foreach ($file as $line) {
$user = get_line_data('users', $line);
$useremail = explode('=', $user['email']);
if ($admin_email == '' || $admin_nick == '') {
$admin_email = $useremail[1];
$admin_nick = $user['nickname'];
}
if ($user['username'] == $username || $useremail[1] == $email) {
$found = true;
break;
}
}
if (!$found) {
trigger_error($ind362, E_USER_WARNING);
}
$new_password = strtolower(create_security_id(12));
$user['passwordhash'] = md5($new_password);
$useremail = explode('=', $user['email']);
$to = $useremail[1];
$message = sprintf($ind363, $user['nickname'], $furl, $user['username'], $new_password);
$message = prepare_string_for_mail($message);
$headers = 'From: ' . $admin_nick . ' <' . $admin_email . '>' . "\r\n" . 'X-Mailer: PHP/ ' . phpversion() . "\r\n";
if (!@mail($to, $ind364, $message, $headers)) {
trigger_error($ind365, E_USER_WARNING);
}
reset($file);
foreach ($file as $line) {
$user2 = get_line_data('users', $line);
if ($user2['username'] == $user['username']) {
$write .= implode('|<|', $user) . '|<|' . "\n";
} else {
/**
* Creates a login session for the given user log in name.
* @param string $uid Log in name of the user logging in
* @param int $autologin Whether or not the user wishes to auto log in next time he/she visits the page
* @return array User data array for the newly logged in user.
*/
function login_session_create($uid, $autologin = 0)
{
$file = file(FNEWS_ROOT_PATH . 'logins.php');
$write = array_shift($file);
$user_ip = get_ip();
$current_time = time();
foreach ($file as $login_data) {
$login = get_line_data('logins', $login_data);
if ($login['user_id'] == $uid && $login['autologin'] != 1) {
// Purge old existing security id
continue;
}
if ($current_time <= $login['login_time'] + 1800) {
$write .= $login_data;
}
}
$security_id = create_security_id();
$write .= $security_id . '|<|' . $uid . '|<|' . $user_ip . '|<|' . $autologin . '|<|' . $current_time . '|<|' . "\n";
safe_write('logins.php', 'wb', $write);
setcookie('fus_uid', $uid, $current_time + 365 * 86400);
setcookie('fus_sid', $security_id, $current_time + 365 * 86400);
$userfile = file(FNEWS_ROOT_PATH . 'users.php');
array_shift($userfile);
$userdata = array();
foreach ($userfile as $userinfo) {
$user = get_line_data('users', $userinfo);
if ($user['username'] == $uid) {
$email = explode('=', $user['email']);
$userdata = array('user' => $user['username'], 'nick' => $user['nickname'], 'showemail' => $email[0], 'email' => $email[1], 'icon' => $user['icon'], 'offset' => (int) $user['timeoffset'], 'password' => $user['passwordhash'], 'level' => (int) $user['level']);
break;
}
}
return $userdata;
}
* along with Fusion News. If not, see <http://www.gnu.org/licenses/>.
*/
if (!defined('FNEWS_ROOT_PATH')) {
/**@ignore*/
define('FNEWS_ROOT_PATH', str_replace('\\', '/', dirname(__FILE__)) . '/');
include_once FNEWS_ROOT_PATH . 'common.php';
}
$id = isset($VARS['fn_id']) ? (int) $VARS['fn_id'] : 0;
$action = isset($VARS['fn_action']) ? $VARS['fn_action'] : '';
ob_start();
if (!file_exists(FNEWS_ROOT_PATH . 'news/news.' . $id . '.php')) {
echo $com11;
exit;
}
if (!$action) {
$session_id = create_security_id();
$file = file(FNEWS_ROOT_PATH . "news/news." . $id . ".php");
$news_info = parse_news_to_view($file[1]);
//replace user variables
$tem = get_template('sendtofriend_temp.php', TRUE);
$tem = '<script src="' . $furl . '/jsfunc.js" type="text/javascript"></script>' . "\n" . $tem;
$tem = replace_masks($tem, array('post_id' => $news_info['post_id'], 'subject' => $news_info['subject'], 'user' => $news_info['writer'], 'date' => $news_info['date'], 'news' => $news_info['news'], 'icon' => $news_info['icon'], 'nrc' => $news_info['nrc'], 'com' => $news_info['link_comments'], 'fullstory' => $news_info['fullnews'], 'cat_name' => $news_info['cat_name'], 'cat_id' => $news_info['cat_id'], 'cat_icon' => $news_info['cat_icon']));
$qs = clean_query_string();
$tem = str_replace('[form]', '<form action="?fn_mode=send&fn_action=send&fn_id=' . $id . $qs . '" method="post" id="newsposting">', $tem);
$tem = str_replace('[/form]', '</form>', $tem);
$tem = str_replace('[buttons]', '<input type="hidden" name="confirm_id" value="' . $session_id . '" />
<input type="submit" value="' . $ind125 . '"> <input type="reset" value="' . $ind16 . '">', $tem);
$tem = preg_replace('/\\[sendnamefld,\\s*([0-9]+)\\]/', '<input type="text" size="\\1" name="sender_name" />', $tem);
$tem = preg_replace('/\\[recnamefld,\\s*([0-9]+)\\]/', '<input type="text" size="\\1" name="friend_name" />', $tem);
$tem = preg_replace('/\\[sendmailfld,\\s*([0-9]+)\\]/', '<input type="text" size="\\1" name="sender_email" />', $tem);
$tem = preg_replace('/\\[recmailfld,\\s*([0-9]+)\\]/', '<input type="text" size="\\1" name="friend_email" />', $tem);