*****.**') {
Core_mail($form_vals->Billing_Email, '[' . $short_domain . '] invoice #' . $id, $order['invoice'], $from, '_body', $headers);
}
// }
// { handle item-specific stuff (vouchers, stock control)
foreach ($items as $item_index => $item) {
if (!$item->id) {
continue;
}
$p = Product::getInstance($item->id);
$pt = ProductType::getInstance($p->vals['product_type_id']);
if ($pt->is_voucher) {
$html = $pt->voucher_template;
// { common replaces
$html = str_replace('{{$_name}}', $p->name, $html);
$html = str_replace('{{$description}}', $p->vals['description'], $html);
$html = str_replace('{{$_recipient}}', $form_vals->Billing_Email, $html);
$html = str_replace('{{$_amount}}', $p->vals['os_voucher_value'], $html);
// }
if (strpos($html, '{{PRODUCTS_QRCODE}}') !== false) {
// qr code
$url = 'http://' . $_SERVER['HTTP_HOST'] . '/a/p=online-store/f=checkQrCode/' . 'oid=' . $order['id'] . '/pid=' . $item_index . '/md5=' . md5($order['invoice']);
$html = str_replace('{{PRODUCTS_QRCODE}}', '<img src="http://' . $_SERVER['HTTP_HOST'] . '/a/p=online-store/f=getQrCode/b64=' . urlencode(base64_encode($url)) . '"/>', $html);
}
Core_mail($form_vals->Billing_Email, '[' . $short_domain . '] voucher', $html, $from, '_body', $headers);
}
// { stock control
if (isset($p->vals['online-store'])) {
$valsOS = $p->vals['online-store'];
$stock_amount = (int) @$valsOS['_stock_amt'] - $item->amt;
$valsOS['_stock_amt'] = $stock_amount;
$sold_amount = (int) @$valsOS['_sold_amt'] + $item->amt;
$valsOS['_sold_amt'] = $sold_amount;
dbQuery('update products set' . ' online_store_fields="' . addslashes(json_encode($valsOS)) . '"' . ', os_amount_in_stock=' . $stock_amount . ', os_amount_sold=' . $sold_amount . ', date_edited=now()' . ' where id=' . $item->id);
}
// }
}
Core_cacheClear('products');
// }
}
}
// }
// { send order_made_admin email if the template is set
// { create template if it doesn't exist
if (!file_exists($tpldir . $PAGEDATA->id . '-order_made_admin')) {
$r = dbOne('select val from online_store_vars' . ' where name="email_order_made_admin"', 'val');
if ($r) {
file_put_contents($tpldir . $PAGEDATA->id . '-order_made_admin', $r);
}
}
// }
// { send email
if (file_exists($tpldir . $PAGEDATA->id . '-order_made_admin')) {
$rs = dbAll('select * from online_store_vars' . ' where name like "email_order_made_admin%"', 'name');
$body = $smarty->fetch($tpldir . $PAGEDATA->id . '-order_made_admin');
Core_mail($rs['email_order_made_admin_recipient']['val'], $rs['email_order_made_admin_subject']['val'], $body, $rs['email_order_made_admin_replyto']['val'], $rs['email_order_made_admin_template']['val']);
}
// }
// }
// { show payment button
switch ($_REQUEST['_payment_method_type']) {
case 'Bank Transfer':
// {
$msg = $PAGEDATA->vars['online_stores_bank_transfer_message'];
$msg = str_replace('{{$total}}', OnlineStore_numToPrice($grandTotal), $msg);
$msg = str_replace('{{$invoice_number}}', $id, $msg);
$msg = str_replace('{{$bank_name}}', htmlspecialchars($PAGEDATA->vars['online_stores_bank_transfer_bank_name']), $msg);
$msg = str_replace('{{$account_name}}', htmlspecialchars($PAGEDATA->vars['online_stores_bank_transfer_account_name']), $msg);
$msg = str_replace('{{$account_number}}', htmlspecialchars($PAGEDATA->vars['online_stores_bank_transfer_account_number']), $msg);
$msg = str_replace('{{$sort_code}}', htmlspecialchars($PAGEDATA->vars['online_stores_bank_transfer_sort_code']), $msg);
$c .= $msg;
/**
* send a confirmation email
*
* @param string $email email address to send the confirmation to
* @param string $hash hash key for verification
*
* @return null
*/
function Mailinglist_sendConfirmation($email, $hash)
{
$data = dbAll('select name,value from mailing_list_options');
foreach ($data as $d) {
