<?php if (isset($_GET['action']) && $_GET['action'] == 'dologin') { // login action if (isset($_POST['serverid']) && isset($_POST['name']) && isset($_POST['password'])) { // all required data received $tmpUid = ServerInterface::getInstance()->verifyPassword($_POST['serverid'], $_POST['name'], $_POST['password']); switch ($tmpUid) { case -2: MessageManager::addWarning(tr('login_unknownusername')); Logger::log_loginFail($_POST['serverid'], $_POST['name'], $_POST['password']); Logger::log("[{$_SERVER['REMOTE_ADDR']}] failed to log in as user {$name}.", Logger::LEVEL_SECURITY); break; case -1: MessageManager::addWarning(tr('login_wronglogininformation')); break; default: // login success $_SESSION['serverid'] = $_POST['serverid']; $_SESSION['userid'] = $tmpUid; $_SESSION['userLoggedIn'] = true; echo '<script type="text/javascript">location.replace("?page=profile")</script>'; echo tr('login_success'); break; } } else { // missing mandatory data MessageManager::addError(tr('login_missing_data')); } } else { // no login-action, thus show login form
if (isset($_POST['email'])) { ServerInterface::getInstance()->updateUserEmail($_SESSION['serverid'], $_SESSION['userid'], $_POST['email']); } // remove texture if (isset($_GET['remove_texture'])) { try { ServerInterface::getInstance()->updateUserTexture($_SESSION['serverid'], $_SESSION['userid'], array()); } catch (Murmur_InvalidTextureException $exc) { MessageManager::addWarning(tr('profile_removetexturefailed')); } } // new texture //TODO reimplement setting texture if (isset($_FILES['texture'])) { if (!file_exists($_FILES['texture']['tmp_name'])) { MessageManager::addWarning(tr('profile_texture_notempfile')); } else { $imgData = file_get_contents($_FILES['texture']['tmp_name']); ServerInterface::getInstance()->updateUserTexture($_SESSION['serverid'], $_SESSION['userid'], $imgData); } } } ?> <div id="content"> <h1><?php echo TranslationManager::getText('profile_head'); ?> </h1> <form action="?page=profile&action=doedit" method="post" style="width:420px;"<?php if (isset($_GET['action']) && $_GET['action'] == 'edit_texture') { echo ' enctype="multipart/form-data"';
MessageManager::addWarning(tr('register_fail_emailinvalid')); } elseif (SettingsManager::getInstance()->isUseCaptcha() && !Captcha::cap_isCorrect($_POST['spamcheck'])) { MessageManager::addWarning(tr('register_fail_wrongCaptcha')); } // Everything ok, check if auth by mail if (SettingsManager::getInstance()->isAuthByMail($_POST['serverid'])) { // create Auth by mail (send activation mail) // Add unactivated account and send mail if (ServerInterface::getInstance()->getServer(intval($_POST['serverid'])) != null) { // Server does exist DBManager::getInstance()->addAwaitingAccount($_POST['serverid'], $_POST['name'], $_POST['password'], $_POST['email']); echo tr('register_success_toActivate'); Logger::log_registration($_POST['name']); } else { // Server does not exist, add warning MessageManager::addWarning(tr('unknownserver')); } } else { // non-auth-by-mail, just add registration ServerInterface::getInstance()->addUser($_POST['serverid'], $_POST['name'], $_POST['password'], $_POST['email']); echo tr('register_success'); Logger::log_registration($_POST['name']); } } elseif ($_GET['action'] == 'activate' && isset($_GET['key'])) { // Activate account DBManager::getInstance()->activateAccount($_GET['key']); echo tr('register_activate_success'); } } else { // no form data received -> display registration form ?>
if ($user != null) { $newPw = substr(md5(rand()), 4, 8); ServerInterface::getInstance()->updateUserPw(intval($_POST['serverid']), $user->getUserId(), $newPw); mail($_POST['email'], tr('request_mail_p_subj'), sprintf(tr('request_mail_p_body'), $newPw)); $formProcessed = tr('request_mail_sent'); } else { MessageManager::addWarning(tr('request_nosuchaccount')); } } elseif (isset($_POST['username'])) { // send username $user = ServerInterface::getInstance()->getUserByEmail(intval($_POST['serverid']), $_POST['email']); if ($user != null) { mail($_POST['email'], tr('request_mail_u_subj'), sprintf(tr('request_mail_u_body'), $user->getName())); $formProcessed = tr('request_mail_sent'); } else { MessageManager::addWarning(tr('request_nosuchaccount')); } } } ?> <div id="content"> <?php if (isset($formProcessed)) { ?> <h1 class="alignc">Data Sent</h1> <p><?php echo $formProcessed; ?> </p> <?php } else {
/** * Get the (translated/local) text for the ID / text index * @param $textname text index * @return string localized text */ public function getText($textname) { if (!isset($this->text[$textname])) { MessageManager::addWarning('Translation for key "' . $textname . '" not found!'); return '???'; } return $this->text[$textname]; // w3c validator doesn't like html (tags) in javascript areas. maybe, or not: //return htmlspecialchars($this->text[$textname]); }