$array_register['your_question'] = $nv_Request->get_title('your_question', 'post', '', 1);
$array_register['answer'] = nv_substr($nv_Request->get_title('answer', 'post', '', 1), 0, 255);
$array_register['agreecheck'] = $nv_Request->get_int('agreecheck', 'post', 0);
$nv_seccode = $nv_Request->get_title('nv_seccode', 'post', '');
$check_seccode = !$gfx_chk ? true : (nv_capcha_txt($nv_seccode) ? true : false);
$complete = '';
if (!$check_seccode) {
die(reg_result(array('status' => 'error', 'input' => 'nv_seccode', 'mess' => $lang_global['securitycodeincorrect'])));
}
if (($check_login = nv_check_username_reg($array_register['username'])) != '') {
die(reg_result(array('status' => 'error', 'input' => 'username', 'mess' => $check_login)));
}
if (($check_email = nv_check_email_reg($array_register['email'])) != '') {
die(reg_result(array('status' => 'error', 'input' => 'email', 'mess' => $check_email)));
}
if (($check_pass = nv_check_valid_pass($array_register['password'], NV_UPASSMAX, NV_UPASSMIN)) != '') {
die(reg_result(array('status' => 'error', 'input' => 'password', 'mess' => $check_pass)));
}
if ($array_register['password'] != $array_register['re_password']) {
die(reg_result(array('status' => 'error', 'input' => 're_password', 'mess' => $lang_global['passwordsincorrect'])));
}
if (empty($array_register['your_question']) and empty($array_register['question'])) {
die(reg_result(array('status' => 'error', 'input' => 'your_question', 'mess' => $lang_global['your_question_empty'])));
}
if (empty($array_register['answer'])) {
die(reg_result(array('status' => 'error', 'input' => 'answer', 'mess' => $lang_global['answer_empty'])));
}
if (empty($array_register['agreecheck'])) {
die(reg_result(array('status' => 'error', 'input' => 'agreecheck', 'mess' => $lang_global['agreecheck_empty'])));
}
$query_field = array('userid' => 0);
$nextstep = 0;
$error = '';
define('NV_USERS_GLOBALTABLE', $db_config['prefix'] . '_users');
// Bat dau phien lam viec cua MySQL
$db = new NukeViet\Core\Database($db_config);
if (!empty($db->error)) {
$error = !empty($db->error['user_message']) ? $db->error['user_message'] : $db->error['message'];
}
$array_data['site_name'] = $nv_Request->get_title('site_name', 'post', $array_data['site_name'], 1);
$array_data['nv_login'] = nv_substr($nv_Request->get_title('nv_login', 'post', $array_data['nv_login'], 1), 0, NV_UNICKMAX);
$array_data['nv_email'] = $nv_Request->get_title('nv_email', 'post', $array_data['nv_email']);
$array_data['nv_password'] = $nv_Request->get_title('nv_password', 'post', $array_data['nv_password']);
$array_data['re_password'] = $nv_Request->get_title('re_password', 'post', $array_data['re_password']);
$array_data['lang_multi'] = (int) $nv_Request->get_bool('lang_multi', 'post', $array_data['lang_multi']);
$check_login = nv_check_valid_login($array_data['nv_login'], NV_UNICKMAX, NV_UNICKMIN);
$check_pass = nv_check_valid_pass($array_data['nv_password'], NV_UPASSMAX, NV_UPASSMIN);
$check_email = nv_check_valid_email($array_data['nv_email']);
$array_data['question'] = $nv_Request->get_title('question', 'post', $array_data['question'], 1);
$array_data['answer_question'] = $nv_Request->get_title('answer_question', 'post', $array_data['answer_question'], 1);
$global_config['site_email'] = $array_data['nv_email'];
if ($nv_Request->isset_request('nv_login,nv_password', 'post')) {
if (empty($array_data['site_name'])) {
$error = $lang_module['err_sitename'];
} elseif (!empty($check_login)) {
$error = $check_login;
} elseif ("'" . $array_data['nv_login'] . "'" != $db->quote($array_data['nv_login'])) {
$error = sprintf($lang_module['account_deny_name'], '<strong>' . $array_data['nv_login'] . '</strong>');
} elseif (!empty($check_email)) {
$error = $check_email;
} elseif (!empty($check_pass)) {
$error = $check_pass;
}
if (($error_username = nv_check_valid_login($_user['username'], NV_UNICKMAX, NV_UNICKMIN)) != "") {
