示例#1
0
$mysql=_sqlconnect();	# -------------- Ouverture DB  
if ((strlen($ZZ_PWD)<30) && (strlen($ZZ_PWD)>0)) $ZZ_PWD=md5("$ZZ_PWD");

$query =  "SELECT TiD FROM `MZ_User` where (TiD=$TiD) and (Pwd='$ZZ_PWD')";
#echo "$query<BR>";     
$result = MySQL_QUERY($query);   
$nData = @MySQL_NUM_ROWS($result);
if ($nData>0) { #autologon ZZ interface
	$_SESSION['login']=$TiD; 
}	else $TiD=0;

$query =  "SELECT Troll FROM `MZ_Trolls` where (TiD=$TiD)";
#echo "$query<BR>";     
$result = MySQL_QUERY($query);   
$nData = @MySQL_NUM_ROWS($result);
if ($nData>0) { #autologon ZZ interface
	$Troll=mysql_result($result,0,"Troll");
}	else $Troll="";

_sqlclose();		# -------------- Fermeture DB  

If ($TiD<=0)  Die("Erreur accès à ZoryaZilla: Mauvais identifiant Troll!"); 

print("Le password du Troll <b>$Troll</b> (Id=#<i><b>$TiD</b></i>) a été sauvegardé dans Firefox!!");  
print("<FORM name=FormDlgBox><INPUT TYPE=hidden Name=ZZSession Value=\"$ZZ_PWD\"><INPUT TYPE=hidden Name=TiD Value=\"$TiD\">");
if ($Troll!="") print("<INPUT TYPE=hidden Name=Troll Value=\"$Troll\">");
print("</FORM>");
if ($Source!="") print("Retour au jeu: <A HREF='$Source'>$Source</A>");

示例#2
0
 /**
  * Performs the resend user password action.
  *
  * @access	public
  * @since	3.0
  *
  */
 function resend_password_action()
 {
     global $_POST, $SANITIZER, $CONFIG;
     $str_error = '';
     // init
     if (isset($_POST["un"])) {
         $un = trim($_POST["un"]);
         $un = $SANITIZER->sanitize($un);
     } else {
         $un = "";
     }
     if (isset($_POST["email"])) {
         $email = trim($_POST["email"]);
         $email = $SANITIZER->sanitize($email);
     } else {
         $email = "";
     }
     /** Send email instructions about how to reset the password **/
     if (isset($_POST["cmd_resend_password"])) {
         if (trim($un) == "" || trim($email) == "") {
             $str_error .= JText::_('Required field cannot be left blank.') . '<BR />';
         }
         if (!ZEmail::check($email)) {
             $str_error .= JText::_('Email should look like an email address.') . '<BR />';
         }
         $email_address_owner_found = false;
         if (empty($str_error)) {
             $sql = "\n\t\t\t\t\t\t\t\tSELECT u.id, u.un, u.firstname, u.lastname\n\t\t\t\t\t\t\t\tFROM users AS u\n\t\t\t\t\t\t\t\tWHERE u.un = '{$un}'\n\t\t\t\t\t\t\t\tAND u.email = '{$email}'\n\t\t\t\t\t\t\t\tLIMIT 0, 1\n\t\t\t\t\t\t\t ";
             $result = mysql_query($sql);
             if ($result) {
                 $record_count = MySQL_NUM_ROWS($result);
                 if ($record_count == 1) {
                     $u_id = mysql_result($result, 0, "u.id");
                     // at least one user using the supplied email address was found
                     $u_username = mysql_result($result, 0, "u.un");
                     $u_firstname = mysql_result($result, 0, "u.firstname");
                     $u_lastname = mysql_result($result, 0, "u.lastname");
                     $u_fullname = $u_firstname . " " . $u_lastname;
                     $email_address_owner_found = true;
                 }
             }
             if ($email_address_owner_found) {
                 /** Send instructions here **/
                 /** Encrypt email address **/
                 $strongCipher = new Cipher_blowfish();
                 $strongCipher->setKey(@$CONFIG->secret);
                 $activation = $strongCipher->zf_encrypt(date("Y-m-d H:i:s") . "_" . $u_id);
                 /** Send email with password reset instructions **/
                 $name = JText::_('ZIME Service');
                 //senders name
                 $sender = "*****@*****.**";
                 //senders e-mail adress
                 $recipient = $email;
                 //recipient
                 $subject = JText::_('Reset your ZIME Password');
                 //subject
                 $mail_body = JText::__('email_pw_reset_instructions.txt');
                 $mail_body = str_replace("[USER]", $u_fullname . " ({$u_username})", $mail_body);
                 $mail_body = str_replace("[URL]", "{$CONFIG->basedir_rewrite}validate.php?option=reset&activation={$activation}", $mail_body);
                 $header = "From: " . $name . " <" . $sender . ">\r\n";
                 //optional headerfields
                 ini_set('sendmail_from', $sender);
                 //Suggested by "Some Guy"
                 mail($recipient, $subject, $mail_body, $header);
                 //mail command :)
             } else {
                 $str_error .= JText::_('Email address was not found.') . '<BR />';
             }
         }
     }
     return $str_error;
 }
示例#3
0
<?
session_cache_limiter("nocache");
require_once("Lib/libutf8.inc.php"); 

