Пример #1
0
function get_user_nav_menu_items()
{
    global $db, $luna_config, $luna_user;
    $items = array();
    if ($luna_user['is_guest']) {
        $items['guest'] = array('register' => array('url' => 'register.php', 'title' => __('Register', 'luna')), 'login' => array('url' => '#', 'title' => __('Login', 'luna')));
    } else {
        if ($luna_user['is_admmod']) {
            $items['backstage'] = array('url' => 'backstage/', 'title' => __('Backstage', 'luna'));
        }
        // Check for new notifications
        $result = $db->query('SELECT COUNT(id) FROM ' . $db->prefix . 'notifications WHERE viewed = 0 AND user_id = ' . $luna_user['id']) or error('Unable to load notifications', __FILE__, __LINE__, $db->error());
        $num_notifications = intval($db->result($result));
        $items['notifications'] = array('url' => $luna_config['o_notification_flyout'] ? '#' : 'notifications.php', 'title' => $num_notifications > 0 ? __('Notifications', 'luna') : __('No new notifications', 'luna'), 'num' => $num_notifications, 'flyout' => 1 == $luna_config['o_notification_flyout']);
        if ($luna_config['o_pms_enabled'] == '1' && $luna_user['g_pm'] == '1' && $luna_user['use_pm'] == '1') {
            // Check for new messages
            $result = $db->query('SELECT COUNT(id) FROM ' . $db->prefix . 'messages WHERE showed=0 AND show_message=1 AND owner=' . $luna_user['id']) or error('Unable to check the availibility of new messages', __FILE__, __LINE__, $db->error());
            $num_new_pm = intval($db->result($result));
            $items['inbox'] = array('url' => 'inbox.php', 'title' => 'Inbox', 'num' => $num_new_pm);
        }
        $items['user'] = array('profile' => array('url' => 'profile.php?id=' . $luna_user['id'], 'title' => __('Profile', 'luna')), 'settings' => array('url' => 'settings.php', 'title' => __('Settings', 'luna')), 'help' => array('url' => 'help.php', 'title' => __('Help', 'luna')), 'logout' => array('url' => 'login.php?action=out&id=' . $luna_user['id'] . '&csrf_token=' . luna_hash($luna_user['id'] . luna_hash(get_remote_address())), 'title' => __('Logout', 'luna')));
    }
    return $items;
}
Пример #2
0
 /**
  * Create a nonce.
  * 
  * Build a secret string with previously set values, hash it and return
  * a truncated, 12 chars long string.
  * 
  * @since    1.1
  * 
  * @return   string    Nonce value
  */
 private function _create()
 {
     $secret = $this->tick . '|' . $this->action . '|' . $this->user . '|' . $this->seed;
     $this->nonce = substr(luna_hash($secret, 'nonce'), -12, 12);
     return $this->nonce;
 }
Пример #3
0
function load_admin_nav($section, $page)
{
    global $luna_user, $luna_config, $is_admin;
    // What page are we on?
