} // set the email field to be updated $userdata->set('email', $vbulletin->GPC['email']); // generate an activation ID if required if ($vbulletin->options['verifyemail'] and !can_moderate()) { $userdata->set('usergroupid', 3); $userdata->set_info('override_usergroupid', true); $activate = true; // wait lets check if we have an entry first! $activation_exists = $db->query_first("\n\t\t\t\tSELECT * FROM " . TABLE_PREFIX . "useractivation\n\t\t\t\tWHERE userid = " . $vbulletin->userinfo['userid'] . "\n\t\t\t\tAND type = 0\n\t\t\t"); if (!empty($activation_exists['usergroupid']) and $vbulletin->userinfo['usergroupid'] == 3) { $usergroupid = $activation_exists['usergroupid']; } else { $usergroupid = $vbulletin->userinfo['usergroupid']; } $activateid = build_user_activation_id($vbulletin->userinfo['userid'], $usergroupid, 0, 1); $username = unhtmlspecialchars($vbulletin->userinfo['username']); $userid = $vbulletin->userinfo['userid']; eval(fetch_email_phrases('activateaccount_change')); vbmail($vbulletin->GPC['email'], $subject, $message, true); } else { $activate = false; } } else { $userdata->verify_useremail($vbulletin->userinfo['email']); } ($hook = vBulletinHook::fetch_hook('profile_updatepassword_complete')) ? eval($hook) : false; // save the data $userdata->save(); if ($activate) { $vbulletin->url = 'usercp.php' . $vbulletin->session->vars['sessionurl_q'];
/** * protected void associateAccount(array $user, int $vbnexus_userid) * Forces GFC users to choose a password (and a valid email too for * users of vbnexus3). The change is then flagged in the database with * field vbnexus_user.associated set to 2. * * @param array $user * @param int $vbnexus_userid * @return void */ protected function associateAccount($user, $vbnexus_userid) { global $vbulletin, $vboptions, $vbphrase, $stylevar, $vbnexus_loc; if (!intval($user['userid'])) { return false; } // If the user is submitting email and/or password, process it if (isset($_POST['vbnexus_gfc_fix'])) { // Validate input if (empty($_POST['email'])) { $vbnexus_error = "A valid email is required"; } elseif (empty($_POST['password'])) { $vbnexus_error = "A valid password is required"; } elseif (empty($_POST['password2']) || $_POST['password'] != $_POST['password2']) { $vbnexus_error = "Passwords do not match"; } else { $require_activation = $vbulletin->options['verifyemail'] && $user['email'] != $_POST['email']; $userdata =& datamanager_init('user', $vbulletin, ERRTYPE_SILENT); $userdata->set_existing(fetch_userinfo($user['userid'])); $userdata->set('password', $_POST['password']); // We can ignore validation of the email if it wasn't changed $user['email'] == $_POST['email'] || $userdata->set('email', $_POST['email']); if ($require_activation) { $userdata->set('usergroupid', 3); } if ($userdata->has_errors(false)) { $vbnexus_error = join('</li><li>', $userdata->errors); } elseif ($userdata->save()) { if ($require_activation) { // Email phrase 'activateaccount' expects vars called $userid, $username // and $activateid to be defined and meaningfull $userid = $user['userid']; $username = $user['username']; $activateid = build_user_activation_id($userid, $user['usergroupid'], 0); eval(fetch_email_phrases('activateaccount', $languageid)); // After eval'ing activateaccount we have vars $subject and $message set vbmail($_POST['email'], $subject, $message, true); } // The user was updated, there's now a valid password and email, so let's flag it $sql = "UPDATE `" . TABLE_PREFIX . "vbnexus_user`\r\n SET `associated` = 2\r\n WHERE `nonvbid` = '{$vbnexus_userid}'\r\n AND `service` = 'gfc'"; $vbulletin->db->query_write($sql); if ($vbulletin->db->query_write($sql)) { // Returning