$mysql=_sqlconnect();	# -------------- Ouverture DB  
$query =  "SELECT IdNews FROM `MZ_InfoZZ`";
$result = @MySQL_QUERY($query);
_sqlclose();		# -------------- Fermeture DB  

if  (@MySQL_NUM_ROWS($result)>0) {
	$IdNews=mysql_result($result,0,"IdNews");
	_print("<INPUT TYPE=hidden Name=NewsID Value='$IdNews'>");
}


#<B>Salut,</B> 
_print("<TABLE width=600><TR><TD>
<TABLE width=100%><TR><TD>
<I><b><u><font size=+1>Fusion ZZ 2.0:</font></I></b></u><br>
<br><br>Comme vous l'avez remarquez l'hébergement WEB de ZoryaZilla a changé. J'ai quitté <i>ironie.org</i> <BR>
dans la précipitation, puis free.fr tout aussi rapidement. <BR>
ZZ est maintenant hébergé par <b>1&1</b> en espérant plus de stabilité!!!!<BR>
Merci de votre compréhension à tous.<br>

<br>Amicalement,
<br><A HREF=http://games.mountyhall.com/mountyhall/Messagerie/MH_Messagerie.php?cat=3&dest=28468><b>Zo</b></A>.
<br>
<!--<br><I><b><u>Le forum:</I></b></u> <a target=_blank href=http://z0rya.free.fr/forum><font size=+1>http://z0rya.free.fr/forum/</font></a><BR>!-->

