Esempio n. 1
0
 case 2:
     $name = '';
     $email = '';
     if (!empty($_POST['nutz'])) {
         $name = escape($_POST['nutz'], 'string');
     }
     if (!empty($_POST['email'])) {
         $email = escape($_POST['email'], 'string');
     }
     $ch_name = false;
     $xname = escape_nickname($name);
     if (!empty($name) and $xname == $name and 0 == db_result(db_query("SELECT COUNT(*) FROM `prefix_user` WHERE `name_clean` = BINARY '" . get_lower($name) . "'"), 0)) {
         $ch_name = true;
     }
     $ch_email = false;
     $xemail = escape_for_email($email);
     if (!empty($email) and $xemail == $email and 0 == db_result(db_query("SELECT COUNT(*) FROM `prefix_user` WHERE `email` = BINARY '" . get_lower($email) . "'"), 0)) {
         $ch_email = true;
     }
     if (empty($name) or empty($email) or $name != $xname or $ch_name == false or $email != $xemail or $ch_email == false) {
         $title = $allgAr['title'] . ' :: Users :: Registrieren :: Step 2 von 3';
         $hmenu = $extented_forum_menu . '<a class="smalfont" href="?user">User</a><b> &raquo; </b><a class="smalfont" href="?user-regist">Registrieren</a><b> &raquo; </b>Step 2 von 3' . $extented_forum_menu_sufix;
         $header = array('jquery/pstrength-min.1.2.js', 'jquery/pstrength.css', 'jquery/jquery.validate.js', 'forms/regist.js');
         $design = new design($title, $hmenu, 1);
         $design->header($header);
         if (empty($name) or empty($email)) {
             $fehler = $lang['yourdata'];
         } elseif ($name != $xname) {
             $fehler = $lang['wrongnickname'];
         } elseif ($ch_name == false) {
             $fehler = $lang['namealreadyinuse'];
Esempio n. 2
0
		  <td class="Cmite">Deine eMail</td>
			<td class="Cnorm"><input type="text" name="email" value="<?php 
    echo $_POST['email'];
    ?>
"></td>
		</tr><tr class="Cnorm">
		  <td class="Cmite" v>Nachricht</td>
		  <td class="Cnorm"><textarea cols="40" rows="10" name="txt"><?php 
    echo $_POST['txt'];
    ?>
</textarea></td>
		</tr><tr class="Cdark">
		  <td></td>
			<td><input type="submit" name="send" value="<?php 
    echo $lang['formsub'];
    ?>
"></td>
    </tr>
  </table></form>
  <?php 
} else {
    $_SESSION['klicktime'] = time();
    if (1 == $row['opt_mail']) {
        icmail($row['email'], strip_tags($_POST['bet']), strip_tags($_POST['txt']), 'SeitenKontakt <' . escape_for_email($_POST['email']) . '>');
        wd('index.php?forum', 'Die eMail wurde erfolgreich versendet');
    } else {
        header('location: index.php?' . $allAr['smodul']);
        exit;
    }
}
$design->footer();
Esempio n. 3
0
$hmenu = 'Kontakt';
$design = new design($title, $hmenu);
$design->header();
$erg = db_query("SELECT v2,t1,v1 FROM prefix_allg WHERE k = 'kontakt'");
$row = db_fetch_assoc($erg);
$k = explode('#', $row['t1']);
$name = '';
$mail = '';
$subject = '';
$wer = '';
$text = '';
if (!empty($_POST['wer']) and !empty($_POST['mail']) and !empty($_POST['txt']) and !empty($_POST['name']) and !empty($_POST['subject']) and chk_antispam('contact')) {
    $name = escape_for_email($_POST['name']);
    $mail = escape_for_email($_POST['mail']);
    $subject = escape_for_email($_POST['subject'], true);
    $wer = escape_for_email($_POST['wer']);
    $text = $_POST['txt'];
    $wero = FALSE;
    foreach ($k as $a) {
        $e = explode('|', $a);
        if (md5($e[0]) == $wer) {
            $wero = TRUE;
            $wer = $e[0];
            break;
        }
    }
    if (strpos($text, 'Content-Type:') === FALSE and strpos($text, 'MIME-Version:') === FALSE and strpos($mail, '@') !== FALSE and $wero === TRUE and strlen($name) <= 30 and strlen($mail) <= 30 and strlen($text) <= 5000 and $mail != $name and $name != $text and $text != $mail) {
        $subject = "Kontakt: " . $subject;
        if (icmail($wer, $subject, $text, $name . " <" . $mail . ">")) {
            echo $lang['emailsuccessfullsend'];
        } else {
Esempio n. 4
0
