//break if the function failed to laod HTML
if ($message) {
//replace the tags with info
$search = array('{USERNAME}', '{DISPLAYNAME}', '{PASSWORD}');
$replace = array($username, $displayName, $password);
$message = str_replace($search, $replace, $message);
$mail->WordWrap = 50;
$mail->IsHTML(true);
$mail->Subject = "Warcry WoW Registration";
$mail->Body = $message;
//$mail->AltBody = "This is the body in plain text for non-HTML mail clients";
$mail->Send();
}
######################################
############# LOGIN ##################
$shapasshash = server_Account::makeHash($username, $password);
$CURUSER->setLoggedIn($accountId, $shapasshash);
//unset
unset($raf);
//Setup our welcoming notification
$NOTIFICATIONS->SetTitle('Notification');
$NOTIFICATIONS->SetHeadline('Congratulation!');
$NOTIFICATIONS->SetText('Welcome and thank you for joining the Warcry community.<br>Your Warcry account has been automatically activated.<br>Please enjoy.');
$NOTIFICATIONS->SetTextAlign('center');
//$NOTIFICATIONS->SetAutoContinue(true);
//$NOTIFICATIONS->SetContinueDelay(5);
$NOTIFICATIONS->Apply();
######################################
########## Redirect ##################
header("Location: " . $config['BaseURL'] . "/index.php?page=home");
} else {
$CORE->register_Module('sendmail', 'SERVER', $server_config['CORE']);
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
//open database connection
$DB = $CORE->DatabaseConnection();
//Open database connection to auth
$AUTH_DB = $CORE->AuthDatabaseConnection();
//Load necessary server modules
$CORE->load_ServerModule('columns');
$CORE->load_ServerModule('account');
//starting the session class and defining it
$SESSION = new Session();
//setting up session handlers from our PHP Class sessions
$SESSION->register();
//setup the security class
$SECURITY = new Security();
//Unregistring globals for security
$SECURITY->unregisterGlobals();
//filter the request methods
$SECURITY->RestrictHttpMethods(array('POST', 'GET'));
//check if the session has expired
$SECURITY->CheckSessionLife();
//setup Current User class
$CURUSER = new CURUSER();
//setup the Cache
$CACHE = new Cache(array('repo' => $config['RootPath'] . '/cache'));
##############################################
## Make an User Check
server_Account::userCheck(true);
##############################################
//no new password
$ERRORS->Add('Please enter your new E-mail Address.');
} else {
//check for reservation
if (EmailReservations::IsReserved(array('email' => $email)) === true) {
$ERRORS->Add('The e-mail address is reserved.');
}
}
//Check for errors
$ERRORS->Check('/index.php?page=changemail');
##################################################
######## REGISTER SERVER ACCOUNT #################
//get the column names for table accounts
$columns = CORE_COLUMNS::get('accounts');
//make our new pass hash
$shapasshash = server_Account::makeHash($CURUSER->get('username'), $newpassword);
//Apply the new hash to the account
$update = $AUTH_DB->prepare("UPDATE `" . $columns['self'] . "` SET `" . $columns['email'] . "` = :email WHERE `" . $columns['id'] . "` = :acc LIMIT 1;");
$update->bindParam(':email', $email, PDO::PARAM_STR);
$update->bindParam(':acc', $CURUSER->get('id'), PDO::PARAM_INT);
$update->execute();
//check if the account was affected
if ($update->rowCount() > 0) {
######################################
########## Redirect ##################
$ERRORS->triggerSuccess();
} else {
$ERRORS->Add('The website failed to change your E-mail Address. Please contact the administration.');
}
$ERRORS->Check('/index.php?page=changemail');
exit;
//bind some parameters
$res->bindParam(':username', $username, PDO::PARAM_STR);
//bind the columns for easy usage
$res->bindColumn(1, $accid, PDO::PARAM_INT);
$res->bindColumn(2, $accusername, PDO::PARAM_STR);
$res->bindColumn(3, $accpasshash, PDO::PARAM_STR);
$res->bindColumn(4, $accemail, PDO::PARAM_STR);
$res->bindColumn(5, $accflags, PDO::PARAM_INT);
//run the query
$res->execute();
//check if we have found the record
if ($res->rowCount() > 0) {
//fetch the record
$row = $res->fetch(PDO::FETCH_NUM);
//make new pass hash
$passcheck = server_Account::makehash($username, $password);
//compare the new pass hash with the one in the record
if ($accpasshash == $passcheck) {
//check if the account is allowed to login into the admin panel
$perms = new Permissions($accid);
if ($perms->IsAllowedToUseACP()) {
//make some logging
$CURUSER->logInfoAtLogin($accid);
//Login the user
$CURUSER->setLoggedIn($accid, $passcheck);
//check if we have URL the user wanted to access before we ask to login
if (isset($_SESSION['url_bl'])) {
$url = trim($_SESSION['url_bl']);
unset($_SESSION['url_bl']);
} elseif (isset($_POST['url_bl'])) {
$url = trim($_POST['url_bl']);
$AUTH_DB = $CORE->AuthDatabaseConnection();
//unset the config variables
unset($auth_config);
//Load necessary server modules
$CORE->load_ServerModule('columns');
$CORE->load_ServerModule('account');
//starting the session class and defining it
$SESSION = new Session();
//setting up session handlers from our PHP Class sessions
$SESSION->register();
//setup the security class
$SECURITY = new Security();
//Unregistring globals for security
$SECURITY->unregisterGlobals();
//filter the request methods
$SECURITY->RestrictHttpMethods(array('POST', 'GET'));
//check if the session has expired
$SECURITY->CheckSessionLife();
//setup Current User class
$CURUSER = new CURUSER();
//setup the Notifications class
$NOTIFICATIONS = new Notifications();
//setup the Cache
$CACHE = new Cache(array('repo' => $config['RootPath'] . '/cache'));
//Setup the Template class
$TPL = new Template();
##############################################
## Make an User Check
server_Account::RememberMeCheck();
server_Account::userCheck();
##############################################
}
$password = trim($password);
//Check for errors
$ERRORS->Check('/index.php?page=password_recovery&verify=1&key=' . $key);
##################################################
############## The actual script #################
//Get the external data for the token
$row = $token->get_enternalData();
//Destroy this token
$token->destroyToken();
//unset the class
unset($token);
//get the column names for table accounts
$columns = CORE_COLUMNS::get('accounts');
//make our new pass hash
$shapasshash = server_Account::makeHash($row[$columns['username']], $password);
//Apply the new hash to the account
$update = $AUTH_DB->prepare("UPDATE `" . $columns['self'] . "` SET `" . $columns['shapasshash'] . "` = :hash, `" . $columns['sessionkey'] . "` = '', `" . $columns['v'] . "` = '', `" . $columns['s'] . "` = '' WHERE `" . $columns['id'] . "` = :acc LIMIT 1;");
$update->bindParam(':hash', $shapasshash, PDO::PARAM_STR);
$update->bindParam(':acc', $row[$columns['id']], PDO::PARAM_INT);
$update->execute();
//check if the account was affected
if ($update->rowCount() > 0) {
//update the account event
$update = $DB->prepare("UPDATE `account_data` SET `event` = '' WHERE `id` = :id LIMIT 1;");
$update->bindParam(':id', $row[$columns['id']], PDO::PARAM_INT);
$update->execute();
unset($update);
//Setup our notification
$NOTIFICATIONS->SetTitle('Password Recovery');
$NOTIFICATIONS->SetHeadline('Congratulations!');