function sfc_media_find_images($post, $content = '')
{
if (empty($content)) {
$content = apply_filters('the_content', $post->post_content);
}
$images = array();
// we get the post thumbnail, put it first in the image list
if (current_theme_supports('post-thumbnails') && has_post_thumbnail($post->ID)) {
$thumbid = get_post_thumbnail_id($post->ID);
$att = wp_get_attachment_image_src($thumbid, 'full');
if (!empty($att[0])) {
$images[] = $att[0];
}
}
if (is_attachment() && preg_match('!^image/!', get_post_mime_type($post))) {
$images[] = wp_get_attachment_url($post->ID);
}
// now search for images in the content itself
if (preg_match_all('/<img\\s+(.+?)>/i', $content, $matches)) {
foreach ($matches[1] as $match) {
foreach (wp_kses_hair($match, array('http')) as $attr) {
$img[strtolower($attr['name'])] = $attr['value'];
}
if (isset($img['src'])) {
if (!isset($img['class']) || isset($img['class']) && false === straipos($img['class'], apply_filters('sfc_img_exclude', array('wp-smiley')))) {
// ignore smilies
if (!in_array($img['src'], $images) && strpos($img['src'], 'fbcdn.net') === false && strpos($img['src'], '/plugins/') === false) {
$images[] = $img['src'];
}
}
}
}
}
return $images;
}
function sfc_base_find_images($post)
{
$images = array();
// first we apply the filters to the content, just in case they're using shortcodes or oembed to display images
$content = apply_filters('the_content', $post->post_content);
// next, we get the post thumbnail, put it first in the image list
if (current_theme_supports('post-thumbnails') && has_post_thumbnail($post->ID)) {
$thumbid = get_post_thumbnail_id($post->ID);
$att = wp_get_attachment_image_src($thumbid, 'full');
if (!empty($att[0])) {
$images[] = $att[0];
}
}
// now search for images in the content itself
if (preg_match_all('/<img (.+?)>/', $content, $matches)) {
foreach ($matches[1] as $match) {
foreach (wp_kses_hair($match, array('http')) as $attr) {
$img[$attr['name']] = $attr['value'];
}
if (isset($img['src'])) {
if (!isset($img['class']) || isset($img['class']) && false === straipos($img['class'], apply_filters('sfc_img_exclude', array('wp-smiley')))) {
// ignore smilies
if (!in_array($img['src'], $images)) {
$images[] = $img['src'];
}
}
}
}
}
return $images;
}
function aggiungiutente()
{
global $SITENAME, $SITEEMAIL, $BASEURL, $VALIDATION, $USERLANG, $USE_IMAGECODE, $TABLE_PREFIX, $XBTT_USE, $language, $THIS_BASEPATH, $FORUMLINK, $db_prefix;
$utente = mysql_escape_string($_POST["user"]);
$pwd = mysql_escape_string($_POST["pwd"]);
$pwd1 = mysql_escape_string($_POST["pwd1"]);
$email = mysql_escape_string($_POST["email"]);
$idlangue = intval($_POST["language"]);
$idstyle = intval($_POST["style"]);
$idflag = intval($_POST["flag"]);
$timezone = intval($_POST["timezone"]);
if (strtoupper($utente) == strtoupper("Guest")) {
err_msg($language["ERROR"], $language["ERR_GUEST_EXISTS"]);
stdfoot();
exit;
}
if ($pwd != $pwd1) {
err_msg($language["ERROR"], $language["DIF_PASSWORDS"]);
stdfoot();
exit;
}
if ($VALIDATION == "none") {
$idlevel = 3;
} else {
$idlevel = 2;
}
# Create Random number
$floor = 100000;
$ceiling = 999999;
srand((double) microtime() * 1000000);
$random = rand($floor, $ceiling);
if ($utente == "" || $pwd == "" || $email == "") {
return -1;
exit;
}
$res = do_sqlquery("SELECT email FROM {$TABLE_PREFIX}users WHERE email='{$email}'");
if (mysql_num_rows($res) > 0) {
return -2;
exit;
}
// valid email check - by vibes
$regex = "^[_+a-z0-9-]+(\\.[_+a-z0-9-]+)*" . "@[a-z0-9-]+(\\.[a-z0-9-]{1,})*" . "\\.([a-z]{2,}){1}\$";
if (!eregi($regex, $email)) {
return -3;
exit;
}
// valid email check end
// duplicate username
$res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE username='******'");
if (mysql_num_rows($res) > 0) {
return -4;
exit;
}
// duplicate username
if (strpos(mysql_escape_string($utente), " ") == true) {
return -7;
exit;
}
if ($USE_IMAGECODE) {
if (extension_loaded('gd')) {
$arr = gd_info();
if ($arr['FreeType Support'] == 1) {
$public = $_POST['public_key'];
$private = $_POST['private_key'];
$p = new ocr_captcha();
if ($p->check_captcha($public, $private) != true) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
