/** * reminder post * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Reminder * @author Henry Ruhs */ function reminder_post() { $emailValidator = new Redaxscript\Validator\Email(); $captchaValidator = new Redaxscript\Validator\Captcha(); /* clean post */ if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/reminder'] == 'visited') { $email = clean($_POST['email'], 3); $task = $_POST['task']; $solution = $_POST['solution']; } /* validate post */ if ($email == '') { $error = l('email_empty'); } else { if ($emailValidator->validate($email) == Redaxscript\Validator\Validator::FAILED) { $error = l('email_incorrect'); } else { if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\Validator::FAILED) { $error = l('captcha_incorrect'); } else { if (retrieve('id', 'users', 'email', $email) == '') { $error = l('email_unknown'); } else { /* query users */ $query = 'SELECT id, user, password FROM ' . PREFIX . 'users WHERE email = \'' . $email . '\' && status = 1'; $result = mysql_query($query); if ($result) { while ($r = mysql_fetch_assoc($result)) { if ($r) { foreach ($r as $key => $value) { ${$key} = stripslashes($value); } } /* send reminder information */ $passwordResetRoute = ROOT . '/' . REWRITE_ROUTE . 'password_reset/' . $id . '/' . $password; $passwordResetLink = anchor_element('external', '', '', $passwordResetRoute, $passwordResetRoute); $toArray = array(s('author') => s('email')); $fromArray = array($name => $email); $subject = l('reminder'); $bodyArray = array('<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<br />', '<strong>' . l('password_reset') . l('colon') . '</strong> ' . $passwordResetLink); /* mailer object */ $mailer = new Redaxscript\Mailer($toArray, $fromArray, $subject, $bodyArray); $mailer->send(); } } } } } } /* handle error */ if ($error) { if (s('blocker') == 1) { $_SESSION[ROOT . '/attack_blocked']++; } notification(l('error_occurred'), $error, l('back'), 'reminder'); } else { notification(l('operation_completed'), l('reminder_sent'), l('login'), 'login'); } $_SESSION[ROOT . '/reminder'] = ''; }
/** * reminder post * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Reminder * @author Henry Ruhs */ function reminder_post() { $emailValidator = new Redaxscript\Validator\Email(); $captchaValidator = new Redaxscript\Validator\Captcha(); /* clean post */ if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/reminder'] == 'visited') { $email = clean($_POST['email'], 3); $task = $_POST['task']; $solution = $_POST['solution']; } /* validate post */ if ($email == '') { $error = l('email_empty'); } else { if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('email_incorrect'); } else { if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('captcha_incorrect'); } else { if (Redaxscript\Db::forTablePrefix('users')->where('email', $email)->findOne()->id == '') { $error = l('email_unknown'); } else { /* query users */ $result = Redaxscript\Db::forTablePrefix('users')->where(array('email' => $email, 'status' => 1))->findArray(); if ($result) { foreach ($result as $r) { if ($r) { foreach ($r as $key => $value) { ${$key} = stripslashes($value); } } /* send reminder information */ $passwordResetRoute = ROOT . '/' . REWRITE_ROUTE . 'password_reset/' . $id . '/' . sha1($password); $passwordResetLink = anchor_element('external', '', '', $passwordResetRoute, $passwordResetRoute); $toArray = array(s('author') => s('email')); $fromArray = array($name => $email); $subject = l('reminder'); $bodyArray = array('<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<br />', '<strong>' . l('password_reset') . l('colon') . '</strong> ' . $passwordResetLink); /* mailer object */ $mailer = new Redaxscript\Mailer(); $mailer->init($toArray, $fromArray, $subject, $bodyArray); $mailer->send(); } } } } } } /* handle error */ if ($error) { if (s('blocker') == 1) { $_SESSION[ROOT . '/attack_blocked']++; } notification(l('error_occurred'), $error, l('back'), 'reminder'); } else { notification(l('operation_completed'), l('reminder_sent'), l('login'), 'login'); } $_SESSION[ROOT . '/reminder'] = ''; }
