echo "Your verification question must be different than your email address.<br>\n"; echo "<a href=\"javascript:history.go(-1);\">Go Back</a><br>\n"; echo "</h2>\n"; echo "</body>\n</html>\n\n"; die; } if (strlen($verifdata) < 4) { // verif must be 4 chars or more. echo "<h2>\n"; echo "Your verification question needs to be at least 4 chars long.<br>\n"; echo "<a href=\"javascript:history.go(-1);\">Go Back</a><br>\n"; echo "</h2>\n"; echo "</body>\n</html>\n\n"; die; } if (is_locked_va($verifdata)) { // verif must not match an entry in the VA locklist (noreg type 5 - stored in 'user_name') echo "<h2>\n"; echo "The verification answer you have chosen is too common. Please pick an answer that is unique and that you will remember.<br>\n"; echo "<a href=\"javascript:history.go(-1);\">Go Back</a><br>\n"; echo "</h2>\n"; echo "</body>\n</html>\n\n"; die; } $cookieval = md5(CRC_SALT_0015 . uniqid("", 1) . time() . $da_emailaddy . $verifdata); pg_safe_exec("INSERT INTO pending_pwreset (cookie,user_id,question_id,verificationdata,expiration) VALUES ('{$cookieval}',{$uid},'{$verifq}','{$verifdata}',now()::abstime::int4+21600)"); $confirm_url = gen_server_url() . substr($REQUEST_URI, 0, strrpos($REQUEST_URI, "/")) . "/confirm_pwreset.php?ID={$cookieval}"; $the_msg = "If you would like to confirm that the new verification question/answer for '{$da_username}' should be changed as requested,\n"; $the_msg .= "then click on the link below within 6 hours :\n\n"; $the_msg .= "\t{$confirm_url}\n\n\nThank you\n" . NETWORK_NAME . " Channel Service\n\n\nPS- Please do *NOT* reply to this mail."; mail($da_emailaddy, "Verification Question/Answer Reset", $the_msg, "From: " . NETWORK_NAME . " Verification answer reset <" . OBJECT_EMAIL . ">\nReply-To: no.reply@thank.you\nX-Mailer: " . NETWORK_NAME . " Channel Service");
echo "</td></tr>\n"; } if (!$edit) { if ($user->question_id == "" || $user->question_id == 0) { echo "<tr><td><b>Verification question</b></td><td>** NOT SET **</td></tr>"; } else { echo "<tr><td><b>Verification question</b></td><td>" . $question_text[$user->question_id] . "</td></tr>"; } if ($canview == 1) { echo "<tr bgcolor=#" . $cTheme->table_tr_enlighten3 . "><td valign=top>"; echo "<font color=#" . $cTheme->main_warnmsg . "><b>" . BOT_NAME . "@Team/600+ view only</b></font></td>"; echo "<td valign=top>Secret answer is : "; if (trim($user->verificationdata) != "") { echo "<font color=#" . $cTheme->table_sepcolor . "><b>" . $user->verificationdata . "</b>"; if ($admin >= $min_lvl) { if (is_locked_va($user->verificationdata)) { echo " <i>(locked VA)</i>"; } } echo "</font>"; if (ereg(" ", $user->verificationdata)) { echo "<br><b>DISPLAY WARNING</b> secret answer contains litteral space(s) : <font color=#999999><big>"; echo str_replace(" ", "<font color=#ff00ff>_</font>", $user->verificationdata); echo "</big></font>"; } if ($admin >= 750) { // same level as for searching on VA on Admin reports ... echo "<br><a href=\"admin/verifdatacheck.php?posted=1&vanswer=" . str_replace(" ", "%20", $user->verificationdata) . "&rid=" . $id . "\"><font color=#ffffff size=-1><b>>> List all users using this verification answer</b> (*750+)</font></a>."; } echo "\n"; } else {
if (strlen($_POST["verificationdata"]) < 4) { $err .= "<li> Please choose an answer with at least 4 chars in it.\n"; } if (!preg_match("/^[A-Za-z0-9!\\ \\/\\.+_-]+\$/", $_POST["verificationdata"])) { $err .= "<li> The entered verification data contains invalid chars.\n"; } if (strtolower($_POST["email"]) == strtolower($_POST["verificationdata"])) { $err .= "<li> Your verification answer must be different than your email.\n"; } if (strtolower($_POST["username"]) == strtolower($_POST["verificationdata"])) { $err .= "<li> Your verification answer must be different than your username.\n"; } if (!preg_match("/^[A-Za-z0-9]+\$/", $_POST["username"])) { $err .= "<li> Your username must be made of letters (A-Z, a-z) and numbers (0-9).\n"; } if (is_locked_va($_POST["verificationdata"])) { $err .= "<li> The verification answer you have chosen is too common. Please pick an answer that is unique and that you will remember.\n"; } } if ($err != "") { err_newuser($err); } else { echo "<input type=hidden name=is13 value=1>\n"; echo "<input type=hidden name=username value=\"" . post2input($_POST["username"]) . "\">\n"; echo "<input type=hidden name=username_crc value=\"" . post2input($_POST["username_crc"]) . "\">\n"; echo "<input type=hidden name=email value=\"" . post2input($_POST["email"]) . "\">\n"; echo "<input type=hidden name=email_crc value=\"" . post2input($_POST["email_crc"]) . "\">\n"; echo "<input type=hidden name=language value=\"" . post2input($_POST["language"]) . "\">\n"; echo "<input type=hidden name=question_id value=\"" . post2input($_POST["question_id"]) . "\">\n"; echo "<input type=hidden name=verificationdata value=\"" . post2input($_POST["verificationdata"]) . "\">\n"; if (SHOW_GFXUSRCHK && NEWUSERS_GFXCHECK) {