function SendEmail($emailbody, $emailsubject, $emailto) { $sqlstring = "select user_email from users where user_email <> ''"; $result = MySQLQuery($sqlstring, __FILE__, __LINE__); $numrows = mysql_num_rows($result); while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $emailto = $row['user_email']; /* send the email */ if (!SendGmail($emailto, $emailsubject, $emailbody, 1, 0)) { return "System error. Unable to send email!"; } else { return "Message send successfully to {$numrows} recipients"; } } }
function Validate($k) { $k = mysql_real_escape_string($k); if (trim($k) == "") { return 0; } /* check if the key exists in the users_pending table */ $sqlstring = "select * from users_pending where emailkey = '{$k}'"; //echo "$sqlstring<br>"; $result = MySQLQuery($sqlstring, __FILE__, __LINE__); if (mysql_num_rows($result) > 0) { $row = mysql_fetch_array($result, MYSQL_ASSOC); $userpendingid = $row['user_id']; $username = $row['username']; $password = $row['password']; $fullname = $row['user_fullname']; $institution = $row['user_institution']; $country = $row['user_country']; $email = $row['user_email']; } else { return 0; } /* if no errors were found so far, insert the row, with the user disabled */ $sqlstring = "insert into users (username, password, login_type, user_fullname, user_institution, user_country, user_email, user_enabled) values ('{$username}','{$password}','Standard','{$fullname}','{$institution}','{$country}','{$email}',1)"; //PrintSQL($sqlstring); $result = MySQLQuery($sqlstring, __FILE__, __LINE__); $userid = mysql_insert_id(); $sqlstring = "delete from users_pending where user_id = {$userpendingid}"; //PrintSQL($sqlstring); $result = MySQLQuery($sqlstring, __FILE__, __LINE__); /* insert a row into the instance permissions for the default instance */ $sqlstring = "insert into user_instance (user_id, instance_id) values ({$userid}, (select instance_id from instance where instance_default = 1))"; //PrintSQL($sqlstring); $result = MySQLQuery($sqlstring, __FILE__, __LINE__); $body = "<b>Your NiDB account on " . $GLOBALS['cfg']['siteurl'] . " account is active and you are joined to the main instance</b><br><br>Login now: " . $GLOBALS['cfg']['siteurl'] . "/login.php<br><br>Follow these steps to join other instances<ol><li>Login to NiDB: " . $GLOBALS['cfg']['siteurl'] . "/login.php<li>Click your username at the top of the page<li>Find the instance you want to join on the list of available instances<li>The owner of the instance will receive notification that you want to join<li>You will receive a notifiication of the owners response to your join request</ol><br><br>"; /* send the email */ SendGmail($email, 'Your NiDB account has been acitvated', $body, 0); return 1; }
function MySQLQuery($sqlstring, $file, $line, $error = "") { Debug($file, $line, "Running MySQL Query [{$sqlstring}]"); $result = mysql_query($sqlstring); if ($result == false) { $datetime = date('r'); $username = $GLOBALS['username']; $body = "<b>Query failed on [{$datetime}]:</b> {$file} (line {$line})<br>\r\n\t\t\t<b>Error:</b> " . mysql_error() . "<br>\r\n\t\t\t<b>SQL:</b> {$sqlstring}<br><b>Username:</b> {$username}<br>\r\n\t\t\t<b>Server info</b> <pre>" . print_r($_SERVER, true) . "</pre><br>\r\n\t\t\t<b>POST</b> <pre>" . print_r($_POST, true) . "</pre><br>\r\n\t\t\t<b>GET</b> <pre>" . print_r($_GET, true) . "</pre>"; SendGmail($GLOBALS['cfg']['adminemail'], "User encountered error in {$file}", $body, 0); die("<div width='100%' style='border:1px solid red; background-color: #FFC; margin:10px; padding:10px; border-radius:5px; text-align: center'><b>Internal NiDB error.</b><br>The site administrator has been notified. Contact the administrator <" . $GLOBALS['cfg']['adminemail'] . "> if you can provide additional information that may have led to the error<br><br><img src='images/topmen.gif'></div>"); } else { return $result; } }