/** * login post * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Login * @author Henry Ruhs */ function login_post() { $passwordValidator = new Redaxscript\Validator\Password(); $loginValidator = new Redaxscript\Validator\Login(); $emailValidator = new Redaxscript\Validator\Email(); $captchaValidator = new Redaxscript\Validator\Captcha(); /* clean post */ if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/login'] == 'visited') { $post_user = $_POST['user']; $post_password = $_POST['password']; $task = $_POST['task']; $solution = $_POST['solution']; $login_by_email = 0; $users = Redaxscript\Db::forTablePrefix('users'); if ($emailValidator->validate($post_user) == Redaxscript\Validator\ValidatorInterface::FAILED) { $post_user = clean($post_user, 0); $users->where('user', $post_user); } else { $post_user = clean($post_user, 3); $login_by_email = 1; $users->where('email', $post_user); } $users_result = $users->findArray(); foreach ($users_result as $r) { foreach ($r as $key => $value) { $key = 'my_' . $key; ${$key} = stripslashes($value); } } } /* validate post */ if ($post_user == '') { $error = l('user_empty'); } else { if ($post_password == '') { $error = l('password_empty'); } else { if ($login_by_email == 0 && $loginValidator->validate($post_user) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('user_incorrect'); } else { if ($login_by_email == 1 && $emailValidator->validate($post_user) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('email_incorrect'); } else { if ($passwordValidator->validate($post_password, $my_password) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('password_incorrect'); } else { if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('captcha_incorrect'); } else { if ($my_id == '') { $error = l('login_incorrect'); } else { if ($my_status == 0) { $error = l('access_no'); } else { /* setup login session */ $_SESSION[ROOT . '/logged_in'] = TOKEN; $_SESSION[ROOT . '/my_id'] = $my_id; $_SESSION[ROOT . '/my_name'] = $my_name; $_SESSION[ROOT . '/my_user'] = $my_user; $_SESSION[ROOT . '/my_email'] = $my_email; if (file_exists('languages/' . $my_language . '.php')) { $_SESSION[ROOT . '/language'] = $my_language; $_SESSION[ROOT . '/language_selected'] = 1; } $_SESSION[ROOT . '/my_groups'] = $my_groups; /* query groups */ $groups_result = Redaxscript\Db::forTablePrefix('groups')->whereIdIn(explode(',', $my_groups))->where('status', 1)->findArray(); if ($groups_result) { $num_rows = count($groups_result); foreach ($groups_result as $r) { if ($r) { foreach ($r as $key => $value) { $key = 'groups_' . $key; ${$key} .= stripslashes($value); if (++$counter < $num_rows) { ${$key} .= ', '; } } } } } /* setup access session */ $access_array = array('categories', 'articles', 'extras', 'comments', 'groups', 'users'); foreach ($access_array as $value) { $groups_value = 'groups_' . $value; $position_new = strpos(${$groups_value}, '1'); $position_edit = strpos(${$groups_value}, '2'); $position_delete = strpos(${$groups_value}, '3'); $_SESSION[ROOT . '/' . $value . '_delete'] = $_SESSION[ROOT . '/' . $value . '_edit'] = $_SESSION[ROOT . '/' . $value . '_new'] = 0; if ($position_new > -1) { $_SESSION[ROOT . '/' . $value . '_new'] = 1; } if ($position_edit > -1) { $_SESSION[ROOT . '/' . $value . '_edit'] = 1; } if ($position_delete > -1) { $_SESSION[ROOT . '/' . $value . '_delete'] = 1; } } $position_modules_install = strpos($groups_modules, '1'); $position_modules_edit = strpos($groups_modules, '2'); $position_modules_uninstall = strpos($groups_modules, '3'); $position_settings_edit = strpos($groups_settings, '1'); $position_filter = strpos($groups_filter, '0'); $_SESSION[ROOT . '/filter'] = 1; $_SESSION[ROOT . '/settings_edit'] = $_SESSION[ROOT . '/modules_uninstall'] = $_SESSION[ROOT . '/modules_edit'] = $_SESSION[ROOT . '/modules_install'] = 0; if ($position_modules_install > -1) { $_SESSION[ROOT . '/modules_install'] = 1; } if ($position_modules_edit > -1) { $_SESSION[ROOT . '/modules_edit'] = 1; } if ($position_modules_uninstall > -1) { $_SESSION[ROOT . '/modules_uninstall'] = 1; } if ($position_settings_edit > -1) { $_SESSION[ROOT . '/settings_edit'] = 1; } if ($position_filter > -1) { $_SESSION[ROOT . '/filter'] = 0; } $_SESSION[ROOT . '/update'] = NOW; } } } } } } } } /* handle error */ if ($error) { if (s('blocker') == 1) { $_SESSION[ROOT . '/attack_blocked']++; } notification(l('error_occurred'), $error, l('back'), 'login'); } else { notification(l('welcome'), l('logged_in'), l('continue'), 'admin'); } $_SESSION[ROOT . '/login'] = ''; }
/** * comment post * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Comments * @author Henry Ruhs */ function comment_post() { $emailValidator = new Redaxscript\Validator\Email(); $captchaValidator = new Redaxscript\Validator\Captcha(); $urlValidator = new Redaxscript\Validator\Url(); /* clean post */ if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/comment'] == 'visited') { $author = $r['author'] = clean($_POST['author'], 0); $email = $r['email'] = clean($_POST['email'], 3); $url = $r['url'] = clean($_POST['url'], 4); $text = break_up($_POST['text']); $text = $r['text'] = clean($text, 1); $r['language'] = clean($_POST['language'], 0); $r['date'] = clean($_POST['date'], 5); $article = $r['article'] = clean($_POST['article'], 0); $r['rank'] = Redaxscript\Db::forTablePrefix('comments')->max('rank') + 1; $r['access'] = Redaxscript\Db::forTablePrefix('articles')->whereIdIs($article)->access; if ($r['access'] == '') { $r['access'] = null; } $task = $_POST['task']; $solution = $_POST['solution']; $route = build_route('articles', $article); } /* validate post */ if ($author == '') { $error = l('author_empty'); } else { if ($email == '') { $error = l('email_empty'); } else { if ($text == '') { $error = l('comment_empty'); } else { if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('email_incorrect'); } else { if ($url && $urlValidator->validate($url) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('url_incorrect'); } else { if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('captcha_incorrect'); } else { if (COMMENTS_NEW == 0 && s('moderation') == 1) { $r['status'] = 0; $success = l('comment_moderation'); } else { $r['status'] = 1; $success = l('comment_sent'); } /* send comment notification */ if (s('notification') == 1) { /* prepare body parts */ $emailLink = anchor_element('email', '', '', $email); if ($url) { $urlLink = anchor_element('external', '', '', $url); } $articleRoute = ROOT . '/' . REWRITE_ROUTE . $route; $articleLink = anchor_element('external', '', '', $articleRoute, $articleRoute); /* prepare mail inputs */ $toArray = array(s('author') => s('email')); $fromArray = array($author => $email); $subject = l('comment_new'); $bodyArray = array('<strong>' . l('author') . l('colon') . '</strong> ' . $author, '<br />', '<strong>' . l('email') . l('colon') . '</strong> ' . $emailLink, '<br />', '<strong>' . l('url') . l('colon') . '</strong> ' . $urlLink, '<br />', '<strong>' . l('article') . l('colon') . '</strong> ' . $articleLink, '<br />', '<br />', '<strong>' . l('comment') . l('colon') . '</strong> ' . $text); /* mailer object */ $mailer = new Redaxscript\Mailer(); $mailer->init($toArray, $fromArray, $subject, $bodyArray); $mailer->send(); } /* create comment */ Redaxscript\Db::forTablePrefix('comments')->create()->set($r)->save(); } } } } } } /* handle error */ if ($error) { if (s('blocker') == 1) { $_SESSION[ROOT . '/attack_blocked']++; } notification(l('error_occurred'), $error, l('back'), $route); } else { notification(l('operation_completed'), $success, l('continue'), $route); } $_SESSION[ROOT . '/comment'] = ''; }
