<?php // $Id: addUser.php 23863 2015-09-14 00:27:14Z 1070356 $ require_once 'functions.php'; if (isset($_POST['nick']) && isset($_POST['pass1']) && isset($_POST['name']) && isset($_POST['mail'])) { $pass = escapeString(getHash($_POST['pass1'])); $nick = escapeString($_POST['nick']); $name = escapeString($_POST['name']); $mail = escapeString($_POST['mail']); sql("INSERT INTO users VALUES(null, '{$nick}', '{$pass}', '{$name}', '{$mail}')"); echo insertId(); }
if ($securimage->check($_POST['captcha_code']) == false) { $err = __("You got the CAPTCHA wrong."); } } } } } } if ($err) { Alert($err); } else { $newsalt = Shake(); $sha = doHash($_POST['pass'] . $salt . $newsalt); $sex = validateSex($_POST["sex"]); $rUsers = Query("insert into {users} (name, password, pss, regdate, lastactivity, lastip, email, sex, theme) values ({0}, {1}, {2}, {3}, {3}, {4}, {5}, {6}, {7})", $_POST['name'], $sha, $newsalt, time(), $_SERVER['REMOTE_ADDR'], $_POST['email'], $sex, Settings::get("defaultTheme")); $uid = insertId(); if ($uid == 1) { Query("update {users} set powerlevel = 4 where id = 1"); } recalculateKarma($uid); logAction('register', array('user' => $uid)); $user = Fetch(Query("select * from {users} where id={0}", $uid)); $user["rawpass"] = $_POST["pass"]; $bucket = "newuser"; include "lib/pluginloader.php"; $sessionID = Shake(); setcookie("logsession", $sessionID, 0, $boardroot, "", false, true); Query("INSERT INTO {sessions} (id, user, autoexpire) VALUES ({0}, {1}, {2})", doHash($sessionID . $salt), $user["id"], 0); redirectAction("board"); } }
$post = "<!-- ###MULTIREP:" . $_POST['to'] . " ### -->" . $post; $rPMT = Query("update {pmsgs_text} set title = {0}, text = {1} where pid = {2}", $_POST['title'], $post, $pmid); $rPM = Query("update {pmsgs} set userto = {0} where id = {1}", $firstTo, $pmid); redirectAction("private", "", "show=2"); } else { $post = $pm['text']; $post = preg_replace("'/me '", "[b]* " . $loguser['name'] . "[/b] ", $post); //to prevent identity confusion $rPMT = Query("update {pmsgs_text} set title = {0}, text = {1} where pid = {2}", $_POST['title'], $post, $pmid); $rPM = Query("update {pmsgs} set drafting = 0 where id = {0}", $pmid); foreach ($recipIDs as $recipient) { if ($recipient == $firstTo) { continue; } $rPM = Query("insert into {pmsgs} (userto, userfrom, date, ip, msgread) values ({0}, {1}, {2}, {3}, 0)", $recipient, $loguserid, time(), $_SERVER['REMOTE_ADDR']); $pid = insertId(); $rPMT = Query("insert into {pmsgs_text} (pid,title,text) values ({0}, {1}, {2})", $pid, $_POST['title'], $post); } redirectAction("private", "", "show=1"); exit; } } else { Alert(__("Enter a message and try again."), __("Your PM is empty.")); } } else { Alert(__("Enter a title and try again."), __("Your PM is untitled.")); } } $prefill = $pm['text']; $trefill = $pmtitle; MakePost($pm, POST_PM);