$error = $error_username;
} elseif ($_user['username'] != $db->fixdb($_user['username'])) {
$error = sprintf($lang_module['account_deny_name'], '<strong>' . $_user['username'] . '</strong>');
} elseif (($error_xemail = nv_check_valid_email($_user['email'])) != "") {
$error = $error_xemail;
} elseif ($db->sql_numrows($db->sql_query("SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `md5username`=" . $db->dbescape(md5($_user['username'])))) != 0) {
$error = $lang_module['edit_error_username_exist'];
} elseif ($db->sql_numrows($db->sql_query("SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `email`=" . $db->dbescape($_user['email']))) != 0) {
$error = $lang_module['edit_error_email_exist'];
} elseif ($db->sql_numrows($db->sql_query("SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `email`=" . $db->dbescape($_user['email']))) != 0) {
$error = $lang_module['edit_error_email_exist'];
} elseif ($db->sql_numrows($db->sql_query("SELECT `userid` FROM `" . NV_USERS_GLOBALTABLE . "_openid` WHERE `email`=" . $db->dbescape($_user['email']))) != 0) {
$error = $lang_module['edit_error_email_exist'];
} elseif (($check_pass = nv_check_valid_pass($_user['password1'], NV_UPASSMAX, NV_UPASSMIN)) != "") {
$error = $check_pass;
} elseif ($_user['password1'] != $_user['password2']) {
$error = $lang_module['edit_error_password'];
} elseif (empty($_user['question'])) {
$error = $lang_module['edit_error_question'];
} elseif (empty($_user['answer'])) {
$error = $lang_module['edit_error_answer'];
} else {
$_user['sig'] = nv_nl2br($_user['sig'], "<br />");
if ($_user['gender'] != "M" and $_user['gender'] != "F") {
$_user['gender'] = "";
}
if (preg_match("/^([0-9]{1,2})\\.([0-9]{1,2})\\.([0-9]{4})\$/", $_user['birthday'], $m)) {
$_user['birthday'] = mktime(0, 0, 0, $m[2], $m[1], $m[3]);
} else {
$custom_fields = $nv_Request->get_array('custom_fields', 'post');
if ($_user['username'] != $row['username'] and ($error_username = nv_check_valid_login($_user['username'], NV_UNICKMAX, NV_UNICKMIN)) != '') {
$error = $error_username;
} elseif ("'" . $_user['username'] . "'" != $db->quote($_user['username'])) {
$error = sprintf($lang_module['account_deny_name'], '<strong>' . $_user['username'] . '</strong>');
} elseif (($error_xemail = nv_check_valid_email($_user['email'])) != '') {
$error = $error_xemail;
} elseif ($db->query('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . ' WHERE userid!=' . $userid . ' AND md5username='******'username'])))->fetchColumn()) {
$error = $lang_module['edit_error_username_exist'];
} elseif ($db->query('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . ' WHERE userid!=' . $userid . ' AND email=' . $db->quote($_user['email']))->fetchColumn()) {
$error = $lang_module['edit_error_email_exist'];
} elseif ($db->query('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . '_reg WHERE email=' . $db->quote($_user['email']))->fetchColumn()) {
$error = $lang_module['edit_error_email_exist'];
} elseif ($db->query('SELECT userid FROM ' . NV_USERS_GLOBALTABLE . '_openid WHERE userid!=' . $userid . ' AND email=' . $db->quote($_user['email']))->fetchColumn()) {
$error = $lang_module['edit_error_email_exist'];
} elseif (!empty($_user['password1']) and ($check_pass = nv_check_valid_pass($_user['password1'], NV_UPASSMAX, NV_UPASSMIN)) != '') {
$error = $check_pass;
} elseif (!empty($_user['password1']) and $_user['password1'] != $_user['password2']) {
$error = $lang_module['edit_error_password'];
} elseif (empty($_user['question'])) {
$error = $lang_module['edit_error_question'];
} elseif (empty($_user['answer'])) {
$error = $lang_module['edit_error_answer'];
} else {
$query_field = array();
if (!empty($array_field_config)) {
require NV_ROOTDIR . '/modules/users/fields.check.php';
}
if (empty($error)) {
$_user['sig'] = nv_nl2br($_user['sig'], '<br />');
if ($_user['gender'] != 'M' and $_user['gender'] != 'F') {
* @Createdate 3/24/2010 23:58