    if ($page == 'index') {
        $page_title = '<span class="fa fa-fw fa-tachometer"></span> ' . __('Backstage', 'luna');
    } elseif ($page == 'stats') {
        $page_title = '<span class="fa fa-fw fa-info-circle"></span> ' . __('System info', 'luna');
    } elseif ($page == 'update') {
        $page_title = '<span class="fa fa-fw fa-cloud-upload"></span> ' . __('Luna software update', 'luna');
    } elseif ($page == 'about') {
        $page_title = '<span class="fa fa-fw fa-moon-o"></span> ' . __('About Luna', 'luna');
    } elseif ($page == 'board') {
        $page_title = '<span class="fa fa-fw fa-sort-amount-desc"></span> ' . __('Board', 'luna');
    } elseif ($page == 'moderate') {
        $page_title = '<span class="fa fa-fw fa-tasks"></span> ' . __('Moderate', 'luna');
    } elseif ($page == 'censoring') {
        $page_title = '<span class="fa fa-fw fa-eye-slash"></span> ' . __('Censoring', 'luna');
    } elseif ($page == 'reports') {
        $page_title = '<span class="fa fa-fw fa-exclamation-triangle"></span> ' . __('Reports', 'luna');
    } elseif ($page == 'users') {
        $page_title = '<span class="fa fa-fw fa-search"></span> ' . __('Search', 'luna');
    } elseif ($page == 'tools') {
        $page_title = '<span class="fa fa-fw fa-wrench"></span> ' . __('Tools', 'luna');
    } elseif ($page == 'ranks') {
        $page_title = '<span class="fa fa-fw fa-chevron-up"></span> ' . __('Ranks', 'luna');
    } elseif ($page == 'groups') {
        $page_title = '<span class="fa fa-fw fa-group"></span> ' . __('Groups', 'luna');
    } elseif ($page == 'permissions') {
        $page_title = '<span class="fa fa-fw fa-check-circle"></span> ' . __('Permissions', 'luna');
    } elseif ($page == 'bans') {
        $page_title = '<span class="fa fa-fw fa-ban"></span> ' . __('Bans', 'luna');
    } elseif ($page == 'settings') {
        $page_title = '<span class="fa fa-fw fa-cogs"></span> ' . __('Settings', 'luna');
    } elseif ($page == 'features') {
        $page_title = '<span class="fa fa-fw fa-sliders"></span> ' . __('Features', 'luna');
    } elseif ($page == 'appearance') {
        $page_title = '<span class="fa fa-fw fa-eye"></span> ' . __('Appearance', 'luna');
    } elseif ($page == 'registration') {
        $page_title = '<span class="fa fa-fw fa-plus-circle"></span> ' . __('Registration', 'luna');
    } elseif ($page == 'email') {
        $page_title = '<span class="fa fa-fw fa-envelope"></span> ' . __('Email', 'luna');
    } elseif ($page == 'menu') {
        $page_title = '<span class="fa fa-fw fa-bars"></span> ' . __('Menu', 'luna');
    } elseif ($page == 'theme') {
        $page_title = '<span class="fa fa-fw fa-paint-brush"></span> ' . __('Theme', 'luna');
    } elseif ($page == 'maintenance') {
        $page_title = '<span class="fa fa-fw fa-coffee"></span> ' . __('Maintenance', 'luna');
    } elseif ($page == 'prune') {
        $page_title = '<span class="fa fa-fw fa-recycle"></span> ' . __('Prune', 'luna');
    } elseif ($page == 'database') {
        $page_title = '<span class="fa fa-fw fa-database"></span> ' . __('Database management', 'luna');
    } elseif ($page == 'info') {
        $page_title = '<span class="fa fa-fw fa-info-circle"></span> ' . __('Info', 'luna');
    } else {
        $page_title = $page;
    }
    ?>
<nav class="navbar navbar-fixed-top navbar-default" role="navigation">
	<div class="container">
		<div class="navbar-header">
			<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
				<span class="sr-only">Toggle navigation</span>
				<span class="icon-bar"></span>
				<span class="icon-bar"></span>
				<span class="icon-bar"></span>
			</button>
			<a class="navbar-brand" href="../index.php"><span class="fa fa-fw fa-arrow-left hidden-xs"></span><span class="visible-xs-inline"><?php 
    echo $page_title;
    ?>
</span></a>
		</div>
		<div class="navbar-collapse collapse">
			<ul class="nav navbar-nav">
				<li class="<?php 
