function do_recover() {
global $site_key, $globals;
require_once(mnminclude.'ts.php');
echo '<fieldset>'."\n";
echo '<legend><span class="sign">'._("recuperación de contraseñas").'</span></legend>'."\n";
if(!empty($_POST['recover'])) {
if (!ts_is_human()) {
recover_error(_('El código de seguridad no es correcto!'));
} else {
require_once(mnminclude.'user.php');
$user=new User();
$user->username=$_POST['username'];
if(!$user->read()) {
recover_error(_('el usuario no existe'));
return false;
}
if($user->level == 'disabled') {
recover_error(_('cuenta deshabilitada'));
return false;
}
require_once(mnminclude.'mail.php');
$sent = send_recover_mail($user);
}
}
if (!$sent) {
echo '<form action="/login.php" id="thisform-recover" method="post">'."\n";
echo '<label for="name">'._('usuario').':</label><br />'."\n";
echo '<input type="text" name="username" size="25" tabindex="1" id="name" value="'.$username.'" />'."\n";
echo '<p class="nobold">'._('(recibirás un e-mail para cambiar la contraseña)').'</p>';
echo '<input type="hidden" name="recover" value="1"/>'."\n";
echo '<input type="hidden" name="return" value="'.htmlspecialchars(preg_replace('/ /', '', $_REQUEST['return'])).'"/>'."\n";
ts_print_form();
echo '<br /><input type="submit" value="'._('recibir e-mail').'" class="genericsubmit" />'."\n";
echo '</form>'."\n";
}
echo '</fieldset>'."\n";
}
function do_register2() {
global $db, $current_user, $globals;
if ( !ts_is_human()) {
register_error(_('El código de seguridad no es correcto.'));
return;
}
$username=preg_replace('/ /', '_', trim($_POST['username'])); // sanity check
$password=md5(trim($_POST['password']));
$email=preg_replace('/ /', '_', trim($_POST['email'])); // sanity check
$user_ip = $globals['user_ip'];
if (!user_exists($username)) {
if ($db->query("INSERT INTO users (user_login, user_email, user_pass, user_date, user_ip) VALUES ('$username', '$email', '$password', now(), '$user_ip')")) {
//register_error(_("Usuario creado").'.<a href="login.php">'._(Login).'</a>');
/***
if($current_user->Authenticate($username, $password, false) == false) {
register_error(_("Error insertando usuario en la base de datos"));
} else {
****/
echo '<fieldset>'."\n";
echo '<legend><span class="sign">'._("registro de usuario").'</span></legend>'."\n";
require_once(mnminclude.'user.php');
$user=new User();
$user->username=$username;
if(!$user->read()) {
register_error(_('Error insertando usuario en la base de datos'));
} else {
require_once(mnminclude.'mail.php');
$sent = send_recover_mail($user);
}
//header('Location: ./user.php?login='******'</fieldset>'."\n";
} else {
register_error(_("Error insertando usuario en la base de datos"));
}
} else {
register_error(_("El usuario ya existe"));
}
}
function do_recover()
{
global $site_key, $globals;
echo '<div class="genericform">' . "\n";
echo '<fieldset>' . "\n";
echo '<legend><span class="sign">' . _("recuperación de contraseñas") . '</span></legend>' . "\n";
if (!empty($_POST['recover'])) {
if (!ts_is_human()) {
recover_error(_('el código de seguridad no es correcto'));
} else {
$error = false;
$user = new User();
if (preg_match('/.+@.+\\..+$/', $_POST['email'])) {
// It's an email address
$user->email = $_POST['email'];
} else {
recover_error(_('el email no es válido'));
$error = true;
}
if (!$error && !$user->read()) {
recover_error(_('el email no está relacionado con ninguna cuenta'));
$error = true;
}
if (!$error && $user->disabled()) {
recover_error(_('cuenta deshabilitada'));
$error = true;
}
if (!$error) {
require_once mnminclude . 'mail.php';
$sent = send_recover_mail($user);
}
}
}
if (!$sent) {
echo '<form action="login.php" id="thisform-recover" method="post">' . "\n";
echo '<label for="name" style="font-size:120%">' . _('indica el email de la cuenta') . ':</label><br />' . "\n";
echo '<input type="text" name="email" size="25" tabindex="1" id="name" value="' . htmlspecialchars($_POST['email']) . '" />' . "\n";
echo '<p>' . _('(recibirás un e-mail que te permitirá editar tus datos)') . '</p> <br/>';
echo '<input type="hidden" name="recover" value="1"/>' . "\n";
echo '<input type="hidden" name="return" value="' . htmlspecialchars($_REQUEST['return']) . '"/>' . "\n";
ts_print_form();
echo '<br /><input type="submit" value="' . _('recibir e-mail') . '" class="button" />' . "\n";
echo '</form>' . "\n";
}
echo '</fieldset>' . "\n";
echo '</div>' . "\n";
}
function do_register2() {
global $db, $current_user, $globals;
if ( !ts_is_human()) {
register_error(_('el código de seguridad no es correcto'));
return;
}
if (!check_user_fields()) return;
$username=clean_input_string(trim($_POST['username'])); // sanity check
$dbusername=$db->escape($username); // sanity check
$password=md5(trim($_POST['password']));
$email=clean_input_string(trim($_POST['email'])); // sanity check
$dbemail=$db->escape($email); // sanity check
$user_ip = $globals['form_user_ip'];
$standard = (int)$_POST['standard'];
if (!user_exists($username)) {
if ($db->query("INSERT INTO users (user_login, user_login_register, user_email, user_email_register, user_pass, user_date, user_ip, user_standard) VALUES ('$dbusername', '$dbusername', '$dbemail', '$dbemail', '$password', now(), '$user_ip', '$standard')")) {
