Exemplo n.º 1
0
$res = sql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
*/
$secret = mksecret();
$wantpasshash = md5($secret . $wantpassword . $secret);
$editsecret = $verification == 'admin' ? '' : $secret;
$invite_count = (int) $invite_count;
$wantusername = sqlesc($wantusername);
$wantpasshash = sqlesc($wantpasshash);
$secret = sqlesc($secret);
$editsecret = sqlesc($editsecret);
$send_email = $email;
$email = sqlesc($email);
$country = sqlesc($country);
$gender = sqlesc($gender);
$sitelangid = sqlesc(get_langid_from_langcookie());
$res_check_user = sql_query("SELECT * FROM users WHERE username = "******"";
$ret = sql_query("INSERT INTO users (username, passhash, secret, editsecret, email, country, gender, status, class, invites, " . ($type == 'invite' ? "invited_by," : "") . " added, last_access, lang, stylesheet" . ($showschool == 'yes' ? ", school" : "") . ", uploaded) VALUES (" . $wantusername . "," . $wantpasshash . "," . $secret . "," . $editsecret . "," . $email . "," . $country . "," . $gender . ", 'confirmed', " . $defaultclass_class . "," . $invite_count . ", " . ($type == 'invite' ? "'{$inviter}'," : "") . " '" . date("Y-m-d H:i:s") . "' , " . " '" . date("Y-m-d H:i:s") . "' , " . $sitelangid . "," . $defcss . ($showschool == 'yes' ? "," . $school : "") . "," . ($iniupload_main > 0 ? $iniupload_main : 0) . ")") or sqlerr(__FILE__, __LINE__);
$id = mysql_insert_id();
$dt = sqlesc(date("Y-m-d H:i:s"));
$subject = sqlesc($lang_takesignup['msg_subject'] . $SITENAME . "!");
$msg = sqlesc($lang_takesignup['msg_congratulations'] . htmlspecialchars($wantusername) . $lang_takesignup['msg_you_are_a_member']);
sql_query("INSERT INTO messages (sender, receiver, subject, added, msg) VALUES(0, {$id}, {$subject}, {$dt}, {$msg})") or sqlerr(__FILE__, __LINE__);
//write_log("User account $id ($wantusername) was created");
$res = sql_query("SELECT passhash, secret, editsecret, status FROM users WHERE id = " . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$row = mysql_fetch_assoc($res);
$psecret = md5($row['secret']);
Exemplo n.º 2
0
function logincookie($id, $passhash, $updatedb = 1, $expires = 0x7fffffff, $securelogin = false, $ssl = false, $trackerssl = false)
{
    if ($expires != 0x7fffffff) {
        $expires = time() + $expires;
    }
    setcookie("c_secure_uid", base64($id), $expires, "/");
    setcookie("c_secure_pass", $passhash, $expires, "/");
    if ($ssl) {
        setcookie("c_secure_ssl", base64("yeah"), $expires, "/");
    } else {
        setcookie("c_secure_ssl", base64("nope"), $expires, "/");
    }
    if ($trackerssl) {
        setcookie("c_secure_tracker_ssl", base64("yeah"), $expires, "/");
    } else {
        setcookie("c_secure_tracker_ssl", base64("nope"), $expires, "/");
    }
    if ($securelogin) {
        setcookie("c_secure_login", base64("yeah"), $expires, "/");
    } else {
        setcookie("c_secure_login", base64("nope"), $expires, "/");
    }
    if ($updatedb) {
        sql_query("UPDATE users SET last_login = NOW(), lang=" . sqlesc(get_langid_from_langcookie()) . " WHERE id = " . sqlesc($id));
    }
}