if ($clean['password'] != $clean['confirm-password']) {
$baddata = true;
$problems[] = $l['reg-badpassword'];
}
// valid email?
if (!pear_check_email($clean['email'])) {
$baddata = true;
$problems[] = $l['reg-bademail'];
}
// check if username exists
if ($user->userExists($clean['username'])) {
$baddata = true;
$problems[] = $l['reg-badusername'];
}
// email in use?
$echeck = $db->getArray("SELECT count(*) as c FROM " . db_users . " WHERE email = '" . slash_if_needed($clean['email']) . "';");
if ($echeck['c'] >= 1) {
$baddata = true;
$problems[] = $l['reg-usedemail'];
}
// see if template files exist & we have access to them.
if (!nlb_user::templateExists($clean['template'])) {
$baddata = true;
$problems[] = $l['reg-badtemplatechoice'];
}
if (!$baddata) {
/**
* A D D U S E R
*/
$text->makeClean('slash_if_needed', 'trim');
$c = $text->clean;
$ets_outter->main_title = $config->get('site_name') . ": " . $l['title-forgot'];
$ets_outter->page_title = $l['title-forgot'];
$ets->page_body = '';
$mail = new nlb_mail($db);
if (!$mail->Active) {
$ets->page_body = $l['log-forgot-off'];
break;
// exit the big switch()
}
$err = array();
if (!empty($_POST)) {
if (!isset($_POST['username']) || empty($_POST['username'])) {
$err[] = $l['log-bad-user'];
// bad username
} else {
$username = slash_if_needed($_POST['username']);
if (!$user->userExists($username)) {
$err[] = $l['log-bad-user'];
} else {
// build new user object to manip his data
$client = new nlb_user($db);
$id = $client->getIdByName($username);
$client->setId($id);
// create new password. 6 random letters + numbers
$newpass = uniqid(rand(), true);
$newpass = substr($newpass, 0, 6);
$hash = md5($newpass);
$link = full_url . script_path . 'login.php';
$message = $l['log-forgot-email'];
$message = str_replace('%USERNAME%', $client->get('username'), $message);
$message = str_replace('%PASSWORD%', $newpass, $message);
$query = 'SELECT u.username, b.blog_id, b.author_id, b.date, b.subject, b.body, b.comments, b.html, b.smiles, b.bb
FROM nlb3_blogs AS b, nlb3_users AS u
WHERE u.user_id = b.author_id AND b.access = ' . access_public;
$rquery = 'SELECT count(b.blog_id) as results
FROM nlb3_blogs AS b, nlb3_users AS u
WHERE u.user_id = b.author_id AND b.access = ' . access_public;
if ($searchBody) {
$query .= ' AND b.body LIKE "%' . $q . '%"';
$rquery .= ' AND b.body LIKE "%' . $q . '%"';
}
if ($searchSubject) {
$query .= ' AND b.subject LIKE "%' . $q . '%"';
$rquery .= ' AND b.subject LIKE "%' . $q . '%"';
}
if (isset($_POST['author']) && $_POST['author'] != "") {
$authorid = $user->getIdByName(slash_if_needed($_POST['author']));
if ($authorid != -1) {
$query .= ' AND b.author_id = ' . $authorid;
$rquery .= ' AND b.author_id = ' . $authorid;
}
}
$count = $db->getArray($rquery);
if ($count['results'] == 0) {
//------------------------
// NO RESULTS TO SHOW
//------------------------
$mask = 'form';
$ets->noresults = 1;
} else {
//------------------------
// WORK IS DONE, REDIRECT USER
}
$st .= "\n</select>\n";
$st .= '<br /><img name="temlpatePreview" src="./templates/' . $preview[0] . '" />';
$ets->page_body .= '<form method="post" action="usercp.php?action=template">';
$ets->page_body .= $st;
$ets->page_body .= '<br><input type="submit" value="' . $l['submit'] . '"></form>';
}
}
} else {
$type = $_GET['sub'];
// allowed to do this?
if ($user->isAllowed('tpl_custom')) {
// are we editing the template, or updating?
if (isset($_POST['tpl-body'])) {
// update to db
$body = slash_if_needed($_POST['tpl-body']);
$time = time();
$db->query('UPDATE ' . db_source . '
SET ' . $type . ' = "' . $body . '",
' . $type . '_updated = "' . $time . '"
WHERE owner_id = "' . $user->id . '"
LIMIT 1;');
$ets->page_body = $l['goodedit'];
} else {
// let user edit template
$body = $db->getArray('SELECT ' . $type . ' FROM ' . db_source . ' WHERE owner_id = "' . $user->id . '";');
$body = stripslashes($body[$type]);
$ets->page_body = $l['ucp-tpl-edit-' . $type] . '<p>
<form method="post" action="' . script_path . 'usercp.php?action=template&sub=' . $type . '">
<textarea name="tpl-body" class="nlb_edit_template">' . $body . '</textarea><br>
<input type="submit" value="' . $l['submit'] . '">
exit;
}
$baddata = false;
$problems = array();
$USESKIN = skin_basic;
$ets->page_body = "";
$ets_outter->main_title = $config->get('site_name') . ": " . $l['title-config'];
$ets_outter->page_title = $l['title-config'];
$text = new text($_POST, array('source'));
$text->validate();
if (!empty($_POST)) {
if ($text->is_missing_required) {
$baddata = true;
}
if (!$baddata) {
$newsource = slash_if_needed($_POST['source']);
$now = time();
$db->query(' # Update Outter Template SOURCE
UPDATE ' . db_config . '
SET value = "' . $newsource . '"
WHERE name = "outter_template_source";');
$db->query(' # Update outter template TIME
UPDATE ' . db_config . '
SET value = "' . $now . '"
WHERE name = "outter_template_source_time";');
// talk to user.
$ets->page_body .= $l['goodedit'];
}
}
if (empty($_POST) || $baddata) {
// check for missing fields