/**
* Performs the resend user password action.
*
* @access public
* @since 3.0
*
*/
function resend_password_action()
{
global $_POST, $SANITIZER, $CONFIG;
$str_error = '';
// init
if (isset($_POST["un"])) {
$un = trim($_POST["un"]);
$un = $SANITIZER->sanitize($un);
} else {
$un = "";
}
if (isset($_POST["email"])) {
$email = trim($_POST["email"]);
$email = $SANITIZER->sanitize($email);
} else {
$email = "";
}
/** Send email instructions about how to reset the password **/
if (isset($_POST["cmd_resend_password"])) {
if (trim($un) == "" || trim($email) == "") {
$str_error .= JText::_('Required field cannot be left blank.') . '<BR />';
}
if (!ZEmail::check($email)) {
$str_error .= JText::_('Email should look like an email address.') . '<BR />';
}
$email_address_owner_found = false;
if (empty($str_error)) {
$sql = "\n\t\t\t\t\t\t\t\tSELECT u.id, u.un, u.firstname, u.lastname\n\t\t\t\t\t\t\t\tFROM users AS u\n\t\t\t\t\t\t\t\tWHERE u.un = '{$un}'\n\t\t\t\t\t\t\t\tAND u.email = '{$email}'\n\t\t\t\t\t\t\t\tLIMIT 0, 1\n\t\t\t\t\t\t\t ";
$result = mysql_query($sql);
if ($result) {
$record_count = MySQL_NUM_ROWS($result);
if ($record_count == 1) {
$u_id = mysql_result($result, 0, "u.id");
// at least one user using the supplied email address was found
$u_username = mysql_result($result, 0, "u.un");
$u_firstname = mysql_result($result, 0, "u.firstname");
$u_lastname = mysql_result($result, 0, "u.lastname");
$u_fullname = $u_firstname . " " . $u_lastname;
$email_address_owner_found = true;
}
}
if ($email_address_owner_found) {
/** Send instructions here **/
/** Encrypt email address **/
$strongCipher = new Cipher_blowfish();
$strongCipher->setKey(@$CONFIG->secret);
$activation = $strongCipher->zf_encrypt(date("Y-m-d H:i:s") . "_" . $u_id);
/** Send email with password reset instructions **/
$name = JText::_('ZIME Service');
//senders name
$sender = "*****@*****.**";
//senders e-mail adress
$recipient = $email;
//recipient
$subject = JText::_('Reset your ZIME Password');
//subject
$mail_body = JText::__('email_pw_reset_instructions.txt');
$mail_body = str_replace("[USER]", $u_fullname . " ({$u_username})", $mail_body);
$mail_body = str_replace("[URL]", "{$CONFIG->basedir_rewrite}validate.php?option=reset&activation={$activation}", $mail_body);
$header = "From: " . $name . " <" . $sender . ">\r\n";
//optional headerfields
ini_set('sendmail_from', $sender);
//Suggested by "Some Guy"
mail($recipient, $subject, $mail_body, $header);
//mail command :)
} else {
$str_error .= JText::_('Email address was not found.') . '<BR />';
}
}
}
return $str_error;
}
/**
* Shows the help topic.
*
* @access private
* @since 3.0
*
*/
function help_dialog()
{
/* */
echo "<div class='' id='help-topic' style='display:block;'>";
$content = JText::__('help_user_experience.htm');
//$content = str_replace("[URL9]", "mailto:support@zime.lv", $content);
echo "<table width='650'><tr><td>";
echo $content;
echo "</td></tr></table>";
echo "</div>";
}
/**
* Performs a new user registration.