$EMAIL[$d['name']] = $d['value'];
}
if ($_SERVER['HTTPS'] == 'on') {
$http = 'https';
} else {
$http = 'http';
}
$url = $http . '://' . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
$EMAIL['body'] = str_replace('%link%', $url . '?mailing_list_hash=' . $hash, $EMAIL['body']);
Core_mail($email, $EMAIL['subject'], $EMAIL['body'], $EMAIL['from']);
}
/**
* submit a post to a forum
*
* @return status of the forum
*/
function Forum_post()
{
if (!isset($_SESSION['userdata']) || !$_SESSION['userdata']['id']) {
Core_quit();
}
$title = $_REQUEST['title'];
$body = $_REQUEST['body'];
$forum_id = (int) @$_REQUEST['forum_id'];
$thread_id = (int) @$_REQUEST['thread_id'];
$errs = array();
if (!$body) {
$errs[] = 'no post body supplied';
}
if (!$forum_id) {
$errs[] = 'no forum selected';
} else {
$forum = dbRow('select * from forums where id=' . $forum_id);
if (!$forum || !count($forum)) {
$errs[] = 'forum does not exist';
} else {
if ($thread_id) {
$title = '';
$thread = dbRow('select * from forums_threads where id=' . $thread_id . ' and forum_id=' . $forum_id);
if (!$thread || !count($thread)) {
$errs[] = 'thread does not exist or doesn\'t belong to that forum';
}
} else {
if (!$title) {
$errs[] = 'no thread title supplied';
}
}
}
}
if (count($errs)) {
return array('errors' => $errs);
}
if (!$thread_id) {
$sql = 'insert into forums_threads set forum_id=' . $forum_id . ',' . 'name="' . addslashes($title) . '",creator_id=' . $_SESSION['userdata']['id'] . ',created_date=now(),num_posts=0,last_post_date=now(),last_post_by=0,' . 'subscribers="' . $_SESSION['userdata']['id'] . '"';
dbQuery($sql);
$thread_id = dbLastInsertId();
} else {
// add user to the subscribers list
$subscribers = dbOne('select subscribers from forums_threads where id=' . $thread_id, 'subscribers');
$subscribers = explode(',', $subscribers);
if (!in_array($_SESSION['userdata']['id'], $subscribers)) {
$subscribers[] = $_SESSION['userdata']['id'];
dbQuery('update forums_threads set subscribers="' . join(',', $subscribers) . '" where id=' . $thread_id);
}
}
// { insert the post into the thread
$moderated = 1 - $forum['is_moderated'];
dbQuery('insert into forums_posts set thread_id=' . $thread_id . ',author_id=' . $_SESSION['userdata']['id'] . ',created_date=now()' . ',body="' . addslashes($body) . '",moderated=' . $moderated);
$post_id = (int) dbLastInsertId();
dbQuery('update forums_threads set num_posts=num_posts+1,' . 'last_post_date=now(),last_post_by=' . $_SESSION['userdata']['id'] . ' where id=' . $thread_id);
// }
// { alert subscribers that a new post is available
$post_author = User::getInstance($_SESSION['userdata']['id']);
$row = dbRow('select subscribers,name from forums_threads where id=' . $thread_id);
$subscribers = explode(',', $row['subscribers']);
$url = Page::getInstance($forum['page_id'])->getRelativeUrl() . '?forum-f=' . $forum_id . '&forum-t=' . $thread_id . '&' . $post_id . '#forum-c-' . $post_id;
foreach ($subscribers as $subscriber) {
if ($subscriber == $_SESSION['userdata']['id']) {
continue;
}
$user = User::getInstance($subscriber);
if (!$user) {
continue;
}
Core_mail($user->get('email'), '[' . $_SERVER['HTTP_HOST'] . '] ' . $row['name'], "A new post has been added to this forum thread which you are subscribed" . " to.<br/>\n<br/>\n" . 'http://www.' . $_SERVER['HTTP_HOST'] . $url . "<br/>\n<br/>\n" . $post_author->get('name') . " said:<hr/>" . $body . '<hr/>', 'no-reply@' . $_SERVER['HTTP_HOST']);
}
// }
return array('forum_id' => $forum_id, 'thread_id' => $thread_id, 'post_id' => $post_id);
}
/**
* send list of new products to people watching the lists
*
* @return null
*/
function Products_categoryWatchesSend()
{
$rs = dbAll('select * from products_watchlists');
$users = array();
