$pwd_saved = true;
} else {
$pwd_saved = false;
}
}
}
if (allowAccess(caver_delete_himself)) {
//Delete an account :
if (isset($_POST['delete_user'])) {
$password = isset($_POST['d_caver_password']) ? $_POST['d_caver_password'] : '';
$key = isset($_POST['d_key']) ? $_POST['d_key'] : '';
$password = crypt_xor(stripslashes($password), $key);
$login = isset($_POST['d_caver_login']) ? $_POST['d_caver_login'] : '';
$sql = "SELECT * FROM `" . $_SESSION['Application_host'] . "`.`T_caver` ";
$sql .= "WHERE `Id` = " . $_SESSION['user_id'] . " ";
$sql .= "AND `Password` = '" . getCryptedPwd($login, $password) . "' ";
$sql .= "AND `Login` = '" . $login . "'";
$data = getDataFromSQL($sql, __FILE__, $frame, __FUNCTION__);
if ($data['Count'] > 0) {
trackAction("delete_user", $_SESSION['user_id'], "T_caver");
$sql = "DELETE FROM `" . $_SESSION['Application_host'] . "`.`T_caver` ";
$sql .= "WHERE `Id` = " . $_SESSION['user_id'];
$req = execSQL($sql, $frame, __FILE__, __FUNCTION__);
$sql = "DELETE FROM `" . $_SESSION['Application_host'] . "`.`J_entry_caver` ";
$sql .= "WHERE `Id_caver` = " . $_SESSION['user_id'];
$req = execSQL($sql, $frame, __FILE__, __FUNCTION__);
$sql = "DELETE FROM `" . $_SESSION['Application_host'] . "`.`J_grotto_caver` ";
$sql .= "WHERE `Id_caver` = " . $_SESSION['user_id'];
$req = execSQL($sql, $frame, __FILE__, __FUNCTION__);
$sql = "DELETE FROM `" . $_SESSION['Application_host'] . "`.`J_caver_group` ";
$sql .= "WHERE `Id_caver` = " . $_SESSION['user_id'];
}
//Send a new password to the user :
if (isset($_POST['send_pwd'])) {
$login = isset($_POST['f_caver_login']) ? $_POST['f_caver_login'] : '';
$contact = isset($_POST['f_caver_contact']) ? $_POST['f_caver_contact'] : '';
$password = generatePassword(10, 8);
$string = isset($_POST['f_caver_check']) ? $_POST['f_caver_check'] : '';
$user_check = isset($_SESSION['userCheck']) ? $_SESSION['userCheck'] : '';
if (!$_SESSION['do_check'] || md5(getIp() . strtolower($string)) == $user_check) {
$sql = "SELECT * FROM `" . $_SESSION['Application_host'] . "`.`T_caver`";
$sql .= " WHERE Login = '******' AND Contact ='" . $contact . "'";
$data = getDataFromSQL($sql, __FILE__, $frame, __FUNCTION__);
if ($data['Count'] > 0) {
if ($data[0]['Activated'] == 'YES') {
$sql = "UPDATE `" . $_SESSION['Application_host'] . "`.`T_caver`";
$sql .= " SET Password ='******'";
$sql .= " WHERE Id = " . $data[0]['Id'];
$req = execSQL($sql, $frame, __FILE__, __FUNCTION__);
if (!defined('NO_PHPBB_INSTALLED')) {
chgPwdphpBBuser($login, $password);
}
sendNewPwdMail($data[0], $password);
//echo $password;
trackAction("pwd_user", $data[0]['Id'], "T_caver");
$_SESSION['user_pwd_sent'] = true;
} else {
$activated = false;
$_SESSION['user_pwd_sent'] = false;
}
} else {
$_SESSION['user_pwd_sent'] = false;
function connectUser($login, $password, $string)
{
$activated = false;
$banned = true;
$connected = false;
$registered = false;
$data = array();
if (md5(getIp() . strtolower($string)) == $_SESSION['userCheck'] || !$_SESSION['do_check']) {
$sql = "SELECT * FROM `" . $_SESSION['Application_host'] . "`.`T_caver`";
$sql .= " WHERE Login = '******' AND Password ='******' ";
$data = getDataFromSQL($sql, __FILE__, "function", __FUNCTION__);
if ($data['Count'] > 0) {
$registered = true;
$banned = $data[0]['Banned'] == "YES";
$activated = $data[0]['Activated'] == "YES";
} else {
$banned = false;
$activated = true;
}
}
$connected = $registered && !$banned && $activated;
//Set the session
setSession($connected, $data[0]);
if ($connected) {
//Update the date of last connection for this user
$sql = "UPDATE `" . $_SESSION['Application_host'] . "`.`T_caver` ";
$sql .= "SET Date_last_connection = Now(), ";
$sql .= "Ip = '" . getIp() . "', ";
$sql .= "Browser = '" . getBrowserData() . "', ";
$sql .= "Connection_counter = Connection_counter + 1 ";
$sql .= "WHERE Id = " . $_SESSION['user_id'];
$req = execSQL($sql, "function", __FILE__, __FUNCTION__);
}
$return = array('Connected' => $connected, 'Activated' => $activated, 'Banned' => $banned, 'Registered' => $registered);
return $return;
}