} else {
include "{$THIS_BASEPATH}/include/security_code.php";
$scode_index = intval($_POST["security_index"]);
if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
}
} else {
include "{$THIS_BASEPATH}/include/security_code.php";
$scode_index = intval($_POST["security_index"]);
if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
}
} else {
include "{$THIS_BASEPATH}/include/security_code.php";
$scode_index = intval($_POST["security_index"]);
if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
}
$bannedchar = array("\\", "/", ":", "*", "?", "\"", "@", "\$", "'", "`", ",", ";", ".", "<", ">", "!", "£", "%", "^", "&", "(", ")", "+", "=", "#", "~");
if (straipos(mysql_escape_string($utente), $bannedchar) == true) {
return -8;
exit;
}
if (strlen(mysql_real_escape_string($pwd)) < 4) {
return -9;
exit;
}
$pid = md5(uniqid(rand(), true));
do_sqlquery("INSERT INTO {$TABLE_PREFIX}users (username, password, random, id_level, email, style, language, flag, joined, lastconnect, pid, time_offset) VALUES ('{$utente}', '" . md5($pwd) . "', {$random}, {$idlevel}, '{$email}', {$idstyle}, {$idlangue}, {$idflag}, NOW(), NOW(),'{$pid}', '" . $timezone . "')", true);
$newuid = mysql_insert_id();
// Continue to create smf members if they disable smf mode
// $test=do_sqlquery("SELECT COUNT(*) FROM {$db_prefix}members");
$test = do_sqlquery("SHOW TABLES LIKE '{$db_prefix}members'");
if ($FORUMLINK == "smf" || mysql_num_rows($test)) {
$smfpass = smf_passgen($utente, $pwd);
$flevel = $idlevel + 10;
do_sqlquery("INSERT INTO {$db_prefix}members (memberName, dateRegistered, ID_GROUP, realName, passwd, emailAddress, memberIP, memberIP2, is_activated, passwordSalt) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')");
$fid = mysql_insert_id();
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = {$fid} WHERE `variable` = 'latestMember'");
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = '{$utente}' WHERE `variable` = 'latestRealName'");
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = UNIX_TIMESTAMP() WHERE `variable` = 'memberlist_updated'");
do_sqlquery("UPDATE {$TABLE_PREFIX}users SET smf_fid={$fid} WHERE id={$newuid}");
}
// xbt
if ($XBTT_USE) {
$resin = do_sqlquery("INSERT INTO xbt_users (uid, torrent_pass) VALUES ({$newuid},'{$pid}')");
}
if ($VALIDATION == "user") {
ini_set("sendmail_from", "");
if (mysql_errno() == 0) {
send_mail($email, $language["ACCOUNT_CONFIRM"], $language["ACCOUNT_MSG"] . "\n\n" . $BASEURL . "/index.php?page=account&act=confirm&confirm={$random}&language={$idlangue}");
write_log("Signup new user {$utente} ({$email})", "add");
} else {
die(mysql_error());
}
}
return mysql_errno();
}
$idlangue = intval($_POST["language"]);
$idstyle = intval($_POST["style"]);
$idlevel = intval($_POST["level"]);
// duplicate username ???
$res = do_sqlquery("SELECT `username` FROM `{$TABLE_PREFIX}users` WHERE `username`='{$username}'", true);
if (mysqli_num_rows($res) > 0) {
echo $language["ERR_USER_ALREADY_EXISTS"] . '|1';
die;
}
// username with space
if (strpos(mysqli_real_escape_string($DBDT, $username), " ") == true) {
echo $language["ERR_NO_SPACE"] . '|1';
die;
}
$bannedchar = array("\\", "/", ":", "*", "?", "\"", "@", "\$", "'", "`", ",", ";", ".", "<", ">", "!", "£", "%", "^", "&", "(", ")", "+", "=", "#", "~");
if (straipos(mysqli_real_escape_string($DBDT, $username), $bannedchar) == true) {
echo $language["ERR_SPECIAL_CHAR"] . '|1';
die;
}
$pass_to_test = $_POST["pwd"];
$pass_min_req = explode(",", $btit_settings["secsui_pass_min_req"]);
if (strlen($pass_to_test) < $pass_min_req[0]) {
echo $language["ERR_PASS_LENGTH_1"] . " <span style='color:blue;font-weight:bold;'>" . $pass_min_req[0] . "</span> " . $language["ERR_PASS_LENGTH_2"] . "|2";
die;
}
$res = do_sqlquery("SELECT email FROM {$TABLE_PREFIX}users WHERE email='{$email}'", true);
if (mysqli_num_rows($res) > 0) {
echo $language['ERR_EMAIL_ALREADY_EXISTS'] . '|3';
die;
}
$lct_count = 0;
function sfc_share_meta()
{
$excerpt = '';
if (is_singular()) {
the_post();
rewind_posts();
$excerpt = strip_tags(get_the_excerpt());
$content = get_the_content();
