if ($a[0] != 0) {
$message = sprintf("" . EMAIL_ADDRESS_INUSE_S . "", $email);
}
}
//check username isnt in use
$a = @mysql_fetch_row(@SQL_Query_exec("select count(*) from users where username='******'"));
if ($a[0] != 0) {
$message = sprintf("" . USERNAME_INUSE_S . "", $wantusername);
}
$secret = mksecret();
//generate secret field
$wantpassword = passhash($wantpassword);
// hash the password
}
if ($message != "") {
show_error2("" . SIGNUP_FAILED . "", $message, 1);
}
if ($message == "") {
if ($invite_row) {
SQL_Query_exec("UPDATE users SET username="******", password="******", secret=" . sqlesc($secret) . ", status='confirmed', added='" . get_date_time() . "' WHERE id={$invite_row['id']}");
//send pm to new user
if ($site_config["WELCOMEPMON"]) {
$dt = sqlesc(get_date_time());
$msg = sqlesc($site_config["WELCOMEPMMSG"]);
SQL_Query_exec("INSERT INTO messages (sender, receiver, added, msg, poster) VALUES(0, {$invite_row['id']}, {$dt}, {$msg}, 0)");
}
header("Refresh: 0; url=account-confirm-ok.php?type=confirm");
die;
}
if ($site_config["CONFIRMEMAIL"]) {
//req confirm email true/false
$kind = "" . ERROR . "";
}
if ($arr) {
$sec = mksecret();
$secmd5 = md5($sec);
$id = $arr['id'];
$body = "" . SOMEONE_FROM . " " . $_SERVER["REMOTE_ADDR"] . ", " . REC_MSG1 . " ({$email}) " . REC_MSG2 . " \r\n\r\n " . REC_MSG3 . " \r\n\r\n " . REC_MSG4 . " " . $arr["username"] . " \r\n " . REC_MSG5 . "\n\n{$site_config['SITEURL']}/account-recover.php?id={$id}&secret={$secmd5}\n\n\n" . $site_config["SITENAME"] . "\r\n";
@sendmail($arr["email"], "" . REC_YOUR_ACC_DETAILS . "", $body, "", "-f" . $site_config['SITEEMAIL']);
$res2 = SQL_Query_exec("UPDATE `users` SET `secret` = " . sqlesc($sec) . " WHERE `email`= " . sqlesc($email) . " LIMIT 1");
$msg = sprintf("" . MAIL_RECOVER . "", htmlspecialchars($email));
$kind = "" . SUCCESS . "";
}
}
}
if ($kind != "0") {
show_error2("" . NOTICE . "", "{$kind}: {$msg}", 0);
}
if (is_valid_id($_GET["id"]) && strlen($_GET["secret"]) == 32) {
?>
<div>
<form method="post" action="account-recover.php">
<fieldset>
<legend><?php
echo "" . PLEASE_INTER_NEW_PASS . "";
?>
</legend>
<input type="hidden" name="secret" value="<?php
echo $_GET['secret'];
?>
" />
$message = "" . ACC_DISABLED . "";
}
} else {
$message = "" . NO_EMTYF . "";
}
if (!$message) {
logincookie($row["id"], $row["password"], $row["secret"]);
if (!empty($_POST["returnto"])) {
header("Refresh: 0; url=" . $_POST["returnto"]);
die;
} else {
header("Refresh: 0; url=index.php");
die;
}
} else {
show_error2("" . ACCES_DIENED . "", $message, 1);
}
}
logoutcookie();
//if ($nowarn)
//show_succes2("Error", $nowarn, 0);
?>
<form method="post" action="account-login.php">
<fieldset>
<legend><?php
echo "" . COOKIES . "";
?>
</legend>
<label for="username"><?php
echo "" . USERNSME . "";
