/** * Save the data to complete the partial member record login/registration * * @access private * @return void [Outputs to screen/redirects] */ private function _completeRegistrationSave() { //----------------------------------------- // INIT //----------------------------------------- $mid = intval($this->request['mid']); $key = intval($this->request['key']); $in_email = strtolower(trim($this->request['EmailAddress'])); $banfilters = array(); $form_errors = array('dname' => array(), 'email' => array(), 'general' => array()); $members_display_name = trim($this->request['members_display_name']); $poss_session_id = ""; //----------------------------------------- // Get DB row //----------------------------------------- $reg = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'members_partial', 'where' => "partial_member_id={$mid} AND partial_date={$key}")); $tmp_member = IPSMember::load($mid); //----------------------------------------- // Got it? //----------------------------------------- if (!$reg['partial_id'] or !$tmp_member['member_id']) { $this->registry->output->showError('partial_reg_noid', 10117); } //----------------------------------------- // Load ban filters //----------------------------------------- $this->DB->build(array('select' => '*', 'from' => 'banfilters')); $this->DB->execute(); while ($r = $this->DB->fetch()) { $banfilters[$r['ban_type']][] = $r['ban_content']; } //----------------------------------------- // Custom profile field stuff //----------------------------------------- require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php'; $custom_fields = new customProfileFields(); $custom_fields->initData('edit'); $custom_fields->parseToSave($this->request, 'register'); /* Check */ if ($custom_fields->error_messages) { $form_errors['general'] = $custom_fields->error_messages; } //----------------------------------------- // Remove 'sneaky' spaces //----------------------------------------- if ($this->settings['strip_space_chr']) { $members_display_name = IPSText::removeControlCharacters($members_display_name); } //----------------------------------------- // Testing email addresses? //----------------------------------------- if (!$reg['partial_email_ok']) { //----------------------------------------- // Check the email address //----------------------------------------- if (!IPSText::checkEmailAddress($in_email)) { $form_errors['email'][] = $this->lang->words['reg_error_email_nm']; } //----------------------------------------- // Test email address //----------------------------------------- $this->request['EmailAddress_two'] = strtolower(trim($this->request['EmailAddress_two'])); if ($this->request['EmailAddress_two'] != $in_email) { $form_errors['email'][] = $this->lang->words['reg_error_email_nm']; } //----------------------------------------- // Are they banned [EMAIL]? //----------------------------------------- if (is_array($banfilters['email']) and count($banfilters['email'])) { foreach ($banfilters['email'] as $email) { $email = str_replace('\\*', '.*', preg_quote($email, "/")); if (preg_match("/^{$email}\$/i", $in_email)) { $form_errors['email'][] = $this->lang->words['reg_error_email_taken']; break; } } } /* Is this email addy taken? */ if (IPSMember::checkByEmail($in_email) == TRUE) { $form_errors['email'][] = $this->lang->words['reg_error_email_taken']; } //----------------------------------------- // Load handler... //----------------------------------------- require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $han_login = new han_login($this->registry); $han_login->init(); if ($han_login->emailExistsCheck(trim(strtolower($member['email'])), trim(strtolower($in_email)))) { $form_errors['email'][] = $this->lang->words['reg_error_email_taken']; } } if ($this->settings['auth_allow_dnames']) { /* Check the username */ $user_check = IPSMember::getFunction()->cleanAndCheckName($members_display_name, $tmp_member, 'members_display_name'); if (is_array($user_check['errors']) && count($user_check['errors'])) { $form_errors['dname'] = array_merge($form_errors['dname'], $user_check['errors']); } } //----------------------------------------- // CHECK 1: Any errors (duplicate names, etc)? //----------------------------------------- if (count($form_errors)) { $errorMessages = array(); foreach ($form_errors as $errorCat => $errorMessage) { foreach ($errorMessage as $error) { $errorMessages['general'][] = $error; } } if (count($errorMessages)) { $this->_completeRegistration($errorMessages); return; } } //----------------------------------------- // Update: Members //----------------------------------------- $members_display_name = $this->settings['auth_allow_dnames'] ? $members_display_name : $tmp_member['name']; if (!