    if ($section == 'backstage') {
        echo 'active';
    }
    ?>
"><a href="index.php"><span class="fa fa-fw fa-dashboard"></span> <?php 
    _e('Backstage', 'luna');
    ?>
</a></li>
				<?php 
    if ($is_admin) {
        ?>
					<li class="<?php 
        if ($section == 'content') {
            echo 'active';
        }
        ?>
"><a href="board.php"><span class="fa fa-fw fa-file"></span> <?php 
        _e('Content', 'luna');
        ?>
</a></li>
				<?php 
    } else {
        ?>
					<li class="<?php 
        if ($section == 'content') {
            echo 'active';
        }
        ?>
"><a href="reports.php"><span class="fa fa-fw fa-file"></span> <?php 
        _e('Content', 'luna');
        ?>
</a></li>
				<?php 
    }
    ?>
				<li class="<?php 
    if ($section == 'users') {
        echo 'active';
    }
    ?>
"><a href="users.php"><span class="fa fa-fw fa-users"></span> <?php 
    _e('Users', 'luna');
    ?>
</a></li>
				<?php 
    if ($is_admin) {
        ?>
<li class="<?php 
        if ($section == 'settings') {
            echo 'active';
        }
        ?>
"><a href="settings.php"><span class="fa fa-fw fa-cog"></span> <?php 
        _e('Settings', 'luna');
        ?>
</a></li><?php 
    }
    ?>
				<?php 
    if ($is_admin) {
        ?>
<li class="<?php 
        if ($section == 'maintenance') {
            echo 'active';
        }
        ?>
"><a href="maintenance.php"><span class="fa fa-fw fa-coffee"></span> <?php 
        _e('Maintenance', 'luna');
        ?>
</a></li>	<?php 
    }
    // See if there are any plugins
    $plugins = forum_list_plugins($is_admin);
    // Did we find any plugins?
    if (!empty($plugins)) {
        ?>
				<li class="dropdown<?php 
        if ($section == ' extensions') {
            echo 'active';
        }
        ?>
">
					<a href="#" class="dropdown-toggle" data-toggle="dropdown">
						<span class="fa fa-fw fa-cogs"></span> <?php 
        _e('Extensions', 'luna');
        ?>
 <span class="fa fa-fw fa-angle-down">
					</a>
					<ul class="dropdown-menu">
<?php 
        foreach ($plugins as $plugin_name => $plugin) {
            echo "\t\t\t\t\t" . '<li><a href="loader.php?plugin=' . $plugin_name . '">' . str_replace('_', ' ', $plugin) . '</a></li>' . "\n";
        }
        ?>
					</ul>
				</li>
<?php 
    }
    ?>
			</ul>
			<ul class="nav navbar-nav navbar-right">
				<li class="dropdown usermenu">
					<a href="#" class="dropdown-toggle dropdown-user" data-toggle="dropdown">
						<span class="hidden-sm"><?php 
    print luna_htmlspecialchars($luna_user['username']);
    ?>
 </span><?php 
    echo draw_user_avatar($luna_user['id'], true, 'avatar');
    ?>
 <span class="fa fa-fw fa-angle-down"></span>
					</a>
					<ul class="dropdown-menu">
						<li><a href="../profile.php?id=<?php 
    echo $luna_user['id'];
    ?>
"><?php 
    _e('Profile', 'luna');
    ?>
</a></li>
						<li><a href="../settings.php?id=<?php 
    echo '' . $luna_user['id'];
    ?>
"><?php 
    _e('Settings', 'luna');
    ?>
</a></li>
						<li class="divider"></li>
						<li><a href="../help.php"><?php 
    _e('Help', 'luna');
    ?>
</a></li>
						<li><a href="http://getluna.org"><?php 
    _e('Support', 'luna');
    ?>
</a></li>
						<li class="divider"></li>
						<li><a href="../login.php?action=out&amp;id=<?php 
    echo '' . $luna_user['id'] . '&amp;csrf_token=' . luna_hash($luna_user['id'] . luna_hash(get_remote_address()));
    ?>
"><?php 
    _e('Logout', 'luna');
    ?>
</a></li>
					</ul>
				</li>
			</ul>
		</div>
	</div>
</nav>
<div class="jumbotron jumboheader">
	<div class="container">
		<div class="row">
			<h2 class="hidden-xs">
				<?php 
    echo $page_title;
    if ($luna_config['o_update_ring'] > 1) {
        echo '<span class="pull-right" style="font-size: 70%;">Core ' . Version::FORUM_CORE_VERSION . '</span>';
    }
    ?>
			</h2>
			<?php 
    if ($section == 'backstage') {
        ?>
			<ul class="nav nav-tabs" role="tablist">