*/
if (!defined('NV_IS_MOD_BANNERS')) {
die('Stop!!!');
}
if (defined('NV_IS_BANNER_CLIENT')) {
die(' ');
}
if ($nv_Request->get_int('save', 'post') == '1') {
$login = strip_tags($nv_Request->get_string('login', 'post', ''));
$password = strip_tags($nv_Request->get_string('password', 'post', ''));
if ($global_config['gfx_chk']) {
$seccode = strip_tags($nv_Request->get_string('seccode', 'post', ''));
}
$check_login = nv_check_valid_login($login, NV_UNICKMAX, NV_UNICKMIN);
$check_pass = nv_check_valid_pass($password, NV_UPASSMAX, NV_UPASSMIN);
if (!empty($check_login)) {
die('action');
} elseif (!empty($check_pass)) {
die('action');
} elseif ($global_config['gfx_chk'] and !nv_capcha_txt($seccode)) {
die('action');
} else {
$stmt = $db->prepare('SELECT * FROM ' . NV_BANNERS_GLOBALTABLE . '_clients WHERE login = :login AND act=1');
$stmt->bindParam(':login', $login, PDO::PARAM_STR);
$stmt->execute();
$row = $stmt->fetch();
if (empty($row)) {
die('action');
} else {
if (!$crypt->validate_password($password, $row['pass'])) {
$name = $global_config['name_show'] ? array($row['first_name'], $row['last_name']) : array($row['last_name'], $row['first_name']);
$name = array_filter($name);
$name = implode(' ', $name);
$sitename = '<a href="' . NV_MY_DOMAIN . NV_BASE_SITEURL . '">' . $global_config['site_name'] . '</a>';
$message = sprintf($lang_module['edit_mail_content'], $name, $sitename, $lang_global['email'], $nv_email);
@nv_sendmail($global_config['site_email'], $nv_email, $lang_module['edit_mail_subject'], $message);
die(json_encode(array('status' => 'ok', 'input' => nv_url_rewrite(NV_BASE_SITEURL . 'index.php?' . NV_LANG_VARIABLE . '=' . NV_LANG_DATA . '&' . NV_NAME_VARIABLE . '=' . $module_name . '&' . NV_OP_VARIABLE . '=editinfo/email', true), 'mess' => $lang_module['editinfo_ok'])));
}
} elseif ($checkss == $array_data['checkss'] and $array_data['type'] == 'password') {
$nv_password = $nv_Request->get_title('nv_password', 'post', '');
$new_password = $nv_Request->get_title('new_password', 'post', '');
$re_password = $nv_Request->get_title('re_password', 'post', '');
if (!empty($row['password']) and !$crypt->validate_password($nv_password, $row['password'])) {
die(json_encode(array('status' => 'error', 'input' => 'password', 'mess' => $lang_global['incorrect_password'])));
}
if (($check_new_password = nv_check_valid_pass($new_password, NV_UPASSMAX, NV_UPASSMIN)) != '') {
die(json_encode(array('status' => 'error', 'input' => 'new_password', 'mess' => $check_new_password)));
}
if ($new_password != $re_password) {
die(json_encode(array('status' => 'error', 'input' => 're_password', 'mess' => $lang_global['passwordsincorrect'])));
}
$re_password = $crypt->hash_password($new_password, $global_config['hashprefix']);
$stmt = $db->prepare('UPDATE ' . NV_USERS_GLOBALTABLE . ' SET password= :password WHERE userid=' . $user_info['userid']);
$stmt->bindParam(':password', $re_password, PDO::PARAM_STR);
$stmt->execute();
$name = $global_config['name_show'] ? array($row['first_name'], $row['last_name']) : array($row['last_name'], $row['first_name']);
$name = array_filter($name);
$name = implode(' ', $name);
$sitename = '<a href="' . NV_MY_DOMAIN . NV_BASE_SITEURL . '">' . $global_config['site_name'] . '</a>';
$message = sprintf($lang_module['edit_mail_content'], $name, $sitename, $lang_global['password'], $new_password);
@nv_sendmail($global_config['site_email'], $row['email'], $lang_module['edit_mail_subject'], $message);
}
if ($nv_Request->isset_request('submituser', 'post')) {
$uid = $nv_Request->get_int('uid', 'post', 0);
$username = filter_text_input('username', 'post', '', 1);
$password = filter_text_input('password', 'post', '', 1);
$password2 = filter_text_input('password2', 'post', '', 1);
$begintime1 = filter_text_input('begintime1', 'post', 0, 1);
$endtime1 = filter_text_input('endtime1', 'post', 0, 1);
$errorlogin = nv_check_valid_login($username, NV_UNICKMAX, NV_UNICKMIN);
