function main() { try { global $pageTitle; global $editable; global $session; global $user; $post = $_POST['blnPost']; $username = $_GET['username']; $selUser = new User("username = '******'"); $logout = $_GET['logout']; if ($selUser->IsEmpty()) { print GetCap('capUserNotFound'); $session->ViewedNotFound("Movie", $username); UpdateObject($session, false); Dump(); } if ($logout) { $selUser->Logout(); $session->ForcedLogout($selUser->ID()); } if (isset($user)) { if ($user->ID() == $selUser->ID()) { $sameUser = true; } } if (!$editable && !$selUser->Enabled()) { echo GetCap('capThisAccountHasBeenDisabled'); Dump(); } if ($post) { if (!$editable && !$sameUser) { BlockIfViolation('update'); } ThrowExceptionOnMaliciousInput($_POST['txtInfo'], 'USER_INFO'); if ($editable) { $selUser->Enabled($_POST['chkEnabled'] == '1' ? 1 : 0); } $selUser->PlayTimesLocation($_POST['txtPlayTimesLocation']); $selUser->Email($_POST['txtEmail']); $selUser->Info(strip_tags($_POST['txtInfo'])); UpdateObject($selUser); } else { $session->Viewed("User", $selUser->ID()); } $username = $selUser->UserName(); $pageTitle = $username; $email = $selUser->Email(); $playTimesLocation = $selUser->PlayTimesLocation(); $enabled = $selUser->Enabled(); $info = $selUser->Info(); ?> <br /> <form name="frm" method="post" action="<?php echo $PHP_SELF . "?username="******"> <table> <tr> <td> <font size=6><b><?php echo $username; ?> </b></font> <?php if (!$sameUser) { echo PublicizedInfo($info); } ?> </td> </tr> <?php if ($editable || $sameUser) { ?> <tr> <td> <b><?php echo GetCap('capEmailAddress'); ?> : </b> </td> <td> <input type="text" size=50 name="txtEmail" value="<?php echo $email; ?> "/> <?php echo "<i>(" . GetCap('capPrivate') . ")</i>"; ?> </td> </tr> <?php } if ($editable || $sameUser) { ?> <tr> <td> <b><?php echo GetCap('capPlayTimesLocation'); ?> : </b> </td> <td> <input type="text" size=50 name="txtPlayTimesLocation" value="<?php echo $playTimesLocation; ?> "/> <?php echo "<i>(" . GetCap('capPrivate') . ")</i>"; ?> </td> </tr> <?php } if ($editable || $sameUser) { ?> <tr> <td valign=top> <b><?php echo GetCap('capTellUsAboutYourself'); ?> : </b> <br/> <i>(<?php echo GetCap('capEditAnywayYouWish'); ?> )</i> </td> <td valign=top> <textarea rows="10" cols="57" name="txtInfo"><?php echo $info; ?> </textarea> <?php echo "<i>(" . GetCap('capPublic') . ")</i>"; ?> </td> </tr> <tr valign=top> <td> <b><?php echo GetCap('capPublicView'); ?> : </b> </td> <td> <?php echo PublicizedInfo($info); ?> </td> </tr> <?php } if ($editable) { ?> <tr> <td> <b><?php echo GetCap('capLoggedIn'); ?> : </b> <?php if ($selUser->LoggedIn()) { print GetCap("capYes"); if ($admin) { print "<a href=\"user.php?username={$username}&logout=1\">[" . GetCap('capLogout') . "]</a>"; } } else { print GetCap("capNo"); } ?> </tr> <tr> <td> <b><?php echo GetCap('capEnabled'); ?> : </b> <?php print "<input type=\"checkbox\" name=\"chkEnabled\" value=\"1\" " . ($enabled ? 'checked="checked"' : '') . "/>"; ?> </tr> <?php } if ($editable || $sameUser) { ?> <tr> <td> <input type="submit" name="btnLogin" value="<?php echo GetCap('capSave'); ?> "/> </td> <td> <input type="hidden" name="blnPost" value="1"/> </td> </tr> <?php } ?> </table> </form> <?php } catch (Exception $ex) { ProcessException($ex); } }