				<li<?php 
        if ($page == 'index') {
            echo ' class="active"';
        }
        ?>
><a href="index.php"><span class="fa fa-fw fa-tachometer"></span><span class="hidden-xs"> <?php 
        _e('Backstage', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'stats') {
            echo ' class="active"';
        }
        ?>
><a href="system.php"><span class="fa fa-fw fa-info-circle"></span><span class="hidden-xs"> <?php 
        _e('System info', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'update') {
            echo ' class="active"';
        }
        ?>
><a href="update.php"><span class="fa fa-fw fa-cloud-upload"></span><span class="hidden-xs"> <?php 
        _e('Update', 'luna');
        ?>
</span></a></li>
				<li class="pull-right<?php 
        if ($page == 'about') {
            echo ' active';
        }
        ?>
"><a href="about.php"><span class="fa fa-fw fa-moon-o"></span><span class="hidden-xs"> <?php 
        _e('About', 'luna');
        ?>
</span></a></li>
			</ul>
			<?php 
    }
    if ($section == 'content') {
        ?>
			<ul class="nav nav-tabs" role="tablist">
				<li<?php 
        if ($page == 'board') {
            echo ' class="active"';
        }
        ?>
><a href="board.php"><span class="fa fa-fw fa-sort-amount-desc"></span><span class="hidden-xs"> <?php 
        _e('Board', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'moderate') {
            echo ' class="active"';
        }
        ?>
><a href="moderate.php"><span class="fa fa-fw fa-tasks"></span><span class="hidden-xs"> <?php 
        _e('Moderate', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'censoring') {
            echo ' class="active"';
        }
        ?>
><a href="censoring.php"><span class="fa fa-fw fa-eye-slash"></span><span class="hidden-xs"> <?php 
        _e('Censoring', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'reports') {
            echo ' class="active"';
        }
        ?>
><a href="reports.php"><span class="fa fa-fw fa-exclamation-triangle"></span><span class="hidden-xs"> <?php 
        _e('Reports', 'luna');
        ?>
</span></a></li>
			</ul>
			<?php 
    }
    if ($section == 'users') {
        ?>
			<ul class="nav nav-tabs" role="tablist">
				<li<?php 
        if ($page == 'users') {
            echo ' class="active"';
        }
        ?>
><a href="users.php"><span class="fa fa-fw fa-search"></span><span class="hidden-xs"> <?php 
        _e('Search', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'tools') {
            echo ' class="active"';
        }
        ?>
><a href="tools.php"><span class="fa fa-fw fa-wrench"></span><span class="hidden-xs"> <?php 
        _e('Tools', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'ranks') {
            echo ' class="active"';
        }
        ?>
><a href="ranks.php"><span class="fa fa-fw fa-chevron-up"></span><span class="hidden-xs"> <?php 
        _e('Ranks', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'groups') {
            echo ' class="active"';
        }
        ?>
><a href="groups.php"><span class="fa fa-fw fa-group"></span><span class="hidden-xs"> <?php 
        _e('Groups', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'permissions') {
            echo ' class="active"';
        }
        ?>
><a href="permissions.php"><span class="fa fa-fw fa-check-circle"></span><span class="hidden-xs"> <?php 
        _e('Permissions', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'bans') {
            echo ' class="active"';
        }
        ?>
><a href="bans.php"><span class="fa fa-fw fa-ban"></span><span class="hidden-xs"> <?php 
        _e('Bans', 'luna');
        ?>
</span></a></li>
			</ul>
			<?php 
    }
    if ($section == 'settings') {
        ?>
			<ul class="nav nav-tabs" role="tablist">
				<li<?php 
        if ($page == 'settings') {
            echo ' class="active"';
        }
        ?>
><a href="settings.php"><span class="fa fa-fw fa-cogs"></span><span class="hidden-xs"> <?php 