</TD></TR></TABLE>
</TD></TR></TABLE>");
示例#4
0
# {"callCounter":"3","query":"Zor","suggestions":["zorglub","Zorak Zoran","Zorglublemechant","AzorkA","ZorakZoran","Zorak","Zorgloub","Zoram","bashozor","Zorya","Enzorth","Balzorg","Razorb","zorak zoranus","Zozor","zorback","Megazord","Zor","Squilnozor","Zorglubounet"],
#"data":[997,1012,3766,5443,9160,12671,13129,15435,21735,28468,53915,58668,58834,59744,67609,71587,73236,84752,88594,89633],
#"presentations":[" [997] Tomawak niveau 39"," [1012] Skrim niveau 34"," [3766] Kastar niveau 55"," [5443] Durakuir niveau 42"," [9160] Kastar niveau 60"," [12671] Kastar niveau 40"," [13129] Durakuir niveau 30"," [15435] Kastar niveau 17"," [21735] Kastar niveau 39"," [28468] Durakuir niveau 60"," [53915] Kastar niveau 35"," [58668] Kastar niveau 40"," [58834] Kastar niveau 40"," [59744] Durakuir niveau 47"," [67609] Tomawak niveau 18"," [71587] Kastar niveau 44"," [73236] Durakuir niveau 20"," [84752] Skrim niveau 25"," [88594] Tomawak niveau 39"," [89633] Skrim niveau 13"],"countReturnedTroll":20,"countMaxTroll":44}
#{"callCounter":"2","query":"aaxj","suggestions":[],"data":[],"presentations":[],"countReturnedTroll":0,"countMaxTroll":0}
$callCounter = $_GET['callCounter'];
$qry = $_GET['query'];
if ($callCounter == "" || $qry == "") {
    die;
}
#-----------------------------------------------------------------------------------
$mysql = _sqlconnect();
# -------------- Ouverture DB
$query = "SELECT TiD,Troll,Race,Niveau from MZ_Trolls where Troll like '%{$qry}%'";
//echo "$query<BR>";
$result = @MySQL_QUERY($query);
$nrow = @MySQL_NUM_ROWS($result);
/*if ($nrow<=0) {	// élargir la recherhce
		$query = "SELECT TiD,Troll,Race,Niveau from MZ_Trolls where Troll like '%$qry%'";  	
		//echo "$query<BR>";
		$result = @MySQL_QUERY($query);
		$nrow = @MySQL_NUM_ROWS($result);	
	}*/
_sqlclose();
# -------------- Fermeture DB
#-----------------------------------------------------------------------------------
$max = min(20, $nrow);
$suggestions = "";
$data = "";
$presentations = "";
for ($i = 0; $i < $max; $i++) {
    $TiD = mysql_result($result, $i, "TiD");
示例#5
0
<?php

ignore_user_abort(True);
require_once "../Config/_sqlconf.php";
//$srcfile = 'http://ftp.mountyhall.com/ftp/Public_Trolls.txt';
//$dstfile = 'ftp/Public_Trolls.txt';
//if (!copy($srcfile, $dstfile))    echo "La copie $file du fichier a échoué...\n";
//** Public_Diplomatie.txt **
//Id ; Nom ; Race ; Niveau ; Nb de Kills ; Nb de Morts ; Id Guilde ; Nb de Mouches
#-----------------------------------------------------------------------------------
$mysql = _sqlconnect();
# -------------- Ouverture DB
$query = "SELECT Value as troll_update from MZ_Cron where Field='troll_update'";
//echo "$query<BR>";
$result = @MySQL_QUERY($query);
if (@MySQL_NUM_ROWS($result) != 1) {
    die(-1);
}
$troll_update = mysql_result($result, 0, "troll_update");
$today = date("Y-m-d");
//==============================================================================
if ($troll_update != $today) {
    // télécharger le nouveau fichier
    if ($_FOPEN_EXTERNAL) {
        // si pas d'accès externe, on suppose le fichier copié dans repertoire ftp par script externe
        $fds = @fopen("http://ftp.mountyhall.com/Public_Trolls.txt", "r");
    } else {
        $fds = @fopen("ftp/Public_Trolls.txt", "r");
    }
    if ($fds) {
        $query = "UPDATE  MZ_Cron set Value='0' WHERE Field='troll_step'";
示例#6
0
function MAJBestiaire2($cdmFamille,$cdmNom,$cdmAge,$cdmNivMin,$cdmNivMax,$cdmPdVMin,$cdmPdVMax,$cdmBlessure,$cdmAttMin,$cdmAttMax,$cdmEsqMin,$cdmEsqMax,$cdmDegMin,$cdmDegMax,$cdmRegMin,$cdmRegMax,$cdmArmMin,$cdmArmMax,$cdmArmMagMin, $cdmArmMagMax, $cdmVueMin,$cdmVueMax,$cdmPouvoir,$cdmMMMin,$cdmMMMax,$cdmRMMin,$cdmRMMax,$cdmNbAtt,$cdmVitesse,$cdmVlC,$cdmAttDist, $cdmAttMag, $cdmVole, $cdmSangFroid, $cdmDLA,$cdmDLAMin,$cdmDLAMax,$cdmChargement,$cdmBonusMalus,$cdmCapaRange)
{
	global $__MAX;