if (is_array($rs)) {
foreach ($rs as $r) {
if (!isset($users[$r['user_id']])) {
$users[$r['user_id']] = array();
}
$users[$r['user_id']][] = $r['category_id'];
}
}
foreach ($users as $uid => $cats) {
$numFound = 0;
$email = '';
foreach ($cats as $cid) {
$rs = ProductsCategoriesProducts::getByCategoryId($cid);
$sql = 'select id from products where id in (' . join(',', $rs) . ')' . ' and activates_on>date_add(now(), interval -1 day)';
$rs = dbAll($sql);
if (count($rs)) {
$email .= '<h2>' . ProductCategory::getInstance($cid)->vals['name'] . '</h2><table style="width:100%">';
foreach ($rs as $r) {
$product = Product::getInstance($r['id']);
$email .= '<tr><td><img src="http://' . $_SERVER['HTTP_HOST'] . '/a/f=getImg/w=160/h=160/' . $product->getDefaultImage() . '"></td>' . '<td><h3>' . __FromJSON($product->name) . '</h3>' . '<a href="http://' . $_SERVER['HTTP_HOST'] . $product->getRelativeUrl() . '">View this product on our website</a>' . '</td></tr>';
}
$email . '</table>';
}
}
if ($email == '') {
continue;
}
$user = User::getInstance($uid);
Core_mail($user->email, '[' . $_SERVER['HTTP_HOST'] . '] Watched Categories', $email, 'no-reply@' . $_SERVER['HTTP_HOST']);
}
}
/**
* returns a HTML string to show the FaceBook widget
*
* @param object $vars plugin parameters
*
* @return string
*/
function FaceBook_widgetShow($vars = null)
{
global $PAGEDATA;
switch (@$vars->what_to_show) {
case 'like-gateway':
// {
require_once SCRIPTBASE . '/ww.external/facebook/facebook.php';
$config = array('appId' => $vars->app_id, 'secret' => $vars->app_secret);
$facebook = new Facebook($config);
// { add js sdk
$html = '<div id="fb-root"></div>
<script>
window.fbAsyncInit = function() {
FB.init({
appId : "' . $vars->app_id . '",
channelUrl : "//' . $_REQUEST['HTTP_HOST'] . '/channel.html",
status : true,
cookie : true,
xfbml : true
});
};
(function(d){
var js, id = "facebook-jssdk", ref = d.getElementsByTagName("script")[0];
if (d.getElementById(id)) {return;}
js = d.createElement("script"); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
ref.parentNode.insertBefore(js, ref);
}(document));
</script>';
// }
$uid = $facebook->getUser();
if ($uid == 0) {
// not logged in
echo '<a href="' . $facebook->getLoginUrl(array('scope' => 'publish_stream')) . '">' . $vars->click_message . '</a>';
} else {
$facebook->api('/' . $uid . '/feed', 'post', array('message' => $vars->wall_message));
$html = $vars->thankyou_message;
$gs = dbAll('select * from users_groups where groups_id=1', 'user_accounts_id');
$emails = array_keys(dbAll('select email from user_accounts where id in (' . join(',', array_keys($gs)) . ')', 'email'));
$details = $facebook->api('/me', 'GET');
Core_mail(join(', ', $emails), '[' . $_SERVER['HTTP_HOST'] . '] Facebook post', '<p>A customer has clicked the Like gateway on your website,' . ' posting to their wall.</p><p>Their details are:</p><ul>' . '<li>Name: ' . $details['name'] . '</li>' . '<li>Gender: ' . $details['gender'] . '</li>' . '<li>Facebook Link: ' . $details['link'] . '</li>' . '</ul>' . '<p>this is an automated email; please do not reply to it.</p>', 'no-reply@' . $_SERVER['HTTP_HOST']);
}
echo $html;
break;
// }
// }
default:
// {
if (!isset($vars->show_faces)) {
$vars->show_faces = '1';
}
$show_faces = $vars->show_faces;
if (!isset($vars->layout)) {
$vars->layout = 'standard';
}
switch ($vars->layout) {
case 'standard':
// {
$w = 225;
$h = $show_faces == '1' ? 80 : 35;
break;
// }
// }
case 'button_count':
// {
$w = 90;
$h = 20;
break;
// }
// }
default:
// {
$vars->layout = 'box_count';
$w = 55;
$h = 65;
//}
}
return '<iframe src="http://www.facebook.com/widgets/like.php?href=' . urlencode('http://' . $_SERVER['HTTP_HOST'] . $PAGEDATA->getRelativeURL()) . '&layout=' . $vars->layout . '&show_faces=' . $show_faces . '" scrolling="no" frameborder="0"' . ' style="border:none;width:' . $w . 'px;height:' . $h . 'px"></iframe>';