$content = apply_filters('the_content', $content);
?>
<meta name="title" content="<?php
if (is_singular()) {
single_post_title('', true);
} else {
bloginfo('name');
echo " - ";
bloginfo('description');
}
?>
" />
<meta name="description" content="<?php
if (is_singular()) {
echo str_replace(array("\r\n", "\r", "\n"), ' ', $excerpt);
} else {
bloginfo('name');
echo " - ";
bloginfo('description');
}
?>
" />
<meta name="medium" content="blog" />
<?php
// look for image to add with image_src (simple, just add first image)
// get the post thumbnail, put it first in the image list
if (current_theme_supports('post-thumbnails') && has_post_thumbnail(get_the_ID())) {
$thumbid = get_post_thumbnail_id(get_the_ID());
$att = wp_get_attachment_image_src($thumbid, 'full');
if (!empty($att[0])) {
?>
<link rel="image_src" href="<?php
echo $att[0];
?>
" /><?php
}
} else {
if (preg_match('/<img (.+?)>/', $content, $matches)) {
foreach (wp_kses_hair($matches[1], array('http')) as $attr) {
$img[$attr['name']] = $attr['value'];
}
if (isset($img['src'])) {
if (!isset($img['class']) || isset($img['class']) && false === straipos($img['class'], apply_filters('sfc_img_exclude', array('wp-smiley')))) {
// ignore smilies
?>
<link rel="image_src" href="<?php
echo $img['src'];
?>
" />
<?php
}
}
}
}
// look for an embed to add with video_src (simple, just add first embed)
if (preg_match('/<embed (.+?)>/', $content, $matches)) {
foreach (wp_kses_hair($matches[1], array('http')) as $attr) {
$embed[$attr['name']] = $attr['value'];
}
if (isset($embed['src'])) {
?>
<link rel="video_src" href="<?php
echo $embed['src'];
?>
" />
<?php
}
if (isset($embed['height'])) {
?>
<link rel="video_height" href="<?php
echo $embed['height'];
?>
" />
<?php
}
if (isset($embed['width'])) {
?>
<link rel="video_width" href="<?php
echo $embed['width'];
?>
" />
<?php
}
if (isset($embed['type'])) {
?>
<link rel="video_type" href="<?php
echo $embed['type'];
?>
" />
<?php
}
}
}
}
function aggiungiutente()
{
global $DBDT, $INVITATIONSON, $VALID_INV, $SITENAME, $SITEEMAIL, $BASEURL, $VALIDATION, $USERLANG, $USE_IMAGECODE, $TABLE_PREFIX, $XBTT_USE, $language, $THIS_BASEPATH, $FORUMLINK, $db_prefix, $btit_settings;
$dobdate = $_POST["datepicker"];
$parts = explode('-', $dobdate);
$dobday = $parts[0];
$dobmonth = $parts[1];
$dobyear = $parts[2];
$utente = mysqli_real_escape_string($DBDT, $_POST["user"]);
$pwd = mysqli_real_escape_string($DBDT, $_POST["pwd"]);
$pwd1 = mysqli_real_escape_string($DBDT, $_POST["pwd1"]);
$email = mysqli_real_escape_string($DBDT, $_POST["email"]);
if (isset($_POST["language"])) {
$idlangue = intval($_POST["language"]);
} else {
$idlangue = max(1, $btit_settings["default_language"]);
}
if (isset($_POST["style"])) {
$idstyle = intval($_POST["style"]);
} else {
$idstyle = max(1, $btit_settings["default_style"]);
}
$idflag = intval($_POST["flag"]);
$timezone = intval($_POST["timezone"]);
$heard = mysqli_real_escape_string($DBDT, $_POST["heardaboutus"]);
// Dt Referral
if ($btit_settings["ref_on"] == true) {
$rid = intval($_POST["refa"]);
}
// Dt Referral
if (strtoupper($utente) == strtoupper("Guest")) {
err_msg($language["ERROR"], $language["ERR_GUEST_EXISTS"]);
stdfoot();
exit;
}
if ($pwd != $pwd1) {
err_msg($language["ERROR"], $language["DIF_PASSWORDS"]);
stdfoot();
exit;
}
if ($VALIDATION == "none") {
$idlevel = 3;
} else {
$idlevel = 2;
}
//begin invitation system by dodge
if ($INVITATIONSON == "true") {
if ($VALID_INV == "true") {
$idlevel = 2;
} else {
$idlevel = 3;
}
}
//end invitation system
# Create Random number
$floor = 100000;
$ceiling = 999999;
srand((double) microtime() * 1000000);
$random = rand($floor, $ceiling);
if ($utente == "" || $pwd == "" || $email == "") {
return -1;
exit;
}
$res = do_sqlquery("SELECT email FROM {$TABLE_PREFIX}users WHERE email='{$email}'", true);
if (mysqli_num_rows($res) > 0) {
return -2;
exit;
}
// valid email check - by vibes
$regex = '/\\b[\\w\\.-]+@[\\w\\.-]+\\.\\w{2,4}\\b/i';
if (!preg_match($regex, $email)) {
return -3;
exit;
}
// valid email check end
//Function changed by fatepower so now the variable checks the right data.