	# BORNE SUP DU BESTIARE ------------------------------------------------------ 
	if ($cdmNivMax==0) $cdmNivMax=$__MAX;
	if ($cdmPdVMax==0) $cdmPdVMax=$__MAX;
	if ($cdmAttMax==0) $cdmAttMax=$__MAX;
	if ($cdmEsqMax==0) $cdmEsqMax=$__MAX;
	if ($cdmDegMax==0) $cdmDegMax=$__MAX;
	if ($cdmRegMax==0) $cdmRegMax=$__MAX;
	if ($cdmArmMax==0) $cdmArmMax=$__MAX;	
	if ($cdmArmMagMax==0) $cdmArmMagMax=$__MAX;	
	if ($cdmVueMax==0) $cdmVueMax=$__MAX;			
	if ($cdmMMMax==0)  $cdmMMMax=$__MAX;	
	if ($cdmRMMax==0)  $cdmRMMax=$__MAX;	
	if ($cdmDLAMax==0) $cdmDLAMax=$__MAX;	

	
	# Mise à jour du BESTIAIRE ------------------------------------------------------ 
	$query =  "SELECT * FROM `MZ_Beast2` where (Nom=\"$cdmNom\") and (Age=\"$cdmAge\")";     
	//echo "$query<BR>";
	$result = MySQL_QUERY($query);
  	$nData = @MySQL_NUM_ROWS($result);
	if ($nData==0) {
		$query =  "INSERT INTO `MZ_Beast2` VALUES ('$cdmFamille','$cdmNom','$cdmAge',$cdmNivMin,$cdmNivMin,$cdmNivMax,$cdmNivMax,$cdmPdVMin,$cdmPdVMin,$cdmPdVMax,$cdmPdVMax,$cdmAttMin,$cdmAttMin,$cdmAttMax,$cdmAttMax,$cdmEsqMin,$cdmEsqMin,$cdmEsqMax,$cdmEsqMax,$cdmDegMin,$cdmDegMin,$cdmDegMax,$cdmDegMax,$cdmRegMin,$cdmRegMin,$cdmRegMax,$cdmRegMax,$cdmArmMin,$cdmArmMin,$cdmArmMax,$cdmArmMax,$cdmArmMagMin,$cdmArmMagMin,$cdmArmMagMax,$cdmArmMagMax,$cdmVueMin,$cdmVueMin,$cdmVueMax,$cdmVueMax,'$cdmPouvoir',$cdmMMMin,$cdmMMMin,$cdmMMMax,$cdmMMMax,$cdmRMMin,$cdmRMMin,$cdmRMMax,$cdmRMMax,\"$cdmnbATT\",\"$cdmVitesse\",\"$cdmVlC\",\"$cdmAttDist\",\"$cdmAttMag\",\"$cdmVole\",\"$cdmSangFroid\",\"$cdmDLA\",$cdmDLAMin,$cdmDLAMin,$cdmDLAMax,$cdmDLAMax,\"$cdmChargement\",\"$cdmBonusMalus\",\"$cdmCapaRange\" )";
		//echo "$query<BR>";
		$result = MySQL_QUERY($query);
		return;
	}	    

	$query =  "";
	$NivMinInf=mysql_result($result,0,"NivMinInf");		
	$NivMinSup=mysql_result($result,0,"NivMinSup");		
	$NivMaxInf=mysql_result($result,0,"NivMaxInf");		
	$NivMaxSup=mysql_result($result,0,"NivMaxSup");		
	$query .=  CheckLimite('Niv', $cdmNivMin, $cdmNivMax, $NivMinInf, $NivMinSup, $NivMaxInf, $NivMaxSup );

