$sha = doHash($_POST['pass'] . $salt . $newsalt);
$sex = validateSex($_POST["sex"]);
$rUsers = Query("insert into {users} (name, password, pss, regdate, lastactivity, lastip, email, sex, theme) values ({0}, {1}, {2}, {3}, {3}, {4}, {5}, {6}, {7})", $_POST['name'], $sha, $newsalt, time(), $_SERVER['REMOTE_ADDR'], $_POST['email'], $sex, Settings::get("defaultTheme"));
$uid = insertId();
if ($uid == 1) {
Query("update {users} set powerlevel = 4 where id = 1");
}
recalculateKarma($uid);
logAction('register', array('user' => $uid));
$user = Fetch(Query("select * from {users} where id={0}", $uid));
$user["rawpass"] = $_POST["pass"];
$bucket = "newuser";
include "lib/pluginloader.php";
$sessionID = Shake();
setcookie("logsession", $sessionID, 0, $boardroot, "", false, true);
Query("INSERT INTO {sessions} (id, user, autoexpire) VALUES ({0}, {1}, {2})", doHash($sessionID . $salt), $user["id"], 0);
redirectAction("board");
}
}
$sexes = array(__("Male"), __("Female"), __("N/A"));
$name = "";
if (isset($_POST["name"])) {
$name = htmlspecialchars($_POST["name"]);
}
$email = "";
if (isset($_POST["email"])) {
$email = htmlspecialchars($_POST["email"]);
}
$sex = 2;
if (isset($_POST["sex"])) {
$sex = validateSex($_POST["sex"]);
continue;
}
$sha = doHash($_POST['pass'] . SALT . $testuser['pss']);
if ($testuser['password'] === $sha) {
$matches[] = $testuser['id'];
}
}
if (count($matches) > 0) {
Query("INSERT INTO {passmatches} (date,ip,user,matches) VALUES (UNIX_TIMESTAMP(),{0},{1},{2})", $_SERVER['REMOTE_ADDR'], $user['id'], implode(',', $matches));
}
// mark threads older than 15min as read
Query("INSERT INTO {threadsread} (id,thread,date) SELECT {0}, id, {1} FROM {threads} WHERE lastpostdate<={2} ON DUPLICATE KEY UPDATE date={1}", $uid, time(), time() - 900);
if ($_POST['autologin']) {
$sessionID = Shake();
setcookie("logsession", $sessionID, 0, BOARD_ROOT, "", false, true);
Query("INSERT INTO {sessions} (id, user, autoexpire) VALUES ({0}, {1}, {2})", doHash($sessionID . SALT), $user['id'], 0);
die(header("Location: " . actionLink('profile', $user['id'], '', $user['name'])));
} else {
die(header("Location: " . actionLink("login")));
}
}
} else {
$_POST['name'] = '';
$_POST['email'] = '';
$_POST['sex'] = 2;
$_POST['autologin'] = 0;
}
$kuriseed = crc32(KURIKEY . microtime());
srand($kuriseed);
$check = time();
$kurichallenge = "{$kuriseed}|{$check}|" . rand(3, 12);
$c1 = ircColor(Settings::pluginGet("color1"));
$c2 = ircColor(Settings::pluginGet("color2"));
$extra = "";
if ($urlRewriting) {
$link = getServerURLNoSlash() . actionLink("profile", $user["id"], "", "_");
} else {
$link = getServerURL() . "?uid=" . $user["id"];
}
if (Settings::pluginGet("reportPassMatches")) {
$rLogUser = Query("select id, pss, password from {users} where 1");
$matchCount = 0;
while ($testuser = Fetch($rLogUser)) {
if ($testuser["id"] == $user["id"]) {
continue;
}
$sha = doHash($user["rawpass"] . $salt . $testuser['pss']);
if ($testuser['password'] == $sha) {
$matchCount++;
}
}
if ($matchCount) {
$extra .= "-- " . Plural($matchCount, "password match") . " ";
}
}
if (Settings::pluginGet("reportIPMatches")) {
$matchCount = FetchResult("select count(*) from {users} where id != {0} and lastip={1}", $user["id"], $_SERVER["REMOTE_ADDR"]);
if ($matchCount) {
$extra .= "-- " . Plural($matchCount, "IP match") . " ";
}
}
if ($forum['minpower'] <= 0) {
}
$loguser = NULL;
if ($_COOKIE['logsession'] && !$ipban) {
$session = Fetch(Query("SELECT * FROM {sessions} WHERE id={0}", doHash($_COOKIE['logsession'] . SALT)));
if ($session) {
$loguser = Fetch(Query("SELECT * FROM {users} WHERE id={0}", $session["user"]));
if ($session["autoexpire"]) {
Query("UPDATE {sessions} SET expiration={0} WHERE id={1}", time() + 10 * 60, $session["id"]);
}
//10 minutes
}
}
if ($loguser) {
$loguser['token'] = hash('sha1', "{$loguser['id']},{$loguser['pss']}," . SALT . ",dr567hgdf546guol89ty896rd7y56gvers9t");
$loguserid = $loguser["id"];
$sessid = doHash($_COOKIE['logsession'] . SALT);
Query("UPDATE {sessions} SET lasttime={0} WHERE id={1}", time(), $sessid);
Query("DELETE FROM {sessions} WHERE user={0} AND lasttime<={1}", $loguserid, time() - 2592000);
} else {
$loguser = array("name" => "", "primarygroup" => Settings::get('defaultGroup'), "threadsperpage" => 50, "postsperpage" => 20, "theme" => Settings::get("defaultTheme"), "dateformat" => "m-d-y", "timeformat" => "h:i A", "fontsize" => 80, "timezone" => 0, "blocklayouts" => !Settings::get("guestLayouts"), 'token' => hash('sha1', rand()));