//Added the image also. Cheers boys
// check if IP is already in use
if ($btit_settings["dupip"] == "true") {
$ip = getip();
$i = @mysqli_fetch_row(@mysqli_query($GLOBALS["___mysqli_ston"], "SELECT count(*) FROM {$TABLE_PREFIX}users WHERE cip='{$ip}'")) or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false));
if ($i[0] != 0) {
err_msg(ERROR, "[" . $ip . "]<br /><img src=\"images/shared_ip.gif\" border=\"0\" alt=\"\" />");
block_end();
stdfoot();
exit;
}
}
// duplicate username
$res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE username='******'", true);
if (mysqli_num_rows($res) > 0) {
return -4;
exit;
}
// duplicate username
if (strpos(mysqli_real_escape_string($DBDT, $utente), " ") == true) {
return -7;
exit;
}
if ($btit_settings["gcsw"] == false) {
if ($USE_IMAGECODE) {
if (extension_loaded('gd')) {
$arr = gd_info();
if ($arr['FreeType Support'] == 1) {
$public = $_POST['public_key'];
$private = $_POST['private_key'];
$p = new ocr_captcha();
if ($p->check_captcha($public, $private) != true) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
} else {
include "{$THIS_BASEPATH}/include/security_code.php";
$scode_index = intval($_POST["security_index"]);
if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
}
} else {
include "{$THIS_BASEPATH}/include/security_code.php";
$scode_index = intval($_POST["security_index"]);
if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
}
} else {
include "{$THIS_BASEPATH}/include/security_code.php";
$scode_index = intval($_POST["security_index"]);
if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
}
} else {
require_once "include/recaptchalib.php";
// reCAPTCHA supported 40+ languages listed here: https://developers.google.com/recaptcha/docs/language
$lang = "en";
// The response from reCAPTCHA
$resp = null;
// The error code from reCAPTCHA, if any
$error = null;
$reCaptcha = new ReCaptcha($btit_settings["gcsekk"]);
if ($_POST["g-recaptcha-response"]) {
$resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], $_POST["g-recaptcha-response"]);
} else {
err_msg($language["ERROR"], "Recaptcha Not submitted");
stdfoot();
exit;
}
if ($resp != null && $resp->success) {
} else {
err_msg($language["ERROR"], "Google reports , you are a Robot !");
stdfoot();
exit;
}
}
$bannedchar = array("\\", "/", ":", "*", "?", "\"", "@", "\$", "'", "`", ",", ";", ".", "<", ">", "!", "£", "%", "^", "&", "(", ")", "+", "=", "#", "~");
if (straipos(mysqli_real_escape_string($DBDT, $utente), $bannedchar) == true) {
return -8;
exit;
}
$pass_to_test = $_POST["pwd"];
$pass_min_req = explode(",", $btit_settings["secsui_pass_min_req"]);
if (strlen($pass_to_test) < $pass_min_req[0]) {
return -9;
exit;
}
$exploded = explode("@", $email);
$exploded2 = explode(".", $exploded[1]);
$cheapmail = mysqli_real_escape_string($DBDT, $exploded[1]);
$cheapmail2 = mysqli_real_escape_string($DBDT, "@" . $exploded2[0] . ".");
$mailischeap = do_sqlquery("SELECT `domain` FROM `{$TABLE_PREFIX}cheapmail` WHERE `domain`='" . $cheapmail . "' OR `domain`='" . $cheapmail2 . "'", true);
if (@mysqli_num_rows($mailischeap) > 0) {
return -999;
}
$userip = getip();
$signupipblock = @mysqli_fetch_assoc(@mysqli_query($GLOBALS["___mysqli_ston"], "SELECT `id` FROM `{$TABLE_PREFIX}signup_ip_block` WHERE `first_ip` <=INET_ATON('{$userip}') AND `last_ip` >=INET_ATON('{$userip}')"));
if ($signupipblock) {
return -99;
exit;
}
$lct_count = 0;
$uct_count = 0;
$num_count = 0;
$sym_count = 0;
$pass_end = (int) (strlen($pass_to_test) - 1);
$pass_position = 0;
$pattern1 = '#[a-z]#';
$pattern2 = '#[A-Z]#';
$pattern3 = '#[0-9]#';
$pattern4 = '/[¬!"£$%^&*()`{}\\[\\]:@~;\'#<>?,.\\/\\-=_+\\|]/';
for ($pass_position = 0; $pass_position <= $pass_end; $pass_position++) {
if (preg_match($pattern1, substr($pass_to_test, $pass_position, 1), $matches)) {
$lct_count++;
} elseif (preg_match($pattern2, substr($pass_to_test, $pass_position, 1), $matches)) {
$uct_count++;
} elseif (preg_match($pattern3, substr($pass_to_test, $pass_position, 1), $matches)) {
$num_count++;
} elseif (preg_match($pattern4, substr($pass_to_test, $pass_position, 1), $matches)) {
$sym_count++;