	$PdVMinInf=mysql_result($result,0,"PdVMinInf");		
	$PdVMinSup=mysql_result($result,0,"PdVMinSup");		
	$PdVMaxInf=mysql_result($result,0,"PdVMaxInf");		
	$PdVMaxSup=mysql_result($result,0,"PdVMaxSup");		
	$query .=  CheckLimite('PdV', $cdmPdVMin, $cdmPdVMax, $PdVMinInf, $PdVMinSup, $PdVMaxInf, $PdVMaxSup );
	
	$AttMinInf=mysql_result($result,0,"AttMinInf");		
	$AttMinSup=mysql_result($result,0,"AttMinSup");		
	$AttMaxInf=mysql_result($result,0,"AttMaxInf");		
	$AttMaxSup=mysql_result($result,0,"AttMaxSup");		
	$query .=  CheckLimite('Att', $cdmAttMin, $cdmAttMax, $AttMinInf, $AttMinSup, $AttMaxInf, $AttMaxSup );

	$EsqMinInf=mysql_result($result,0,"EsqMinInf");		
	$EsqMinSup=mysql_result($result,0,"EsqMinSup");		
	$EsqMaxInf=mysql_result($result,0,"EsqMaxInf");		
	$EsqMaxSup=mysql_result($result,0,"EsqMaxSup");		
	$query .=  CheckLimite('Esq', $cdmEsqMin, $cdmEsqMax, $EsqMinInf, $EsqMinSup, $EsqMaxInf, $EsqMaxSup );
	
	$DegMinInf=mysql_result($result,0,"DegMinInf");		
	$DegMinSup=mysql_result($result,0,"DegMinSup");		
	$DegMaxInf=mysql_result($result,0,"DegMaxInf");		
	$DegMaxSup=mysql_result($result,0,"DegMaxSup");		
	$query .=  CheckLimite('Deg', $cdmDegMin, $cdmDegMax, $DegMinInf, $DegMinSup, $DegMaxInf, $DegMaxSup );

	$RegMinInf=mysql_result($result,0,"RegMinInf");		
	$RegMinSup=mysql_result($result,0,"RegMinSup");		
	$RegMaxInf=mysql_result($result,0,"RegMaxInf");		
	$RegMaxSup=mysql_result($result,0,"RegMaxSup");		
	$query .=  CheckLimite('Reg', $cdmRegMin, $cdmRegMax, $RegMinInf, $RegMinSup, $RegMaxInf, $RegMaxSup );

	$ArmMinInf=mysql_result($result,0,"ArmMinInf");		
	$ArmMinSup=mysql_result($result,0,"ArmMinSup");		
	$ArmMaxInf=mysql_result($result,0,"ArmMaxInf");		
	$ArmMaxSup=mysql_result($result,0,"ArmMaxSup");		
	$query .=  CheckLimite('Arm', $cdmArmMin, $cdmArmMax, $ArmMinInf, $ArmMinSup, $ArmMaxInf, $ArmMaxSup );

	$ArmMagMinInf=mysql_result($result,0,"ArmMagMinInf");		
	$ArmMagMinSup=mysql_result($result,0,"ArmMagMinSup");		
	$ArmMagMaxInf=mysql_result($result,0,"ArmMagMaxInf");		
	$ArmMagMaxSup=mysql_result($result,0,"ArmMagMaxSup");		
	$query .=  CheckLimite('ArmMag', $cdmArmMagMin, $cdmArmMagMax, $ArmMagMinInf, $ArmMagMinSup, $ArmMagMaxInf, $ArmMagMaxSup );

	
	$VueMinInf=mysql_result($result,0,"VueMinInf");		
	$VueMinSup=mysql_result($result,0,"VueMinSup");		
	$VueMaxInf=mysql_result($result,0,"VueMaxInf");		
	$VueMaxSup=mysql_result($result,0,"VueMaxSup");		
	$query .=  CheckLimite('Vue', $cdmVueMin, $cdmVueMax, $VueMinInf, $VueMinSup, $VueMaxInf, $VueMaxSup );
		
