Пример #1
0
            $pwd_saved = true;
        } else {
            $pwd_saved = false;
        }
    }
}
if (allowAccess(caver_delete_himself)) {
    //Delete an account :
    if (isset($_POST['delete_user'])) {
        $password = isset($_POST['d_caver_password']) ? $_POST['d_caver_password'] : '';
        $key = isset($_POST['d_key']) ? $_POST['d_key'] : '';
        $password = crypt_xor(stripslashes($password), $key);
        $login = isset($_POST['d_caver_login']) ? $_POST['d_caver_login'] : '';
        $sql = "SELECT * FROM `" . $_SESSION['Application_host'] . "`.`T_caver` ";
        $sql .= "WHERE `Id` = " . $_SESSION['user_id'] . " ";
        $sql .= "AND `Password` = '" . getCryptedPwd($login, $password) . "' ";
        $sql .= "AND `Login` = '" . $login . "'";
        $data = getDataFromSQL($sql, __FILE__, $frame, __FUNCTION__);
        if ($data['Count'] > 0) {
            trackAction("delete_user", $_SESSION['user_id'], "T_caver");
            $sql = "DELETE FROM `" . $_SESSION['Application_host'] . "`.`T_caver` ";
            $sql .= "WHERE `Id` = " . $_SESSION['user_id'];
            $req = execSQL($sql, $frame, __FILE__, __FUNCTION__);
            $sql = "DELETE FROM `" . $_SESSION['Application_host'] . "`.`J_entry_caver` ";
            $sql .= "WHERE `Id_caver` = " . $_SESSION['user_id'];
            $req = execSQL($sql, $frame, __FILE__, __FUNCTION__);
            $sql = "DELETE FROM `" . $_SESSION['Application_host'] . "`.`J_grotto_caver` ";
            $sql .= "WHERE `Id_caver` = " . $_SESSION['user_id'];
            $req = execSQL($sql, $frame, __FILE__, __FUNCTION__);
            $sql = "DELETE FROM `" . $_SESSION['Application_host'] . "`.`J_caver_group` ";
            $sql .= "WHERE `Id_caver` = " . $_SESSION['user_id'];
Пример #2
0
}
//Send a new password to the user :
if (isset($_POST['send_pwd'])) {
    $login = isset($_POST['f_caver_login']) ? $_POST['f_caver_login'] : '';
    $contact = isset($_POST['f_caver_contact']) ? $_POST['f_caver_contact'] : '';
    $password = generatePassword(10, 8);
    $string = isset($_POST['f_caver_check']) ? $_POST['f_caver_check'] : '';
    $user_check = isset($_SESSION['userCheck']) ? $_SESSION['userCheck'] : '';
    if (!$_SESSION['do_check'] || md5(getIp() . strtolower($string)) == $user_check) {
        $sql = "SELECT * FROM `" . $_SESSION['Application_host'] . "`.`T_caver`";
        $sql .= " WHERE Login = '******' AND Contact ='" . $contact . "'";
        $data = getDataFromSQL($sql, __FILE__, $frame, __FUNCTION__);
        if ($data['Count'] > 0) {
            if ($data[0]['Activated'] == 'YES') {
                $sql = "UPDATE `" . $_SESSION['Application_host'] . "`.`T_caver`";
                $sql .= " SET Password ='******'";
                $sql .= " WHERE Id = " . $data[0]['Id'];
                $req = execSQL($sql, $frame, __FILE__, __FUNCTION__);
                if (!defined('NO_PHPBB_INSTALLED')) {
                    chgPwdphpBBuser($login, $password);
                }
                sendNewPwdMail($data[0], $password);
                //echo $password;
                trackAction("pwd_user", $data[0]['Id'], "T_caver");
                $_SESSION['user_pwd_sent'] = true;
            } else {
                $activated = false;
                $_SESSION['user_pwd_sent'] = false;
            }
        } else {
            $_SESSION['user_pwd_sent'] = false;
Пример #3
0
function connectUser($login, $password, $string)
{
    $activated = false;
    $banned = true;
    $connected = false;
    $registered = false;
    $data = array();
    if (md5(getIp() . strtolower($string)) == $_SESSION['userCheck'] || !$_SESSION['do_check']) {
        $sql = "SELECT * FROM `" . $_SESSION['Application_host'] . "`.`T_caver`";
        $sql .= " WHERE Login = '******' AND Password ='******' ";
        $data = getDataFromSQL($sql, __FILE__, "function", __FUNCTION__);
        if ($data['Count'] > 0) {
            $registered = true;
            $banned = $data[0]['Banned'] == "YES";
            $activated = $data[0]['Activated'] == "YES";
        } else {
            $banned = false;
            $activated = true;
        }
    }
    $connected = $registered && !$banned && $activated;
    //Set the session
    setSession($connected, $data[0]);
    if ($connected) {
        //Update the date of last connection for this user
        $sql = "UPDATE `" . $_SESSION['Application_host'] . "`.`T_caver` ";
        $sql .= "SET Date_last_connection = Now(), ";
        $sql .= "Ip = '" . getIp() . "', ";
        $sql .= "Browser = '" . getBrowserData() . "', ";
        $sql .= "Connection_counter = Connection_counter + 1 ";
        $sql .= "WHERE Id = " . $_SESSION['user_id'];
        $req = execSQL($sql, "function", __FILE__, __FUNCTION__);
    }
    $return = array('Connected' => $connected, 'Activated' => $activated, 'Banned' => $banned, 'Registered' => $registered);
    return $return;
}