}
}
if ($lct_count < $pass_min_req[1] || $uct_count < $pass_min_req[2] || $num_count < $pass_min_req[3] || $sym_count < $pass_min_req[4]) {
return -998;
exit;
}
$multipass = hash_generate(array("salt" => ""), $_POST["pwd"], $_POST["user"]);
$i = $btit_settings["secsui_pass_type"];
$sql = "SELECT value FROM {$TABLE_PREFIX}settings WHERE `key` = \"donate_upload\"";
$req = mysqli_query($GLOBALS["___mysqli_ston"], $sql) or die('Erreur SQL !<br />' . $sql . '<br />' . (is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)));
$result = mysqli_fetch_array($req);
$credit = $result['value'];
$sql = "SELECT value FROM {$TABLE_PREFIX}settings WHERE `key` = \"unit\"";
$req = mysqli_query($GLOBALS["___mysqli_ston"], $sql) or die('Erreur SQL !<br />' . $sql . '<br />' . (is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)));
$result = mysqli_fetch_array($req);
$unit = $result['value'];
mysqli_free_result($req) || is_object($req) && get_class($req) == "mysqli_result" ? true : false;
$kb = 1024;
$mb = 1024 * 1024;
$gb = 1024 * 1024 * 1024;
$tb = 1024 * 1024 * 1024 * 1024;
if ($unit == 'Kb') {
$uploaded = $credit * $kb;
} elseif ($unit == 'Mb') {
$uploaded = $credit * $mb;
} elseif ($unit == 'Gb') {
$uploaded = $credit * $gb;
} elseif ($unit == 'Tb') {
$uploaded = $credit * $tb;
}
$realdate = checkdate($dobmonth, $dobday, $dobyear);
if ($realdate) {
$dob = $dobyear . "-" . $dobmonth . "-" . $dobday;
$age = userage($dobyear, $dobmonth, $dobday);
$dobtime = mktime(0, 0, 0, $dobmonth, $dobday, $dobyear);
if ($dobtime > time()) {
err_msg($language["ERROR"], $language["ERR_BORN_IN_FUTURE"]);
stdfoot();
exit;
} elseif ($age < $btit_settings["birthday_lower_limit"]) {
err_msg($language["ERROR"], $language["ERR_DOB_1"] . $age . $language["ERR_DOB_2"]);
stdfoot();
exit;
} elseif ($age > $btit_settings["birthday_upper_limit"]) {
err_msg($language["ERROR"], $language["ERR_DOB_1"] . $age . $language["ERR_DOB_2"]);
stdfoot();
exit;
}
} else {
err_msg($language["ERROR"], $language["INVALID_DOB_1"] . $dobday . "/" . $dobmonth . "/" . $dobyear . $language["INVALID_DOB_2"]);
stdfoot();
exit;
}
$mtpp = $btit_settings["max_torrents_per_page"];
$pid = md5(uniqid(rand(), true));
$gen = intval($_POST['gen']);
do_sqlquery("INSERT INTO `{$TABLE_PREFIX}users` (`username`, `password`, `dob` ,`salt`, `pass_type`, `dupe_hash`, `random`, `id_level`, `email`, `style`, `language`, `flag`, `joined`, `lastconnect`, `pid`, `time_offset`, `whereheard`,`gender` , `torrentsperpage`) VALUES ('" . $utente . "', '" . mysqli_real_escape_string($DBDT, $multipass[$i]["rehash"]) . "', '" . $dob . "' , '" . mysqli_real_escape_string($DBDT, $multipass[$i]["salt"]) . "', '" . $i . "', '" . mysqli_real_escape_string($DBDT, $multipass[$i]["dupehash"]) . "', " . $random . ", " . $idlevel . ", '" . $email . "', " . $idstyle . ", " . $idlangue . ", " . $idflag . ", NOW(), NOW(),'" . $pid . "', '" . $timezone . "','" . $heard . "','" . $gen . "','" . $mtpp . "')", true);
$newuid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res;
// DT reputation system start
$reput = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}reputation_settings WHERE id =1");
$setrep = mysqli_fetch_array($reput);
$plus = $setrep["rep_default"];
if ($setrep["rep_is_online"] == 'false') {
//do nothing
} else {
@mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET reputation = reputation + '{$plus}' WHERE id='{$newuid}'");
}
// DT reputation system end
//begin invitation system by dodge
if ($INVITATIONSON == "true") {
$inviter = 0 + $_POST["inviter"];
$code = unesc($_POST["code"]);
$res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE id = {$inviter}", true);
$arr = mysqli_fetch_assoc($res);
$invusername = $arr["username"];
do_sqlquery("UPDATE {$TABLE_PREFIX}users SET invited_by='" . $inviter . "' WHERE id='" . $newuid . "'", true);
do_sqlquery("UPDATE {$TABLE_PREFIX}invitations SET confirmed='true' WHERE hash='{$code}'", true);
$msg = sqlesc($language["WELCOME MESSAGE"]);
}
//end invitation system
//DT referral system start
if ($btit_settings["ref_on"] == true) {
$rup = $btit_settings["ref_gb"] * 1024 * 1024 * 1024;