if (!empty($errorlogin)) {
$error[] = $errorlogin;
} elseif (preg_match("/[^a-zA-Z0-9_-]/", $username)) {
$error[] = $lang_module['rule_user'];
}
if (!empty($password) or empty($uid)) {
$errorpassword = nv_check_valid_pass($password, NV_UPASSMAX, NV_UPASSMIN);
if (!empty($errorpassword)) {
$error[] = $errorpassword;
}
if ($password != $password2) {
$error[] = $lang_module['passwordsincorrect'];
} elseif (preg_match("/[^a-zA-Z0-9_-]/", $password)) {
$error[] = $lang_module['rule_pass'];
}
}
if (!empty($begintime1) && preg_match("/^([0-9]{1,2})\\.([0-9]{1,2})\\.([0-9]{4})\$/", $begintime1, $m)) {
$begintime1 = mktime(0, 0, 0, $m[2], $m[1], $m[3]);
} else {
$begintime1 = NV_CURRENTTIME;
}
if (!empty($endtime1) && preg_match("/^([0-9]{1,2})\\.([0-9]{1,2})\\.([0-9]{4})\$/", $endtime1, $m)) {
$page_title = $mod_title = $lang_module['change_pass'];
$key_words = $module_info['keywords'];
$array_data = array();
$array_data['pass_empty'] = empty($oldpassword) ? true : false;
$array_data['change_info'] = $lang_module['change_info'];
$array_data['checkss'] = md5(session_id() . $global_config['sitekey']);
$array_data['nv_password'] = filter_text_input('nv_password', 'post', '');
$array_data['new_password'] = filter_text_input('new_password', 'post', '');
$array_data['re_password'] = filter_text_input('re_password', 'post', '');
$checkss = filter_text_input('checkss', 'post', '');
if ($checkss == $array_data['checkss']) {
$error = "";
if (!empty($oldpassword) and !$crypt->validate($array_data['nv_password'], $oldpassword)) {
$error = $lang_global['incorrect_password'];
$error = str_replace($lang_global['password'], $lang_module['pass_old'], $error);
} elseif (($check_new_password = nv_check_valid_pass($array_data['new_password'], NV_UPASSMAX, NV_UPASSMIN)) != "") {
$error = $check_new_password;
} elseif ($array_data['new_password'] != $array_data['re_password']) {
$error = sprintf($lang_global['passwordsincorrect'], $array_data['new_password'], $array_data['re_password']);
$error = str_replace($lang_global['password'], $lang_module['pass_new'], $error);
} else {
$new_password = $crypt->hash($array_data['new_password']);
$sql = "UPDATE `" . NV_USERS_GLOBALTABLE . "` SET `password`=" . $db->dbescape($new_password) . " WHERE `userid`=" . $user_info['userid'];
$db->sql_query($sql);
$contents = user_info_exit($lang_module['change_pass_ok']);
$contents .= "<meta http-equiv=\"refresh\" content=\"5;url=" . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "\" />";
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
}
/**
* openidLogin_Res1()
* Function thuc hien khi OpenID duoc nhan dien
*
* @param mixed $attribs
* @return
*/
function openidLogin_Res1($attribs)
{
global $page_title, $key_words, $mod_title, $db, $crypt, $nv_Request, $lang_module, $lang_global, $module_name, $module_info, $global_config, $gfx_chk, $nv_redirect;
$email = (isset($attribs['contact/email']) and nv_check_valid_email($attribs['contact/email']) == "") ? $attribs['contact/email'] : "";
if (empty($email)) {
$nv_Request->unset_request('openid_attribs', 'session');
openidLogin_Res0($lang_module['logged_in_failed']);
die;
}
$opid = $crypt->hash($attribs['id']);
$query = "SELECT a.userid AS uid, a.email AS uemail, b.active AS uactive FROM `" . NV_USERS_GLOBALTABLE . "_openid` a, `" . NV_USERS_GLOBALTABLE . "` b \r\n WHERE a.opid=" . $db->dbescape($opid) . " \r\n AND a.email=" . $db->dbescape($email) . " \r\n AND a.userid=b.userid";
$result = $db->sql_query($query);
$numrows = $db->sql_numrows($result);
if ($numrows) {
list($user_id, $op_email, $user_active) = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$nv_Request->unset_request('openid_attribs', 'session');
if ($op_email != $email) {
openidLogin_Res0($lang_module['not_logged_in']);
die;
}
if (!$user_active) {
openidLogin_Res0($lang_module['login_no_active']);
die;
}