	$MMMinInf=mysql_result($result,0,"MMMinInf");		
	$MMMinSup=mysql_result($result,0,"MMMinSup");		
	$MMMaxInf=mysql_result($result,0,"MMMaxInf");		
	$MMMaxSup=mysql_result($result,0,"MMMaxSup");		
	$query .=  CheckLimite('MM', $cdmMMMin, $cdmMMMax, $MMMinInf, $MMMinSup, $MMMaxInf, $MMMaxSup );	

	$RMMinInf=mysql_result($result,0,"RMMinInf");		
	$RMMinSup=mysql_result($result,0,"RMMinSup");		
	$RMMaxInf=mysql_result($result,0,"RMMaxInf");		
	$RMMaxSup=mysql_result($result,0,"RMMaxSup");		
	$query .=  CheckLimite('RM', $cdmRMMin, $cdmRMMax, $RMMinInf, $RMMinSup, $RMMaxInf, $RMMaxSup );	
	
	$DLAMinInf=mysql_result($result,0,"DLAMinInf");		
	$DLAMinSup=mysql_result($result,0,"DLAMinSup");		
	$DLAMaxInf=mysql_result($result,0,"DLAMaxInf");		
	$DLAMaxSup=mysql_result($result,0,"DLAMaxSup");		
	$query .=  CheckLimite('DLA', $cdmDLAMin, $cdmDLAMax, $DLAMinInf, $DLAMinSup, $DLAMaxInf, $DLAMaxSup );
			
    $query .=  CheckValue('Pouvoir',$cdmPouvoir, mysql_result($result,0,"Pouvoir"));
    $query .=  CheckValue('nbATT',$cdmNbAtt, mysql_result($result,0,"nbATT"));
    $query .=  CheckValue('Vitesse',$cdmVitesse,  mysql_result($result,0,"Vitesse"));
    $query .=  CheckValue('VlC',$cdmVlC,  mysql_result($result,0,"VlC"));
    $query .=  CheckValue('AttDist',$cdmAttDist,  mysql_result($result,0,"AttDist"));
    $query .=  CheckValue('AttMag',$cdmAttMag,  mysql_result($result,0,"AttMag"));
    $query .=  CheckValue('Vole',$cdmVole,  mysql_result($result,0,"Vole"));
    $query .=  CheckValue('SangFroid',$cdmSangFroid,  mysql_result($result,0,"SangFroid"));
    $query .=  CheckValue('CapaRange',$cdmCapaRange,  mysql_result($result,0,"CapaRange"));	

	if ($query!="") {			
		$query =  "UPDATE `MZ_Beast2` SET $query Age=\"$cdmAge\" where (Nom=\"$cdmNom\") and (Age=\"$cdmAge\")";
		//echo "$query<BR>";
		$result = MySQL_QUERY($query); 		
	}
	
	return;								
}	// Fin MAJ Bestiaire
示例#7
0
require_once "./Config/_sqlconf.php";
#-----------------------------------------------------------------------------------
$ZZ_TID = $_SESSION['login'];
if ($ZZ_TID == "") {
    die;
}
// pas logg� = pas de script
#-----------------------------------------------------------------------------------
$mysql = _sqlconnect();
# -------------- Ouverture DB
$query = "SELECT SCRIPTS_COMP from MZ_User_prefs where TiD={$ZZ_TID}";
$result = MySQL_QUERY($query);
if (@MySQL_NUM_ROWS($result) <= 0) {
    die;
}
$SCRIPTS_COMP = mysql_result($result, 0, "SCRIPTS_COMP");
$query = "SELECT CopieZZ  from MZ_Scripts_ext where id in (" . substr($SCRIPTS_COMP, 0, -1) . ") order by Id";
$result = @MySQL_QUERY($query);
_sqlclose();
# -------------- Fermeture DB
$n = @MySQL_NUM_ROWS($result);
if ($n <= 0) {
    die;
}
$ZZDB = "http://" . $_SERVER["HTTP_HOST"] . substr($_SERVER["REQUEST_URI"], 0, strrpos($_SERVER["REQUEST_URI"], "/"));
header('Content-Type: text/javascript');
for ($i = 0; $i < $n; $i++) {
    $CopieZZ = @mysql_result($result, $i, "CopieZZ");
    @readfile("scripts/{$CopieZZ}");
    //echo "MZ_appendNewScript(\"$ZZDB/scripts/$CopieZZ\");";
}
示例#8
0
				  $ct[$tgId]=$Color; 
				} else if ($ct[$tgId]<>$Color) {
  				  $ct[$tgId]="#FFD3D3"; 
				}
			} else { 
				if (!$cg[$tgId]) {
				  $cg[$tgId]=$Color; 
                                } else if ($cg[$tgId]<>$Color) {
                                  $cg[$tgId]="#FFD3D3"; 
                                }
			}
      }
  }