$rap = $btit_settings["ref_sb"];
do_sqlquery("UPDATE {$TABLE_PREFIX}users SET referral={$rid} where id={$newuid}", true);
if ($btit_settings["ref_switch"] == true) {
do_sqlquery("UPDATE {$TABLE_PREFIX}users SET uploaded=uploaded + '{$rup}' where id='{$rid}'");
} else {
do_sqlquery("UPDATE {$TABLE_PREFIX}users SET seedbonus=seedbonus + '{$rap}' where id='{$rid}'");
}
}
//DT referral system end
do_sqlquery("UPDATE {$TABLE_PREFIX}users SET uploaded={$uploaded} WHERE id={$newuid}", true);
// begin - announce new confirmed user in shoutbox
if ($btit_settings["sbtwo"] == true) {
$al = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}chat ORDER BY id DESC LIMIT 1");
$rw = mysqli_fetch_assoc($al);
$ct = $rw["count"] + 1;
do_sqlquery("INSERT INTO {$TABLE_PREFIX}chat (uid, time, name, text,count) VALUES (0," . time() . ", 'System','[color=green]Welcome New User :[/color][url={$BASEURL}/index.php?page=userdetails&id={$newuid}]" . $utente . "[/url]'," . $ct . ")");
}
// end - announce new confirmed user in shoutbox
// Continue to create smf members if they disable smf mode
$test = do_sqlquery("SHOW TABLES LIKE '{$db_prefix}members'", true);
if (substr($FORUMLINK, 0, 3) == "smf" || mysqli_num_rows($test)) {
$smfpass = smf_passgen($utente, $pwd);
$fetch = get_result("SELECT `smf_group_mirror` FROM `{$TABLE_PREFIX}users_level` WHERE `id`=" . $idlevel, true, $btit_settings["cache_duration"]);
$flevel = $fetch[0]["smf_group_mirror"] > 0 ? $fetch[0]["smf_group_mirror"] : $idlevel + 10;
if ($FORUMLINK == "smf") {
do_sqlquery("INSERT INTO `{$db_prefix}members` (`memberName`, `dateRegistered`, `ID_GROUP`, `realName`, `passwd`, `emailAddress`, `memberIP`, `memberIP2`, `is_activated`, `passwordSalt`) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')", true);
} else {
do_sqlquery("INSERT INTO `{$db_prefix}members` (`member_name`, `date_registered`, `id_group`, `real_name`, `passwd`, `email_address`, `member_ip`, `member_ip2`, `is_activated`, `password_salt`) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')", true);
}
$fid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res;
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = {$fid} WHERE `variable` = 'latestMember'", true);
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = '{$utente}' WHERE `variable` = 'latestRealName'", true);
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = UNIX_TIMESTAMP() WHERE `variable` = 'memberlist_updated'", true);
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = `value` + 1 WHERE `variable` = 'totalMembers'", true);
do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `smf_fid`={$fid} WHERE `id`={$newuid}", true);
}
// Continue to create ipb members if they disable ipb mode
$test = do_sqlquery("SHOW TABLES LIKE '{$ipb_prefix}members'");
if ($FORUMLINK == "ipb" || mysqli_num_rows($test)) {
ipb_create($utente, $email, $pwd, $idlevel, $newuid);
}
// xbt
if ($XBTT_USE) {
$resin = do_sqlquery("INSERT INTO xbt_users (uid, torrent_pass) VALUES ({$newuid},'{$pid}')", true);
}
include "include/userstuff.php";
$sub = sqlesc("{$GLOBALS['welcome_sub']}");
$mess = sqlesc("{$GLOBALS['welcome_msg']}");
send_pm(0, $newuid, $sub, $mess);
if ($INVITATIONSON == "true") {
send_pm('2', $newuid, '" . $language["WELCOME"] . "', $msg);
if ($VALID_INV == "true") {
send_mail($email, "{$SITENAME} " . $language["REG_CONFIRM"] . "", $language["INVIT_MSGINFO"] . "{$email}" . $language["INVIT_MSGINFO1"] . " {$utente}\n" . $language["INVIT_MSGINFO2"] . " {$pwd}\n\n" . $language["INVIT_MSGINFO3"], "From: {$SITENAME} <{$SITEEMAIL}>");
} else {
send_mail($email, "{$SITENAME} " . $language["REG_CONFIRM"] . "", $language["INVIT_MSGINFO"] . "{$email}" . $language["INVIT_MSGINFO1"] . " {$utente}\n" . $language["INVIT_MSGINFO2"] . " {$pwd}\n\n\n" . $language["INVIT_MSG_AUTOCONFIRM3"], "From: {$SITENAME} <{$SITEEMAIL}>");
}
write_log("Signup new user {$utente} ({$email})", "add");
} else {
if ($VALIDATION == "user") {
ini_set("sendmail_from", "");
if ((is_object($GLOBALS["___mysqli_ston"]) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false)) == 0) {