function main() { try { global $sid; global $session; global $returnURI; global $DOMAIN; global $FROM_ADDR; global $X_MAILER; $PHP_SELF = $_SERVER['PHP_SELF']; $message = $_REQUEST['message']; $captchaCode = $_REQUEST['txtCaptchaCode']; $random = $_REQUEST['txtRandom']; $post = $_POST['blnPost']; $username = $_POST['txtUsername']; $password = $_POST['txtPassword']; $repassword = $_POST['txtRePassword']; $email = $_POST['txtEmail']; $emailPassword = $_POST['btnEmailPassword'] != ""; $create = $_POST['btnCreateAccount'] != ""; if (!$create) { $create = $_GET['create'] != ""; } if (!$emailPassword) { $emailPassword = $_GET['emailPassword'] != ""; } if ($post) { if ($emailPassword) { $user = new User("username='******'"); if ($user->Email() != '') { $capLogin = GetCap('capLogin'); $sub = GetCap('capPassword'); $path = dirname($_SERVER['SCRIPT_NAME']); $msg = GetCap('capBelowAreYourCredentials') . "\r\n"; $msg .= "Username: "******"\r\n"; $msg .= 'Password: '******'capEmailHasBeenSent') . '</center></b>'; } else { print "<b><center>" . GetCap('capUserAccountDoesn\'tHaveEmailAddress</center></b>'); } $username = $user->UserName(); $email = $user->Email(); } elseif ($create) { $captcha = new CaptchasDotNet('demo', 'secret'); if (!$captcha->validate($random)) { $password = $_POST['txtPassword']; $rePassword = $_POST['txtRePassword']; print "<center>" . GetCap('capCaptchaWasReused') . "</center>"; $session->ReusedCaptcha("session", $session->ID(), $random); } elseif (!$captcha->verify($captchaCode)) { $password = $_POST['txtPassword']; $rePassword = $_POST['txtRePassword']; print "<center>" . GetCap('capInvalidConfirmationCode') . "</center>"; $session->InvalidConfirmationCode($captchCode); } elseif ($password == $repassword) { $user = new User(); $user->UserName($username); $user->Password($password); $user->Email($email); if (UpdateObject($user)) { $session->UserID($user->ID()); $session->LoggedIn(true); UpdateObject($session); $username = $user->UserName(); $email = $user->Email(); ReturnURI(); print '<center>' . GetCap("capUpdateSucceded") . '</center>'; } } else { $password = $_POST['txtPassword']; $rePassword = $_POST['txtRePassword']; print "<center>" . GetCap('capPasswordsDoNotMatch') . "</center>"; } } } /* TODO:PREROLL Go to captcha.net and register an actual account (not demo) before rolling to production */ if ($create) { $captcha = new CaptchasDotNet('demo', 'secret'); } ?> <form name="frm" method="post" action="<?php echo "login.php?returnURI={$returnURI}"; ?> "> <table> <tr> <td> <b><?php echo GetCap('capUsername'); ?> : </b> </td> <td> <input type="text" name="txtUsername" value="<?php echo $username; ?> "/> </td> </tr> <?php if ($create) { ?> <tr> <td> <b><?php echo GetCap('capPassword'); ?> : </b> </td> <td> <input type="password" name="txtPassword" value="<?php echo $password; ?> "/> </td> </tr> <tr> <td> <b><?php echo GetCap('capRe-typePassword'); ?> : </b> </td> <td> <input type="password" name="txtRePassword" value="<?php echo $_POST['txtRePassword']; ?> "/> </td> </tr> <tr> <td> <b><?php echo GetCap('capEmail (optional)'); ?> : </b> </td> <td> <input type="text" name="txtEmail" value="<?php echo $email; ?> "/> </td> <td> <i><?php echo GetCap('capIn case you forget your password we can email you a new one.'); ?> </i> </td> </tr> <tr valign="top"> <td> <b><?php echo GetCap('capEnterConfirmationCodeFromPicture'); ?> : </b> </td> <td> <input type="text" name="txtCaptchaCode"/> <input type="hidden" name="txtRandom" value="<?php echo $captcha->random(); ?> " /> <br /><br/><br/> <a href="<?php echo $captcha->audio_url(); ?> "><?php echo GetCap('capPhoenieticSpelling(mp3)'); ?> </a> </td> <td> <?php echo $captcha->Image(false, 'captchas.net', GetCap('capLoadingCaptcha...')); ?> </td> </tr> <tr> <td> <input type="submit" name="btnCreateAccount" value="<?php echo GetCap('capCreateAccount'); ?> "/> </td> </tr> <?php } if ($emailPassword) { ?> <tr> <td> </td> <td> <input type="submit" name="btnEmailPassword" value="<?php echo GetCap('capEmailMePassword'); ?> "/> </td> </tr> <?php } ?> <tr> <td> <input type="hidden" name="blnPost" value="1"/> </td> </tr> </table> </form> <?php } catch (Exception $ex) { ProcessException($ex); } }