$reg['partial_email_ok']) { IPSMember::save($mid, array('members' => array('email' => $in_email, 'members_display_name' => $members_display_name, 'name' => $tmp_member['name'] ? $tmp_member['name'] : $members_display_name, 'members_l_username' => $tmp_member['members_l_username'] ? $tmp_member['members_l_username'] : $members_display_name, 'members_l_display_name' => strtolower($members_display_name)))); } else { IPSMember::save($mid, array('members' => array('members_display_name' => $members_display_name, 'name' => $tmp_member['name'] ? $tmp_member['name'] : $members_display_name, 'members_l_username' => $tmp_member['members_l_username'] ? $tmp_member['members_l_username'] : $members_display_name, 'members_l_display_name' => strtolower($members_display_name)))); } //----------------------------------------- // Delete: Partials row //----------------------------------------- $this->DB->delete('members_partial', 'partial_member_id=' . $mid); //----------------------------------------- // Update: Profile fields //----------------------------------------- $this->DB->force_data_type = array(); foreach ($custom_fields->out_fields as $_field => $_data) { $this->DB->force_data_type[$_field] = 'string'; } if (is_array($custom_fields->out_fields) and count($custom_fields->out_fields)) { $this->DB->update('pfields_content', $custom_fields->out_fields, 'member_id=' . $mid); } //----------------------------------------- // Send out admin email //----------------------------------------- if ($this->settings['new_reg_notify']) { $date = $this->registry->getClass('class_localization')->getDate(time(), 'LONG', 1); IPSText::getTextClass('email')->getTemplate("admin_newuser"); IPSText::getTextClass('email')->buildMessage(array('DATE' => $date, 'MEMBER_NAME' => $members_display_name)); IPSText::getTextClass('email')->subject = $this->lang->words['new_registration_email'] . $this->settings['board_name']; IPSText::getTextClass('email')->to = $this->settings['email_in']; IPSText::getTextClass('email')->sendMail(); } //----------------------------------------- // Set cookies //----------------------------------------- IPSCookie::set("member_id", $mid, 1); IPSCookie::set("pass_hash", $tmp_member['member_login_key'], 1); //----------------------------------------- // Fix up session //----------------------------------------- $privacy = $this->request['Privacy'] ? 1 : 0; if ($this->caches['group_cache'][$tmp_member['member_group_id']]['g_hide_online_list']) { $privacy = 1; } $this->member->sessionClass()->convertGuestToMember(array('member_name' => $members_display_name, 'member_id' => $mid, 'member_group' => $tmp_member['member_group_id'], 'login_type' => $privacy)); //----------------------------------------- // Update Stats //----------------------------------------- $cache = $this->cache->getCache('stats'); if ($members_display_name and $mid) { $cache['last_mem_name'] = $members_display_name; $cache['last_mem_id'] = $mid; } $cache['mem_count'] += 1; $this->cache->setCache('stats', $cache, array('array' => 1, 'deletefirst' => 0)); /* Complete account */ IPSLib::runMemberSync('onCompleteAccount', IPSMember::load($mid)); //----------------------------------------- // Go to the board index //----------------------------------------- $this->registry->output->redirectScreen($this->lang->words['clogin_done'], $this->settings['base_url']); }
/** * Return log in form HTML * * @access public * @return string HTML */ public function fetchLogInForm() { require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; /*noLibHook*/ $han_login = new han_login($this->registry); $han_login->is_admin_auth = 1; $han_login->init(); $additional_data = ''; //$han_login->additionalFormHTML(); $replace = false; $data = array(); if (!is_null($additional_data) and is_array($additional_data) and count($additional_data)) { $replace = $additional_data[0]; $data = $additional_data[1]; } /* Check login type */ $uses_name = false; $uses_email = false; $loginType = 'username'; foreach ($this->cache->getCache('login_methods') as $method) { if ($method['login_user_id'] == 'username' or $method['login_user_id'] == 'either') { $uses_name = true; } if ($method['login_user_id'] == 'email' or $method['login_user_id'] == 'either') { $uses_email = true; } } if ($uses_name and $uses_email) { $loginType = 'either'; } elseif ($uses_email) { $loginType = 'email'; } return $this->registry->output->template()->upgrade_login_300plus($data, $replace == 'replace' ? true : false, $loginType); }
/** * Return log in form HTML * * @access public * @return string HTML */ public function fetchLogInForm() { require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $han_login = new han_login($this->registry); $han_login->is_admin_auth = 1; $han_login->init(); $additional_data = ''; //$han_login->additionalFormHTML(); $replace = false; $data = array(); if (!is_null($additional_data) and is_array($additional_data) and count($additional_data)) { $replace = $additional_data[0]; $data = $additional_data[1]; } return $this->registry->output->template()->upgrade_login_300plus($data, $replace == 'replace' ? true : false); }
