/**
* install form
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Install
* @author Henry Ruhs
*/
function install_form()
{
global $d_type, $d_host, $d_name, $d_user, $d_password, $d_prefix, $name, $user, $password, $email;
/* build type array */
$typeArray = array();
foreach (PDO::getAvailableDrivers() as $driver) {
if (is_dir('database/' . $driver)) {
$typeArray[$driver] = $driver;
}
}
/* collect output */
$output = '<h2 class="title_content">' . l('installation') . '</h2>';
$output .= form_element('form', 'form_install', 'js_validate_form js_accordion form_default', '', '', '', 'action="' . FILE . '" method="post" autocomplete="off"');
/* collect database set */
$output .= '<fieldset class="js_set_accordion js_set_active set_accordion set_accordion_default set_active">';
$output .= '<legend class="js_title_accordion js_title_active title_accordion title_accordion_default title_active">' . l('database_setup') . '</legend>';
$output .= '<ul class="js_box_accordion js_box_active box_accordion box_accordion_default box_active">';
if ($typeArray) {
$output .= '<li>' . select_element('type', 'field_select', 'd_type', $typeArray, $d_type, l('type')) . '</li>';
}
$output .= '<li>' . form_element('text', 'd_host', 'field_text field_note', 'd_host', $d_host, '* ' . l('host'), 'maxlength="50" required="required" autofocus="autofocus" data-default="localhost" data-sqlite="' . substr(sha1(uniqid()), 0, 10) . '.sqlite"') . '</li>';
$output .= '<li>' . form_element('text', 'd_name', 'field_text field_note', 'd_name', $d_name, '* ' . l('name'), 'maxlength="50" required="required"') . '</li>';
$output .= '<li>' . form_element('text', 'd_user', 'field_text field_note', 'd_user', $d_user, '* ' . l('user'), 'maxlength="50" required="required"') . '</li>';
$output .= '<li>' . form_element('password', 'd_password', 'js_unmask_password field_text', 'd_password', $d_password, l('password'), 'maxlength="50"') . '</li>';
$output .= '<li>' . form_element('text', 'd_prefix', 'field_text', 'd_prefix', $d_prefix, l('prefix'), 'maxlength="50"') . '</li>';
$output .= '</ul></fieldset>';
/* collect account set */
$output .= '<fieldset class="js_set_accordion js_set_accordion_last set_accordion set_accordion_default set_accordion_last">';
$output .= '<legend class="js_title_accordion title_accordion title_accordion_default">' . l('account_create') . '</legend>';
$output .= '<ul class="js_box_accordion box_accordion box_accordion_default">';
$output .= '<li>' . form_element('text', 'name', 'field_text field_note', 'name', $name, '* ' . l('name'), 'maxlength="50" required="required"') . '</li>';
$output .= '<li>' . form_element('text', 'user', 'field_text field_note', 'user', $user, '* ' . l('user'), 'maxlength="50" required="required"') . '</li>';
$output .= '<li>' . form_element('password', 'password', 'js_unmask_password field_text field_note', 'password', $password, '* ' . l('password'), 'maxlength="50" required="required"') . '</li>';
$output .= '<li>' . form_element('email', 'email', 'field_text field_note', 'email', $email, '* ' . l('email'), 'maxlength="50" required="required"') . '</li>';
$output .= '</ul></fieldset>';
/* collect hidden and button output */
$output .= form_element('hidden', '', '', 'd_salt', hash_generator(40));
$output .= form_element('hidden', '', '', 'token', TOKEN);
$output .= form_element('button', '', 'js_submit button_default button_large', 'install_post', l('install'));
$output .= '</form>';
echo $output;
}
/**
* password reset post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Password
* @author Henry Ruhs
*/
function password_reset_post()
{
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/password_reset'] == 'visited') {
$post_id = clean($_POST['id'], 0);
$post_password = clean($_POST['password'], 0);
$password = hash_generator(10);
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* query user information */
if ($post_id && $post_password) {
$users_result = Redaxscript\Db::forTablePrefix('users')->where(array('id' => $post_id, 'password' => $post_password, 'status' => 1))->findArray();
foreach ($users_result as $r) {
foreach ($r as $key => $value) {
$key = 'my_' . $key;
${$key} = stripslashes($value);
}
}
}
/* validate post */
if ($post_id == '' || $post_password == '') {
$error = l('input_incorrect');
} else {
if (sha1($task) != $solution) {
$error = l('captcha_incorrect');
} else {
if ($my_id == '' || $my_password == '') {
$error = l('access_no');
} else {
/* send new password */
$loginRoute = ROOT . '/' . REWRITE_ROUTE . 'login';
$loginLink = anchor_element('external', '', '', $loginRoute, $loginRoute);
$toArray = array($my_name => $my_email);
$fromArray = array(s('author') => s('email'));
$subject = l('password_new');