since we're done here and execution should go on normally return; } else { // This should never happen, it's mostly for debugging if something goes wrong $errmsg = "An error occurred trying to update your GFC information. Please try again." . " If the problem persists please report it to an admin."; return eval(standard_error($errmsg)); // Prints and exits } } else { // This should never happen, it's mostly for debugging if something goes wrong $errmsg = "An error occurred trying to update the account information. Please try again." . " If the problem persists please report it to an admin."; return eval(standard_error($errmsg)); // Prints and exits } } $user['email'] = $_POST['email']; } $vBNexusUser = $user; // No need to show mock emails from old vbnexus (< 3) if (empty($_POST['email']) && preg_match("/apps\\+|{$vbnexus_userid}[@\\.]/", $user['email'])) { $vBNexusUser['email'] = ''; } $vbnexus_loc = $_GET['loc']; // This will print a Message box (not really an error, but the actual form) and exit eval('$html = "' . fetch_template('vbnexus_3_gfc_invalid_email') . '";'); eval(standard_error($html)); }
/** * For registration without existing account, create a new vb user * If a user is successfully created, her userid is written to $userid */ private function createUser($data, &$userid) { global $vbulletin; $moderated = $vbulletin->options['moderatenewmembers']; $languageid = $vbulletin->userinfo['languageid']; $require_activation = $vbulletin->options['verifyemail'] && $data['default_email'] != $data['coded_email']; // Create a vB user with default permissions -- code from register.php if (!$vbulletin->options['allowregistration']) { eval(standard_error(fetch_error('noregister'))); } // Init user datamanager class $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdata->set_info('coppauser', false); $userdata->set_info('coppapassword', ''); $userdata->set_bitfield('options', 'coppauser', ''); $userdata->set('username', $data['username']); $userdata->set('password', md5($this->genPasswd())); $userdata->set('email', $data['email']); $userdata->set('languageid', $languageid); $userdata->set('ipaddress', IPADDRESS); // UserGroupId: Registered Users (2) or Users Awaiting Email Confirmation (3) $userdata->set('usergroupid', $require_activation ? 3 : 2); $userdata->set_usertitle('', false, $vbulletin->usergroupcache["{$newusergroupid}"], false, false); $userdata->presave_called = true; // If any error happened, we abort and return the error message(s) if ($userdata->has_errors(false)) { // $die := false return join('</li><li>', $userdata->errors); } // Save the data $userid = $userdata->save(); // Did we get a valid vb userid? if (!$userid) { return 'vbnexus_registration_failed'; } // If the user changed the email given by the external service, we follow // the regular steps for email activation if ($require_activation) { // Email phrase 'activateaccount' expects vars called $userid, $username // and $activateid to be defined and meaningfull $username = $data['username']; $activateid = build_user_activation_id($userid, $moderated ? 4 : 2, 0); eval(fetch_email_phrases('activateaccount', $languageid)); // After eval'ing activateaccount we have vars $subject and $message set vbmail($data['email'], $subject, $message, true); } // Force a new session to prevent potential issues with guests from the same IP, see bug #2459 $vbulletin->session->created = false; return true; }