/** * Save new email and/or pass * * @access protected * @return void */ protected function _saveForm() { if (!$this->request['email'] and !$this->request['password']) { $this->registry->output->global_message = $this->lang->words['change_nothing_update']; $this->_showForm(); return; } if ($this->request['email']) { if (!$this->request['email_confirm']) { $this->registry->output->global_message = $this->lang->words['change_both_fields']; $this->_showForm(); return; } else { if ($this->request['email'] != $this->request['email_confirm']) { $this->registry->output->global_message = $this->lang->words['change_not_match']; $this->_showForm(); return; } } $email = trim($this->request['email']); $email_check = IPSMember::load(strtolower($email)); if ($email_check['member_id'] and $email_check['member_id'] != $member_id) { $this->registry->output->global_message = $this->lang->words['change_email_already_used']; $this->_showForm(); return; } else { if ($email_check['member_id'] == $this->memberData['member_id']) { $this->registry->output->global_message = $this->lang->words['already_using_email']; $this->_showForm(); return; } } //----------------------------------------- // Load handler... //----------------------------------------- require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $han_login = new han_login($this->registry); $han_login->init(); $han_login->changeEmail(trim(strtolower($this->memberData['email'])), trim(strtolower($email))); IPSMember::save($this->memberData['member_id'], array('core' => array('email' => strtolower($email)))); IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($email)); ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['changed_email'], $email)); } if ($this->request['password']) { if (!$this->request['password_confirm']) { $this->registry->output->global_message = $this->lang->words['change_both_fields']; $this->_showForm(); return; } else { if ($this->request['password'] != $this->request['password_confirm']) { $this->registry->output->global_message = $this->lang->words['change_not_match_pw']; $this->_showForm(); return; } } $password = $this->request['password']; $salt = str_replace('\\', "\\\\", IPSMember::generatePasswordSalt(5)); $key = IPSMember::generateAutoLoginKey(); $md5_once = md5(trim($password)); require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $han_login = new han_login($this->registry); $han_login->init(); $han_login->changePass($this->memberData['email'], $md5_once); IPSMember::save($this->memberData['member_id'], array('core' => array('members_pass_salt' => $salt, 'member_login_key' => $key))); IPSMember::updatePassword($this->memberData['member_id'], $md5_once); IPSLib::runMemberSync('onPassChange', $this->memberData['member_id'], $password); ipsRegistry::getClass('adminFunctions')->saveAdminLog($this->lang->words['changed_password']); } $this->registry->output->global_message = $this->lang->words['details_updated']; $this->registry->output->silentRedirectWithMessage($this->settings['base_url']); }
/** * Check the email address * * @access public * @return void [Outputs to screen] */ public function checkEmail() { //----------------------------------------- // INIT //----------------------------------------- $email = ''; if (is_string($_REQUEST['email'])) { $email = strtolower(IPSText::parseCleanValue(rawurldecode($_REQUEST['email']))); } if (!$email) { $this->returnString('found'); } if (!IPSText::checkEmailAddress($email)) { $this->returnString('found'); } //----------------------------------------- // Got the member? //----------------------------------------- if (!IPSMember::checkByEmail($email)) { //----------------------------------------- // Load ban filters //----------------------------------------- $this->DB->build(array('select' => '*', 'from' => 'banfilters')); $this->DB->execute(); while ($r = $this->DB->fetch()) { $banfilters[$r['ban_type']][] = $r['ban_content']; } //----------------------------------------- // Are they banned [EMAIL]? //----------------------------------------- if (is_array($banfilters['email']) and count($banfilters['email'])) { foreach ($banfilters['email'] as $memail) { $memail = str_replace("\\*", '.*', preg_quote($memail, "/")); if (preg_match("/{$memail}/", $email)) { $this->returnString('banned'); break; } } } //----------------------------------------- // Load handler... //----------------------------------------- require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $han_login = new han_login($this->registry); $han_login->init(); if ($han_login->emailExistsCheck($email)) { $this->returnString('found'); } $this->returnString('notfound'); } else { $this->returnString('found'); } }
/** * Update a user's login or display name * * @access protected * @param string Field to update * @return void [Outputs to screen] */ protected function save_member_name($field = 'members_display_name') { $member_id = intval($this->request['member_id']); $member = IPSMember::load($member_id); //----------------------------------------- // Allowed to edit administrators? //----------------------------------------- if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin', 'members', 'members')) { $this->returnJsonError($this->lang->words['m_editadmin']); exit; } if ($field == 'members_display_name') { $display_name = $this->convertAndMakeSafe($_POST['display_name'], 1); $display_name = str_replace("+", "+", $display_name); } else { $display_name = $this->convertAndMakeSafe($_POST['name'], 1); $display_name = str_replace("+", "+", $display_name); $display_name = str_replace('|', '|', $display_name); $display_name = trim(preg_replace("/\\s{2,}/", " ", $display_name)); } if ($this->settings['strip_space_chr']) { // use hexdec to convert between '0xAD' and chr $display_name = IPSText::removeControlCharacters($display_name); } if ($field == 