if ($epsclass->validate->chk_empty($confirm_code, $eps_lang['Confirm_code'])) {
$epsclass->validate->chk_match($confirm_code, eps_encrypt($_SESSION['visual'], 6), $eps_lang['Confirm_code']);
}
}
if (empty($epsclass->validate->errors)) {
$username_tmp = eps_strtolower($username);
//$result = $epsclass->db->query("SELECT id,password,group_id,active FROM ".TBL_USER." WHERE LOWER(username)='".$epsclass->db->escape($username_tmp)."'") or error('Unable to fetch user info', __FILE__, __LINE__, $epsclass->db->error());
$result = $epsclass->db->vselect(TBL_USER, array('id', 'password', 'group_id', 'active'), "WHERE LOWER(username)='" . $epsclass->db->escape($username_tmp) . "'", true);
if ($epsclass->db->num_rows($result) == 1) {
list($user_id, $db_password, $group_id, $active) = $epsclass->db->fetch_row($result);
$epsclass->db->free_result($result);
// Check
if (!$active && !IS_ADMIN) {
$errors[] = $eps_lang['User_inactive'];
} else {
if ($db_password != eps_hash($password)) {
$errors[] = $eps_lang['Password_wrong'];
} else {
// Set User With Password In Database
set_user($user_id, $db_password, $auto);
$epsclass->antiflood->update('login', 2);
redirect('index.php' . (isset($_GET['eps']) && $_GET['eps'] != 'login' ? '?eps=' . $_GET['eps'] : ''), $eps_lang['Redirect_login']);
//redirect((isset($_SESSION['in_page']) && in_array($_GET['eps'], array('login', 'calendar', 'visual'))) ? 'index.php' : gen_current_url(), $eps_lang['Redirect_login']);
return;
}
}
} else {
$errors[] = $eps_lang['Username_wrong'];
}
} else {
$errors = $epsclass->validate->errors;
$code = $_SESSION['visual'];
if (isset($_POST['req_agree'])) {
// Validate
$epsclass->validate->chk_username($username);
if ($epsclass->validate->chk_length($password1, 6, 20, $eps_lang['Password'])) {
$epsclass->validate->chk_match($password1, $password2, $eps_lang['Password']);
}
if ($epsclass->validate->chk_email($email1)) {
$epsclass->validate->chk_match($email1, $email2, $eps_lang['Email']);
}
$epsclass->validate->chk_s_id($s_id);
if ($epsclass->validate->chk_empty($confirm_code, $eps_lang['Confirm_code'])) {
$epsclass->validate->chk_match($confirm_code, eps_encrypt($code, 6), $eps_lang['Confirm_code']);
}
if (empty($epsclass->validate->errors)) {
$password = eps_hash($password1);
$inserts = array('username' => $username, 'password' => $password, 'email' => $email1, 's_id' => $s_id, 'group_id' => EPS_MEMBER, 'reg_time' => time(), 'language' => $eps_config['default_lang'], 'style' => $eps_config['default_style'], 'timezone' => $eps_config['default_timezone'], 'ajax' => $eps_config['default_ajax'], 'ip_address' => get_ip());
$epsclass->db->vinsert(TBL_USER, $inserts);
set_user($epsclass->db->insert_id(), $password, false);
$_SESSION['visual'] = '';
// Emailer
$epsclass->load_class('class_emailer');
$mail_tpl = trim(file_get_contents(EPS_ROOT . 'lang/' . $eps_user['language'] . '/welcome.tpl'));
if (preg_match('#\\<subject\\>(.*?)\\</subject\\>#is', $mail_tpl, $subject_tpl)) {
$subject = $subject_tpl[1];
} else {
$subject = $eps_config['title'];
}
$message = trim(preg_replace('#\\<subject\\>.*?\\</subject\\>#is', '', $mail_tpl));
$message = str_replace('<site_title>', $eps_config['title'], $message);
$message = str_replace('<base_url>', $eps_config['base_url'], $message);
$epsclass->validate->chk_match($new_password1, $new_password2, $eps_lang['New_password']);
if (empty($epsclass->validate->errors)) {
if ($need_old_pass) {
// Fetch Password
$result = $epsclass->db->vselect(TBL_USER, true, $uid);
if (!$epsclass->db->num_rows($result)) {
return;
} else {
$password = $epsclass->db->result($result);
}
$epsclass->db->free_result($result);
$epsclass->validate->chk_match(eps_hash($old_password), $password, $eps_lang['Old_password']);
}
if (empty($epsclass->validate->errors)) {
// Update
$updates = array('password' => eps_hash($new_password1), 'security' => '');
$epsclass->db->vupdate(TBL_USER, $updates, $uid);
redirect('index.php?eps=profile&uid=' . $uid, $eps_lang['Redirect_pass_change']);
return;
} else {
$errors = $epsclass->validate->errors;
$epsclass->validate->data_reset();
}
} else {
$errors = $epsclass->validate->errors;
$epsclass->validate->data_reset();
}
}
$req_fields = array('old_password' => $eps_lang['Old_password'], 'new_password1' => $eps_lang['New_password'], 'new_password2' => $eps_lang['New_password_confirm']);
$smarty->assign('js_lang', gen_jslang($req_fields));
$smarty->assign('error_show', !empty($errors) ? gen_alert($errors) : '');