send_mail($email, $language["ACCOUNT_CONFIRM"], $language["ACCOUNT_MSG"] . "\n\n" . $BASEURL . "/index.php?page=account&act=confirm&confirm={$random}&language={$idlangue}");
write_log("Signup new user {$utente} ({$email})", "add");
} else {
die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false));
}
}
}
return is_object($GLOBALS["___mysqli_ston"]) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false);
}
function aggiungiutente()
{
global $SITENAME, $SITEEMAIL, $db, $BASEURL, $VALIDATION, $USERLANG, $USE_IMAGECODE;
$utente = $db->real_escape_string($_POST["user"]);
$pwd = $db->real_escape_string($_POST["pwd"]);
$pwd1 = $db->real_escape_string($_POST["pwd1"]);
$email = $db->real_escape_string($_POST["email"]);
$idlangue = intval($_POST["language"]);
$idstyle = intval($_POST["style"]);
$idflag = intval($_POST["flag"]);
$timezone = intval($_POST["timezone"]);
if (utf8::strtoupper($utente) == utf8::strtoupper("Guest")) {
print ERROR . " " . ERR_GUEST_EXISTS . "<br />\n";
print "<a href='account.php'>" . BACK . "</a>";
block_end();
stdfoot();
exit;
}
if ($pwd != $pwd1) {
print ERROR . " " . DIF_PASSWORDS . "<br />\n";
print "<a href='account.php'>" . BACK . "</a>";
block_end();
stdfoot();
exit;
}
if ($VALIDATION == "none") {
$idlevel = 3;
} else {
$idlevel = 2;
}
# Create Random number
$floor = 100000;
$ceiling = 999999;
srand((double) microtime() * 1000000);
$random = mt_rand($floor, $ceiling);
if ($utente == "" || $pwd == "" || $email == "") {
return -1;
exit;
}
$res = $db->query("SELECT email FROM users WHERE email = '" . $email . "'");
if ($res->num_rows > 0) {
return -2;
exit;
}
if (!security::valid_email($email)) {
return -3;
exit;
}
// duplicate username
$res = $db->query("SELECT username FROM users WHERE username = '******'");
if ($res->num_rows > 0) {
return -4;
exit;
}
// duplicate username
if (strpos($db->real_escape_string($utente), " ") == true) {
return -7;
exit;
}
if ($USE_IMAGECODE) {
if (extension_loaded('gd')) {
$arr = gd_info();
if ($arr['FreeType Support'] == 1) {
$public = $_POST['public_key'];
$private = $_POST['private_key'];
$p = new ocr_captcha();
if ($p->check_captcha($public, $private) != true) {
err_msg(ERROR, ERR_IMAGE_CODE);
block_end();
stdfoot();
exit;
}
}
}
}
$bannedchar = array("\\", "/", ":", "*", "?", "\"", "@", "\$", "'", "`", ",", ";", ".", "<", ">", "!", "£", "%", "^", "&", "(", ")", "+", "=", "#", "~");
if (straipos($db->real_escape_string($utente), $bannedchar) == true) {
return -8;
exit;
}
if (utf8::strlen($db->real_escape_string($pwd)) < 4) {
return -9;
exit;
}
@$db->query("INSERT INTO users (username, password, random, id_level, email, style, language, flag, joined, lastconnect, pid, time_offset) VALUES ('" . $utente . "', '" . md5($pwd) . "', " . $random . ", " . $idlevel . ", '" . $email . "', " . $idstyle . ", " . $idlangue . ", " . $idflag . ", NOW(), NOW(), '" . md5(uniqid(mt_rand(), true)) . "', '" . $timezone . "')");
if ($VALIDATION == "user") {
ini_set("sendmail_from", "");
if ($db->errno == 0) {
mail($email, ACCOUNT_CONFIRM, ACCOUNT_MSG . "\n\n" . $BASEURL . "/account.php?act=confirm&confirm=" . $random . "&language=" . $idlangue . "", "From: " . $SITENAME . " <" . $SITEEMAIL . ">");
write_log("Signup new User " . $utente . " (" . $email . ")", "add");
} else {
die($db->error);
}
}
return $db->errno;
}
function sfc_publish_automatic($id, $post)
{
// check to make sure post is published
if ($post->post_status !== 'publish') {
return;
}
// check options to see if we need to send to FB at all
$options = get_option('sfc_options');
if (!$options['autopublish_app'] && !$options['autopublish_profile']) {
return;
}
// load facebook platform
include_once 'facebook-platform/facebook.php';
$fb = new Facebook($options['api_key'], $options['app_secret']);
// to do this autopublish, we might need to switch users
if ($options['user'] && $options['session_key']) {
$tempuser = $fb->user;
$tempkey = $fb->api_client->session_key = $session_key;
$fb->set_user($options['user'], $options['session_key']);
} else {
return;
// safety net: if we don't have a user and session key, we can't publish properly.