        _e('Settings', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'features') {
            echo ' class="active"';
        }
        ?>
><a href="features.php"><span class="fa fa-fw fa-sliders"></span><span class="hidden-xs"> <?php 
        _e('Features', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'appearance') {
            echo ' class="active"';
        }
        ?>
><a href="appearance.php"><span class="fa fa-fw fa-eye"></span><span class="hidden-xs"> <?php 
        _e('Appearance', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'registration') {
            echo ' class="active"';
        }
        ?>
><a href="registration.php"><span class="fa fa-fw fa-plus-circle"></span><span class="hidden-xs"> <?php 
        _e('Registration', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'email') {
            echo ' class="active"';
        }
        ?>
><a href="email.php"><span class="fa fa-fw fa-envelope"></span><span class="hidden-xs"> <?php 
        _e('Email', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'menu') {
            echo ' class="active"';
        }
        ?>
><a href="menu.php"><span class="fa fa-fw fa-bars"></span><span class="hidden-xs"> <?php 
        _e('Menu', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'theme') {
            echo ' class="active"';
        }
        ?>
><a href="theme.php"><span class="fa fa-fw fa-paint-brush"></span><span class="hidden-xs"> <?php 
        _e('Theme', 'luna');
        ?>
</span></a></li>
			</ul>
			<?php 
    }
    if ($section == 'maintenance') {
        ?>
			<ul class="nav nav-tabs" role="tablist">
				<li<?php 
        if ($page == 'maintenance') {
            echo ' class="active"';
        }
        ?>
><a href="maintenance.php"><span class="fa fa-fw fa-coffee"></span><span class="hidden-xs"> <?php 
        _e('Maintenance', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'prune') {
            echo ' class="active"';
        }
        ?>
><a href="prune.php"><span class="fa fa-fw fa-recycle"></span><span class="hidden-xs"> <?php 
        _e('Prune', 'luna');
        ?>
</span></a></li>
				<li<?php 
        if ($page == 'database') {
            echo ' class="active"';
        }
        ?>
><a href="database.php"><span class="fa fa-fw fa-database"></span><span class="hidden-xs"> <?php 
        _e('Database', 'luna');
        ?>
</span></a></li>
			</ul>
			<?php 
    }
    ?>
		</div>
	</div>
</div>
<div class="content">
	<div class="container">
		<div class="row">
<?php 
}
Пример #4
0
 public static function insert_default_users($username, $password, $email, $language, $style)
 {
     global $db, $db_type;
     $now = time();
     $db->start_transaction();
     // Insert guest and first admin user
     $db->query('INSERT INTO ' . $db->prefix . 'users (group_id, username, password, email) VALUES(3, \'' . $db->escape(__('Guest', 'luna')) . '\', \'' . $db->escape(__('Guest', 'luna')) . '\', \'' . $db->escape(__('Guest', 'luna')) . '\')') or error('Unable to add guest user. Please check your configuration and try again', __FILE__, __LINE__, $db->error());
     $db->query('INSERT INTO ' . $db->prefix . 'users (group_id, username, password, email, language, style, num_posts, last_post, registered, registration_ip, last_visit) VALUES(1, \'' . $db->escape($username) . '\', \'' . luna_hash($password) . '\', \'' . $email . '\', \'' . $db->escape($language) . '\', \'' . $db->escape($style) . '\', 1, ' . $now . ', ' . $now . ', \'' . $db->escape(get_remote_address()) . '\', ' . $now . ')') or error('Unable to add administrator user. Please check your configuration and try again', __FILE__, __LINE__, $db->error());
     $db->end_transaction();
 }
Пример #5
0
                // The first row contains the subject
                $first_crlf = strpos($mail_tpl, "\n");
                $mail_subject = trim(substr($mail_tpl, 8, $first_crlf - 8));