/** * login post * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Login * @author Henry Ruhs */ function login_post() { $loginValidator = new Redaxscript\Validator\Login(); $emailValidator = new Redaxscript\Validator\Email(); $captchaValidator = new Redaxscript\Validator\Captcha(); /* clean post */ if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/login'] == 'visited') { $post_user = $_POST['user']; $post_password = $_POST['password']; $task = $_POST['task']; $solution = $_POST['solution']; $login_by_email = 0; $users_query = 'SELECT id, name, user, email, password, language, status, groups FROM ' . PREFIX . 'users '; if ($emailValidator->validate($post_user) == Redaxscript\Validator\Validator::FAILED) { $post_user = clean($post_user, 0); $users_query .= 'WHERE user = \'' . $post_user . '\' LIMIT 1'; } else { $post_user = clean($post_user, 3); $login_by_email = 1; $users_query .= 'WHERE email = \'' . $post_user . '\' LIMIT 1'; } $users_result = mysql_query($users_query); while ($r = mysql_fetch_assoc($users_result)) { foreach ($r as $key => $value) { $key = 'my_' . $key; ${$key} = stripslashes($value); } } } /* validate post */ if ($post_user == '') { $error = l('user_empty'); } else { if ($post_password == '') { $error = l('password_empty'); } else { if ($login_by_email == 0 && $loginValidator->validate($post_user) == Redaxscript\Validator\Validator::FAILED) { $error = l('user_incorrect'); } else { if ($login_by_email == 1 && $emailValidator->validate($post_user) == Redaxscript\Validator\Validator::FAILED) { $error = l('email_incorrect'); } else { if ($loginValidator->validate($post_password) == Redaxscript\Validator\Validator::FAILED) { $error = l('password_incorrect'); } else { if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\Validator::FAILED) { $error = l('captcha_incorrect'); } else { if ($my_id == '' || md5($post_password) . SALT != $my_password && sha1($post_password) . SALT != $my_password) { $error = l('login_incorrect'); } else { if ($my_status == 0) { $error = l('access_no'); } else { /* setup login session */ $_SESSION[ROOT . '/logged_in'] = TOKEN; $_SESSION[ROOT . '/my_id'] = $my_id; $_SESSION[ROOT . '/my_name'] = $my_name; $_SESSION[ROOT . '/my_user'] = $my_user; $_SESSION[ROOT . '/my_email'] = $my_email; if (file_exists('languages/' . $my_language . '.php')) { $_SESSION[ROOT . '/language'] = $my_language; $_SESSION[ROOT . '/language_selected'] = 1; } $_SESSION[ROOT . '/my_groups'] = $my_groups; /* query groups */ $groups_query = 'SELECT categories, articles, extras, comments, groups, users, modules, settings, filter FROM ' . PREFIX . 'groups WHERE id IN (' . $my_groups . ') && status = 1'; $groups_result = mysql_query($groups_query); if ($groups_result) { $num_rows = mysql_num_rows($groups_result); while ($r = mysql_fetch_assoc($groups_result)) { if ($r) { foreach ($r as $key => $value) { $key = 'groups_' . $key; ${$key} .= stripslashes($value); if (++$counter < $num_rows) { ${$key} .= ', '; } } } } } /* setup access session */ $access_array = array('categories', 'articles', 'extras', 'comments', 'groups', 'users'); foreach ($access_array as $value) { $groups_value = 'groups_' . $value; $position_new = strpos(${$groups_value}, '1'); $position_edit = strpos(${$groups_value}, '2'); $position_delete = strpos(${$groups_value}, '3'); $_SESSION[ROOT . '/' . $value . '_delete'] = $_SESSION[ROOT . '/' . $value . '_edit'] = $_SESSION[ROOT . '/' . $value . '_new'] = 0; if ($position_new > -1) { $_SESSION[ROOT . '/' . $value . '_new'] = 1; } if ($position_edit > -1) { $_SESSION[ROOT . '/' . $value . '_edit'] = 1; } if ($position_delete > -1) { $_SESSION[ROOT . '/' . $value . '_delete'] = 1; } } $position_modules_install = strpos($groups_modules, '1'); $position_modules_edit = strpos($groups_modules, '2'); $position_modules_uninstall = strpos($groups_modules, '3'); $position_settings_edit = strpos($groups_settings, '1'); $position_filter = strpos($groups_filter, '0'); $_SESSION[ROOT . '/filter'] = 1; $_SESSION[ROOT . '/settings_edit'] = $_SESSION[ROOT . '/modules_uninstall'] = $_SESSION[ROOT . '/modules_edit'] = $_SESSION[ROOT . '/modules_install'] = 0; if ($position_modules_install > -1) { $_SESSION[ROOT . '/modules_install'] = 1; } if ($position_modules_edit > -1) { $_SESSION[ROOT . '/modules_edit'] = 1; } if ($position_modules_uninstall > -1) { $_SESSION[ROOT . '/modules_uninstall'] = 1; } if ($position_settings_edit > -1) { $_SESSION[ROOT . '/settings_edit'] = 1; } if ($position_filter > -1) { $_SESSION[ROOT . '/filter'] = 0; } $_SESSION[ROOT . '/update'] = NOW; } } } } } } } } /* handle error */ if ($error) { if (s('blocker') == 1) { $_SESSION[ROOT . '/attack_blocked']++; } notification(l('error_occurred'), $error, l('back'), 'login'); } else { notification(l('welcome'), l('logged_in'), l('continue'), 'admin'); } $_SESSION[ROOT . '/login'] = ''; }
/** * registration post * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Registration * @author Henry Ruhs */ function registration_post() { /* clean post */ if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/registration'] == 'visited') { $name = $r['name'] = clean($_POST['name'], 0); $user = $r['user'] = clean($_POST['user'], 0); $email = $r['email'] = clean($_POST['email'], 3); $password = substr(sha1(uniqid()), 0, 10); $passwordHash = new Redaxscript\Hash(Redaxscript\Config::getInstance()); $passwordHash->init($password); $r['password'] = $passwordHash->getHash(); $r['description'] = ''; $r['language'] = Redaxscript\Registry::get('language'); $r['first'] = $r['last'] = NOW; $r['groups'] = Redaxscript\Db::forTablePrefix('groups')->where('alias', 'members')->findOne()->id; if ($r['groups'] == '') { $r['groups'] = 0; } $task = $_POST['task']; $solution = $_POST['solution']; } /* validate post */ $loginValidator = new Redaxscript\Validator\Login(); $emailValidator = new Redaxscript\Validator\Email(); $captchaValidator = new Redaxscript\Validator\Captcha(); if ($name == '') { $error = l('name_empty'); } else { if ($user == '') { $error = l('user_empty'); } else { if ($email == '') { $error = l('email_empty'); } else { if ($loginValidator->validate($user) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('user_incorrect'); } else { if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('email_incorrect'); } else { if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('captcha_incorrect'); } else { if (Redaxscript\Db::forTablePrefix('users')->where('user', $user)->findOne()->id) { $error = l('user_exists'); } else { if (USERS_NEW == 0 && s('verification') == 1) { $r['status'] = 0; $success = l('registration_verification'); } else { $r['status'] = 1; $success = l('registration_sent'); } /* send login information */ $loginRoute = ROOT . '/' . REWRITE_ROUTE . 'login'; $loginLink = anchor_element('external', '', '', $loginRoute, $loginRoute); $toArray = array($name => $email); if (s('notification') == 1) { $toArray[s('author')] = s('email'); } $fromArray = array($author => $email); $subject = l('registration'); $bodyArray = array('<strong>' . l('name') . l('colon') . '</strong> ' . $name, '<br />', '<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<br />', '<strong>' . l('password') . l('colon') . '</strong> ' . $password, '<br />', '<strong>' . l('login') . l('colon') . '<strong> ' . $loginLink); /* mailer object */ $mailer = new Redaxscript\Mailer(); $mailer->init($toArray, $fromArray, $subject, $bodyArray); $mailer->send(); /* create user */ Redaxscript\Db::forTablePrefix('users')->create()->set($r)->save(); } } } } } } } /* handle error */ if ($error) { if (s('blocker') == 1) { $_SESSION[ROOT . '/attack_blocked']++; } notification(l('error_occurred'), $error, l('back'), 'registration'); } else { notification(l('operation_completed'), $success, l('login'), 'login'); } $_SESSION[ROOT . '/registration'] = ''; }