function SendJoinInstanceRequest($instanceid) { $sqlstring = "select * from user_instance where user_id = (select user_id from users where username = '******'username'] . "') and instance_id = $instanceid"; //PrintSQL($sqlstring); $result = MySQLQuery($sqlstring, __FILE__, __LINE__); $sendemail = 0; if (mysql_num_rows($result) < 1) { $sqlstringA = "insert into user_instance (user_id, instance_id, instance_joinrequest) values ((select user_id from users where username = '******'username'] . "'), $instanceid, 1)"; //PrintSQL($sqlstringA); $resultA = MySQLQuery($sqlstringA, __FILE__, __LINE__); $sendemail = 1; } else { $row = mysql_fetch_array($result, MYSQL_ASSOC); $joinrequest = $row['instance_joinrequest']; if ($joinrequest) { $sendemail = 1; } } if ($sendemail) { /* send an email to the owner of the instance */ $sqlstring = "select * from users where user_id = (select instance_ownerid from instance where instance_id = $instanceid)"; //PrintSQL($sqlstring); $result = MySQLQuery($sqlstring, __FILE__, __LINE__); $row = mysql_fetch_array($result, MYSQL_ASSOC); $oEmail = $row['user_email']; $oFullname = $row['user_fullname']; /* get the user in-question's information */ $sqlstring = "select * from users where user_id = (select instance_ownerid from instance where instance_id = $instanceid)"; //PrintSQL($sqlstring); $result = MySQLQuery($sqlstring, __FILE__, __LINE__); $row = mysql_fetch_array($result, MYSQL_ASSOC); $uEmail = $row['user_email']; $uFullname = $row['user_fullname']; /* get the instance information */ $sqlstring = "select * from instance where instance_id = $instanceid"; //PrintSQL($sqlstring); $result = MySQLQuery($sqlstring, __FILE__, __LINE__); $row = mysql_fetch_array($result, MYSQL_ASSOC); $instancename = $row['instance_name']; $body = "$oFullname,<br><br><b>$uFullname ($uEmail)</b> has requested to join your Neuroinformatics Database (NiDB) instance: <b>$instancename</b>\n\nTo accept or reject this request, login to NiDB and go to Admin->Instances and click Accept or Reject"; if (!SendGmail($uEmail,'NiDB instance join request',$body,0)) { echo "System error. Unable to send email!"; } else { } ?><span class="message">Request sent</span><? } }
function ResetPassword($email) { $email = mysql_real_escape_string($email); $safetoemail = 0; $securimage = new Securimage(); if ($securimage->check($_POST['captcha_code']) == false) { // or you can use the following code if there is no validation or you do not know how ResetPasswordForm("CAPTCHA code entered was incorrect"); } if (trim($email) == "") { ResetPasswordForm("Email was blank"); } /* check if the username or email address is already in the users table */ $sqlstring = "select count(*) 'count' from users where username = '******' or user_email = '{$email}'"; //echo "$sqlstring<br>"; $result = MySQLQuery($sqlstring, __FILE__, __LINE__); $row = mysql_fetch_array($result, MYSQL_ASSOC); $count = $row['count']; //echo "Count [$count]<br>"; if ($count > 0) { $safetoemail = 1; } else { /* check if the username or email address is already in the users_pending table */ $sqlstring = "select count(*) 'count' from users where username = '******' or user_email = '{$email}'"; //echo "$sqlstring<br>"; $result = MySQLQuery($sqlstring, __FILE__, __LINE__); $row = mysql_fetch_array($result, MYSQL_ASSOC); $count = $row['count']; //echo "Count [$count]<br>"; if ($count > 0) { ?> This email address was used to sign up for an account, but has not been activated<?php } else { ?> This email address is not valid in this system<?php return 0; } } $newpass = GenerateRandomString(10); /* send a password reset email */ $body = "Your password has been temporarily reset to '{$newpass}'. Please login to " . $GLOBALS['cfg']['siteurl'] . " and change your password"; /* send the email */ if (!SendGmail($email, 'NiDB password reset', $body, 0)) { echo "System error. Unable to send email!"; //$sqlstring = "delete from users_pending where user_id = $rowid"; //$result = MySQLQuery($sqlstring, __FILE__, __LINE__); } else { $sqlstring = "update users set password = sha1('{$newpass}') where user_email = '{$email}'"; $result = MySQLQuery($sqlstring, __FILE__, __LINE__); echo "Email sent to '{$email}'. Check it and get back to me"; } }