$bodyArray = array('<strong>' . l('password_new') . l('colon') . '</strong> ' . $password, '<br />', '<strong>' . l('login') . l('colon') . '</strong> ' . $loginLink);
/* mailer object */
$mailer = new Redaxscript\Mailer();
$mailer->init($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
/* update password */
Redaxscript\Db::forTablePrefix('users')->where(array('id' => $post_id, 'password' => $post_password, 'status' => 1))->findOne()->set('password', sha1($password) . Redaxscript\Registry::get('salt'))->save();
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
if ($post_id && $post_password) {
$back_route = 'password_reset/' . $post_id . '/' . $post_password;
} else {
$back_route = 'reminder';
}
notification(l('error_occurred'), $error, l('back'), $back_route);
} else {
notification(l('operation_completed'), l('password_sent'), l('login'), 'login');
}
$_SESSION[ROOT . '/password_reset'] = '';
}
/**
* password reset post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Password
* @author Henry Ruhs
*/
function password_reset_post()
{
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/password_reset'] == 'visited') {
$post_id = clean($_POST['id'], 0);
$post_password = clean($_POST['password'], 0);
$password = hash_generator(10);
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* query user information */
if ($post_id && $post_password) {
$users_query = 'SELECT id, name, email, password FROM ' . PREFIX . 'users WHERE id = ' . $post_id . ' && password = \'' . $post_password . '\' && status = 1';
$users_result = mysql_query($users_query);
while ($r = mysql_fetch_assoc($users_result)) {
foreach ($r as $key => $value) {
$key = 'my_' . $key;
${$key} = stripslashes($value);
}
}
}
/* validate post */
if ($post_id == '' || $post_password == '') {
$error = l('input_incorrect');
} else {
if (sha1($task) != $solution) {
$error = l('captcha_incorrect');
} else {
if ($my_id == '' || $my_password == '') {
$error = l('access_no');
} else {
/* send new password */
$loginRoute = ROOT . '/' . REWRITE_ROUTE . 'login';
$loginLink = anchor_element('external', '', '', $loginRoute, $loginRoute);
$toArray = array($my_name => $my_email);
$fromArray = array(s('author') => s('email'));
$subject = l('password_new');
$bodyArray = array('<strong>' . l('password_new') . l('colon') . '</strong> ' . $password, '<br />', '<strong>' . l('login') . l('colon') . '</strong> ' . $loginLink);
/* mailer object */
$mailer = new Redaxscript\Mailer($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
/* update password */
$query = 'UPDATE ' . PREFIX . 'users SET password = \'' . sha1($password) . SALT . '\' WHERE id = ' . $post_id . ' && password = \'' . $post_password . '\' && status = 1';
mysql_query($query);
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
if ($post_id && $post_password) {
$back_route = 'password_reset/' . $post_id . '/' . $post_password;
} else {
$back_route = 'reminder';
}
notification(l('error_occurred'), $error, l('back'), $back_route);
} else {
notification(l('operation_completed'), l('password_sent'), l('login'), 'login');
}
$_SESSION[ROOT . '/password_reset'] = '';
}
/**
* install post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Install
* @author Henry Ruhs
*/
function install_post()
{
global $d_host, $d_name, $d_user, $d_password, $d_prefix, $d_salt, $name, $user, $password, $email;
/* clean post */
$d_host = clean($_POST['d_host'], 5);
$d_name = clean($_POST['d_name'], 5);
$d_user = clean($_POST['d_user'], 5);
$d_password = clean($_POST['d_password'], 5);
$d_prefix = clean($_POST['d_prefix'], 5);
$d_salt = clean($_POST['d_salt'], 5);
$name = clean($_POST['name'], 0);
$user = clean($_POST['user'], 0);
$password = clean($_POST['password'], 0);
$email = clean($_POST['email'], 3);
/* validate post */
if ($d_host == '') {
$d_host = 'localhost';
}
if ($user == '') {
$user = '******';
}
if ($password == '') {
$password = hash_generator(10);
}
}
/**
* registration post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Registration
* @author Henry Ruhs
*/
function registration_post()
{
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/registration'] == 'visited') {
$name = $r['name'] = clean($_POST['name'], 0);
$user = $r['user'] = clean($_POST['user'], 0);
$email = $r['email'] = clean($_POST['email'], 3);
$password = hash_generator(10);
$r['password'] = sha1($password) . SALT;
$r['description'] = '';
$r['language'] = LANGUAGE;
$r['first'] = $r['last'] = NOW;
$r['groups'] = retrieve('id', 'groups', 'alias', 'members');
if ($r['groups'] == '') {
$r['groups'] = 0;
}
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* validate post */
$loginValidator = new Redaxscript\Validator\Login();
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