/** * password reset post * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Password * @author Henry Ruhs */ function password_reset_post() { $captchaValidator = new Redaxscript\Validator\Captcha(); /* clean post */ if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/password_reset'] == 'visited') { $post_id = clean($_POST['id'], 0); $post_password = clean($_POST['password'], 0); $password = substr(sha1(uniqid()), 0, 10); $task = $_POST['task']; $solution = $_POST['solution']; } /* query user information */ if ($post_id && $post_password) { $users_result = Redaxscript\Db::forTablePrefix('users')->where(array('id' => $post_id, 'status' => 1))->findArray(); foreach ($users_result as $r) { foreach ($r as $key => $value) { $key = 'my_' . $key; ${$key} = stripslashes($value); } } } /* validate post */ if ($post_id == '' || $post_password == '') { $error = l('input_incorrect'); } else { if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('captcha_incorrect'); } else { if ($my_id == '' || sha1($my_password) != $post_password) { $error = l('access_no'); } else { /* send new password */ $loginRoute = ROOT . '/' . REWRITE_ROUTE . 'login'; $loginLink = anchor_element('external', '', '', $loginRoute, $loginRoute); $toArray = array($my_name => $my_email); $fromArray = array(s('author') => s('email')); $subject = l('password_new'); $bodyArray = array('<strong>' . l('password_new') . l('colon') . '</strong> ' . $password, '<br />', '<strong>' . l('login') . l('colon') . '</strong> ' . $loginLink); /* mailer object */ $mailer = new Redaxscript\Mailer(); $mailer->init($toArray, $fromArray, $subject, $bodyArray); $mailer->send(); /* update password */ $passwordHash = new Redaxscript\Hash(Redaxscript\Config::getInstance()); $passwordHash->init($password); Redaxscript\Db::forTablePrefix('users')->where(array('id' => $post_id, 'status' => 1))->findOne()->set('password', $passwordHash->getHash())->save(); } } } /* handle error */ if ($error) { if (s('blocker') == 1) { $_SESSION[ROOT . '/attack_blocked']++; } if ($post_id && $post_password) { $back_route = 'password_reset/' . $post_id . '/' . $post_password; } else { $back_route = 'reminder'; } notification(l('error_occurred'), $error, l('back'), $back_route); } else { notification(l('operation_completed'), l('password_sent'), l('login'), 'login'); } $_SESSION[ROOT . '/password_reset'] = ''; }
/** * contact post * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Modules * @author Henry Ruhs */ function contact_post() { $emailValidator = new Redaxscript\Validator\Email(); $captchaValidator = new Redaxscript\Validator\Captcha(); $urlValidator = new Redaxscript\Validator\Url(); /* clean post */ if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/contact'] == 'visited') { $author = clean($_POST['author'], 0); $email = clean($_POST['email'], 3); $url = clean($_POST['url'], 4); $text = break_up($_POST['text']); $text = clean($text, 1); $task = $_POST['task']; $solution = $_POST['solution']; } /* validate post */ if ($author == '') { $error = l('author_empty'); } else { if ($email == '') { $error = l('email_empty'); } else { if ($text == '') { $error = l('message_empty'); } else { if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('email_incorrect'); } else { if ($url && $urlValidator->validate($url) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('url_incorrect'); } else { if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('captcha_incorrect'); } else { /* prepare body parts */ $emailLink = anchor_element('email', '', '', $email, $email); if ($url) { $urlLink = anchor_element('external', '', '', $url, $url); } /* prepare mail inputs */ $toArray = array(s('author') => s('email')); $fromArray = array($author => $email); $subject = l('contact'); $bodyArray = array('<strong>' . l('author') . l('colon') . '</strong> ' . $author, '<br />', '<strong>' . l('email') . l('colon') . '</strong> ' . $emailLink, '<br />', '<strong>' . l('url') . l('colon') . '</strong> ' . $urlLink, '<br />', '<br />', '<strong>' . l('message') . l('colon') . '</strong> ' . $text); /* mailer object */ $mailer = new Redaxscript\Mailer(); $mailer->init($toArray, $fromArray, $subject, $bodyArray); $mailer->send(); } } } } } } /* handle error */ if ($error) { if (s('blocker') == 1) { $_SESSION[ROOT . '/attack_blocked']++; } notification(l('error_occurred'), $error, l('home'), ROOT); } else { notification(l('operation_completed'), l('message_sent', '_contact'), l('home'), ROOT); } $_SESSION[ROOT . '/contact'] = ''; }
/** * registration post * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Registration * @author Henry Ruhs */ function registration_post() { /* clean post */ if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/registration'] == 'visited') { $name = $r['name'] = clean($_POST['name'], 0); $user = $r['user'] = clean($_POST['user'], 0); $email = $r['email'] = clean($_POST['email'], 3); $password = hash_generator(10); $r['password'] = sha1($password) . SALT; $r['description'] = ''; $r['language'] = LANGUAGE; $r['first'] = $r['last'] = NOW; $r['groups'] = retrieve('id', 'groups', 'alias', 'members'); if ($r['groups'] == '') { $r['groups'] = 0; } $task = $_POST['task']; $solution = $_POST['solution']; } /* validate post */ $loginValidator = new Redaxscript\Validator\Login(); $emailValidator = new Redaxscript\Validator\Email(); $captchaValidator = new Redaxscript\Validator\Captcha(); if ($name == '') { $error = l('name_empty'); } else { if ($user == '') { $error = l('user_empty'); } else { if ($email == '') { $error = l('email_empty'); } else { if ($loginValidator->validate($user) == Redaxscript\Validator\Validator::FAILED) { $error = l('user_incorrect'); } else { if ($emailValidator->validate($email) == Redaxscript\Validator\Validator::FAILED) { $error = l('email_incorrect'); } else { if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\Validator::FAILED) { $error = l('captcha_incorrect'); } else { if (retrieve('id', 'users', 'user', $user)) { $error = l('user_exists'); } else { if (USERS_NEW == 0 && s('verification') == 1) { $r['status'] = 0; $success = l('registration_verification'); } else { $r['status'] = 1; $success = l('registration_sent'); } /* send login information */ $loginRoute = ROOT . '/' . REWRITE_ROUTE . 'login'; $loginLink = anchor_element('external', '', '', $loginRoute, $loginRoute); $toArray = array($name => $email); if (s('notification') == 1) { $toArray[s('author')] = s('email'); } $fromArray = array($author => $email); $subject = l('registration'); $bodyArray = array('<strong>' . l('name') . l('colon') . '</strong> ' . $name . ' (' . MY_IP . ')', '<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<strong>' . l('password') . l('colon') . '</strong> ' . $password, '<br />', '<strong>' . l('login') . l('colon') . '<strong> ' . $loginLink); /* mailer object */ $mailer = new Redaxscript\Mailer($toArray, $fromArray, $subject, $bodyArray); $mailer->send(); /* build key and value strings */ $r_keys = array_keys($r); $last = end($r_keys); foreach ($r as $key => $value) { $key_string .= $key; $value_string .= '\'' . $value . '\''; if ($last != $key) { $key_string .= ', '; $value_string .= ', '; } } /* insert user */ $query = 'INSERT INTO ' . PREFIX . 'users (' . $key_string . ') VALUES (' . $value_string . ')'; mysql_query($query); } } } } } } } /* handle error */ if ($error) { if (s('blocker') == 1) { $_SESSION[ROOT . '/attack_blocked']++; } notification(l('error_occurred'), $error, l('back'), 'registration'); } else { notification(l('operation_completed'), $success, l('login'), 'login'); } $_SESSION[ROOT . '/registration'] = ''; }