'members_display_name' and preg_match("#[\\[\\];,\\|]#", str_replace(''', "'", str_replace('&', '&', $members_display_name)))) { $this->returnJsonError($this->lang->words['m_displaynames']); } try { if (IPSMember::getFunction()->updateName($member_id, $display_name, $field) === TRUE) { if ($field == 'members_display_name') { ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_dnamelog'], $member['members_display_name'], $display_name)); } else { ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_namelog'], $member['name'], $display_name)); //----------------------------------------- // If updating a name, and display names // disabled, update display name too //----------------------------------------- if (!ipsRegistry::$settings['auth_allow_dnames']) { IPSMember::getFunction()->updateName($member_id, $display_name, 'members_display_name'); } //----------------------------------------- // I say, did we choose to email 'dis member? //----------------------------------------- if ($this->request['send_email'] == 1) { //----------------------------------------- // By golly, we did! //----------------------------------------- $msg = trim(IPSText::stripslashes(nl2br($_POST['email_contents']))); $msg = str_replace("{old_name}", $member['name'], $msg); $msg = str_replace("{new_name}", $display_name, $msg); $msg = str_replace("<#BOARD_NAME#>", $this->settings['board_name'], $msg); $msg = str_replace("<#BOARD_ADDRESS#>", $this->settings['board_url'] . '/index.' . $this->settings['php_ext'], $msg); IPSText::getTextClass('email')->message = stripslashes(IPSText::getTextClass('email')->cleanMessage($msg)); IPSText::getTextClass('email')->subject = $this->lang->words['m_changesubj']; IPSText::getTextClass('email')->to = $member['email']; IPSText::getTextClass('email')->sendMail(); } } $this->cache->rebuildCache('stats', 'global'); } else { # We should absolutely never get here. So this is a fail-safe, really to # prevent a "false" positive outcome for the end-user $this->returnJsonError($this->lang->words['m_namealready']); } } catch (Exception $error) { $this->returnJsonError($error->getMessage()); switch ($error->getMessage()) { case 'NO_USER': $this->returnJsonError($this->lang->words['m_noid']); break; case 'NO_PERMISSION': case 'NO_NAME': $this->returnJsonError(sprintf($this->lang->words['m_morethan3'], $this->settings['max_user_name_length'])); break; case 'ILLEGAL_CHARS': $this->returnJsonError($this->lang->words['m_illegal']); break; case 'USER_NAME_EXISTS': $this->returnJsonError($this->lang->words['m_namealready']); break; default: $this->returnJsonError($error->getMessage()); break; } } //----------------------------------------- // Load handler... //----------------------------------------- if ($field == 'name') { require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $han_login = new han_login($this->registry); $han_login->init(); $han_login->changeName($member['name'], $display_name, $member['email']); } else { IPSLib::runMemberSync('onNameChange', $member_id, $display_name); } $__display_name = addslashes($display_name); $_string = <<<EOF \t\t{ \t\t\t'success' : true, \t\t\t'display_name' : "{$__display_name}" \t\t} \t\t EOF; $this->returnString($_string); }
/** * Show the Email form * * @access public * @author Matt Mecham * @param string Returned error message (if any) * @return string Processed HTML */ public function showFormEmail($_message = '') { //----------------------------------------- // Do we have another URL for email resets? //----------------------------------------- require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $han_login = new han_login($this->registry); $han_login->init(); $han_login->checkMaintenanceRedirect(); $txt = $this->lang->words['ce_current'] . $this->memberData['email']; if ($this->settings['reg_auth_type']) { $txt .= $this->lang->words['ce_auth']; } if ($this->settings['bot_antispam']) { $captchaHTML = $this->registry->getClass('class_captcha')->getTemplate(); } $_message = $_message ? $this->lang->words[$_message] : ''; if ($this->memberData['g_access_cp']) { $this->hide_form_and_save_button = true; } return $this->registry->getClass('output')->getTemplate('ucp')->emailChangeForm($txt, $_message, $captchaHTML, $this->_isFBUser); }
/** * Displays the lost password form * * @access public * @param string $errors * @return void */ public function lostPasswordForm($errors = "") { //----------------------------------------- // Do we have another URL for password resets? //----------------------------------------- require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php'; $han_login = new han_login($this->registry); $han_login->init(); $han_login->checkMaintenanceRedirect(); /* CAPTCHA */ if ($this->settings['bot_antispam']) { $captchaHTML = $this->registry->getClass('class_captcha')->getTemplate(); } $this->registry->output->setTitle($this->lang->words['lost_pass_form']); $this->registry->output->addNavigation($this->lang->words['lost_pass_form'], ''); $this->output .= $this->registry->output->getTemplate('register')->lostPasswordForm($this->lang->words[$errors]); if ($this->settings['bot_antispam']) { $this->output = str_replace("<!--{REG.ANTISPAM}-->", $captchaHTML, $this->output); } }