  #ajout des membres avec qui l'on partage=========================================
  $nData = MySQL_NUM_ROWS($result5s);
  if ($nData>0) {  
	  $fTInfo=true;
      for ($i=0; $i<$nData; $i++) { 
	        $tgId=mysql_result($result5s,$i,"SHRiD");
	        $Color="#BBBBFF";
	        $TG="T";
        	$ct[$tgId]=$Color;		// pas de conflit, si l'on partage on est amis!!!
      }
  }

  foreach ($ct as $tgId => $Color) print("ct[$tgId]='$Color';"); 
  foreach ($cg as $tgId => $Color) print("cg[$tgId]='$Color';"); 
  

示例#9
0
 /**
  * Performs user sign-in by user name and password hash.
  *
  * @access	public
  * @param	string $un The user name
  * @param	string $pw_hash The password hash
  * @since	3.0
  *
  */
 function login($un, $pw_hash)
 {
     global $_SESSION, $_POST, $SANITIZER, $SecureSession, $CONFIG;
     $PL_PW = $CONFIG->secure_login_password;
     $str_error = '';
     // init
     $_POST["remember_me"] = 1;
     $remember_me = true;
     $sql = "\n\t\t\t\t\t\tSELECT u.id, u.un, u.firstname, u.lastname, u.email, u.web, u.bio\n\t\t\t\t\t\t, GROUP_CONCAT(un.notice_fid ORDER BY un.notice_fid ASC SEPARATOR '|') AS u_notices\n\t\t\t\t\t\tFROM users AS u\n\t\t\t\t\t\tLEFT OUTER JOIN user_notices AS un ON un.user_fid = u.id\n\t\t\t\t\t\tWHERE u.un = '{$un}'\n\t\t\t\t\t\tAND u.pw = '{$pw_hash}'\n\t\t\t\t\t\tAND u.deleted IS NULL\n\t\t\t\t\t\tGROUP BY un.user_fid\n\t\t\t\t\t\tLIMIT 0, 1\n\t\t\t\t\t ";
     if ($_SERVER["REMOTE_ADDR"] == @$CONFIG->debug_ip) {
         // echo $sql;
     }
     $result = mysql_query($sql);
     $record_count = 0;
     if ($result) {
         $record_count = MySQL_NUM_ROWS($result);
     }
     if ($record_count == 1) {
         $u_id = mysql_result($result, 0, "u.id");
         //ZUser::get($u_id);
         $ss = new SecureSession();
         $ss->check_browser = true;
         $ss->check_ip_blocks = 2;
         $ss->secure_word = 'SALT_';
         $ss->regenerate_id = true;
         $ss->Open();
         $_SESSION['logged_in'] = true;
         /** Generate a secure user id **/
         $_SESSION['u'] = md5($_SESSION['ss_fprint'] . $u_id);
         $_SESSION['u_temp'] = $u_id;
         $u_un = mysql_result($result, 0, "u.un");
         $u_email = mysql_result($result, 0, "u.email");
         $u_firstname = mysql_result($result, 0, "u.firstname");
         $u_lastname = mysql_result($result, 0, "u.lastname");
         $u_web = mysql_result($result, 0, "u.web");
         $u_bio = mysql_result($result, 0, "u.bio");
         $_SESSION['u_un'] = $u_un;
         $_SESSION['u_email'] = $u_email;
         if (trim($u_lastname) != "") {
             $_SESSION['u_name'] = trim($u_firstname . " " . $u_lastname);
         } else {
             $_SESSION['u_name'] = trim($u_firstname);
         }
         $_SESSION['u_web'] = trim($u_web);
         $_SESSION['u_bio'] = trim($u_bio);
         $u_notices = mysql_result($result, 0, "u_notices");
         $u_notices = explode("|", $u_notices);
         if (array_search("1", $u_notices) !== false) {