if (fetch_require_hvcheck('lostpw')) { require_once DIR . '/includes/class_humanverify.php'; $verify =& vB_HumanVerify::fetch_library($vbulletin); if (!$verify->verify_token($vbulletin->GPC['humanverify'])) { standard_error(fetch_error($verify->fetch_error())); } } require_once DIR . '/includes/functions_user.php'; $users = $db->query_read_slave("\n\t\tSELECT userid, username, email, languageid\n\t\tFROM " . TABLE_PREFIX . "user\n\t\tWHERE email = '" . $db->escape_string($vbulletin->GPC['email']) . "'\n\t"); if ($db->num_rows($users)) { while ($user = $db->fetch_array($users)) { if ($vbulletin->GPC['userid'] and $vbulletin->GPC['userid'] != $user['userid']) { continue; } $user['username'] = unhtmlspecialchars($user['username']); $user['activationid'] = build_user_activation_id($user['userid'], 2, 1); eval(fetch_email_phrases('lostpw', $user['languageid'])); vbmail($user['email'], $subject, $message, true); } $vbulletin->url = str_replace('"', '', $vbulletin->url); eval(print_standard_redirect('redirect_lostpw', true, true)); } else { eval(standard_error(fetch_error('invalidemail', $vbulletin->options['contactuslink']))); } } // ############################### start reset password ############################### if ($vbulletin->GPC['a'] == 'pwd' or $_REQUEST['do'] == 'resetpassword') { $vbulletin->input->clean_array_gpc('r', array('userid' => TYPE_UINT, 'u' => TYPE_UINT, 'activationid' => TYPE_STR, 'i' => TYPE_STR)); if (!$vbulletin->GPC['userid']) { $vbulletin->GPC['userid'] = $vbulletin->GPC['u']; }
function do_register() { global $vbulletin, $vbphrase, $db; if ($vbulletin->userinfo['userid']) { json_error(ERR_NO_PERMISSION); } if (!$vbulletin->options['forumrunner_enable_registration']) { json_error(ERR_NO_PERMISSION); } $vbulletin->input->clean_array_gpc('r', array('username' => TYPE_STR, 'email' => TYPE_STR, 'password' => TYPE_STR, 'password_md5' => TYPE_STR, 'birthday' => TYPE_STR, 'timezoneoffset' => TYPE_NUM)); // They are registering. Lets find out what fields are required. if (!$vbulletin->options['allowregistration']) { standard_error(fetch_error('noregister')); } $out = array(); if ($vbulletin->GPC['username']) { // Registering. $userdata =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY); $vbulletin->GPC['coppauser'] = false; $userdata->set_info('coppauser', false); $userdata->set_info('coppapassword', $vbulletin->GPC['password']); $userdata->set_bitfield('options', 'coppauser', false); $userdata->set('parentemail', ''); if (empty($vbulletin->GPC['username']) || empty($vbulletin->GPC['email']) || empty($vbulletin->GPC['password']) && empty($vbulletin->GPC['password_md5'])) { standard_error(fetch_error('fieldmissing')); } $vbulletin->GPC['password_md5'] = strtolower($vbulletin->GPC['password_md5']); $vbulletin->GPC['passwordconfirm_md5'] = strtolower($vbulletin->GPC['password_md5']); $userdata->set('email', $vbulletin->GPC['email']); $userdata->set('username', $vbulletin->GPC['username']); $userdata->set('password', $vbulletin->GPC['password_md5'] ? $vbulletin->GPC['password_md5'] : $vbulletin->GPC['password']); $userdata->set_bitfield('options', 'adminemail', 1); if ($vbulletin->options['verifyemail']) { $newusergroupid = 3; } else { if ($vbulletin->options['moderatenewmembers'] || $vbulletin->GPC['coppauser']) { $newusergroupid = 4; } else { $newusergroupid = 2; } } $userdata->set('usergroupid', $newusergroupid); $userdata->set('languageid', $vbulletin->userinfo['languageid']); $userdata->set_usertitle('', false, $vbulletin->usergroupcache["{$newusergroupid}"], false, false); $parts = preg_split('#/#', $vbulletin->GPC['birthday']); $day = $month = $year = ''; if ($parts[1]) { $day = $parts[1]; } if ($parts[0]) { $month = $parts[0]; } if ($parts[2]) { $year = $parts[2]; } $userdata->set('showbirthday', 0); $userdata->set('birthday', array('day' => $day, 'month' => $month, 'year' => $year)); $dst = 