*
* @access public
* @since 3.0
*
*/
function register_action()
{
global $_POST, $CONFIG, $SANITIZER, $SecureSession;
$str_error = '';
// init
if (isset($_POST["fullname"])) {
$fullname = trim($SANITIZER->sanitize($_POST["fullname"]));
} else {
$fullname = "";
}
if (isset($_POST["un"])) {
$un = trim($SANITIZER->sanitize($_POST["un"]));
} else {
$un = "";
}
/*
if (isset($_POST["pw"])) {
$pw = trim($SANITIZER->sanitize($_POST["pw"]));
} else {
$pw = "";
}
*/
if (isset($_POST["pw"])) {
//$pw_hash = trim($SANITIZER->sanitize($_POST["pw_hash"]));
$pw_hash = md5(trim($SANITIZER->sanitize($_POST["pw"])));
} else {
$pw_hash = "";
}
if (isset($_POST["email"])) {
$email = trim($SANITIZER->sanitize($_POST["email"]));
} else {
$email = "";
}
$email_validation_required = true;
/**
Save new user's data
*/
if (isset($_POST["cmd_register"])) {
/** Check inputs**/
//echo $pw_hash;
if ($fullname == "" || $pw_hash == md5("")) {
$str_error .= JText::_("Required field cannot be left blank.") . '<br />';
//return $str_error;
}
/** Test integrity username **/
$str_error .= ZRegister::test_integrity_username($un);
/** Test integrity email **/
$str_error .= ZRegister::test_integrity_email($email);
/** Extract firstname, lastname from full name **/
$fullname_array = ZRegister::extract_fullname_parts($fullname);
$firstname = $fullname_array[0];
$lastname = $fullname_array[1];
if (empty($str_error)) {
$sql = "\n\t\t\t\t\t\t\t\tINSERT INTO users (\n\t\t\t\t\t\t\t\t\tproj_fid\n\t\t\t\t\t\t\t\t\t, proj_item_id\n\t\t\t\t\t\t\t\t\t, un\n\t\t\t\t\t\t\t\t\t, pw\n\t\t\t\t\t\t\t\t\t, firstname\n\t\t\t\t\t\t\t\t\t, lastname\n\t\t\t\t\t\t\t\t\t, gender\n\t\t\t\t\t\t\t\t\t, email\n\t\t\t\t\t\t\t\t\t, birth_date\n\t\t\t\t\t\t\t\t\t, age_rule\n\t\t\t\t\t\t\t\t\t, country\n\t\t\t\t\t\t\t\t\t, language\n\t\t\t\t\t\t\t\t\t, timezone\n\t\t\t\t\t\t\t\t\t, newsletter\n\t\t\t\t\t\t\t\t\t, isconfirmed\n\t\t\t\t\t\t\t\t\t, created)\n\t\t\t\t\t\t\t\tVALUES (\n\t\t\t\t\t\t\t\t\t7\n\t\t\t\t\t\t\t\t\t, 1\n\t\t\t\t\t\t\t\t\t, '{$un}'\n\t\t\t\t\t\t\t\t\t, '{$pw_hash}'\n\t\t\t\t\t\t\t\t\t, '{$firstname}'\n\t\t\t\t\t\t\t\t\t, '{$lastname}'\n\t\t\t\t\t\t\t\t\t, 2\n\t\t\t\t\t\t\t\t\t, '{$email}'\n\t\t\t\t\t\t\t\t\t, '2100-01-01'\n\t\t\t\t\t\t\t\t\t, 0\n\t\t\t\t\t\t\t\t\t, ''\n\t\t\t\t\t\t\t\t\t, ''\n\t\t\t\t\t\t\t\t\t, 0\n\t\t\t\t\t\t\t\t\t, 0\n\t\t\t\t\t\t\t\t\t, 0\n\t\t\t\t\t\t\t\t\t, now()\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t ";
//
if ($_SERVER["REMOTE_ADDR"] == @$CONFIG->debug_ip) {
//echo $sql;
}
$result = mysql_query($sql);
$new_user_id = mysql_insert_id();
/* */
if ($new_user_id && mysql_affected_rows() > 0) {
@setcookie("registered", 1, time() + 60 * 60 * 24 * 365, "/");
/* expire in 1 year */
/** Add default Josta (News-Josta) **/
//$str_error = ZCollection::add_josta($new_user_id, JText::_("Friends"), "", $str_error);
$str_error = ZCollection::add_josta($new_user_id, "Default Josta", "", $str_error);
//ZUser::add_user_to_josta($new_user_id);
} else {
@session_destroy();
$str_error .= JText::_('Registration was not successful. Please try again.');
}
}
/** Send email validation request **/
if ($email_validation_required && empty($str_error)) {
// Encrypt email address
$strongCipher = new Cipher_blowfish();
$strongCipher->setKey(@$CONFIG->secret);
$activation = $strongCipher->zf_encrypt(date("Y-m-d H:i:s") . "_" . $new_user_id);
// Send email with password reset instructions
$name = JText::_('ZIME Service');
//senders name
$sender = "*****@*****.**";
//senders e-mail adress
$recipient = $email;
//recipient
$subject = ZString::replaceVars(JText::_('Welcome to ZIME'), $un);
//subject
$mail_body = JText::__('email_registration.txt');
$mail_body = str_replace("[USER]", $fullname . " ({$un})", $mail_body);
$mail_body = str_replace("[URL]", "{$CONFIG->basedir_rewrite}validate.php?option=register&activation={$activation}", $mail_body);
$header = "From: " . $name . " <" . $sender . ">\r\n";
//optional headerfields
//echo $mail_body
ini_set('sendmail_from', $sender);
//Suggested by "Some Guy"
if (!@mail($recipient, $subject, $mail_body, $header)) {
//mail command :)
$str_error .= JText::_('Could not send the notification.');
}
}
/** Set default notices **/
$_POST["notice_new_follower"] = "1";
ZSettings::notices_action($new_user_id);
// catch $str_error ??
/** Log in user **/
if (empty($str_error)) {
$str_error .= ZLogin::login($un, $pw_hash);
} else {
//@session_destroy();
//$str_error .= JText::_('We cannot log you into your account at this time. Please try again later.') . '<br />';
}
if (!empty($str_error)) {
return $str_error;
} else {
@header("Location: {$CONFIG->basedir_rewrite}");
}
}
}