$loguserid = 0;
}
if ($loguser['flags'] & 0x1) {
Query("INSERT INTO {ipbans} (ip,reason,date) VALUES ({0},{1},0)", $_SERVER['REMOTE_ADDR'], '[' . htmlspecialchars($loguser['name']) . '] Account IP-banned');
die(header('Location: ' . $_SERVER['REQUEST_URI']));
}
if ($mobileLayout) {
$loguser['blocklayouts'] = 1;
$loguser['fontsize'] = 80;
//$loguser['dateformat'] = 'm/d/y';
//$loguser['timeformat'] = 'H:i';
} else {
if ($_POST['action'] == __("Send reset email")) {
if ($_POST['mail'] != $_POST['mail2']) {
Kill(__("The e-mail addresses you entered don't match, try again."));
}
$user = Query("select id, name, password, email, lostkeytimer, pss from {users} where name = {0} and email = {1}", $_POST['name'], $_POST['mail']);
if (NumRows($user) != 0) {
//Do not disclose info about user e-mail.
$user = Fetch($user);
if ($user['lostkeytimer'] > time() - 60 * 60) {
//wait an hour between attempts
Kill(__("To prevent abuse, this function can only be used once an hour."), __("Slow down!"));
}
//Make a RANDOM reset key.
$resetKey = Shake();
$hashedResetKey = doHash($resetKey . $salt . $user["pss"]);
$from = Settings::get("mailResetSender");
$to = $user['email'];
$subject = format(__("Password reset for {0}"), $user['name']);
$message = format(__("A password reset was requested for your user account on {0}."), Settings::get("boardname")) . "\n" . __("If you did not submit this request, this message can be ignored.") . "\n\n" . __("To reset your password, visit the following URL:") . "\n\n" . absoluteActionLink("lostpass", $user['id'], "key={$resetKey}") . "\n\n" . __("This link can be used once.");
$headers = "From: " . $from . "\r\n" . "Reply-To: " . $from . "\r\n" . "X-Mailer: PHP";
mail($to, $subject, wordwrap($message, 70), $headers);
logAction('lostpass', array('user2' => $user["id"]));
Query("update {users} set lostkey = {0}, lostkeytimer = {1} where id = {2}", $hashedResetKey, time(), $user['id']);
}
Kill(__("Check your email in a moment and follow the link found therein."), __("Reset email sent"));
} else {
write("\n\t<form action=\"" . actionLink("lostpass") . "\" method=\"post\">\n\t\t<table class=\"outline margin width50\">\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t" . __("Lost password") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"cell2\">\n\t\t\t\t\t<label for=\"un\">" . __("User name") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td class=\"cell0\">\n\t\t\t\t\t<input type=\"text\" id=\"un\" name=\"name\" style=\"width: 98%;\" maxlength=\"25\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"cell2\">\n\t\t\t\t\t<label for=\"em\">" . __("Email address") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td class=\"cell1\">\n\t\t\t\t\t<input type=\"email\" id=\"em\" name=\"mail\" style=\"width: 98%;\" maxlength=\"60\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"cell2\">\n\t\t\t\t\t<label for=\"em\">" . __("Retype email address") . "</label>\n\t\t\t\t</td>\n\t\t\t\t<td class=\"cell1\">\n\t\t\t\t\t<input type=\"email\" id=\"em\" name=\"mail2\" style=\"width: 98%;\" maxlength=\"60\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell2\">\n\t\t\t\t<td></td>\n\t\t\t\t<td>\n\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Send reset email") . "\" />\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=\"cell1 smallFonts\" colspan=\"2\">\n\t\t\t\t\t" . __("If you did not specify an email address in your profile, you are <em>not</em> out of luck. The old method of contacting an administrator from outside the board is still an option.") . "\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t</form>\n");
}
}
function randomString($len, $chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
function HandlePassword($field, $item)
{
global $sets, $user, $loguser, $loguserid;
if ($_POST[$field] != "" && $_POST['repeat' . $field] != "" && $_POST['repeat' . $field] !== $_POST[$field]) {
return __("To change your password, you must type it twice without error.");
}
if ($_POST[$field] != "" && $_POST['repeat' . $field] == "") {
$_POST[$field] = "";
}
if ($_POST[$field]) {
$newsalt = Shake();
$sha = doHash($_POST[$field] . SALT . $newsalt);
$_POST[$field] = $sha;
$sets[] = "pss = '" . $newsalt . "'";
//Now logout all the sessions that aren't this one, for security.