function user_login_check($auto = false)
{
    global $allgAr, $menu;
    $formpassed = false;
    $cn = session_und_cookie_name();
    if (isset($_POST['user_login_sub']) and isset($_POST['email']) and isset($_POST['pass'])) {
        debug('posts vorhanden');
        // prüfen ob Eingabe = Email oder Username
        if (preg_match('/^[^@]+@[a-zA-Z0-9._-]+\\.[a-zA-Z]+$/', $_POST['email'], $matsch)) {
            $lower = get_lower($_POST['email']);
            $value = escape_for_email($lower);
            $term = "email = BINARY '" . $value . "'";
            debug('Login mit Email: ' . $value);
        } else {
            $lower = get_lower($_POST['email']);
            $value = escape($lower, 'string');
            $term = "name_clean = '" . $value . "'";
            debug('Login mit Nickname: ' . $value);
        }
        if ($lower != $value) {
            return false;
        }
        $erg = db_query("SELECT `name`,`id`,`recht`,`pass`,`llogin`, `sperre` FROM `prefix_user` WHERE " . $term);
        $formpassed = true;
    } elseif ($auto) {
        $dat = explode('=', $_COOKIE[$cn]);
        $id = $pw = 0;
        if (isset($dat[0])) {
            $id = escape($dat[0], 'integer');
        }
        if (isset($dat[1])) {
            $pw = $dat[1];
        }
        debug(' pw ' . $pw);
        debug(' id ' . $id);
        $erg = db_query("SELECT `name`,`id`,`recht`,`pass`,`llogin`,`sperre` FROM `prefix_user` WHERE `id` = " . $id);
    }
    if (isset($erg) and db_num_rows($erg) == 1) {
        $row = db_fetch_assoc($erg);
        debug('user gefunden... ' . $row['name']);
        if ($row['sperre'] == 1) {
            debug('user gesperrt... ' . $row['name']);
            return false;
        } elseif (!$auto and $row['pass'] == md5($_POST['pass']) or $auto and $row['pass'] == $pw) {
            debug('passwort stimmt ... ' . $row['name']);
            $_SESSION['authname'] = $row['name'];
            $_SESSION['authid'] = (int) $row['id'];
            $_SESSION['authright'] = (int) $row['recht'];
            $_SESSION['authlang'] = $allgAr['lang'];
            $_SESSION['lastlogin'] = (int) $row['llogin'];
            $_SESSION['authsess'] = $cn;
            $_SESSION['sperre'] = $row['sperre'];
            db_query('DELETE FROM `prefix_online` WHERE `uid` = ' . $_SESSION['authid'] . ' AND `sid` != "' . session_id() . '"');
            db_query('UPDATE `prefix_online` SET `uid` = ' . $_SESSION['authid'] . ' WHERE `sid` = "' . session_id() . '"');
            $cookiepath = str_replace('\\', '/', dirname($_SERVER['SCRIPT_NAME']));
            if (strlen($cookiepath) > 1) {
                $cookiepath .= '/';
            }
            setcookie($cn, $row['id'] . '=' . $row['pass'], strtotime('+1 year'), $cookiepath, '', false, true);
            user_set_grps_and_modules();
            return true;
        }
    }
    if ($formpassed) {
        $menu->set_url(0, 'user');
        $menu->set_url(1, 'login');
    }
    return false;
}
Esempio n. 5
0
function icmail($mail, $bet, $txt, $from = '', $html = false)
{
    global $allgAr;
    include_once 'include/includes/libs/phpmailer/class.phpmailer.php';
    $mailer = new PHPMailer();
    if (empty($from)) {
        $mailer->From = $allgAr['adminMail'];
        $mailer->FromName = $allgAr['allg_default_subject'];
    } elseif (preg_match('%(.*) <([\\w\\.-]*@[\\w\\.-]*)>%i', $from, $tmp)) {
        $mailer->From = trim($tmp[2]);
        $mailer->FromName = trim($tmp[1]);
    } elseif (preg_match('%([\\w\\.-]*@[\\w\\.-]*)%i', $from, $tmp)) {
        $mailer->From = trim($tmp[1]);
        $mailer->FromName = '';
    }
    if ($allgAr['mail_smtp']) {
        // SMTP Versand
        $smtpser = @db_result(db_query('SELECT `t1` FROM `prefix_allg` WHERE `k` = "smtpconf"'));
        if (empty($smtpser)) {
            echo '<span style="font-size: 2em; color: red;">Mailversand muss konfiguriert werden!</span><br />';
        } else {
            $smtp = unserialize($smtpser);
