Пример #1
0
 foreach ($file as $line) {
     $user = get_line_data('users', $line);
     $useremail = explode('=', $user['email']);
     if ($admin_email == '' || $admin_nick == '') {
         $admin_email = $useremail[1];
         $admin_nick = $user['nickname'];
     }
     if ($user['username'] == $username || $useremail[1] == $email) {
         $found = true;
         break;
     }
 }
 if (!$found) {
     trigger_error($ind362, E_USER_WARNING);
 }
 $new_password = strtolower(create_security_id(12));
 $user['passwordhash'] = md5($new_password);
 $useremail = explode('=', $user['email']);
 $to = $useremail[1];
 $message = sprintf($ind363, $user['nickname'], $furl, $user['username'], $new_password);
 $message = prepare_string_for_mail($message);
 $headers = 'From: ' . $admin_nick . ' <' . $admin_email . '>' . "\r\n" . 'X-Mailer: PHP/ ' . phpversion() . "\r\n";
 if (!@mail($to, $ind364, $message, $headers)) {
     trigger_error($ind365, E_USER_WARNING);
 }
 reset($file);
 foreach ($file as $line) {
     $user2 = get_line_data('users', $line);
     if ($user2['username'] == $user['username']) {
         $write .= implode('|<|', $user) . '|<|' . "\n";
     } else {
Пример #2
0
/**
 * Creates a login session for the given user log in name.
 * @param string $uid Log in name of the user logging in
 * @param int $autologin Whether or not the user wishes to auto log in next time he/she visits the page
 * @return array User data array for the newly logged in user.
 */
function login_session_create($uid, $autologin = 0)
{
    $file = file(FNEWS_ROOT_PATH . 'logins.php');
    $write = array_shift($file);
    $user_ip = get_ip();
    $current_time = time();
    foreach ($file as $login_data) {
        $login = get_line_data('logins', $login_data);
        if ($login['user_id'] == $uid && $login['autologin'] != 1) {
            // Purge old existing security id
            continue;
        }
        if ($current_time <= $login['login_time'] + 1800) {
            $write .= $login_data;
        }
    }
    $security_id = create_security_id();
    $write .= $security_id . '|<|' . $uid . '|<|' . $user_ip . '|<|' . $autologin . '|<|' . $current_time . '|<|' . "\n";
    safe_write('logins.php', 'wb', $write);
    setcookie('fus_uid', $uid, $current_time + 365 * 86400);
    setcookie('fus_sid', $security_id, $current_time + 365 * 86400);
    $userfile = file(FNEWS_ROOT_PATH . 'users.php');
    array_shift($userfile);
    $userdata = array();
    foreach ($userfile as $userinfo) {
        $user = get_line_data('users', $userinfo);
        if ($user['username'] == $uid) {
            $email = explode('=', $user['email']);
            $userdata = array('user' => $user['username'], 'nick' => $user['nickname'], 'showemail' => $email[0], 'email' => $email[1], 'icon' => $user['icon'], 'offset' => (int) $user['timeoffset'], 'password' => $user['passwordhash'], 'level' => (int) $user['level']);
            break;
        }
    }
    return $userdata;
}
Пример #3
0
 * along with Fusion News.  If not, see <http://www.gnu.org/licenses/>.
 */
if (!defined('FNEWS_ROOT_PATH')) {
    /**@ignore*/
    define('FNEWS_ROOT_PATH', str_replace('\\', '/', dirname(__FILE__)) . '/');
    include_once FNEWS_ROOT_PATH . 'common.php';
}
$id = isset($VARS['fn_id']) ? (int) $VARS['fn_id'] : 0;
$action = isset($VARS['fn_action']) ? $VARS['fn_action'] : '';
ob_start();
if (!file_exists(FNEWS_ROOT_PATH . 'news/news.' . $id . '.php')) {
    echo $com11;
    exit;
}
if (!$action) {
    $session_id = create_security_id();
    $file = file(FNEWS_ROOT_PATH . "news/news." . $id . ".php");
    $news_info = parse_news_to_view($file[1]);
    //replace user variables
    $tem = get_template('sendtofriend_temp.php', TRUE);
    $tem = '<script src="' . $furl . '/jsfunc.js" type="text/javascript"></script>' . "\n" . $tem;
    $tem = replace_masks($tem, array('post_id' => $news_info['post_id'], 'subject' => $news_info['subject'], 'user' => $news_info['writer'], 'date' => $news_info['date'], 'news' => $news_info['news'], 'icon' => $news_info['icon'], 'nrc' => $news_info['nrc'], 'com' => $news_info['link_comments'], 'fullstory' => $news_info['fullnews'], 'cat_name' => $news_info['cat_name'], 'cat_id' => $news_info['cat_id'], 'cat_icon' => $news_info['cat_icon']));
    $qs = clean_query_string();
    $tem = str_replace('[form]', '<form action="?fn_mode=send&amp;fn_action=send&amp;fn_id=' . $id . $qs . '" method="post" id="newsposting">', $tem);
    $tem = str_replace('[/form]', '</form>', $tem);
    $tem = str_replace('[buttons]', '<input type="hidden" name="confirm_id" value="' . $session_id . '" />
<input type="submit" value="' . $ind125 . '">&nbsp;<input type="reset" value="' . $ind16 . '">', $tem);
    $tem = preg_replace('/\\[sendnamefld,\\s*([0-9]+)\\]/', '<input type="text" size="\\1" name="sender_name" />', $tem);
    $tem = preg_replace('/\\[recnamefld,\\s*([0-9]+)\\]/', '<input type="text" size="\\1" name="friend_name" />', $tem);
    $tem = preg_replace('/\\[sendmailfld,\\s*([0-9]+)\\]/', '<input type="text" size="\\1" name="sender_email" />', $tem);
    $tem = preg_replace('/\\[recmailfld,\\s*([0-9]+)\\]/', '<input type="text" size="\\1" name="friend_email" />', $tem);