$msg = str_replace($confirm_url, "<a href=\"" . $confirm_url . "\">" . $confirm_url . "</a>", $msg);
// Instantiate your new class
$mail_msg = new my_phpmailer();
// Now you only need to add the necessary stuff
$mail_msg->AddAddress($email, $first_name . " " . $last_name);
// Who its sent to
$mail_msg->Subject = $MSG_LANG_NEW['mail_subject'];
$mail_msg->Body = $msg;
$mail_msg->AltBody = $text_msg;
if ($mail_msg->Send()) {
Adminlog(MAIL_SENT, $mail_msg->ErrorInfo);
} else {
//this needs to be replaced with an error page template
echo "<font color=\"red\">" . $MSG_LANG_NEW['email_failed'] . "</font><br>\n";
echo $MSG_LANG_NEW['return'];
Adminlog(MAIL_FAIL, "{$email} {$username}" . $mail_msg->ErrorInfo);
die;
}
$mail_msg->ClearAddresses();
$_SESSION['pref_language'] = $pref_language;
//OK we're done here, go to the success page
header("Location: completed.php");
exit;
} else {
$postvar = $_POST;
$smarty->assign('errors', $errors);
$smarty->assign('postvar', $postvar);
}
}
$smarty->assign('lang', $MSG_LANG_NEW);
$smarty->assign('title', $title);
include_once "./languages/{$language}/login.inc.php";
$template_set = "default";
$errors = array();
$i = 0;
//the above could be anything, and to avoid telling someone that a username actually exists, we need to
//give a wishy-washy response. "That Username/Password combination was not found in the database"
$sql = $db->Prepare("SELECT player_id,username,password,active from {$db_prefix}players WHERE username=? AND password=?");
$result = $db->Execute($sql, array($username, $password));
db_op_result($result, __LINE__, __FILE__);
$data = $result->fields;
if ($data['player_id'] < 1) {
$errors[$i] = $MSG_LANG_LOGIN['login_mismatch'];
$i++;
$_SESSION['errors'] = $errors;
$data = "Login Error attempted login with username " . $_POST['username'] . " and password " . $_POST['password'] . " from IP {$ip} at " . date("Y-m-d H:i:s") . ".";
Adminlog(LOGIN_ERROR, $data);
header("Location: index.php");
die;
}
if ($data['active'] == "0" && $validation == 1) {
$errors[$i] = $MSG_LANG_LOGIN['not_validated'];
$i++;
$smarty->assign('errors', $errors);
$smarty->assign('title2', "Email Confirmation");
$smarty->display("{$template_set}/activate_account.php");
die;
}
if (empty($errors)) {
//OK we should be fine for login, user and password match up...
$res = get_player_data($data['player_id']);
if (!$res) {