} else {
$username = slash_if_needed($_POST['username']);
if (!$user->userExists($username)) {
$err[] = $l['log-bad-user'];
} else {
// build new user object to manip his data
$client = new nlb_user($db);
$id = $client->getIdByName($username);
$client->setId($id);
// create new password. 6 random letters + numbers
$newpass = uniqid(rand(), true);
$newpass = substr($newpass, 0, 6);
$hash = md5($newpass);
$link = full_url . script_path . 'login.php';
$message = $l['log-forgot-email'];
$message = str_replace('%USERNAME%', $client->get('username'), $message);
$message = str_replace('%PASSWORD%', $newpass, $message);
$message = str_replace('%LINK%', $link, $message);
$mail->AddAddress($client->get('email'), $client->get('username'));
$mail->Subject = $config->get('site_name') . $l['log-forgot-subject'];
$mail->Body = $message;
if (!$mail->Send()) {
// if we can't send the email, then don't write the
// new password in the db
$ets->page_body = $l['log-forgot-failed'];
break;
} else {
// email was sent, set the password to something new
$client->set('password', $hash);
$client->updateDB();
$ets->page_body = $l['log-forgot-success'];
$user->checkLogin();
if (isset($path['user'])) {
/**
* Show page of blogs for user
*/
$USERID = $path['user'];
if (!is_numeric($USERID)) {
jsRedirect(script_path . 'index.php');
}
$u = new nlb_user($db, $USERID);
// $u is the user who's friends page we are viewing
$page = 0;
if (isset($path['page'])) {
$page = $path['page'];
}
$perpage = $u->get('perpage');
$page_start = $page * $perpage;
// get avatar for this user
$av = $db->getArray('SELECT file, isCustom FROM ' . db_avatars . ' WHERE owner_id=' . $USERID . ' AND type=1;');
if (!empty($av)) {
if ($av['isCustom'] == 1) {
$file = 'avatars/';
} else {
$file = 'avatars/default/';
}
$file .= $av['file'];
$ets->avatar_url = script_path . $file;
$ets->avatar = '<img src="' . script_path . $file . '" />';
}
// get list of friends
$list = $db->getAllArray('SELECT friend_id FROM ' . db_friends . ' WHERE owner_id = ' . $USERID . ';');
$config = new nlb_config($db);
$user = new nlb_user($db);
// is someone trying to access a persons blog
$_SERVER['QUERY_STRING'] = urldecode($_SERVER['QUERY_STRING']);
if (!empty($_SERVER['QUERY_STRING']) && ($id = $user->getIdByName($_SERVER['QUERY_STRING'])) > -1) {
// die($id);
//jsRedirect( script_path . 'blog.php/user/' . $id );
jsRedirect(build_link('blog.php', array('user' => $id)));
}
$user->checklogin();
require_once $config->langfile();
// include lang file
$b = new nlb_blog($db);
if ($user->isLogedIn) {
// timezone settings
$b->setDateOffset($config->get('server_timezone'), $user->get('timezone'));
}
$script_path = script_path;
$_PATH = fetch_url_data();
$action = 'news';
if (isset($_PATH['action'])) {
$action = $_PATH['action'];
}
$ets = new stdClass();
switch ($action) {
// Display Recent News news
default:
case 'news':
/**
* =======================================
* S H O W N E W S
$USERID = $path['user'];
if (!is_numeric($USERID)) {
jsRedirect(script_path . 'index.php');
}
// user exists?
$test = $db->getArray('SELECT count(user_id) as c FROM ' . db_users . ' WHERE user_id="' . $USERID . '";');
if ($test['c'] == 0) {
// bad user id
jsRedirect(script_path . 'index.php');
}
$u = new nlb_user($db, $USERID);
$page = 0;
if (isset($path['page'])) {
$page = $path['page'];
}
$perpage = $u->get('perpage');
$page_start = $page * $perpage;
// get count of all the blogs
$total = $u->get('blog_count');
// setup some vars for the query
$limit = $page_start . ', ' . $perpage;
// check to see what blogs we can view
$access_in = access_public;
// default is public blogs only.
if ($user->isLogedIn) {
// if we are the author, we can see all
if ($user->id == $u->id) {
$access_in = access_public . ', ' . access_private . ', ' . access_friendsonly;
}
// are we a friend?
if ($u->areFriends($user->id)) {