                $mail_message = trim(substr($mail_tpl, $first_crlf));
                // Do the generic replacements first (they apply to all emails sent out here)
                $mail_message = str_replace('<base_url>', get_base_url() . '/', $mail_message);
                $mail_message = str_replace('<board_mailer>', $luna_config['o_board_title'], $mail_message);
                // Loop through users we found
                while ($cur_hit = $db->fetch_assoc($result)) {
                    if ($cur_hit['last_email_sent'] != '' && time() - $cur_hit['last_email_sent'] < 3600 && time() - $cur_hit['last_email_sent'] >= 0) {
                        message(sprintf(__('This account has already requested a password reset in the past hour. Please wait %s minutes before requesting a new password again.', 'luna'), intval((3600 - (time() - $cur_hit['last_email_sent'])) / 60)), true);
                    }
                    // Generate a new password and a new password activation code
                    $new_password = random_pass(12);
                    $new_password_key = random_pass(8);
                    $db->query('UPDATE ' . $db->prefix . 'users SET activate_string=\'' . luna_hash($new_password) . '\', activate_key=\'' . $new_password_key . '\', last_email_sent = ' . time() . ' WHERE id=' . $cur_hit['id']) or error('Unable to update activation data', __FILE__, __LINE__, $db->error());
                    // Do the user specific replacements to the template
                    $cur_mail_message = str_replace('<username>', $cur_hit['username'], $mail_message);
                    $cur_mail_message = str_replace('<activation_url>', get_base_url() . '/settings.php?id=' . $cur_hit['id'] . '&action=change_pass&key=' . $new_password_key, $cur_mail_message);
                    $cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message);
                    luna_mail($email, $mail_subject, $cur_mail_message);
                }
                message(__('An email has been sent to the specified address with instructions on how to change your password. If it does not arrive you can contact the forum administrator at', 'luna') . ' <a href="mailto:' . luna_htmlspecialchars($luna_config['o_admin_email']) . '">' . luna_htmlspecialchars($luna_config['o_admin_email']) . '</a>.', true);
            } else {
                message(__('There is no user registered with the email address', 'luna') . ' ' . htmlspecialchars($email) . '.');
            }
        }
    }
}
// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to index.php after login)
if (!empty($_SERVER['HTTP_REFERER'])) {
Пример #6
0
    } elseif (preg_match('#\\[b\\]|\\[/b\\]|\\[u\\]|\\[/u\\]|\\[i\\]|\\[/i\\]|\\[color|\\[/color\\]|\\[quote\\]|\\[quote=|\\[/quote\\]|\\[code\\]|\\[/code\\]|\\[img\\]|\\[/img\\]|\\[url|\\[/url\\]|\\[email|\\[/email\\]#i', $username)) {
        message_backstage(__('Usernames may not contain any of the text formatting tags (BBCode) that the forum uses. Please choose another username.', 'luna'));
    }
    // Check that the username (or a too similar username) is not already registered
    $result = $db->query('SELECT username FROM ' . $db->prefix . 'users WHERE username=\'' . $db->escape($username) . '\' OR username=\'' . $db->escape(preg_replace('/[^\\w]/', '', $username)) . '\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
    if ($db->num_rows($result)) {
        $busy = $db->result($result);
        message_backstage(__('Someone is already registered with the username', 'luna') . ' ' . luna_htmlspecialchars($busy) . '. ' . __('The username you entered is too similar. The username must differ from that by at least one alphanumerical character (a-z or 0-9). Please choose a different username.', 'luna'));
    }
    $timezone = '0';
    $language = $luna_config['o_default_lang'];
    $email_setting = intval(1);
    // Insert the new user into the database. We do this now to get the last inserted id for later use.
