function SendEmail($emailbody, $emailsubject, $emailto)
{
$sqlstring = "select user_email from users where user_email <> ''";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$numrows = mysql_num_rows($result);
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$emailto = $row['user_email'];
/* send the email */
if (!SendGmail($emailto, $emailsubject, $emailbody, 1, 0)) {
return "System error. Unable to send email!";
} else {
return "Message send successfully to {$numrows} recipients";
}
}
}
function Validate($k)
{
$k = mysql_real_escape_string($k);
if (trim($k) == "") {
return 0;
}
/* check if the key exists in the users_pending table */
$sqlstring = "select * from users_pending where emailkey = '{$k}'";
//echo "$sqlstring<br>";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$userpendingid = $row['user_id'];
$username = $row['username'];
$password = $row['password'];
$fullname = $row['user_fullname'];
$institution = $row['user_institution'];
$country = $row['user_country'];
$email = $row['user_email'];
} else {
return 0;
}
/* if no errors were found so far, insert the row, with the user disabled */
$sqlstring = "insert into users (username, password, login_type, user_fullname, user_institution, user_country, user_email, user_enabled) values ('{$username}','{$password}','Standard','{$fullname}','{$institution}','{$country}','{$email}',1)";
//PrintSQL($sqlstring);
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$userid = mysql_insert_id();
$sqlstring = "delete from users_pending where user_id = {$userpendingid}";
//PrintSQL($sqlstring);
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
/* insert a row into the instance permissions for the default instance */
$sqlstring = "insert into user_instance (user_id, instance_id) values ({$userid}, (select instance_id from instance where instance_default = 1))";
//PrintSQL($sqlstring);
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$body = "<b>Your NiDB account on " . $GLOBALS['cfg']['siteurl'] . " account is active and you are joined to the main instance</b><br><br>Login now: " . $GLOBALS['cfg']['siteurl'] . "/login.php<br><br>Follow these steps to join other instances<ol><li>Login to NiDB: " . $GLOBALS['cfg']['siteurl'] . "/login.php<li>Click your username at the top of the page<li>Find the instance you want to join on the list of available instances<li>The owner of the instance will receive notification that you want to join<li>You will receive a notifiication of the owners response to your join request</ol><br><br>";
/* send the email */
SendGmail($email, 'Your NiDB account has been acitvated', $body, 0);
return 1;
}
function MySQLQuery($sqlstring, $file, $line, $error = "")
{
Debug($file, $line, "Running MySQL Query [{$sqlstring}]");
$result = mysql_query($sqlstring);
if ($result == false) {
$datetime = date('r');
$username = $GLOBALS['username'];
$body = "<b>Query failed on [{$datetime}]:</b> {$file} (line {$line})<br>\r\n\t\t\t<b>Error:</b> " . mysql_error() . "<br>\r\n\t\t\t<b>SQL:</b> {$sqlstring}<br><b>Username:</b> {$username}<br>\r\n\t\t\t<b>Server info</b> <pre>" . print_r($_SERVER, true) . "</pre><br>\r\n\t\t\t<b>POST</b> <pre>" . print_r($_POST, true) . "</pre><br>\r\n\t\t\t<b>GET</b> <pre>" . print_r($_GET, true) . "</pre>";
SendGmail($GLOBALS['cfg']['adminemail'], "User encountered error in {$file}", $body, 0);
die("<div width='100%' style='border:1px solid red; background-color: #FFC; margin:10px; padding:10px; border-radius:5px; text-align: center'><b>Internal NiDB error.</b><br>The site administrator has been notified. Contact the administrator <" . $GLOBALS['cfg']['adminemail'] . "> if you can provide additional information that may have led to the error<br><br><img src='images/topmen.gif'></div>");
} else {
return $result;
}
}
function SendJoinInstanceRequest($instanceid) {
$sqlstring = "select * from user_instance where user_id = (select user_id from users where username = '******'username'] . "') and instance_id = $instanceid";
//PrintSQL($sqlstring);
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$sendemail = 0;
if (mysql_num_rows($result) < 1) {
$sqlstringA = "insert into user_instance (user_id, instance_id, instance_joinrequest) values ((select user_id from users where username = '******'username'] . "'), $instanceid, 1)";
//PrintSQL($sqlstringA);
$resultA = MySQLQuery($sqlstringA, __FILE__, __LINE__);
$sendemail = 1;
}
else {
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$joinrequest = $row['instance_joinrequest'];
if ($joinrequest) {
$sendemail = 1;
}
}
if ($sendemail) {
/* send an email to the owner of the instance */
$sqlstring = "select * from users where user_id = (select instance_ownerid from instance where instance_id = $instanceid)";
//PrintSQL($sqlstring);
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$oEmail = $row['user_email'];
$oFullname = $row['user_fullname'];
/* get the user in-question's information */
$sqlstring = "select * from users where user_id = (select instance_ownerid from instance where instance_id = $instanceid)";
//PrintSQL($sqlstring);
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$uEmail = $row['user_email'];
$uFullname = $row['user_fullname'];
/* get the instance information */
$sqlstring = "select * from instance where instance_id = $instanceid";
//PrintSQL($sqlstring);
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$instancename = $row['instance_name'];
$body = "$oFullname,<br><br><b>$uFullname ($uEmail)</b> has requested to join your Neuroinformatics Database (NiDB) instance: <b>$instancename</b>\n\nTo accept or reject this request, login to NiDB and go to Admin->Instances and click Accept or Reject";
if (!SendGmail($uEmail,'NiDB instance join request',$body,0)) {
echo "System error. Unable to send email!";
}
else {
}
?><span class="message">Request sent</span><?
}
}
function ResetPassword($email)
{
$email = mysql_real_escape_string($email);
$safetoemail = 0;
$securimage = new Securimage();
if ($securimage->check($_POST['captcha_code']) == false) {
// or you can use the following code if there is no validation or you do not know how
ResetPasswordForm("CAPTCHA code entered was incorrect");
}
if (trim($email) == "") {
ResetPasswordForm("Email was blank");
}
/* check if the username or email address is already in the users table */
$sqlstring = "select count(*) 'count' from users where username = '******' or user_email = '{$email}'";
//echo "$sqlstring<br>";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$count = $row['count'];
//echo "Count [$count]<br>";
if ($count > 0) {
$safetoemail = 1;
} else {
/* check if the username or email address is already in the users_pending table */
$sqlstring = "select count(*) 'count' from users where username = '******' or user_email = '{$email}'";
//echo "$sqlstring<br>";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$count = $row['count'];
//echo "Count [$count]<br>";
if ($count > 0) {
?>
This email address was used to sign up for an account, but has not been activated<?php
} else {
?>
This email address is not valid in this system<?php
return 0;
}
}
$newpass = GenerateRandomString(10);
/* send a password reset email */
$body = "Your password has been temporarily reset to '{$newpass}'. Please login to " . $GLOBALS['cfg']['siteurl'] . " and change your password";
/* send the email */
if (!SendGmail($email, 'NiDB password reset', $body, 0)) {
echo "System error. Unable to send email!";
//$sqlstring = "delete from users_pending where user_id = $rowid";
//$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
} else {
$sqlstring = "update users set password = sha1('{$newpass}') where user_email = '{$email}'";
$result = MySQLQuery($sqlstring, __FILE__, __LINE__);
echo "Email sent to '{$email}'. Check it and get back to me";
}
}