2; $userdata->set_dst($dst); $userdata->set('timezoneoffset', $vbulletin->GPC['timezoneoffset']); // register IP address $userdata->set('ipaddress', IPADDRESS); $userdata->pre_save(); if (count($userdata->errors)) { // Just return one error for now. json_error(strip_tags($userdata->errors[0])); } $vbulletin->userinfo['userid'] = $userid = $userdata->save(); if ($userid) { $userinfo = fetch_userinfo($userid); $userdata_rank =& datamanager_init('User', $vbulletin, ERRTYPE_SILENT); $userdata_rank->set_existing($userinfo); $userdata_rank->set('posts', 0); $userdata_rank->save(); require_once DIR . '/includes/functions_login.php'; $vbulletin->session->created = false; process_new_login('', false, ''); // send new user email if ($vbulletin->options['newuseremail'] != '') { $username = $vbulletin->GPC['username']; $email = $vbulletin->GPC['email']; if ($birthday = $userdata->fetch_field('birthday')) { $bday = explode('-', $birthday); $year = vbdate('Y', TIMENOW, false, false); $month = vbdate('n', TIMENOW, false, false); $day = vbdate('j', TIMENOW, false, false); if ($year > $bday[2] and $bday[2] > 1901 and $bday[2] != '0000') { require_once DIR . '/includes/functions_misc.php'; $vbulletin->options['calformat1'] = mktimefix($vbulletin->options['calformat1'], $bday[2]); if ($bday[2] >= 1970) { $yearpass = $bday[2]; } else { $yearpass = $bday[2] + 28 * ceil((1970 - $bday[2]) / 28); } $birthday = vbdate($vbulletin->options['calformat1'], mktime(0, 0, 0, $bday[0], $bday[1], $yearpass), false, true, false); } else { $birthday = vbdate($vbulletin->options['calformat2'], mktime(0, 0, 0, $bday[0], $bday[1], 1992), false, true, false); } if ($birthday == '') { if ($bday[2] == '0000') { $birthday = "{$bday['0']}-{$bday['1']}"; } else { $birthday = "{$bday['0']}-{$bday['1']}-{$bday['2']}"; } } } if ($userdata->fetch_field('referrerid') and $vbulletin->GPC['referrername']) { $referrer = unhtmlspecialchars($vbulletin->GPC['referrername']); } else { $referrer = $vbphrase['n_a']; } $ipaddress = IPADDRESS; eval(fetch_email_phrases('newuser', 0)); $newemails = explode(' ', $vbulletin->options['newuseremail']); foreach ($newemails as $toemail) { if (trim($toemail)) { vbmail($toemail, $subject, $message); } } } $username = htmlspecialchars_uni($vbulletin->GPC['username']); $email = htmlspecialchars_uni($vbulletin->GPC['email']); // sort out emails and usergroups if ($vbulletin->options['verifyemail']) { $activateid = build_user_activation_id($userid, ($vbulletin->options['moderatenewmembers'] or $vbulletin->GPC['coppauser']) ? 4 : 2, 0); eval(fetch_email_phrases('activateaccount')); vbmail($email, $subject, $message, true); } else { if ($newusergroupid == 2) { if ($vbulletin->options['welcomemail']) { eval(fetch_email_phrases('welcomemail')); vbmail($email, $subject, $message); } } } ($hook = vBulletinHook::fetch_hook('register_addmember_complete')) ? eval($hook) : false; // Let them log in again. process_logout(); $out += array('emailverify' => $vbulletin->options['verifyemail'] ? true : false); } } else { $rules = preg_replace('/<a href=\\"(.*?)\\">(.*?)<\\/a>/', "\\2", $vbphrase['fr_register_forum_rules']); $out += array('rules' => prepare_utf8_string($rules), 'birthday' => $vbulletin->options['reqbirthday'] ? true : false); } return $out; }
