function set_new_nickname()
{
global $C, $I, $U, $db;
if (!isset($_REQUEST['new_pass']) || !valid_pass($_REQUEST['new_pass'])) {
send_profile(sprintf($I['nopass'], get_setting('minpass')));
}
if (!valid_nick($_REQUEST['newnickname'])) {
send_profile(sprintf($I['invalnick'], get_setting('maxname')));
}
$U['passhash'] = md5(sha1(md5($_REQUEST['newnickname'] . $_REQUEST['new_pass'])));
$stmt = $db->prepare("SELECT id FROM {$C['prefix']}sessions WHERE nickname=? UNION SELECT id FROM {$C['prefix']}members WHERE nickname=?;");
$stmt->execute(array($_REQUEST['newnickname'], $_REQUEST['newnickname']));
if ($stmt->fetch(PDO::FETCH_NUM)) {
send_profile($I['nicknametaken']);
} else {
if ($U['status'] > 1) {
$entry = 0;
} else {
$entry = $U['entry'];
}
$stmt = $db->prepare("UPDATE {$C['prefix']}members SET nickname=?, passhash=? WHERE nickname=?;");
$stmt->execute(array($_REQUEST['newnickname'], $U['passhash'], $U['nickname']));
$stmt = $db->prepare("UPDATE {$C['prefix']}sessions SET nickname=?, passhash=? WHERE nickname=?;");
$stmt->execute(array($_REQUEST['newnickname'], $U['passhash'], $U['nickname']));
$stmt = $db->prepare("UPDATE {$C['prefix']}messages SET poster=? WHERE poster=? AND postdate>?;");
$stmt->execute(array($_REQUEST['newnickname'], $U['nickname'], $entry));
$stmt = $db->prepare("UPDATE {$C['prefix']}messages SET recipient=? WHERE recipient=? AND postdate>?;");
$stmt->execute(array($_REQUEST['newnickname'], $U['nickname'], $entry));
$stmt = $db->prepare("UPDATE {$C['prefix']}ignored SET ignby=? WHERE ignby=?;");
$stmt->execute(array($_REQUEST['newnickname'], $U['nickname']));
$stmt = $db->prepare("UPDATE {$C['prefix']}ignored SET ign=? WHERE ign=?;");
$stmt->execute(array($_REQUEST['newnickname'], $U['nickname']));
$U['nickname'] = $_REQUEST['newnickname'];
}
}
<?php
include "../classes/user.php";
include "../includes/varchecks.php";
/* moves all varibles to to the user class */
$newuser = new user($_POST['reg_nickname'], $_POST['reg_password'], $_POST['reg_email'], $_POST['reg_mess_net'], $_POST['reg_mess_id'], $_POST['reg_distro'], $this_date);
/* Checking if nickname is right */
if ($newuser->nickname == "") {
give_error("301");
}
/*לא הכנסת כינוי */
/* Checks if the nickname is valid */
if (valid_nick($newuser->nickname)) {
give_error("308");
}
/* Checks if the passwords match*/
if ($newuser->password == "") {
give_error("302");
} else {
if ($_POST['reg_password2'] == "") {
give_error("303");
} else {
if ($newuser->password != $_POST['reg_password2']) {
give_error("304");
}
}
}
/* סיסמאות אינן תואמות */
/* Checks if the password is valid */
if (valid_password($newuser->password)) {
give_error("309");
