check_code($_POST['imagehash'], $_POST['imagestring'], "confirm_resend.php", true); } $email = unesc(htmlspecialchars(trim($_POST["email"]))); $wantpassword = unesc(htmlspecialchars(trim($_POST["wantpassword"]))); $passagain = unesc(htmlspecialchars(trim($_POST["passagain"]))); $email = safe_email($email); if (empty($wantpassword) || empty($passagain) || empty($email)) { bark($lang_confirm_resend['std_fields_blank']); } if (!check_email($email)) { failedlogins($lang_confirm_resend['std_invalid_email_address'], true); } $res = sql_query("SELECT * FROM users WHERE email=" . sqlesc($email) . " LIMIT 1") or sqlerr(__FILE__, __LINE__); $arr = mysql_fetch_assoc($res) or failedlogins($lang_confirm_resend['std_email_not_found'], true); if ($arr["status"] != "pending") { failedlogins($lang_confirm_resend['std_user_already_confirm'], true); } if ($wantpassword != $passagain) { bark($lang_confirm_resend['std_passwords_unmatched']); } if (strlen($wantpassword) < 6) { bark($lang_confirm_resend['std_password_too_short']); } if (strlen($wantpassword) > 40) { bark($lang_confirm_resend['std_password_too_long']); } if ($wantpassword == $wantusername) { bark($lang_confirm_resend['std_password_equals_username']); } $secret = mksecret(); $wantpasshash = md5($secret . $wantpassword . $secret);
if (!$stuid) { failedlogins($lang_recover['std_missing_stuid'], true); } if (!$cardpass) { failedlogins($lang_recover['std_missing_password'], true); } if (!getOneCard($stuid, $cardpass)) { failedlogins($lang_recover['std_stuid_failed'], true); } $res = sql_query("SELECT * FROM users WHERE cardnum=" . sqlesc($stuid) . " LIMIT 1") or sqlerr(__FILE__, __LINE__); $arr = mysql_fetch_assoc($res); if (!$arr) { failedlogins($lang_recover['std_stuid_not_in_database'], true); } if ($arr['status'] == "pending") { failedlogins($lang_recover['std_user_account_unconfirmed'], true); } $recover_username = $arr['username']; $email = $arr['email']; $sec = mksecret(); sql_query("UPDATE users SET editsecret=" . sqlesc($sec) . " WHERE id=" . sqlesc($arr["id"])) or sqlerr(__FILE__, __LINE__); if (!mysql_affected_rows()) { stderr($lang_recover['std_error'], $lang_recover['std_database_error']); } $hash = md5($sec . $email . $arr["passhash"] . $sec); $ip = getip(); $title = $SITENAME . $lang_recover['mail_title']; $body = <<<EOD {$lang_recover['mail_one']}({$recover_username}){$lang_recover['mail_two']}{$ip}{$lang_recover['mail_three']} <b><a href="http://{$BASEURL}/cardrecover.php?id={$arr["id"]}&secret={$hash}"> {$lang_recover['mail_this_link']} </a></b><br /> http://{$BASEURL}/cardrecover.php?id={$arr["id"]}&secret={$hash}
$text = $text == "" ? $lang_takelogin['std_login_fail_note'] : $text; stderr($lang_takelogin['std_login_fail'], $text, false); } if ($iv == "yes") { check_code($_POST['imagehash'], $_POST['imagestring'], 'login.php', true); } if (get_magic_quotes_gpc()) { $username = stripslashes($username); } $res = sql_query("SELECT id, passhash, secret, enabled, status FROM users WHERE username = "******"'" . mysql_real_escape_string($username) . "'"); $row = mysql_fetch_array($res); if (!$row) { failedlogins(); } if ($row['status'] == 'pending') { failedlogins($lang_takelogin['std_user_account_unconfirmed']); } if ($row["passhash"] != md5($row["secret"] . $password . $row["secret"])) { login_failedlogins(); } if ($row["enabled"] == "no") { bark($lang_takelogin['std_account_disabled']); } if ($_POST["securelogin"] == "yes") { $securelogin_indentity_cookie = true; $passh = md5($row["passhash"] . $_SERVER["REMOTE_ADDR"]); } else { $securelogin_indentity_cookie = false; $passh = md5($row["passhash"]); } if ($securelogin == 'yes' || $_POST["ssl"] == "yes") {
function check_code($imagehash, $imagestring, $where = 'signup.php', $maxattemptlog = false, $head = true) { global $lang_functions; $query = sprintf("SELECT * FROM regimages WHERE imagehash='%s' AND imagestring='%s'", mysql_real_escape_string($imagehash), mysql_real_escape_string($imagestring)); $sql = sql_query($query); $imgcheck = mysql_fetch_array($sql); if (!$imgcheck['dateline']) { $delete = sprintf("DELETE FROM regimages WHERE imagehash='%s'", mysql_real_escape_string($imagehash)); sql_query($delete); if (!$maxattemptlog) { bark($lang_functions['std_invalid_image_code'] . "<a href=\"" . htmlspecialchars($where) . "\">" . $lang_functions['std_here_to_request_new']); } else { failedlogins($lang_functions['std_invalid_image_code'] . "<a href=\"" . htmlspecialchars($where) . "\">" . $lang_functions['std_here_to_request_new'], true, $head); } } else { $delete = sprintf("DELETE FROM regimages WHERE imagehash='%s'", mysql_real_escape_string($imagehash)); sql_query($delete); return true; } }