/**
* @return bool
*/
function verify_captcha()
{
global $db, $mybb;
$user =& $this->data;
if ($user['imagestring'] || $mybb->settings['captchaimage'] != 1) {
// Check their current captcha input - if correct, hide the captcha input area
require_once MYBB_ROOT . 'inc/class_captcha.php';
$this->captcha = new captcha();
if ($this->captcha->validate_captcha() == false) {
// CAPTCHA validation failed
foreach ($this->captcha->get_errors() as $error) {
$this->set_error($error);
}
return false;
} else {
$this->captcha_verified = true;
return true;
}
} else {
if ($mybb->input['quick_login'] == 1 && $mybb->input['quick_password'] && $mybb->input['quick_username']) {
$this->set_error('regimagerequired');
return false;
} else {
$this->set_error('regimageinvalid');
return false;
}
}
}
}
if (empty($mybb->input['fromname'])) {
$errors[] = $lang->error_noname;
}
if (empty($mybb->input['subject'])) {
$errors[] = $lang->error_no_email_subject;
}
if (empty($mybb->input['message'])) {
$errors[] = $lang->error_no_email_message;
}
if ($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0) {
require_once MYBB_ROOT . 'inc/class_captcha.php';
$captcha = new captcha();
if ($captcha->validate_captcha() == false) {
// CAPTCHA validation failed
foreach ($captcha->get_errors() as $error) {
$errors[] = $error;
}
}
}
if (count($errors) == 0) {
if ($mybb->settings['mail_handler'] == 'smtp') {
$from = $mybb->input['fromemail'];
} else {
$from = "{$mybb->input['fromname']} <{$mybb->input['fromemail']}>";
}
$message = $lang->sprintf($lang->email_emailuser, $to_user['username'], $mybb->input['fromname'], $mybb->settings['bbname'], $mybb->settings['bburl'], $mybb->get_input('message'));
my_mail($to_user['email'], $mybb->get_input('subject'), $message, $from, "", "", false, "text", "", $mybb->input['fromemail']);
if ($mybb->settings['mail_logging'] > 0) {
// Log the message
$log_entry = array("subject" => $db->escape_string($mybb->get_input('subject')), "message" => $db->escape_string($mybb->get_input('message')), "dateline" => TIME_NOW, "fromuid" => $mybb->user['uid'], "fromemail" => $db->escape_string($mybb->input['fromemail']), "touid" => $to_user['uid'], "toemail" => $db->escape_string($to_user['email']), "tid" => 0, "ipaddress" => $db->escape_binary($session->packedip), "type" => 1);
$valid_post = $posthandler->validate_post();
$post_errors = array();
// Fetch friendly error messages if this is an invalid post
if (!$valid_post) {
$post_errors = $posthandler->get_friendly_errors();
}
// Mark thread as read
require_once MYBB_ROOT . "inc/functions_indicators.php";
mark_thread_read($tid, $fid);
// Check captcha image
if ($mybb->settings['captchaimage'] && !$mybb->user['uid']) {
require_once MYBB_ROOT . 'inc/class_captcha.php';
$post_captcha = new captcha(false, "post_captcha");
if ($post_captcha->validate_captcha() == false) {
// CAPTCHA validation failed
foreach ($post_captcha->get_errors() as $error) {
$post_errors[] = $error;
}
} else {
$hide_captcha = true;
}
if ($mybb->get_input('ajax', MyBB::INPUT_INT)) {
if ($post_captcha->type == 1) {
$randomstr = random_str(5);
$imagehash = md5(random_str(12));
$imagearray = array("imagehash" => $imagehash, "imagestring" => $randomstr, "dateline" => TIME_NOW);
$db->insert_query("captcha", $imagearray);
//header("Content-type: text/html; charset={$lang->settings['charset']}");
$data = '';
$data .= "<captcha>{$imagehash}";
if ($hide_captcha) {
$query = $db->simple_select("users", "loginattempts", "LOWER(username)='" . $db->escape_string(my_strtolower($mybb->input['username'])) . "' OR LOWER(email)='" . $db->escape_string(my_strtolower($mybb->input['username'])) . "'", array('limit' => 1));
$loginattempts = $db->fetch_field($query, "loginattempts");
$errors = array();
$login_captcha = false;
if ($mybb->settings['failedcaptchalogincount'] > 0 && ($loginattempts > $mybb->settings['failedcaptchalogincount'] || intval($mybb->cookies['loginattempts']) > $mybb->settings['failedcaptchalogincount'])) {
// Show captcha image if enabled
if ($mybb->settings['captchaimage']) {
$do_captcha = false;
// Check their current captcha input - if correct, hide the captcha input area
require_once MYBB_ROOT . 'inc/class_captcha.php';
$login_captcha = new captcha();
if ($login_captcha->validate_captcha() == false) {
$correct = true;
$do_captcha = true;
// CAPTCHA validation failed
foreach ($login_captcha->get_errors() as $error) {
$errors[] = $error;
}
}
}
}
// Don't check password when captcha isn't solved
if (empty($errors)) {
$user = validate_password_from_username($mybb->input['username'], $mybb->input['password']);
if (!$user['uid']) {
my_setcookie('loginattempts', $logins + 1);
$db->update_query("users", array('loginattempts' => 'loginattempts+1'), "LOWER(username) = '" . $db->escape_string(my_strtolower($mybb->input['username'])) . "'", 1, true);
$mybb->input['action'] = "login";
$mybb->input['request_method'] = "get";
if ($mybb->settings['failedlogincount'] != 0 && $mybb->settings['failedlogintext'] == 1) {
$login_text = $lang->sprintf($lang->failed_login_again, $mybb->settings['failedlogincount'] - $logins);