/** * comment post * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Comments * @author Henry Ruhs */ function comment_post() { $emailValidator = new Redaxscript\Validator\Email(); $captchaValidator = new Redaxscript\Validator\Captcha(); $urlValidator = new Redaxscript\Validator\Url(); /* clean post */ if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/comment'] == 'visited') { $author = $r['author'] = clean($_POST['author'], 0); $email = $r['email'] = clean($_POST['email'], 3); $url = $r['url'] = clean($_POST['url'], 4); $text = break_up($_POST['text']); $text = $r['text'] = clean($text, 1); $r['language'] = clean($_POST['language'], 0); $r['date'] = clean($_POST['date'], 1); $article = $r['article'] = clean($_POST['article'], 0); $r['rank'] = query_plumb('rank', 'comments', 'max') + 1; $r['access'] = clean($_POST['access'], 0); if ($r['access'] == '') { $r['access'] = 0; } $task = $_POST['task']; $solution = $_POST['solution']; $route = build_route('articles', $article); } /* validate post */ if ($author == '') { $error = l('author_empty'); } else { if ($email == '') { $error = l('email_empty'); } else { if ($text == '') { $error = l('comment_empty'); } else { if ($emailValidator->validate($email) == Redaxscript\Validator\Validator::FAILED) { $error = l('email_incorrect'); } else { if ($url && $urlValidator->validate($url) == Redaxscript\Validator\Validator::FAILED) { $error = l('url_incorrect'); } else { if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\Validator::FAILED) { $error = l('captcha_incorrect'); } else { if (COMMENTS_NEW == 0 && s('moderation') == 1) { $r['status'] = 0; $success = l('comment_moderation'); } else { $r['status'] = 1; $success = l('comment_sent'); } /* send comment notification */ if (s('notification') == 1) { /* prepare body parts */ $emailLink = anchor_element('email', '', '', $email); if ($url) { $urlLink = anchor_element('external', '', '', $url); } $articleRoute = ROOT . '/' . REWRITE_ROUTE . $route; $articleLink = anchor_element('external', '', '', $articleRoute, $articleRoute); /* prepare mail inputs */ $toArray = array(s('author') => s('email')); $fromArray = array($author => $email); $subject = l('comment_new'); $bodyArray = array('<strong>' . l('author') . l('colon') . '</strong> ' . $author . ' (' . MY_IP . ')', '<strong>' . l('email') . l('colon') . '</strong> ' . $emailLink, '<strong>' . l('url') . l('colon') . '</strong> ' . $urlLink, '<br />', '<strong>' . l('comment') . l('colon') . '</strong> ' . $text, '<br />', '<strong>' . l('article') . l('colon') . '</strong> ' . $articleLink); /* mailer object */ $mailer = new Redaxscript\Mailer($toArray, $fromArray, $subject, $bodyArray); $mailer->send(); } /* build key and value strings */ $r_keys = array_keys($r); $last = end($r_keys); foreach ($r as $key => $value) { $key_string .= $key; $value_string .= '\'' . $value . '\''; if ($last != $key) { $key_string .= ', '; $value_string .= ', '; } } /* insert comment */ $query = 'INSERT INTO ' . PREFIX . 'comments (' . $key_string . ') VALUES (' . $value_string . ')'; mysql_query($query); } } } } } } /* handle error */ if ($error) { if (s('blocker') == 1) { $_SESSION[ROOT . '/attack_blocked']++; } notification(l('error_occurred'), $error, l('back'), $route); } else { notification(l('operation_completed'), $success, l('continue'), $route); } $_SESSION[ROOT . '/comment'] = ''; }