echo '<fieldset>'."\n";
echo '<legend><span class="sign">'._("registro de usuario").'</span></legend>'."\n";
$user=new User();
$user->username=$username;
if(!$user->read()) {
register_error(_('error insertando usuario en la base de datos'));
} else {
require_once(mnminclude.'mail.php');
$sent = send_recover_mail($user);
$globals['user_ip'] = $user_ip; //we force to insert de log with the same IP as the form
log_insert('user_new', $user->id, $user->id);
}
echo '</fieldset>'."\n";
} else {
register_error(_("error insertando usuario en la base de datos"));
}
} else {
register_error(_("el usuario ya existe"));
}
}
function do_recover()
{
global $site_key, $globals;
if (!empty($_POST['recover'])) {
if (!ts_is_human()) {
recover_error(_('el código de seguridad no es correcto'));
} else {
$error = false;
$user = new User();
if (preg_match('/.+@.+/', $_POST['email'])) {
$user->email = $_POST['email'];
} else {
recover_error(_('el email no es válido'));
$error = true;
}
if (!$error && !$user->read()) {
recover_error(_('el email no está relacionado con ninguna cuenta'));
$error = true;
}
if (!$error && $user->disabled()) {
recover_error(_('cuenta deshabilitada'));
$error = true;
}
if (!$error) {
require_once mnminclude . 'mail.php';
$sent = send_recover_mail($user);
}
}
}
if (!$sent) {
echo '<form action="login.php" method="post">' . "\n";
echo '<label for="name">' . _('indica el email de la cuenta') . ':</label><br />' . "\n";
echo '<input type="text" name="email" size="25" id="name" value="' . htmlspecialchars($_POST['email']) . '" />' . "\n";
echo '<p>' . _('(recibirás un e-mail que te permitirá editar tus datos)') . '</p> <br/>';
echo '<input type="hidden" name="recover" value="1"/>' . "\n";
echo '<input type="hidden" name="return" value="' . htmlspecialchars($_REQUEST['return']) . '"/>' . "\n";
ts_print_form();
echo '<br /><input type="submit" value="' . _('recibir e-mail') . '"/>' . "\n";
echo '</form>' . "\n";
}
}
function do_register2()
{
global $db, $current_user, $globals;
if (!ts_is_human()) {
register_error(_('el código de seguridad no es correcto'));
return;
}
if (!check_user_fields()) {
return;
}
// Extra check
if (!check_security_key($_POST['base_key'])) {
register_error(_('código incorrecto o pasó demasiado tiempo'));
return;
}
$username = clean_input_string(trim($_POST['username']));
// sanity check
$dbusername = $db->escape($username);
// sanity check
$password = UserAuth::hash(trim($_POST['password']));
$email = clean_input_string(trim($_POST['email']));
// sanity check
$dbemail = $db->escape($email);
// sanity check
$user_ip = $globals['form_user_ip'];
if (!user_exists($username)) {
if ($db->query("INSERT INTO users (user_login, user_login_register, user_email, user_email_register, user_pass, user_date, user_ip) VALUES ('{$dbusername}', '{$dbusername}', '{$dbemail}', '{$dbemail}', '{$password}', now(), '{$user_ip}')")) {
echo '<fieldset>' . "\n";
echo '<legend><span class="sign">' . _("registro de usuario") . '</span></legend>' . "\n";
$user = new User();
$user->username = $username;
if (!$user->read()) {
register_error(_('error insertando usuario en la base de datos'));
} else {
require_once mnminclude . 'mail.php';
$sent = send_recover_mail($user);
if ($sent) {
$globals['user_ip'] = $user_ip;
//we force to insert de log with the same IP as the form
Log::insert('user_new', $user->id, $user->id);
syslog(LOG_INFO, "new user {$user->id} {$user->username} {$email} {$user_ip}");
} else {
register_error(_("error enviando el correo electrónico, seguramente está bloqueado"));
}
}
echo '</fieldset>' . "\n";
} else {
register_error(_("error insertando usuario en la base de datos"));
}
} else {
register_error(_("el usuario ya existe"));
}
}
function do_register2()
{
global $db, $current_user, $globals;
if (!ts_is_human()) {
register_error(_('El código de seguridad no es correcto.'));
return;
}
if (!check_user_fields()) {
return;
}
$username = clean_input_string(trim($_POST['username']));
// sanity check
$dbusername = $db->escape($username);
// sanity check
$password = md5(trim($_POST['password']));
$email = clean_input_string(trim($_POST['email']));
// sanity check
$dbemail = $db->escape($email);
// sanity check
$user_ip = $globals['user_ip'];
if (!user_exists($username)) {
if ($db->query("INSERT INTO users (user_login, user_login_register, user_email, user_email_register, user_pass, user_date, user_ip) VALUES ('{$dbusername}', '{$dbusername}', '{$dbemail}', '{$dbemail}', '{$password}', now(), '{$user_ip}')")) {
echo '<fieldset>' . "\n";
echo '<legend><span class="sign">' . _("registro de usuario") . '</span></legend>' . "\n";
require_once mnminclude . 'user.php';
$user = new User();
$user->username = $username;
if (!$user->read()) {
register_error(_('Error insertando usuario en la base de datos'));
} else {
require_once mnminclude . 'mail.php';
$sent = send_recover_mail($user);
}
echo '</fieldset>' . "\n";
} else {
register_error(_("Error insertando usuario en la base de datos"));
}
} else {
register_error(_("El usuario ya existe"));
}
}