$query = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `userid`=" . $db->dbescape($user_id);
$result = $db->sql_query($query);
$row = $db->sql_fetchrow($result);
validUserLog($row, 1, $opid);
$nv_redirect = !empty($nv_redirect) ? nv_base64_decode($nv_redirect) : NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name;
Header("Location: " . $nv_redirect);
die;
}
$query = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `email`=" . $db->dbescape($email);
$result = $db->sql_query($query);
$numrows = $db->sql_numrows($result);
if ($numrows) {
$nv_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$login_allowed = false;
if (empty($nv_row['password'])) {
$nv_Request->unset_request('openid_attribs', 'session');
$login_allowed = true;
}
if ($nv_Request->isset_request('openid_account_confirm', 'post')) {
$nv_Request->unset_request('openid_attribs', 'session');
if (defined('NV_IS_USER_FORUM') and file_exists(NV_ROOTDIR . '/' . DIR_FORUM . '/nukeviet/login.php')) {
$nv_username = $nv_row['username'];
$nv_password = $password;
require_once NV_ROOTDIR . '/' . DIR_FORUM . '/nukeviet/login.php';
if (empty($error)) {
$login_allowed = true;
} else {
openidLogin_Res0($lang_module['openid_confirm_failed']);
die;
}
} else {
$password = $nv_Request->get_string('password', 'post', '');
$nv_seccode = filter_text_input('nv_seccode', 'post', '');
$nv_seccode = !$gfx_chk ? 1 : (nv_capcha_txt($nv_seccode) ? 1 : 0);
if ($crypt->validate($password, $nv_row['password']) and $nv_seccode) {
$login_allowed = true;
} else {
openidLogin_Res0($lang_module['openid_confirm_failed']);
die;
}
}
}
if ($login_allowed) {
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "_openid` VALUES (" . intval($nv_row['userid']) . ", " . $db->dbescape($attribs['id']) . ", " . $db->dbescape($opid) . ", " . $db->dbescape($email) . ")";
$db->sql_query($sql);
if (intval($nv_row['active']) != 1) {
openidLogin_Res0($lang_module['login_no_active']);
} else {
validUserLog($nv_row, 1, $opid);
Header("Location: " . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name);
}
die;
}
$page_title = $lang_module['openid_login'];
$key_words = $module_info['keywords'];
$mod_title = $lang_module['openid_login'];
$lang_module['login_info'] = sprintf($lang_module['openid_confirm_info'], $email);
$contents = openid_account_confirm($gfx_chk, $attribs);
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
}
if ($global_config['allowuserreg'] == 2 or $global_config['allowuserreg'] == 3) {
$query = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `email`=" . $db->dbescape($email);
if ($global_config['allowuserreg'] == 2) {
$query .= " AND `regdate`>" . (NV_CURRENTTIME - 86400);
}
$result = $db->sql_query($query);
$numrows = $db->sql_numrows($result);
if ($numrows) {
if ($global_config['allowuserreg'] == 2) {
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($nv_Request->isset_request('openid_active_confirm', 'post')) {
$nv_Request->unset_request('openid_attribs', 'session');
$password = $nv_Request->get_string('password', 'post', '');
$nv_seccode = filter_text_input('nv_seccode', 'post', '');
$nv_seccode = !$gfx_chk ? 1 : (nv_capcha_txt($nv_seccode) ? 1 : 0);
if ($crypt->validate($password, $row['password']) and $nv_seccode) {
$reg_attribs = set_reg_attribs($attribs);
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "` (\r\n `userid`, `username`, `password`, `email`, `full_name`, `gender`, `photo`, `birthday`, `regdate`, `website`, \r\n `location`, `yim`, `telephone`, `fax`, `mobile`, `question`, `answer`, `passlostkey`, `view_mail`, `remember`, `in_groups`, \r\n `active`, `checknum`, `last_login`, `last_ip`, `last_agent`, `last_openid`) VALUES (\r\n NULL, \r\n " . $db->dbescape($row['username']) . ", \r\n " . $db->dbescape($row['password']) . ", \r\n " . $db->dbescape($row['email']) . ", \r\n " . $db->dbescape(!empty($row['full_name']) ? $row['full_name'] : $reg_attribs['full_name']) . ", \r\n " . $db->dbescape($reg_attribs['gender']) . ", \r\n '', 0, \r\n " . $db->dbescape($row['regdate']) . ", \r\n '', '', \r\n " . $db->dbescape($reg_attribs['yim']) . ", \r\n '', '', '', \r\n " . $db->dbescape($row['question']) . ", \r\n " . $db->dbescape($row['answer']) . ", \r\n '', 1, 1, '', 1, '', 0, '', '', '')";