}
return '';
}
/**
* send registration token
*
* @return array status
*/
function Core_sendRegistrationToken()
{
$email = @$_REQUEST['email'];
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
return array('error' => 'invalid email address');
}
$sql = 'select id from user_accounts where email="' . addslashes($email) . '"';
if (dbOne($sql, 'id')) {
return array('error' => 'already registered');
}
if (!isset($_SESSION['privacy'])) {
$_SESSION['privacy'] = array();
}
Core_trigger('user-registration-token-sent');
$_SESSION['privacy']['registration'] = array('token' => rand(10000, 99999), 'custom' => array(), 'email' => $email);
if (@$_REQUEST['custom'] && is_array($_REQUEST['custom'])) {
$_SESSION['privacy']['registration']['custom'] = $_REQUEST['custom'];
}
$emaildomain = str_replace('www.', '', $_SERVER['HTTP_HOST']);
$from = Core_siteVar('useraccounts_registrationtokenemail_from');
Core_mail($email, Core_siteVar('useraccounts_registrationtokenemail_subject'), str_replace('%token%', $_SESSION['privacy']['registration']['token'], Core_siteVar('useraccounts_registrationtokenemail_message')), $from);
return array('ok' => 1);
}
/**
* check a registration submission, and register the user if valid
*
* @return string either the registration form again, or a success message
*/
function Privacy_registrationRegister()
{
global $DBVARS, $PAGEDATA;
// { variables
$name = @$_REQUEST['name'];
$email = @$_REQUEST['email'];
$usertype = @$_REQUEST['usertype'];
$address1 = @$_REQUEST['address1'];
$address2 = @$_REQUEST['address2'];
$address3 = @$_REQUEST['address3'];
$howyouheard = @$_REQUEST['howyouheard'];
$pass1 = $_REQUEST['pass1'];
$pass2 = $_REQUEST['pass2'];
// }
if (@$PAGEDATA->vars['userlogin_terms_and_conditions'] && !isset($_REQUEST['terms_and_conditions'])) {
return '<em>' . __('You must agree to the terms and conditions.' . ' Please press "Back" and try again.', 'core') . '</em>';
}
$missing = array();
// { check for user_account table "extras"
$extras = array();
if (@$PAGEDATA->vars['privacy_extra_fields']) {
$rs = json_decode($PAGEDATA->vars['privacy_extra_fields']);
if ($rs) {
foreach ($rs as $r) {
if (!$r->name) {
continue;
}
$ename = preg_replace('/[^a-zA-Z0-9_]/', '', $r->name);
$extras[$r->name] = isset($_REQUEST['privacy_extras_' . $ename]) ? $_REQUEST['privacy_extras_' . $ename] : '';
if ($extras[$r->name] == '' && @$r->is_required) {
$missing[] = $r->name;
}
}
}
}
// }
// { check for required fields
if (!$name) {
$missing[] = '<span>' . __('your name', 'core') . '</span>';
}
if (!$email) {
$missing[] = '<span>' . __('your email address', 'core') . '</span>';
}
if (count($missing)) {
return Privacy_registrationShowForm('<em><span>' . __('You must fill in the following fields:', 'core') . '</span> ' . join(', ', $missing) . '</em>');
}
// }
// { check if the email address is already registered
$r = dbRow('select id from user_accounts where email="' . $email . '"');
if ($r && count($r)) {
return Privacy_registrationShowForm('<p><em>' . __('That email is already registered.', 'core') . '</em></p>');
}
// }
// { check that passwords match
if (!$pass1 || $pass1 != $pass2) {
return Privacy_registrationShowForm('<p><em>' . __('Please enter your preferred password twice', 'core') . '</em></p>');
}
// }
// { check captcha
require_once $_SERVER['DOCUMENT_ROOT'] . '/ww.incs/recaptcha.php';
if (!isset($_REQUEST['recaptcha_challenge_field'])) {
return Privacy_registrationShowForm('<p><em>' . __('You must fill in the Captcha', 'core') . '</em></p>');
} else {
