echo json_encode($lang->captcha_does_not_match);
exit;
}
} else {
if ($mybb->input['action'] == "refresh_question" && $mybb->settings['securityquestion']) {
header("Content-type: application/json; charset={$charset}");
$sid = $db->escape_string($mybb->get_input('question_id'));
$query = $db->query("\n\t\tSELECT q.qid, s.sid\n\t\tFROM " . TABLE_PREFIX . "questionsessions s\n\t\tLEFT JOIN " . TABLE_PREFIX . "questions q ON (q.qid=s.qid)\n\t\tWHERE q.active='1' AND s.sid='{$sid}'\n\t");
if ($db->num_rows($query) == 0) {
xmlhttp_error($lang->answer_valid_not_exists);
}
$qsession = $db->fetch_array($query);
// Delete previous question session
$db->delete_query("questionsessions", "sid='{$sid}'");
require_once MYBB_ROOT . "inc/functions_user.php";
$sid = generate_question($qsession['qid']);
$query = $db->query("\n\t\tSELECT q.question, s.sid\n\t\tFROM " . TABLE_PREFIX . "questionsessions s\n\t\tLEFT JOIN " . TABLE_PREFIX . "questions q ON (q.qid=s.qid)\n\t\tWHERE q.active='1' AND s.sid='{$sid}' AND q.qid!='{$qsession['qid']}'\n\t");
$plugins->run_hooks("xmlhttp_refresh_question");
if ($db->num_rows($query) > 0) {
$question = $db->fetch_array($query);
echo json_encode(array("question" => htmlspecialchars_uni($question['question']), 'sid' => htmlspecialchars_uni($question['sid'])));
exit;
} else {
xmlhttp_error($lang->answer_valid_not_exists);
}
} elseif ($mybb->input['action'] == "validate_question" && $mybb->settings['securityquestion']) {
header("Content-type: application/json; charset={$charset}");
$sid = $db->escape_string($mybb->get_input('question'));
$answer = $db->escape_string($mybb->get_input('answer'));
$query = $db->query("\n\t\tSELECT q.*, s.sid\n\t\tFROM " . TABLE_PREFIX . "questionsessions s\n\t\tLEFT JOIN " . TABLE_PREFIX . "questions q ON (q.qid=s.qid)\n\t\tWHERE q.active='1' AND s.sid='{$sid}'\n\t");
if ($db->num_rows($query) == 0) {
// Spambot registration image thingy
if ($mybb->settings['captchaimage']) {
require_once MYBB_ROOT . 'inc/class_captcha.php';
$captcha = new captcha(true, "member_register_regimage");
if ($captcha->html) {
$regimage = $captcha->html;
if ($mybb->settings['captchaimage'] == 1) {
// JS validator extra for our default CAPTCHA
$validator_extra .= "\r\n\t\t\t\t\t\$('#imagestring').rules('add', {\r\n\t\t\t\t\t\trequired: true,\r\n\t\t\t\t\t\tremote:{\r\n\t\t\t\t\t\t\turl: 'xmlhttp.php?action=validate_captcha',\r\n\t\t\t\t\t\t\ttype: 'post',\r\n\t\t\t\t\t\t\tdataType: 'json',\r\n\t\t\t\t\t\t\tdata:\r\n\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\timagehash: function () {\r\n\t\t\t\t\t\t\t\t\treturn \$('#imagehash').val();\r\n\t\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t\t\tmy_post_key: my_post_key\r\n\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t\tmessages: {\r\n\t\t\t\t\t\t\tremote: '{$lang->js_validator_no_image_text}'\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t});\n";
}
}
}
// Security Question
$questionbox = '';
if ($mybb->settings['securityquestion']) {
$sid = generate_question();
$query = $db->query("\r\n\t\t\t\tSELECT q.question, s.sid\r\n\t\t\t\tFROM " . TABLE_PREFIX . "questionsessions s\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "questions q ON (q.qid=s.qid)\r\n\t\t\t\tWHERE q.active='1' AND s.sid='{$sid}'\r\n\t\t\t");
if ($db->num_rows($query) > 0) {
$question = $db->fetch_array($query);
$refresh = '';
// Total questions
$q = $db->simple_select('questions', 'COUNT(qid) as num', 'active=1');
$num = $db->fetch_field($q, 'num');
if ($num > 1) {
eval("\$refresh = \"" . $templates->get("member_register_question_refresh") . "\";");
}
eval("\$questionbox = \"" . $templates->get("member_register_question") . "\";");
$validator_extra .= "\r\n\t\t\t\t\$('#answer').rules('add', {\r\n\t\t\t\t\trequired: true,\r\n\t\t\t\t\tremote:{\r\n\t\t\t\t\t\turl: 'xmlhttp.php?action=validate_question',\r\n\t\t\t\t\t\ttype: 'post',\r\n\t\t\t\t\t\tdataType: 'json',\r\n\t\t\t\t\t\tdata:\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\tquestion: function () {\r\n\t\t\t\t\t\t\t\treturn \$('#question_id').val();\r\n\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t\tmy_post_key: my_post_key\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t},\r\n\t\t\t\t\tmessages: {\r\n\t\t\t\t\t\tremote: '{$lang->js_validator_no_security_question}'\r\n\t\t\t\t\t}\r\n\t\t\t\t});\n";
}
}
$hiddencaptcha = '';