public function sendActivateEmail($userid) { $userinfo = vB_User::fetchUserinfo($userid); if (empty($userinfo)) { throw new vB_Exception_Api('invaliduserid'); } if ($userinfo['usergroupid'] != 3) { // Already activated throw new vB_Exception_Api('activate_wrongusergroup'); } $vboptions = vB::getDatastore()->getValue('options'); $coppauser = false; if (!empty($userinfo['birthdaysearch'])) { $birthday = $userinfo['birthdaysearch']; } else { //we want YYYY-MM-DD for the coppa check but normally we store MM-DD-YYYY $birthday = $userinfo['birthday']; if (strlen($birthday) >= 6 and $birthday[2] == '-' and $birthday[5] == '-') { $birthday = substr($birthday, 6) . '-' . substr($birthday, 0, 2) . '-' . substr($birthday, 3, 2); } } if ($vboptions['usecoppa'] == 1 and $this->needsCoppa($birthday)) { $coppauser = true; } $username = trim(unhtmlspecialchars($userinfo['username'])); require_once DIR . '/includes/functions_user.php'; // Try to get existing activateid from useractivation table $useractivation = vB::getDbAssertor()->getRow('useractivation', array('userid' => $userinfo['userid'])); if ($useractivation) { $activateid = fetch_random_string(40); vB::getDbAssertor()->update('useractivation', array('dateline' => vB::getRequest()->getTimeNow(), 'activationid' => $activateid), array('userid' => $userinfo['userid'], 'type' => 0)); } else { $activateid = build_user_activation_id($userinfo['userid'], ($vboptions['moderatenewmembers'] or $coppauser) ? 4 : 2, 0); } $maildata = vB_Api::instanceInternal('phrase')->fetchEmailPhrases('activateaccount', array($username, $vboptions['bbtitle'], $vboptions['frontendurl'], $userinfo['userid'], $activateid, $vboptions['webmasteremail']), array($username), $userinfo['languageid']); vB_Mail::vbmail($userinfo['email'], $maildata['subject'], $maildata['message'], true); }
$url = "index.php"; } } } } } $arr = array("valid_entries" => $valid_entries, "messages" => $messages, "url" => $url); json_headers($arr); break; case 'resend_email': if ($vbulletin->options['verifyemail']) { if (isset($_SESSION['site_registration']['email'])) { $username = $_SESSION['site_registration']['username']; $email = $_SESSION['site_registration']['email']; $userid = $_SESSION['site_registration']['userid']; $activateid = build_user_activation_id($userid, ($vbulletin->options['moderatenewmembers'] or $_SESSION['site_registration']['coppauser']) ? 4 : 2, 0); eval(fetch_email_phrases('activateaccount')); if (empty($subject)) { $subject = fetch_phrase('activate_your_account', 'threadmanage'); } vbmail($email, $subject, $message, true); $messages = "Email sent!"; } else { $messages = "Unable to send email, please try again later."; } } $arr = array("message" => $messages); json_headers($arr); break; // create site account on register.php // create site account on register.php
public function request_password($email) { //Get the userid from their email address $getuserid = $this->db->query_first("\r\n\t\t\tSELECT userid\r\n\t\t\tFROM " . TABLE_PREFIX . "user\r\n\t\t\tWHERE email = '" . $this->db->escape_string($email) . "'"); //Gets list of users with the email address $users = $this->db->query_read_slave("\r\n\t\tSELECT userid, username, email, languageid\r\n\t\tFROM " . TABLE_PREFIX . "user\r\n\t\tWHERE email = '" . $this->db->escape_string($email) . "'\r\n\t"); if ($this->db->num_rows($users)) { //Loops through users while ($user = $this->db->fetch_array($users)) { //If the userid's do not match up with whats in the database if ($getuserid['userid'] and $getuserid['userid'] != $user['userid']) { //Exit the loop continue; } //Set vb username $user['username'] = unhtmlspecialchars($user['username']); //Generate new activation id $user['activationid'] = build_user_activation_id($user['userid'], 2, 1); //Use custom phrase and send out lost password email eval(fetch_email_phrases('lostpw', $user['languageid'])); vbmail($user['email'], $subject, $message, true); } //Return as a success return false; } else { return "No account with that email address exists, please try again."; } }