function language_controler_switch() { global $user; $same = $user['language']; if (isset($_GET['lang'])) { include_once PHPWG_ROOT_PATH . 'admin/include/languages.class.php'; $languages = new languages(); if (!in_array($_GET['lang'], array_keys($languages->fs_languages))) { $_GET['lang'] = PHPWG_DEFAULT_LANGUAGE; } if (!empty($_GET['lang']) and file_exists(PHPWG_ROOT_PATH . 'language/' . $_GET['lang'] . '/common.lang.php')) { if (is_a_guest() or is_generic()) { pwg_set_session_var('lang_switch', $_GET['lang']); } else { $query = ' UPDATE ' . USER_INFOS_TABLE . ' SET language = \'' . $_GET['lang'] . '\' WHERE user_id = ' . $user['id'] . ' ;'; pwg_query($query); } $user['language'] = $_GET['lang']; } } elseif (is_a_guest() or is_generic()) { $user['language'] = pwg_get_session_var('lang_switch', $user['language']); } // Reload language only if it isn't the same one if ($same !== $user['language']) { load_language('common.lang', '', array('language' => $user['language'])); load_language('lang', PHPWG_ROOT_PATH . PWG_LOCAL_DIR, array('language' => $user['language'], 'no_fallback' => true, 'local' => true)); if (defined('IN_ADMIN') and IN_ADMIN) { // Never currently load_language('admin.lang', '', array('language' => $user['language'])); } } }
$user['id'] = $_SESSION['pwg_uid']; } } // Now check the auto-login if ($user['id'] == $conf['guest_id']) { auto_login(); } // using Apache authentication override the above user search if ($conf['apache_authentication']) { $remote_user = null; foreach (array('REMOTE_USER', 'REDIRECT_REMOTE_USER') as $server_key) { if (isset($_SERVER[$server_key])) { $remote_user = $_SERVER[$server_key]; break; } } if (isset($remote_user)) { if (!($user['id'] = get_userid($remote_user))) { $user['id'] = register_user($remote_user, '', '', false); } } } // automatic login by authentication key if (isset($_GET['auth'])) { auth_key_login($_GET['auth']); } $user = build_user($user['id'], (defined('IN_ADMIN') and IN_ADMIN) ? false : true); if ($conf['browser_language'] and (is_a_guest() or is_generic()) and $language = get_browser_language()) { $user['language'] = $language; } trigger_notify('user_init', $user);
/** * checks the activation key: does it match the expected pattern? is it * linked to a user? is this user allowed to reset his password? * * @return mixed (user_id if OK, false otherwise) */ function check_password_reset_key($reset_key) { global $page, $conf; list($key, $email) = explode('-', $reset_key, 2); if (!preg_match('/^[a-z0-9]{20}$/i', $key)) { $page['errors'][] = l10n('Invalid key'); return false; } $user_ids = array(); $query = ' SELECT ' . $conf['user_fields']['id'] . ' AS id FROM ' . USERS_TABLE . ' WHERE ' . $conf['user_fields']['email'] . ' = \'' . pwg_db_real_escape_string($email) . '\' ;'; $user_ids = query2array($query, null, 'id'); if (count($user_ids) == 0) { $page['errors'][] = l10n('Invalid username or email'); return false; } $user_id = null; $query = ' SELECT user_id, status, activation_key, activation_key_expire, NOW() AS dbnow FROM ' . USER_INFOS_TABLE . ' WHERE user_id IN (' . implode(',', $user_ids) . ') ;'; $result = pwg_query($query); while ($row = pwg_db_fetch_assoc($result)) { if (pwg_password_verify($key, $row['activation_key'])) { if (strtotime($row['dbnow']) > strtotime($row['activation_key_expire'])) { // key has expired $page['errors'][] = l10n('Invalid key'); return false; } if (is_a_guest($row['status']) or is_generic($row['status'])) { $page['errors'][] = l10n('Password reset is not allowed for this user'); return false; } $user_id = $row['user_id']; } } if (empty($user_id)) { $page['errors'][] = l10n('Invalid key'); return false; } return $user_id; }
// logout logout_user(); redirect(get_gallery_home_url()); } elseif (!empty($_SESSION['pwg_uid'])) { $user['id'] = $_SESSION['pwg_uid']; } } // Now check the auto-login if ($user['id'] == $conf['guest_id']) { auto_login(); } // using Apache authentication override the above user search if ($conf['apache_authentication']) { $remote_user = null; foreach (array('REMOTE_USER', 'REDIRECT_REMOTE_USER') as $server_key) { if (isset($_SERVER[$server_key])) { $remote_user = $_SERVER[$server_key]; break; } } if (isset($remote_user)) { if (!($user['id'] = get_userid($remote_user))) { $user['id'] = register_user($remote_user, '', '', false); } } } $user = build_user($user['id'], (defined('IN_ADMIN') and IN_ADMIN) ? false : true); if ($conf['browser_language'] and (is_a_guest() or is_generic())) { get_browser_language($user['language']); } trigger_notify('user_init', $user);