             $_SESSION["u_notice_1"] = "checked";
         } else {
             $_SESSION["u_notice_1"] = "";
         }
         if (array_search("2", $u_notices) !== false) {
             $_SESSION["u_notice_2"] = "checked";
         } else {
             $_SESSION["u_notice_2"] = "";
         }
         /** Get user data **/
         ZUser::query_user("", $_SESSION['u_temp']);
         ZUser::set();
         /** Save Session ID if 'Remember Me' activated **/
         if (isset($_POST["remember_me"])) {
             $pl = MD5($u_id . $PL_PW);
             $pl_ssid = md5(uniqid(rand(), true));
             @setcookie("pl", $pl, time() + 3600 * 24 * 14, "/");
             /* expire in 2 weeks */
             @setcookie("pl_ssid", $pl_ssid, time() + 3600 * 24 * 14, "/");
             /* expire in 2 weeks */
         } else {
             $this_session_id = "";
             @setcookie("pl", "", time() - 3600);
             /* delete cookie */
             @setcookie("pl_ssid", "", time() - 3600);
             /* delete cookie */
         }
         /** Save new Persistent Login Session ID **/
         $sql = "\n\t\t\t\t\t\t\tUPDATE users AS u\n\t\t\t\t\t\t\tSET u.session_id = '{$pl_ssid}'\n\t\t\t\t\t\t\tWHERE u.un = '{$un}'\n\t\t\t\t\t\t\tAND u.pw = '{$pw_hash}'\n\t\t\t\t\t\t ";
         if ($_SERVER["REMOTE_ADDR"] == @$CONFIG->debug_ip) {
             //echo $sql;
         }
         $result2 = mysql_query($sql);
         //@header('Location: index.php');
         //die();
     } else {
         @session_destroy();
         $str_error .= JText::_('Username and password do not match.') . '<br />';
     }
     return $str_error;
 }
示例#10
0
 /**
  * Performs the email address integrity test.
  *
  * @access	public
  * @param	string $email The email address
  * @since	3.0
  *
  */
 function test_integrity_email($email)
 {
     $email_validation_required = true;
     $str_error = "";
     // init
     /** is email address blank? **/
     if (@$email == "") {
         $str_error .= JText::_("Email cannot be left blank.") . '<br />';
         return $str_error;
     }
     /** check email address syntax **/
     if (!ZEmail::check($email)) {
         $str_error .= JText::_('Email should look like an email address.') . '<BR />';
         return $str_error;
     }
     $email_exists = false;
     /** look in database for existing username **/
     if (!$email_exists) {
         $sql = "\n\t\t\t\t\t\t\tSELECT u.email\n\t\t\t\t\t\t\tFROM users AS u\n\t\t\t\t\t\t\tWHERE u.email = '{$email}'\n\t\t\t\t\t\t\tLIMIT 0, 1\n\t\t\t\t\t\t ";
         //echo $sql;
         $result = mysql_query($sql);
         $record_count = 0;
         if ($result) {
             $record_count = MySQL_NUM_ROWS($result);
         }
         if ($record_count == 1) {
             $email_exists = true;
         }
     }
     if ($email_exists) {
         $str_error .= JText::_('Email has already been taken.') . '<br />';
     }
     return $str_error;
 }