$res = sql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__); $arr = mysql_fetch_row($res); */ $secret = mksecret(); $wantpasshash = md5($secret . $wantpassword . $secret); $editsecret = $verification == 'admin' ? '' : $secret; $invite_count = (int) $invite_count; $wantusername = sqlesc($wantusername); $wantpasshash = sqlesc($wantpasshash); $secret = sqlesc($secret); $editsecret = sqlesc($editsecret); $send_email = $email; $email = sqlesc($email); $country = sqlesc($country); $gender = sqlesc($gender); $sitelangid = sqlesc(get_langid_from_langcookie()); $res_check_user = sql_query("SELECT * FROM users WHERE username = "******""; $ret = sql_query("INSERT INTO users (username, passhash, secret, editsecret, email, country, gender, status, class, invites, " . ($type == 'invite' ? "invited_by," : "") . " added, last_access, lang, stylesheet" . ($showschool == 'yes' ? ", school" : "") . ", uploaded) VALUES (" . $wantusername . "," . $wantpasshash . "," . $secret . "," . $editsecret . "," . $email . "," . $country . "," . $gender . ", 'confirmed', " . $defaultclass_class . "," . $invite_count . ", " . ($type == 'invite' ? "'{$inviter}'," : "") . " '" . date("Y-m-d H:i:s") . "' , " . " '" . date("Y-m-d H:i:s") . "' , " . $sitelangid . "," . $defcss . ($showschool == 'yes' ? "," . $school : "") . "," . ($iniupload_main > 0 ? $iniupload_main : 0) . ")") or sqlerr(__FILE__, __LINE__); $id = mysql_insert_id(); $dt = sqlesc(date("Y-m-d H:i:s")); $subject = sqlesc($lang_takesignup['msg_subject'] . $SITENAME . "!"); $msg = sqlesc($lang_takesignup['msg_congratulations'] . htmlspecialchars($wantusername) . $lang_takesignup['msg_you_are_a_member']); sql_query("INSERT INTO messages (sender, receiver, subject, added, msg) VALUES(0, {$id}, {$subject}, {$dt}, {$msg})") or sqlerr(__FILE__, __LINE__); //write_log("User account $id ($wantusername) was created"); $res = sql_query("SELECT passhash, secret, editsecret, status FROM users WHERE id = " . sqlesc($id)) or sqlerr(__FILE__, __LINE__); $row = mysql_fetch_assoc($res); $psecret = md5($row['secret']);
function logincookie($id, $passhash, $updatedb = 1, $expires = 0x7fffffff, $securelogin = false, $ssl = false, $trackerssl = false) { if ($expires != 0x7fffffff) { $expires = time() + $expires; } setcookie("c_secure_uid", base64($id), $expires, "/"); setcookie("c_secure_pass", $passhash, $expires, "/"); if ($ssl) { setcookie("c_secure_ssl", base64("yeah"), $expires, "/"); } else { setcookie("c_secure_ssl", base64("nope"), $expires, "/"); } if ($trackerssl) { setcookie("c_secure_tracker_ssl", base64("yeah"), $expires, "/"); } else { setcookie("c_secure_tracker_ssl", base64("nope"), $expires, "/"); } if ($securelogin) { setcookie("c_secure_login", base64("yeah"), $expires, "/"); } else { setcookie("c_secure_login", base64("nope"), $expires, "/"); } if ($updatedb) { sql_query("UPDATE users SET last_login = NOW(), lang=" . sqlesc(get_langid_from_langcookie()) . " WHERE id = " . sqlesc($id)); } }