} else { $username = slash_if_needed($_POST['username']); if (!$user->userExists($username)) { $err[] = $l['log-bad-user']; } else { // build new user object to manip his data $client = new nlb_user($db); $id = $client->getIdByName($username); $client->setId($id); // create new password. 6 random letters + numbers $newpass = uniqid(rand(), true); $newpass = substr($newpass, 0, 6); $hash = md5($newpass); $link = full_url . script_path . 'login.php'; $message = $l['log-forgot-email']; $message = str_replace('%USERNAME%', $client->get('username'), $message); $message = str_replace('%PASSWORD%', $newpass, $message); $message = str_replace('%LINK%', $link, $message); $mail->AddAddress($client->get('email'), $client->get('username')); $mail->Subject = $config->get('site_name') . $l['log-forgot-subject']; $mail->Body = $message; if (!$mail->Send()) { // if we can't send the email, then don't write the // new password in the db $ets->page_body = $l['log-forgot-failed']; break; } else { // email was sent, set the password to something new $client->set('password', $hash); $client->updateDB(); $ets->page_body = $l['log-forgot-success'];
$user->checkLogin(); if (isset($path['user'])) { /** * Show page of blogs for user */ $USERID = $path['user']; if (!is_numeric($USERID)) { jsRedirect(script_path . 'index.php'); } $u = new nlb_user($db, $USERID); // $u is the user who's friends page we are viewing $page = 0; if (isset($path['page'])) { $page = $path['page']; } $perpage = $u->get('perpage'); $page_start = $page * $perpage; // get avatar for this user $av = $db->getArray('SELECT file, isCustom FROM ' . db_avatars . ' WHERE owner_id=' . $USERID . ' AND type=1;'); if (!empty($av)) { if ($av['isCustom'] == 1) { $file = 'avatars/'; } else { $file = 'avatars/default/'; } $file .= $av['file']; $ets->avatar_url = script_path . $file; $ets->avatar = '<img src="' . script_path . $file . '" />'; } // get list of friends $list = $db->getAllArray('SELECT friend_id FROM ' . db_friends . ' WHERE owner_id = ' . $USERID . ';');
$config = new nlb_config($db); $user = new nlb_user($db); // is someone trying to access a persons blog $_SERVER['QUERY_STRING'] = urldecode($_SERVER['QUERY_STRING']); if (!empty($_SERVER['QUERY_STRING']) && ($id = $user->getIdByName($_SERVER['QUERY_STRING'])) > -1) { // die($id); //jsRedirect( script_path . 'blog.php/user/' . $id ); jsRedirect(build_link('blog.php', array('user' => $id))); } $user->checklogin(); require_once $config->langfile(); // include lang file $b = new nlb_blog($db); if ($user->isLogedIn) { // timezone settings $b->setDateOffset($config->get('server_timezone'), $user->get('timezone')); } $script_path = script_path; $_PATH = fetch_url_data(); $action = 'news'; if (isset($_PATH['action'])) { $action = $_PATH['action']; } $ets = new stdClass(); switch ($action) { // Display Recent News news default: case 'news': /** * ======================================= * S H O W N E W S
$USERID = $path['user']; if (!is_numeric($USERID)) { jsRedirect(script_path . 'index.php'); } // user exists? $test = $db->getArray('SELECT count(user_id) as c FROM ' . db_users . ' WHERE user_id="' . $USERID . '";'); if ($test['c'] == 0) { // bad user id jsRedirect(script_path . 'index.php'); } $u = new nlb_user($db, $USERID); $page = 0; if (isset($path['page'])) { $page = $path['page']; } $perpage = $u->get('perpage'); $page_start = $page * $perpage; // get count of all the blogs $total = $u->get('blog_count'); // setup some vars for the query $limit = $page_start . ', ' . $perpage; // check to see what blogs we can view $access_in = access_public; // default is public blogs only. if ($user->isLogedIn) { // if we are the author, we can see all if ($user->id == $u->id) { $access_in = access_public . ', ' . access_private . ', ' . access_friendsonly; } // are we a friend? if ($u->areFriends($user->id)) {