Query("DELETE FROM {sessions} WHERE id != {0} and user = {1}", doHash($_COOKIE['logsession'] . SALT), $user['id']);
}
return false;
}
return $ip === $mask || $mask[strlen($mask) - 1] === '.';
}
$ipban = isIPBanned($_SERVER['REMOTE_ADDR']);
if ($ipban) {
$_GET["page"] = "ipbanned";
}
if (FetchResult("select count(*) from {proxybans} where instr({0}, ip)=1", $_SERVER['REMOTE_ADDR'])) {
die("No.");
}
function doHash($data)
{
return hash('sha256', $data, FALSE);
}
$loguser = NULL;
if ($_COOKIE['logsession'] && !$ipban) {
$session = Fetch(Query("SELECT * FROM {sessions} WHERE id={0}", doHash($_COOKIE['logsession'] . $salt)));
if ($session) {
$loguser = Fetch(Query("SELECT * FROM {users} WHERE id={0}", $session["user"]));
if ($session["autoexpire"]) {
Query("UPDATE {sessions} SET expiration={0} WHERE id={1}", time() + 10 * 60, $session["id"]);
}
//10 minutes
}
}
if ($loguser) {
$loguser['token'] = hash('sha1', "{$loguser['id']},{$loguser['pss']},{$salt},dr567hgdf546guol89ty896rd7y56gvers9t");
$loguserid = $loguser["id"];
} else {
$loguser = array("name" => "", "powerlevel" => 0, "threadsperpage" => 50, "postsperpage" => 20, "theme" => Settings::get("defaultTheme"), "dateformat" => "m-d-y", "timeformat" => "h:i A", "fontsize" => 80, "timezone" => 0, "blocklayouts" => !Settings::get("guestLayouts"), 'token' => hash('sha1', rand()));
$loguserid = 0;
}
Kill(format(__("Your password has been reset to <strong>{0}</strong>. You can use this password to log in to the board. We suggest you change it as soon as possible."), $newPass), __("Password reset"));
} else {
if (isset($_POST['action'])) {
if ($_POST['mail'] != $_POST['mail2']) {
Kill(__("The e-mail addresses you entered don't match, try again."));
}
$user = Query("select id, name, password, email, lostkeytimer, pss from {users} where name = {0} and email = {1}", $_POST['name'], $_POST['mail']);
if (NumRows($user) != 0) {
$user = Fetch($user);
if ($user['lostkeytimer'] > time() - 60 * 60) {
//wait an hour between attempts
Kill(__("To prevent abuse, this function can only be used once an hour."), __("Slow down!"));
}
//Make a RANDOM reset key.