$userid = $db->sql_query_insert_id($sql);
if (!$userid) {
openidLogin_Res0($lang_module['account_active_error']);
die;
}
$sql = "DELETE FROM `" . NV_USERS_GLOBALTABLE . "_reg` WHERE `userid`=" . $db->dbescape($row['userid']);
$db->sql_query($sql);
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "_openid` VALUES (" . $userid . ", " . $db->dbescape($attribs['id']) . ", " . $db->dbescape($opid) . ", " . $db->dbescape($email) . ")";
$db->sql_query($sql);
$query = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `userid`=" . $db->dbescape($userid);
$result = $db->sql_query($query);
$row = $db->sql_fetchrow($result);
validUserLog($row, 1, $opid);
$info = $lang_module['account_active_ok'] . "<br /><br />\n";
$info .= "<img border=\"0\" src=\"" . NV_BASE_SITEURL . "images/load_bar.gif\"><br /><br />\n";
$info .= "[<a href=\"" . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "\">" . $lang_module['redirect_to_home'] . "</a>]";
$contents .= user_info_exit($info);
$contents .= "<meta http-equiv=\"refresh\" content=\"2;url=" . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "\" />";
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
} else {
openidLogin_Res0($lang_module['openid_confirm_failed']);
die;
}
}
$page_title = $mod_title = $lang_module['openid_active_title'];
$key_words = $module_info['keywords'];
$lang_module['login_info'] = sprintf($lang_module['openid_active_confirm_info'], $email);
$contents = openid_active_confirm($gfx_chk, $attribs);
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
} else {
$nv_Request->unset_request('openid_attribs', 'session');
openidLogin_Res0($lang_module['account_register_to_admin']);
die;
}
}
}
$option = $nv_Request->get_int('option', 'get', 0);
if (!$global_config['allowuserreg']) {
$option = 3;
}
$contents = "";
if ($option == 3) {
$error = "";
if ($nv_Request->isset_request('nv_login', 'post')) {
$nv_username = filter_text_input('nv_login', 'post', '');
$nv_password = filter_text_input('nv_password', 'post', '');
$nv_seccode = filter_text_input('nv_seccode', 'post', '');
$check_login = nv_check_valid_login($nv_username, NV_UNICKMAX, NV_UNICKMIN);
$check_pass = nv_check_valid_pass($nv_password, NV_UPASSMAX, NV_UPASSMIN);
$check_seccode = !$gfx_chk ? true : (nv_capcha_txt($nv_seccode) ? true : false);
if (!$check_seccode) {
$error = $lang_global['securitycodeincorrect'];
} elseif (!empty($check_login)) {
$error = $check_login;
} elseif (!empty($check_pass)) {
$error = $check_pass;
} else {
$sql = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `username`=" . $db->dbescape($nv_username);
$result = $db->sql_query($sql);
$numrows = $db->sql_numrows($result);
if ($numrows != 1) {
$error = $lang_global['loginincorrect'];
} else {
$row = $db->sql_fetchrow($result);
if (empty($row['password']) or !$crypt->validate($nv_password, $row['password'])) {
$error = $lang_global['loginincorrect'];
} else {
if (!$row['active']) {
$error = $lang_module['login_no_active'];
} else {
$nv_Request->unset_request('openid_attribs', 'session');
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "_openid` VALUES (" . intval($row['userid']) . ", " . $db->dbescape($attribs['id']) . ", " . $db->dbescape($opid) . ", " . $db->dbescape($email) . ")";
$db->sql_query($sql);
validUserLog($row, 1, $opid);
}
}
}
}
if (empty($error)) {
$nv_redirect = !empty($nv_redirect) ? nv_base64_decode($nv_redirect) : NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name;
$info = $lang_module['login_ok'] . "<br /><br />\n";
$info .= "<img border=\"0\" src=\"" . NV_BASE_SITEURL . "images/load_bar.gif\"><br /><br />\n";