$result = recaptcha_check_answer(RECAPTCHA_PRIVATE, $_SERVER['REMOTE_ADDR'], $_REQUEST['recaptcha_challenge_field'], $_REQUEST['recaptcha_response_field']);
if (!$result->is_valid) {
return Privacy_registrationShowForm('<p><em>' . __('Invalid captcha. Please try again.', 'core') . '</em></p>');
}
}
// }
// { register the account
$password = $pass1;
$r = dbRow("SELECT * FROM site_vars WHERE name='user_discount'");
$discount = (double) $r['value'];
$hash = base64_encode(sha1(rand(0, 65000), true));
$sql = 'insert into user_accounts set name="' . $name . '", password=md5("' . $password . '"), email="' . $email . '", verification_hash="' . $hash . '", active=0, extras="' . addslashes(json_encode($extras)) . '",date_created=now()';
dbQuery($sql);
$page = $GLOBALS['PAGEDATA'];
$id = dbOne('select last_insert_id() as id', 'id');
if (isset($page->vars['userlogin_groups'])) {
$gs = json_decode($page->vars['userlogin_groups'], true);
foreach ($gs as $k => $v) {
dbQuery("insert into users_groups set user_accounts_id={$id},groups_id=" . (int) $k);
}
}
$sitedomain = $_SERVER['HTTP_HOST'];
$long_url = "http://{$sitedomain}" . $page->getRelativeUrl() . "?hash=" . urlencode($hash) . "&email=" . urlencode($email) . '#Login';
$short_url = md5($long_url);
$lesc = addslashes($long_url);
$sesc = urlencode($short_url);
dbQuery('insert into short_urls set cdate=now(),long_url="' . addslashes($long_url) . '",short_url="' . $short_url . '"');
if (@$page->vars['userlogin_registration_type'] == 'Email-verified') {
Core_mail($email, '[' . $sitedomain . '] user registration', "Hello!<br/><br/>This message is to verify your email address, which has " . "been used to register a user-account on the {$sitedomain} website." . "<br/><br/>After clicking the link below, you will be logged into the se" . "rver.<br/><br/>If you did not register this account, then please delete" . " this email. Otherwise, please click the following URL to verify " . "your email address with us. Thank you.<br/><br/>http://{$sitedomain}/_s/" . $sesc, "noreply@{$sitedomain}");
if (1 || $page->vars['userlogin_send_admin_emails']) {
$admins = dbAll('select email from user_accounts,users_groups where groups_id=1 &' . '& user_accounts_id=user_accounts.id');
foreach ($admins as $admin) {
Core_mail($admin['email'], '[' . $sitedomain . '] user registration', "Hello!<br/><br/>This message is to alert you that a user ({$email}) ha" . "s been created on your site, http://{$sitedomain}/ - the user h" . "as not yet been activated, so please log into the admin area " . "of the site (http://{$sitedomain}/ww.admin/ - under Site Option" . "s then Users) and verify that the user details are correct.", "noreply@{$sitedomain}");
}
}
return Privacy_registrationShowForm(false, '<p><strong>' . __('Thank you for registering.', 'core') . '</strong> ' . __('Please check your email for a verification URL.' . ' Once that\'s been followed, your account will be activated.', 'core') . '</p>');
} else {
$admins = dbAll('select email from user_accounts,users_groups where groups_id=1 && ' . 'user_accounts_id=user_accounts.id');
foreach ($admins as $admin) {
Core_mail($admin['email'], '[' . $sitedomain . '] user registration', "Hello!<br/><br/>This message is to alert you that a user ({$email}) has " . "been created on your site, http://{$sitedomain}/ - the user has n" . "ot yet been activated, so please log into the admin area of the" . " site (http://{$sitedomain}/ww.admin/ - under Site Options then U" . "sers) and verify that the user details are correct.", "noreply@{$sitedomain}");
}
return Privacy_registrationShowForm(false, '<p><strong>' . __('Thank you for registering.') . '</strong> ' . __('Our admins will moderate your registration,' . ' and you will receive an email when it is activated.') . '</p>');
}
// }
}