if ($name == '') {
$error = l('name_empty');
} else {
if ($user == '') {
$error = l('user_empty');
} else {
if ($email == '') {
$error = l('email_empty');
} else {
if ($loginValidator->validate($user) == Redaxscript\Validator\Validator::FAILED) {
$error = l('user_incorrect');
} else {
if ($emailValidator->validate($email) == Redaxscript\Validator\Validator::FAILED) {
$error = l('email_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\Validator::FAILED) {
$error = l('captcha_incorrect');
} else {
if (retrieve('id', 'users', 'user', $user)) {
$error = l('user_exists');
} else {
if (USERS_NEW == 0 && s('verification') == 1) {
$r['status'] = 0;
$success = l('registration_verification');
} else {
$r['status'] = 1;
$success = l('registration_sent');
}
/* send login information */
$loginRoute = ROOT . '/' . REWRITE_ROUTE . 'login';
$loginLink = anchor_element('external', '', '', $loginRoute, $loginRoute);
$toArray = array($name => $email);
if (s('notification') == 1) {
$toArray[s('author')] = s('email');
}
$fromArray = array($author => $email);
$subject = l('registration');
$bodyArray = array('<strong>' . l('name') . l('colon') . '</strong> ' . $name . ' (' . MY_IP . ')', '<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<strong>' . l('password') . l('colon') . '</strong> ' . $password, '<br />', '<strong>' . l('login') . l('colon') . '<strong> ' . $loginLink);
/* mailer object */
$mailer = new Redaxscript\Mailer($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
/* build key and value strings */
$r_keys = array_keys($r);
$last = end($r_keys);
foreach ($r as $key => $value) {
$key_string .= $key;
$value_string .= '\'' . $value . '\'';
if ($last != $key) {
$key_string .= ', ';
$value_string .= ', ';
}
}
/* insert user */
$query = 'INSERT INTO ' . PREFIX . 'users (' . $key_string . ') VALUES (' . $value_string . ')';
mysql_query($query);
}
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), 'registration');
} else {
notification(l('operation_completed'), $success, l('login'), 'login');
}
$_SESSION[ROOT . '/registration'] = '';
}
/**
* registration post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Registration
* @author Henry Ruhs
*/
function registration_post()
{
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/registration'] == 'visited') {
$name = $r['name'] = clean($_POST['name'], 0);
$user = $r['user'] = clean($_POST['user'], 0);
$email = $r['email'] = clean($_POST['email'], 3);
$password = hash_generator(10);
$r['password'] = sha1($password) . SALT;
$r['description'] = '';
$r['language'] = Redaxscript\Registry::get('language');
$r['first'] = $r['last'] = NOW;
$r['groups'] = Redaxscript\Db::forTablePrefix('groups')->where('alias', 'members')->findOne()->id;
if ($r['groups'] == '') {
$r['groups'] = 0;
}
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* validate post */
$loginValidator = new Redaxscript\Validator\Login();
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
if ($name == '') {
$error = l('name_empty');
} else {
if ($user == '') {
$error = l('user_empty');
} else {
if ($email == '') {
$error = l('email_empty');
} else {
if ($loginValidator->validate($user) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('user_incorrect');
} else {
if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('email_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('captcha_incorrect');
} else {
if (Redaxscript\Db::forTablePrefix('users')->where('user', $user)->findOne()->id) {
$error = l('user_exists');
} else {
if (USERS_NEW == 0 && s('verification') == 1) {
$r['status'] = 0;
$success = l('registration_verification');
} else {
$r['status'] = 1;
$success = l('registration_sent');
}
/* send login information */
$loginRoute = ROOT . '/' . REWRITE_ROUTE . 'login';
$loginLink = anchor_element('external', '', '', $loginRoute, $loginRoute);
$toArray = array($name => $email);
if (s('notification') == 1) {
$toArray[s('author')] = s('email');
}
$fromArray = array($author => $email);
$subject = l('registration');
$bodyArray = array('<strong>' . l('name') . l('colon') . '</strong> ' . $name, '<br />', '<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<br />', '<strong>' . l('password') . l('colon') . '</strong> ' . $password, '<br />', '<strong>' . l('login') . l('colon') . '<strong> ' . $loginLink);
/* mailer object */
$mailer = new Redaxscript\Mailer();
$mailer->init($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
/* create user */
Redaxscript\Db::forTablePrefix('users')->create()->set($r)->save();
}
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), 'registration');
} else {
notification(l('operation_completed'), $success, l('login'), 'login');
}
$_SESSION[ROOT . '/registration'] = '';
}