$info .= "[<a href=\"" . $nv_redirect . "\">" . $lang_module['redirect_to_back'] . "</a>]";
$contents .= user_info_exit($info);
$contents .= "<meta http-equiv=\"refresh\" content=\"2;url=" . $nv_redirect . "\" />";
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
}
$array_login = array("nv_login" => $nv_username, "nv_password" => $nv_password, "nv_redirect" => $nv_redirect, 'login_info' => "<span style=\"color:#fb490b;\">" . $error . "</span>");
} else {
$array_login = array("nv_login" => '', "nv_password" => '', 'login_info' => $lang_module['openid_note1'], "nv_redirect" => $nv_redirect);
}
$contents .= user_openid_login($gfx_chk, $array_login, $attribs);
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
} elseif ($option == 1 or $option == 2) {
$nv_Request->unset_request('openid_attribs', 'session');
$reg_attribs = set_reg_attribs($attribs);
if (empty($reg_attribs['username'])) {
openidLogin_Res0($lang_module['logged_in_failed']);
die;
}
if ($option == 2) {
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "` \r\n (`userid`, `username`, `password`, `email`, `full_name`, `gender`, `photo`, `birthday`, \r\n `regdate`, `website`, `location`, `yim`, `telephone`, `fax`, `mobile`, `question`, `answer`, `passlostkey`, \r\n `view_mail`, `remember`, `in_groups`, `active`, `checknum`, `last_login`, `last_ip`, `last_agent`, `last_openid`) VALUES \r\n (\r\n NULL, \r\n " . $db->dbescape($reg_attribs['username']) . ", \r\n '', \r\n " . $db->dbescape($reg_attribs['email']) . ", \r\n " . $db->dbescape($reg_attribs['full_name']) . ", \r\n " . $db->dbescape(ucfirst($reg_attribs['gender'])) . ", \r\n '', 0, " . NV_CURRENTTIME . ", '', '', \r\n " . $db->dbescape($reg_attribs['yim']) . ", \r\n '', '', '', '', '', '', 0, 0, '', 1, '', 0, '', '', ''\r\n )";
$userid = $db->sql_query_insert_id($sql);
if (!$userid) {
openidLogin_Res0($lang_module['err_no_save_account']);
die;
}
$query = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `userid`=" . $userid . " AND `active`=1";
$result = $db->sql_query($query);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$sql = "INSERT INTO `" . NV_USERS_GLOBALTABLE . "_openid` VALUES (" . intval($row['userid']) . ", " . $db->dbescape($reg_attribs['openid']) . ", " . $db->dbescape($reg_attribs['opid']) . ", " . $db->dbescape($reg_attribs['email']) . ")";
$db->sql_query($sql);
validUserLog($row, 1, $reg_attribs['opid']);
$nv_redirect = !empty($nv_redirect) ? nv_base64_decode($nv_redirect) : NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name;
Header("Location: " . $nv_redirect);
exit;
} else {
$reg_attribs = serialize($reg_attribs);
$nv_Request->set_Session('reg_attribs', $reg_attribs);
Header("Location: " . NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=register&openid=1&nv_redirect=" . $nv_redirect);
exit;
}
}
$array_user_login = array();
if (!defined('NV_IS_USER_FORUM')) {
$array_user_login[] = array("title" => $lang_module['openid_note3'], "link" => NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=login&server=" . $attribs['server'] . "&result=1&option=1&nv_redirect=" . $nv_redirect);
$array_user_login[] = array("title" => $lang_module['openid_note4'], "link" => NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=login&server=" . $attribs['server'] . "&result=1&option=2&nv_redirect=" . $nv_redirect);
} else {
$array_user_login[] = array("title" => $lang_module['openid_note6'], "link" => NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=register&nv_redirect=" . $nv_redirect);
}
$array_user_login[] = array("title" => $lang_module['openid_note5'], "link" => NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=login&server=" . $attribs['server'] . "&result=1&option=3&nv_redirect=" . $nv_redirect);
$contents .= user_openid_login2($attribs, $array_user_login);
include NV_ROOTDIR . "/includes/header.php";
echo nv_site_theme($contents);
include NV_ROOTDIR . "/includes/footer.php";
exit;
}