    $now = time();
    $intial_group_id = $_POST['random_pass'] == '0' ? $luna_config['o_default_user_group'] : LUNA_UNVERIFIED;
    $password_hash = luna_hash($password);
    // Add the user
    $db->query('INSERT INTO ' . $db->prefix . 'users (username, group_id, password, email, email_setting, php_timezone, language, style, registered, registration_ip, last_visit) VALUES(\'' . $db->escape($username) . '\', ' . $intial_group_id . ', \'' . $password_hash . '\', \'' . $email1 . '\', ' . $email_setting . ', ' . $timezone . ' , \'' . $language . '\', \'' . $luna_config['o_default_style'] . '\', ' . $now . ', \'' . get_remote_address() . '\', ' . $now . ')') or error('Unable to create user', __FILE__, __LINE__, $db->error());
    $new_uid = $db->insert_id();
    // Must the user verify the registration?
    if ($_POST['random_pass'] == '1') {
        // Validate e-mail
        require LUNA_ROOT . 'include/email.php';
        // Load the "welcome" template
        $mail_tpl = trim(__('Subject: Welcome to <board_title>!

Thank you for registering in the forums at <base_url>. Your account details are:

Username: <username>
Password: <password>
Пример #7
0
function luna_csrf_token()
{
    global $luna_user;
    return luna_hash($luna_user['id'] . luna_hash(get_remote_address()));
}
Пример #8
0
function luna_csrf_token()
{
    global $luna_user;
    static $token;
    if (!isset($token)) {
        return luna_hash($luna_user['id'] . $luna_user['password'] . luna_hash(get_remote_address()));
    }
}
Пример #9
0
             message(__('You do not have permission to access this page.', 'luna'), false, '403 Forbidden');
         }
     }
 }
 if (isset($_GET['key'])) {
     $key = $_GET['key'];
     $result = $db->query('SELECT activate_string, activate_key FROM ' . $db->prefix . 'users WHERE id=' . $id) or error('Unable to fetch activation data', __FILE__, __LINE__, $db->error());
     list($new_email, $new_email_key) = $db->fetch_row($result);
     if ($key == '' || $key != $new_email_key) {
         message(__('The specified email activation key was incorrect or has expired. Please re-request change of email address. If that fails, contact the forum administrator at', 'luna') . ' <a href="mailto:' . luna_htmlspecialchars($luna_config['o_admin_email']) . '">' . luna_htmlspecialchars($luna_config['o_admin_email']) . '</a>.');
     } else {
         $db->query('UPDATE ' . $db->prefix . 'users SET email=activate_string, activate_string=NULL, activate_key=NULL WHERE id=' . $id) or error('Unable to update email address', __FILE__, __LINE__, $db->error());
         message(__('Your email address has been updated.', 'luna'), true);
     }
 } elseif (isset($_POST['form_sent'])) {
     if (luna_hash($_POST['req_password']) !== $luna_user['password']) {
         message(__('Wrong old password.', 'luna'));
     }
     // Make sure they got here from the site
     confirm_referrer('settings.php');
     require FORUM_ROOT . 'include/email.php';
     // Validate the email address
     $new_email = strtolower(luna_trim($_POST['req_new_email']));
     if (!is_valid_email($new_email)) {
         message(__('The email address you entered is invalid.', 'luna'));
     }
     // Check if it's a banned email address
     if (is_banned_email($new_email)) {
         if ($luna_config['p_allow_banned_email'] == '0') {
             message(__('The email address you entered is banned in this forum. Please choose another email address.', 'luna'));
         } elseif ($luna_config['o_mailing_list'] != '') {
Пример #10
0
function authenticate_user($user, $password, $password_is_hash = false)
{
    global $db, $luna_user;
    // Check if there's a user matching $user and $password
    $result = $db->query('SELECT u.*, g.*, o.logged, o.idle FROM ' . $db->prefix . 'users AS u INNER JOIN ' . $db->prefix . 'groups AS g ON g.g_id=u.group_id LEFT JOIN ' . $db->prefix . 'online AS o ON o.user_id=u.id WHERE ' . (is_int($user) ? 'u.id=' . intval($user) : 'u.username=\'' . $db->escape($user) . '\'')) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
    $luna_user = $db->fetch_assoc($result);
    if (!isset($luna_user['id']) || $password_is_hash && $password != $luna_user['password'] || !$password_is_hash && luna_hash($password) != $luna_user['password']) {
        set_default_user();
    } else {
        $luna_user['is_guest'] = false;
    }
}