echo json_encode($lang->captcha_does_not_match); exit; } } else { if ($mybb->input['action'] == "refresh_question" && $mybb->settings['securityquestion']) { header("Content-type: application/json; charset={$charset}"); $sid = $db->escape_string($mybb->get_input('question_id')); $query = $db->query("\n\t\tSELECT q.qid, s.sid\n\t\tFROM " . TABLE_PREFIX . "questionsessions s\n\t\tLEFT JOIN " . TABLE_PREFIX . "questions q ON (q.qid=s.qid)\n\t\tWHERE q.active='1' AND s.sid='{$sid}'\n\t"); if ($db->num_rows($query) == 0) { xmlhttp_error($lang->answer_valid_not_exists); } $qsession = $db->fetch_array($query); // Delete previous question session $db->delete_query("questionsessions", "sid='{$sid}'"); require_once MYBB_ROOT . "inc/functions_user.php"; $sid = generate_question($qsession['qid']); $query = $db->query("\n\t\tSELECT q.question, s.sid\n\t\tFROM " . TABLE_PREFIX . "questionsessions s\n\t\tLEFT JOIN " . TABLE_PREFIX . "questions q ON (q.qid=s.qid)\n\t\tWHERE q.active='1' AND s.sid='{$sid}' AND q.qid!='{$qsession['qid']}'\n\t"); $plugins->run_hooks("xmlhttp_refresh_question"); if ($db->num_rows($query) > 0) { $question = $db->fetch_array($query); echo json_encode(array("question" => htmlspecialchars_uni($question['question']), 'sid' => htmlspecialchars_uni($question['sid']))); exit; } else { xmlhttp_error($lang->answer_valid_not_exists); } } elseif ($mybb->input['action'] == "validate_question" && $mybb->settings['securityquestion']) { header("Content-type: application/json; charset={$charset}"); $sid = $db->escape_string($mybb->get_input('question')); $answer = $db->escape_string($mybb->get_input('answer')); $query = $db->query("\n\t\tSELECT q.*, s.sid\n\t\tFROM " . TABLE_PREFIX . "questionsessions s\n\t\tLEFT JOIN " . TABLE_PREFIX . "questions q ON (q.qid=s.qid)\n\t\tWHERE q.active='1' AND s.sid='{$sid}'\n\t"); if ($db->num_rows($query) == 0) {
// Spambot registration image thingy if ($mybb->settings['captchaimage']) { require_once MYBB_ROOT . 'inc/class_captcha.php'; $captcha = new captcha(true, "member_register_regimage"); if ($captcha->html) { $regimage = $captcha->html; if ($mybb->settings['captchaimage'] == 1) { // JS validator extra for our default CAPTCHA $validator_extra .= "\r\n\t\t\t\t\t\$('#imagestring').rules('add', {\r\n\t\t\t\t\t\trequired: true,\r\n\t\t\t\t\t\tremote:{\r\n\t\t\t\t\t\t\turl: 'xmlhttp.php?action=validate_captcha',\r\n\t\t\t\t\t\t\ttype: 'post',\r\n\t\t\t\t\t\t\tdataType: 'json',\r\n\t\t\t\t\t\t\tdata:\r\n\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\timagehash: function () {\r\n\t\t\t\t\t\t\t\t\treturn \$('#imagehash').val();\r\n\t\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t\t\tmy_post_key: my_post_key\r\n\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t\tmessages: {\r\n\t\t\t\t\t\t\tremote: '{$lang->js_validator_no_image_text}'\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t});\n"; } } } // Security Question $questionbox = ''; if ($mybb->settings['securityquestion']) { $sid = generate_question(); $query = $db->query("\r\n\t\t\t\tSELECT q.question, s.sid\r\n\t\t\t\tFROM " . TABLE_PREFIX . "questionsessions s\r\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "questions q ON (q.qid=s.qid)\r\n\t\t\t\tWHERE q.active='1' AND s.sid='{$sid}'\r\n\t\t\t"); if ($db->num_rows($query) > 0) { $question = $db->fetch_array($query); $refresh = ''; // Total questions $q = $db->simple_select('questions', 'COUNT(qid) as num', 'active=1'); $num = $db->fetch_field($q, 'num'); if ($num > 1) { eval("\$refresh = \"" . $templates->get("member_register_question_refresh") . "\";"); } eval("\$questionbox = \"" . $templates->get("member_register_question") . "\";"); $validator_extra .= "\r\n\t\t\t\t\$('#answer').rules('add', {\r\n\t\t\t\t\trequired: true,\r\n\t\t\t\t\tremote:{\r\n\t\t\t\t\t\turl: 'xmlhttp.php?action=validate_question',\r\n\t\t\t\t\t\ttype: 'post',\r\n\t\t\t\t\t\tdataType: 'json',\r\n\t\t\t\t\t\tdata:\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\tquestion: function () {\r\n\t\t\t\t\t\t\t\treturn \$('#question_id').val();\r\n\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t\tmy_post_key: my_post_key\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t},\r\n\t\t\t\t\tmessages: {\r\n\t\t\t\t\t\tremote: '{$lang->js_validator_no_security_question}'\r\n\t\t\t\t\t}\r\n\t\t\t\t});\n"; } } $hiddencaptcha = '';