Esempio n. 1
0
 if ($clean['password'] != $clean['confirm-password']) {
     $baddata = true;
     $problems[] = $l['reg-badpassword'];
 }
 // valid email?
 if (!pear_check_email($clean['email'])) {
     $baddata = true;
     $problems[] = $l['reg-bademail'];
 }
 // check if username exists
 if ($user->userExists($clean['username'])) {
     $baddata = true;
     $problems[] = $l['reg-badusername'];
 }
 // email in use?
 $echeck = $db->getArray("SELECT count(*) as c FROM " . db_users . " WHERE email = '" . slash_if_needed($clean['email']) . "';");
 if ($echeck['c'] >= 1) {
     $baddata = true;
     $problems[] = $l['reg-usedemail'];
 }
 // see if template files exist & we have access to them.
 if (!nlb_user::templateExists($clean['template'])) {
     $baddata = true;
     $problems[] = $l['reg-badtemplatechoice'];
 }
 if (!$baddata) {
     /**
      *      A D D   U S E R
      */
     $text->makeClean('slash_if_needed', 'trim');
     $c = $text->clean;
Esempio n. 2
0
 $ets_outter->main_title = $config->get('site_name') . ": " . $l['title-forgot'];
 $ets_outter->page_title = $l['title-forgot'];
 $ets->page_body = '';
 $mail = new nlb_mail($db);
 if (!$mail->Active) {
     $ets->page_body = $l['log-forgot-off'];
     break;
     // exit the big switch()
 }
 $err = array();
 if (!empty($_POST)) {
     if (!isset($_POST['username']) || empty($_POST['username'])) {
         $err[] = $l['log-bad-user'];
         // bad username
     } else {
         $username = slash_if_needed($_POST['username']);
         if (!$user->userExists($username)) {
             $err[] = $l['log-bad-user'];
         } else {
             // build new user object to manip his data
             $client = new nlb_user($db);
             $id = $client->getIdByName($username);
             $client->setId($id);
             // create new password. 6 random letters + numbers
             $newpass = uniqid(rand(), true);
             $newpass = substr($newpass, 0, 6);
             $hash = md5($newpass);
             $link = full_url . script_path . 'login.php';
             $message = $l['log-forgot-email'];
             $message = str_replace('%USERNAME%', $client->get('username'), $message);
             $message = str_replace('%PASSWORD%', $newpass, $message);
Esempio n. 3
0
        $query = 'SELECT u.username, b.blog_id, b.author_id, b.date, b.subject, b.body, b.comments, b.html, b.smiles, b.bb
FROM nlb3_blogs AS b, nlb3_users AS u
WHERE u.user_id = b.author_id AND b.access = ' . access_public;
        $rquery = 'SELECT count(b.blog_id) as results
FROM nlb3_blogs AS b, nlb3_users AS u
WHERE u.user_id = b.author_id AND b.access = ' . access_public;
        if ($searchBody) {
            $query .= ' AND b.body LIKE "%' . $q . '%"';
            $rquery .= ' AND b.body LIKE "%' . $q . '%"';
        }
        if ($searchSubject) {
            $query .= ' AND b.subject LIKE "%' . $q . '%"';
            $rquery .= ' AND b.subject LIKE "%' . $q . '%"';
        }
        if (isset($_POST['author']) && $_POST['author'] != "") {
            $authorid = $user->getIdByName(slash_if_needed($_POST['author']));
            if ($authorid != -1) {
                $query .= ' AND b.author_id = ' . $authorid;
                $rquery .= ' AND b.author_id = ' . $authorid;
            }
        }
        $count = $db->getArray($rquery);
        if ($count['results'] == 0) {
            //------------------------
            //		NO RESULTS TO SHOW
            //------------------------
            $mask = 'form';
            $ets->noresults = 1;
        } else {
            //------------------------
            //		WORK IS DONE, REDIRECT USER
Esempio n. 4
0
            }
            $st .= "\n</select>\n";
            $st .= '<br /><img name="temlpatePreview" src="./templates/' . $preview[0] . '" />';
            $ets->page_body .= '<form method="post" action="usercp.php?action=template">';
            $ets->page_body .= $st;
            $ets->page_body .= '<br><input type="submit" value="' . $l['submit'] . '"></form>';
        }
    }
} else {
    $type = $_GET['sub'];
    // allowed to do this?
    if ($user->isAllowed('tpl_custom')) {
        // are we editing the template, or updating?
        if (isset($_POST['tpl-body'])) {
            // update to db
            $body = slash_if_needed($_POST['tpl-body']);
            $time = time();
            $db->query('UPDATE ' . db_source . '
			SET ' . $type . ' = "' . $body . '",
			' . $type . '_updated = "' . $time . '"
			WHERE owner_id = "' . $user->id . '"
			LIMIT 1;');
            $ets->page_body = $l['goodedit'];
        } else {
            // let user edit template
            $body = $db->getArray('SELECT ' . $type . ' FROM ' . db_source . ' WHERE owner_id = "' . $user->id . '";');
            $body = stripslashes($body[$type]);
            $ets->page_body = $l['ucp-tpl-edit-' . $type] . '<p>
			<form method="post" action="' . script_path . 'usercp.php?action=template&sub=' . $type . '">
			<textarea name="tpl-body" class="nlb_edit_template">' . $body . '</textarea><br>
			<input type="submit" value="' . $l['submit'] . '">
Esempio n. 5
0
    exit;
}
$baddata = false;
$problems = array();
$USESKIN = skin_basic;
$ets->page_body = "";
$ets_outter->main_title = $config->get('site_name') . ": " . $l['title-config'];
$ets_outter->page_title = $l['title-config'];
$text = new text($_POST, array('source'));
$text->validate();
if (!empty($_POST)) {
    if ($text->is_missing_required) {
        $baddata = true;
    }
    if (!$baddata) {
        $newsource = slash_if_needed($_POST['source']);
        $now = time();
        $db->query(' # Update Outter Template SOURCE
		UPDATE ' . db_config . '
		SET value = "' . $newsource . '"
		WHERE name = "outter_template_source";');
        $db->query(' # Update outter template TIME
		UPDATE ' . db_config . '
		SET value = "' . $now . '"
		WHERE name = "outter_template_source_time";');
        // talk to user.
        $ets->page_body .= $l['goodedit'];
    }
}
if (empty($_POST) || $baddata) {
    // check for missing fields