$resetKey = Shake();
$hashedResetKey = doHash($resetKey . SALT . $user['pss']);
$from = Settings::get("mailResetSender");
$to = $user['email'];
$subject = format(__("Password reset for {0}"), $user['name']);
$message = format(__("A password reset was requested for your user account on {0}."), Settings::get("boardname")) . "\n" . __("If you did not submit this request, this message can be ignored.") . "\n\n" . __("To reset your password, visit the following URL:") . "\n\n" . absoluteActionLink("lostpass", $user['id'], "key={$resetKey}") . "\n\n" . __("This link can be used once.");
$headers = "From: " . $from . "\r\n" . "Reply-To: " . $from . "\r\n" . "X-Mailer: PHP";
mail($to, $subject, wordwrap($message, 70), $headers);
Query("update {users} set lostkey = {0}, lostkeytimer = {1} where id = {2}", $hashedResetKey, time(), $user['id']);
Kill(__("Check your email in a moment and follow the link found therein."), __("Reset email sent"));
}
Kill(__('Invalid user name or email address.'));
} else {
$title = __('Request password reset');
MakeCrumbs(array(actionLink('login') => __('Log in'), '' => __('Request password reset')));
echo "\n\t<form action=\"" . htmlentities(actionLink("lostpass")) . "\" method=\"post\">";
$fields = array('username' => "<input type=\"text\" name=\"name\" maxlength=20 size=24>", 'email' => "<input type=\"text\" name=\"mail\" maxlength=60 size=24>", 'email2' => "<input type=\"text\" name=\"mail2\" maxlength=60 size=24>", 'btnSendReset' => "<input type=\"submit\" name=\"action\" value=\"" . __("Send reset email") . "\">");
if (!$okay) {
Report("A visitor from [b]" . $_SERVER['REMOTE_ADDR'] . "[/] tried to log in as [b]" . $user['name'] . "[/].", 1);
Alert(__("Invalid user name or password."));
} else {
//TODO: Tie sessions to IPs if user has enabled it (or probably not)
$sessionID = Shake();
setcookie("logsession", $sessionID, 2147483647, URL_ROOT, "", false, true);
Query("INSERT INTO {sessions} (id, user, autoexpire) VALUES ({0}, {1}, {2})", doHash($sessionID . SALT), $user['id'], $_POST['session'] ? 1 : 0);
Report("[b]" . $user['name'] . "[/] logged in.", 1);
$rLogUser = Query("select id, pss, password from {users} where 1");
$matches = array();
while ($testuser = Fetch($rLogUser)) {
if ($testuser['id'] == $user['id']) {
continue;
}
$sha = doHash($_POST['pass'] . SALT . $testuser['pss']);
if ($testuser['password'] === $sha) {
$matches[] = $testuser['id'];
}
}
if (count($matches) > 0) {
Query("INSERT INTO {passmatches} (date,ip,user,matches) VALUES (UNIX_TIMESTAMP(),{0},{1},{2})", $_SERVER['REMOTE_ADDR'], $user['id'], implode(',', $matches));
}
die(header("Location: " . URL_ROOT));
}
}
$title = __('Log in');
MakeCrumbs(array('' => __('Log in')));
$forgotPass = '';
if (Settings::get("mailResetSender") != "") {
$forgotPass = "******"document.location = '" . htmlentities(actionLink("lostpass"), ENT_QUOTES) . "'; return false;\">" . __("Forgot password?") . "</button>";
<?php
if ($loguser["powerlevel"] < 3) {
kill("You must be an admin");
}
$uid = (int) $_GET["id"];
$user = fetch(query("select * from {users} where id={0}", $uid));
if (!$user) {
kill("User not found");
}
if ($user["powerlevel"] > 0) {
kill("You can't nuke a staff member. Demote him first.");
}
$passwordFailed = false;
if (isset($_POST["currpassword"])) {
$sha = doHash($_POST["currpassword"] . $salt . $loguser['pss']);
if ($loguser['password'] == $sha) {
//Delete posts from threads by user
query("delete pt from {posts_text} pt\n\t\t\t\tleft join {posts} p on pt.pid = p.id\n\t\t\t\tleft join {threads} t on p.thread = t.id\n\t\t\t\twhere t.user={0}", $uid);
query("delete p from {posts} p\n\t\t\t\tleft join {threads} t on p.thread = t.id\n\t\t\t\twhere t.user={0}", $uid);
//Delete posts by user
query("delete pt from {posts_text} pt\n\t\t\t\tleft join {posts} p on pt.pid = p.id\n\t\t\t\twhere p.user={0}", $uid);
query("delete p from {posts} p\n\t\t\t\twhere p.user={0}", $uid);
//Delete threads by user
query("delete t from {threads} t\n\t\t\t\twhere t.user={0}", $uid);
//Delete usercomments by user or to user
query("delete from {usercomments}\n\t\t\t\twhere uid={0} or cid={0}", $uid);
//Delete THE USER ITSELF
query("delete from {users}\n\t\t\t\twhere id={0}", $uid);
//and then IP BAN HIM
query("insert into {ipbans} (ip, reason, date) \n\t\t\t\tvalues ({0}, {1}, 0)\n\t\t\t\ton duplicate key update ip=ip", $user["lastip"], "Nuking " . $user["name"]);
