require_once 'system/functions.php'; require_once 'system/ets_file.php'; require_once 'system/sqldb2.class.php'; // NLB Class library require_once 'system/nlb_blog.class.php'; require_once 'system/nlb_user.class.php'; require_once 'system/nlb_config.class.php'; require_once 'ets.php'; // Sweet template library $start = mymicrotime(); $db = new sqldb2($DB_CONFIG); $config = new nlb_config($db); $user = new nlb_user($db); // is someone trying to access a persons blog $_SERVER['QUERY_STRING'] = urldecode($_SERVER['QUERY_STRING']); if (!empty($_SERVER['QUERY_STRING']) && ($id = $user->getIdByName($_SERVER['QUERY_STRING'])) > -1) { // die($id); //jsRedirect( script_path . 'blog.php/user/' . $id ); jsRedirect(build_link('blog.php', array('user' => $id))); } $user->checklogin(); require_once $config->langfile(); // include lang file $b = new nlb_blog($db); if ($user->isLogedIn) { // timezone settings $b->setDateOffset($config->get('server_timezone'), $user->get('timezone')); } $script_path = script_path; $_PATH = fetch_url_data(); $action = 'news';
break; // exit the big switch() } $err = array(); if (!empty($_POST)) { if (!isset($_POST['username']) || empty($_POST['username'])) { $err[] = $l['log-bad-user']; // bad username } else { $username = slash_if_needed($_POST['username']); if (!$user->userExists($username)) { $err[] = $l['log-bad-user']; } else { // build new user object to manip his data $client = new nlb_user($db); $id = $client->getIdByName($username); $client->setId($id); // create new password. 6 random letters + numbers $newpass = uniqid(rand(), true); $newpass = substr($newpass, 0, 6); $hash = md5($newpass); $link = full_url . script_path . 'login.php'; $message = $l['log-forgot-email']; $message = str_replace('%USERNAME%', $client->get('username'), $message); $message = str_replace('%PASSWORD%', $newpass, $message); $message = str_replace('%LINK%', $link, $message); $mail->AddAddress($client->get('email'), $client->get('username')); $mail->Subject = $config->get('site_name') . $l['log-forgot-subject']; $mail->Body = $message; if (!$mail->Send()) { // if we can't send the email, then don't write the
$query = 'SELECT u.username, b.blog_id, b.author_id, b.date, b.subject, b.body, b.comments, b.html, b.smiles, b.bb FROM nlb3_blogs AS b, nlb3_users AS u WHERE u.user_id = b.author_id AND b.access = ' . access_public; $rquery = 'SELECT count(b.blog_id) as results FROM nlb3_blogs AS b, nlb3_users AS u WHERE u.user_id = b.author_id AND b.access = ' . access_public; if ($searchBody) { $query .= ' AND b.body LIKE "%' . $q . '%"'; $rquery .= ' AND b.body LIKE "%' . $q . '%"'; } if ($searchSubject) { $query .= ' AND b.subject LIKE "%' . $q . '%"'; $rquery .= ' AND b.subject LIKE "%' . $q . '%"'; } if (isset($_POST['author']) && $_POST['author'] != "") { $authorid = $user->getIdByName(slash_if_needed($_POST['author'])); if ($authorid != -1) { $query .= ' AND b.author_id = ' . $authorid; $rquery .= ' AND b.author_id = ' . $authorid; } } $count = $db->getArray($rquery); if ($count['results'] == 0) { //------------------------ // NO RESULTS TO SHOW //------------------------ $mask = 'form'; $ets->noresults = 1; } else { //------------------------ // WORK IS DONE, REDIRECT USER