function try_reg($info, $page, $menu, $name, $u)
{
$disallow = array('/kano/i', '/pool/i', '/kolivas/i');
$user = getparam('user', false);
$mail = trim(getparam('mail', false));
$pass = getparam('pass', false);
$pass2 = getparam('pass2', false);
$data = array();
if (nuem($user)) {
$data['user'] = '';
} else {
$data['user'] = $user;
}
if (nuem($mail)) {
$data['mail'] = '';
} else {
$data['mail'] = $mail;
}
$ok = true;
if (nuem($user) || nuem($mail) || nuem($pass) || nuem($pass2)) {
$ok = false;
} else {
if (stripos($mail, 'hotmail') !== false) {
$ok = false;
$data['error'] = "hotmail not allowed";
}
if (safepass($pass) !== true) {
$ok = false;
$data['error'] = "Password is unsafe";
} elseif ($pass2 != $pass) {
$ok = false;
$data['error'] = "Passwords don't match";
}
$orig = $user;
$user = loginStr($orig);
if ($user != $orig) {
$ok = false;
$data['error'] = "Username cannot include '.', '_', '/' or Tab";
$data['user'] = $user;
}
}
if ($ok === true) {
foreach ($disallow as $patt) {
if (preg_match($patt, $user) === 1) {
$ok = false;
$data['error'] = 'Disallowed username';
break;
}
}
}
if ($ok === true) {
$ans = userReg($user, $mail, $pass);
if ($ans['STATUS'] == 'ok') {
gopage($info, $data, 'doreg2', $page, $menu, $name, $u, true, true, false);
} else {
$data['error'] = "Invalid username, password or email address";
}
}
gopage($info, $data, 'doregres', $page, $menu, $name, $u, true, true, false);
}
function dbreset()
{
$user = $_SESSION['reset_user'];
$hash = $_SESSION['reset_hash'];
$email = $_SESSION['reset_email'];
$pass = getparam('pass', true);
$pass2 = getparam('pass2', true);
$twofa = getparam('2fa', true);
if (nuem($pass) || nuem($pass2)) {
return allow_reset('Enter both passwords');
}
if ($pass2 != $pass) {
return allow_reset("Passwords don't match");
}
if (safepass($pass) !== true) {
return allow_reset('Password is unsafe');
}
$ans = getAtts($user, 'KReset.str,KReset.dateexp');
if ($ans['STATUS'] != 'ok') {
return resetfail();
}
if (!isset($ans['KReset.dateexp']) || $ans['KReset.dateexp'] == 'Y') {
return resetfail();
}
if (!isset($ans['KReset.str']) || $ans['KReset.str'] != $hash) {
return resetfail();
}
$emailinfo = getOpts($user, emailOptList());
if ($emailinfo['STATUS'] != 'ok') {
syserror();
}
$ans = resetPass($user, $pass, $twofa);
if ($ans['STATUS'] != 'ok') {
return resetfail();
}
unset($_SESSION['reset_user']);
unset($_SESSION['reset_hash']);
unset($_SESSION['reset_email']);
$ans = expAtts($user, 'KReset');
$ok = passWasReset($email, zeip(), $emailinfo);
return yok();
}
function dosettings($data, $user)
{
$err = '';
$chg = getparam('Change', false);
$check = false;
switch ($chg) {
case 'EMail':
$email = getparam('email', false);
if (stripos($email, 'hotmail') !== false) {
$err = 'hotmail not allowed';
} else {
$pass = getparam('pass', false);
$twofa = getparam('2fa', false);
$ans = userSettings($user, $email, null, $pass, $twofa);
$err = 'EMail changed';
$check = true;
}
break;
case 'Address':
if (!isset($data['info']['u_multiaddr'])) {
$addr = getparam('baddr', false);
$addrarr = array(array('addr' => $addr));
$pass = getparam('pass', false);
$twofa = getparam('2fa', false);
$ans = userSettings($user, null, $addrarr, $pass, $twofa);
$err = 'Payout address changed';
$check = true;
}
break;
case 'Password':
$oldpass = getparam('oldpass', false);
$pass1 = getparam('pass1', false);
$pass2 = getparam('pass2', false);
$twofa = getparam('2fa', false);
if (!safepass($pass1)) {
$err = 'Unsafe password. ' . passrequires();
} elseif ($pass1 != $pass2) {
$err = "Passwords don't match";
} else {
$ans = setPass($user, $oldpass, $pass1, $twofa);
$err = 'Password changed';
$check = true;
}
break;
}
$doemail = false;
if ($check === true) {
if ($ans['STATUS'] != 'ok') {
$err = $ans['STATUS'];
if ($ans['ERROR'] != '') {
$err .= ': ' . $ans['ERROR'];
}
} else {
$doemail = true;
}
}
$ans = userSettings($user);
if ($ans['STATUS'] != 'ok') {
dbdown();
}
// Should be no other reason?
if (isset($ans['email'])) {
$email = $ans['email'];
} else {
$email = '';
}
// Use the first one - updating will expire all others
if (isset($ans['rows']) and $ans['rows'] > 0) {
$addr = $ans['addr:0'];
} else {
$addr = '';
}
if ($doemail) {
if ($email == '') {
if ($err != '') {
$err .= '<br>';
}
$err .= 'An error occurred, check your details below';
goto iroiroattanoyo;
}
$emailinfo = getOpts($user, emailOptList());
if ($emailinfo['STATUS'] != 'ok') {
if ($err != '') {
$err .= '<br>';
}
$err .= 'An error occurred, check your details below';
goto iroiroattanoyo;
}
switch ($chg) {
case 'EMail':
if (isset($_SESSION['old_set_email'])) {
$old = $_SESSION['old_set_email'];
} else {
$old = null;
}
emailAddressChanged($email, zeip(), $emailinfo, $old);
break;
case 'Address':
payoutAddressChanged($email, zeip(), $emailinfo);
break;
case 'Password':
passChanged($email, zeip(), $emailinfo);
break;
}
}
iroiroattanoyo:
$pg = settings($data, $user, $email, $addr, $err);
return $pg;
}
