public function restore($email)
{
$lang = tlocal::admin('password');
$email = strtolower(trim($email));
if (empty($email)) {
return $this->error($lang->error);
}
$id = $this->getiduser($email);
if (!$id) {
return $this->error($lang->error);
}
$args = new targs();
tsession::start('password-restore-' . md5(litepublisher::$options->hash($email)));
if (!isset($_SESSION['count'])) {
$_SESSION['count'] = 1;
} else {
if ($_SESSION['count']++ > 3) {
return $this->error($lang->outofcount);
}
}
$_SESSION['email'] = $email;
$password = md5uniq();
$_SESSION['password'] = $password;
$_SESSION['confirm'] = md5rand();
$args->confirm = $_SESSION['confirm'];
session_write_close();
$args->email = urlencode($email);
if ($id == 1) {
$name = litepublisher::$site->author;
} else {
$item = tusers::i()->getitem($id);
$args->add($item);
$name = $item['name'];
}
$args->password = $password;
tlocal::usefile('mail');
$lang = tlocal::i('mailpassword');
$theme = ttheme::i();
$subject = $theme->parsearg($lang->subject, $args);
$body = $theme->parsearg($lang->body, $args);
tmailer::sendmail(litepublisher::$site->name, litepublisher::$options->fromemail, $name, $email, $subject, $body);
return true;
}
public static function init($usecookie = false)
{
if (!self::$initialized) {
self::$initialized = true;
ini_set('session.use_cookies', $usecookie);
ini_set('session.use_only_cookies', $usecookie);
ini_set('session.use_trans_sid', 0);
session_cache_limiter(false);
if (function_exists('igbinary_serialize')) {
ini_set('igbinary.compact_strings', 0);
ini_set('session.serialize_handler', 'igbinary');
}
}
if (tfilestorage::$memcache) {
return getinstance(__CLASS__);
} else {
//ini_set('session.gc_probability', 1);
}
}
public function request($arg)
{
$this->cache = false;
turlmap::nocache();
if (empty($_GET['oauth_token'])) {
return 403;
}
tsession::start(md5($_GET['oauth_token']));
if (!isset($_SESSION['tokens'])) {
session_destroy();
return 403;
}
$tokens = $_SESSION['tokens'];
session_destroy();
$oauth = $this->getoauth();
$oauth->settokens($tokens['oauth_token'], $tokens['oauth_token_secret']);
if ($tokens = $oauth->getaccesstoken($_REQUEST['oauth_verifier'])) {
if ($r = $oauth->get_data('https://api.twitter.com/1/account/verify_credentials.json')) {
$info = json_decode($r);
return $this->adduser(array('uid' => $info->id, 'name' => $info->name, 'website' => 'http://twitter.com/account/redirect_by_id?id=' . $info->id_str), $info);
}
}
return $this->errorauth();
}
public function request_confirm(array $values, array $shortpost)
{
/*
$kept = tkeptcomments::i();
$kept->deleteold();
*/
$values['date'] = time();
$values['ip'] = preg_replace('/[^0-9., ]/', '', $_SERVER['REMOTE_ADDR']);
$confirmid = md5uniq();
if ($sess = tsession::start(md5($confirmid))) {
$sess->lifetime = 900;
}
$_SESSION['confirmid'] = $confirmid;
$_SESSION['values'] = $values;
session_write_close();
if ((int) $shortpost['idperm']) {
$header = $this->getpermheader($shortpost);
return $header . $this->confirm($confirmid);
}
return $this->confirm($confirmid);
}
public function reguser($email, $name)
{
$email = strtolower(trim($email));
if (!tcontentfilter::ValidateEmail($email)) {
return $this->error(tlocal::get('comment', 'invalidemail'));
}
if (substr_count($email, '.', 0, strpos($email, '@')) > 2) {
return $this->error(tlocal::get('comment', 'invalidemail'));
}
$users = tusers::i();
if ($id = $users->emailexists($email)) {
if ('comuser' != $users->getvalue($id, 'status')) {
return $this->error(tlocal::i()->invalidregdata);
}
}
tsession::start('reguser-' . md5(litepublisher::$options->hash($email)));
$_SESSION['email'] = $email;
$_SESSION['name'] = $name;
$confirm = md5rand();
$_SESSION['confirm'] = $confirm;
$password = md5uniq();
$_SESSION['password'] = $password;
$_SESSION['backurl'] = isset($_GET['backurl']) ? $_GET['backurl'] : '';
session_write_close();
$args = new targs();
$args->name = $name;
$args->email = $email;
$args->confirm = $confirm;
$args->password = $password;
$args->confirmurl = litepublisher::$site->url . '/admin/reguser/' . litepublisher::$site->q . 'email=' . urlencode($email);
tlocal::usefile('mail');
$lang = tlocal::i('mailusers');
$theme = ttheme::i();
$subject = $theme->parsearg($lang->subject, $args);
$body = $theme->parsearg($lang->body, $args);
tmailer::sendmail(litepublisher::$site->name, litepublisher::$options->fromemail, $name, $email, $subject, $body);
return true;
}
public function start_session()
{
tsession::init(1);
session_start();
$this->session_id = session_id();
}
public static function confirm_restore($email, $password)
{
tsession::start('password-restore-' . md5(litepublisher::$options->hash($email)));
if (!isset($_SESSION['email']) || $email != $_SESSION['email'] || $password != $_SESSION['password']) {
if (isset($_SESSION['email'])) {
session_write_close();
} else {
session_destroy();
}
return false;
}
session_destroy();
if ($email == strtolower(trim(litepublisher::$options->email))) {
litepublisher::$options->changepassword($password);
return 1;
} else {
$users = tusers::i();
if ($id = $users->emailexists($email)) {
$users->changepassword($id, $password);
}
return $id;
}
}