            $mailer->IsSMTP();
            $mailer->Host = $smtp['smtp_host'];
            $mailer->SMTPAuth = $smtp['smtp_auth'] == 'no' ? false : true;
            if ($smtp['smtp_auth'] == 'ssl' or $smtp['smtp_auth'] == 'tls') {
                $mailer->SMTPSecure = $smtp['smtp_auth'];
            }
            if (!empty($smtp['smtp_port'])) {
                $mailer->Port = $smtp['smtp_port'];
            }
            $mailer->AddReplyTo($mailer->From, $mailer->FromName);
            if ($smtp['smtp_changesubject'] and $mailer->From != $smtp['smtp_email']) {
                $bet = '(For ' . $mailer->FromName . ' - ' . $mailer->From . ') ' . $bet;
                $mailer->From = $smtp['smtp_email'];
            }
            $mailer->Username = $smtp['smtp_login'];
            require_once 'include/includes/libs/AzDGCrypt.class.inc.php';
            $cr64 = new AzDGCrypt(DBDATE . DBUSER . DBPREF);
            $mailer->Password = $cr64->decrypt($smtp['smtp_pass']);
            if ($smtp['smtp_pop3beforesmtp'] == 1) {
                include_once 'include/includes/libs/phpmailer/class.pop3.php';
                $pop = new POP3();
                $pop3port = !empty($smpt['smtp_pop3port']) ? $smpt['smtp_pop3port'] : 110;
                $pop->Authorise($smpt['smtp_pop3host'], $pop3port, 5, $mailer->Username, $mailer->Password, 1);
            }
        }
        // $mailer->SMTPDebug = true;
    }
    if (is_array($mail)) {
        if ($mail[0] == 'bcc') {
            array_shift($mail);
            foreach ($mail as $m) {
                $mailer->AddBCC(escape_for_email($m));
            }
            $mailer->AddAddress($mailer->From);
        } else {
            foreach ($mail as $m) {
                $mailer->AddAddress(escape_for_email($mail));
            }
        }
    } else {
        $mailer->AddAddress(escape_for_email($mail));
    }
    $mailer->Subject = escape_for_email($bet, true);
    $txt = str_replace("\r", "\n", str_replace("\r\n", "\n", $txt));
    if ($html) {
        $mailer->IsHTML(true);
        $mailer->AltBody = strip_tags($txt);
    }
    $mailer->Body = $txt;
    if ($mailer->Send()) {
        return true;
    } else {
        if (is_coadmin()) {
            echo "<h2 style=\"color:red;\">Mailer Error: " . $mailer->ErrorInfo . '</h2>';
        }
        return false;
    }
}
Esempio n. 6
0
 $flagsar = get_nationality_array();
 foreach ($flagsar as $key => $value) {
     if ($outar['nation'] == $key) {
         $outar['nationen'] .= '<option value="' . $key . '" selected="selected">' . $value . '</option>';
     } else {
         $outar['nationen'] .= '<option value="' . $key . '" >' . $value . '</option>';
     }
 }
 $outar['aktuellesLogo'] = '<img src="include/images/opponents/thumb_' . $outar['logo'] . '"/>';
 if (isset($_POST['editsubmit']) and chk_antispam('adminuser_action', true)) {
     $editclantag = @escape($_POST['editgegnertag'], 'string');
     $editclanname = @escape($_POST['editclanname'], 'string');
     $editurl = escape($_POST['editwebsite'], 'url');
     $editnation = escape($_POST['editnation'], 'string');
     $editicq = escape($_POST['editicq'], 'integer');
     $editemail = escape_for_email($_POST['editemail']);
     $updir = 'include/images/opponents/';
     $this_id = $getid;
     $outar['thumbwidth'] = 100;
     if (!empty($_FILES['editlogo']['tmp_name'])) {
         $uploadname = $getid . '_' . $_FILES["editlogo"]["name"];
         if ($getpicname != '.no-image-opponent.png' and $getpicname != 'thumb_.no-image-opponent.png') {
             @unlink('include/images/opponents/' . $getpicname . '');
             @unlink('include/images/opponents/thumb_' . $getpicname . '');
         }
         move_uploaded_file($_FILES["editlogo"]["tmp_name"], $updir . $uploadname);
         create_thumb($updir . $uploadname, $updir . 'thumb_' . $uploadname, $outar['thumbwidth']);
     } else {
         $uploadname = $getpicname;
     }
     // DB UPDATE