}
// build the post to send to FB
// apply the content filters, in case some plugin is doing weird image stuff
$content = apply_filters('the_content', $post->post_content);
// look for the images to add with image_src
$images = array();
// get the post thumbnail, put it first in the image list
if (current_theme_supports('post-thumbnails')) {
if (has_post_thumbnail($post->ID)) {
$thumbid = get_post_thumbnail_id($post->ID);
$att = wp_get_attachment_image_src($thumbid, 'full');
if (!empty($att[0])) {
$images[] = $att[0];
}
}
}
// look for any images in the content
if (preg_match_all('/<img (.+?)>/i', $content, $matches)) {
foreach ($matches[1] as $match) {
foreach (wp_kses_hair($match, array('http')) as $attr) {
$img[strtolower($attr['name'])] = $attr['value'];
}
if (isset($img['src'])) {
if (!isset($img['class']) || isset($img['class']) && false === straipos($img['class'], apply_filters('sfc_img_exclude', array('wp-smiley')))) {
// ignore smilies
$images[] = $img['src'];
}
}
}
}
// build the attachment
$permalink = apply_filters('sfc_publish_permalink', get_permalink($post->ID), $post->ID);
$attachment['name'] = '<fb:intl>' . $post->post_title . '</fb:intl>';
$attachment['href'] = $permalink;
$attachment['description'] = sfc_publish_make_excerpt($post->post_content);
//$attachment['comments_xid'] = urlencode($permalink);
// image attachments (up to 5, as that's all FB allows)
$count = 0;
foreach ($images as $image) {
$attachment['media'][$count]['type'] = 'image';
$attachment['media'][$count]['src'] = $image;
$attachment['media'][$count]['href'] = $permalink;
$count++;
if ($count == 5) {
break;
}
}
// Share link
$action_links[0]['text'] = 'Share';
$action_links[0]['href'] = 'http://www.facebook.com/share.php?u=' . urlencode($permalink);
// publish to page
if ($options['autopublish_app'] && !get_post_meta($id, '_fb_post_id_app', true) && $options['fanpage']) {
if ($options['fanpage']) {
$who = $options['fanpage'];
} else {
$who = $options['appid'];
}
// check to see if we can send to FB at all
$result = $fb->api_client->users_hasAppPermission('publish_stream', $who);
if (!$result) {
break;
}
$fb_post_id = $fb->api_client->stream_publish(null, json_encode($attachment), json_encode($action_links), null, $who);
if ($fb_post_id) {
// update the post id so as to prevent automatically posting it twice
update_post_meta($id, '_fb_post_id_app', $fb_post_id);
}
}
// publish to profile
if ($options['autopublish_profile'] && !get_post_meta($id, '_fb_post_id_profile', true)) {
// check to see if we can send to FB at all
$result = $fb->api_client->users_hasAppPermission('publish_stream');
if (!$result) {
break;
}
$fb_post_prof_id = $fb->api_client->stream_publish(null, json_encode($attachment), json_encode($action_links));
if ($fb_post_prof_id) {
// update the post id so as to prevent automatically posting it twice
update_post_meta($id, '_fb_post_id_profile', $fb_post_prof_id);
}
}
// switch users back, just in case
if ($tempuser) {
$fb->set_user($tempuser, $tempkey);
}
}
function sfc_publish_automatic($id, $post)
{
// check to make sure post is published
if ($post->post_status !== 'publish') {
return;
}
// check options to see if we need to send to FB at all
$options = get_option('sfc_options');
if (!$options['autopublish_app'] && !$options['autopublish_profile']) {
return;
}
// build the post to send to FB
// apply the content filters, in case some plugin is doing weird image stuff
$content = apply_filters('the_content', $post->post_content);
// look for the images to add with image_src
$image = null;
// get the post thumbnail, put it first in the image list
if (current_theme_supports('post-thumbnails')) {
if (has_post_thumbnail($post->ID)) {
$thumbid = get_post_thumbnail_id($post->ID);
$att = wp_get_attachment_image_src($thumbid, 'full');
if (!empty($att[0])) {
$image = $att[0];
}
}
}
// look for any images in the content
if (!$image && preg_match_all('/<img (.+?)>/i', $content, $matches)) {
foreach ($matches[1] as $match) {
foreach (wp_kses_hair($match, array('http')) as $attr) {
$img[strtolower($attr['name'])] = $attr['value'];
}
if (isset($img['src'])) {
if (isset($img['class']) && false === straipos($img['class'], apply_filters('sfc_img_exclude', array('wp-smiley')))) {
// ignore smilies
$image = $img['src'];
break;
}
}
}
}
// build the attachment
$permalink = apply_filters('sfc_publish_permalink', wp_get_shortlink($post->ID), $post->ID);
$attachment['name'] = $post->post_title;
$attachment['link'] = $permalink;
if (!empty($post->post_excerpt)) {
$attachment['description'] = sfc_publish_make_excerpt($post->post_excerpt);
} else {
$attachment['description'] = sfc_publish_make_excerpt($post->post_content);
}
if (!empty($image)) {
$attachment['picture'] = $image;
}
// Actions
$actions[0]['name'] = 'Share';
$actions[0]['link'] = 'http://www.facebook.com/share.php?u=' . urlencode($permalink);
$attachment['actions'] = $actions;
// publish to app or page
if ($options['autopublish_app'] && !get_post_meta($id, '_fb_post_id_app', true)) {
if ($options['fanpage']) {
$url = "https://graph.facebook.com/{$options['fanpage']}/feed";
$attachment['access_token'] = $options['page_access_token'];
} else {
$url = "https://graph.facebook.com/{$options['appid']}/feed";
$attachment['access_token'] = $options['app_access_token'];
}
$data = wp_remote_post($url, array('body' => http_build_query($attachment)));
if (!is_wp_error($data)) {
$resp = json_decode($data['body'], true);
if ($resp['id']) {
update_post_meta($id, '_fb_post_id_app', $resp['id']);
}
}
}
// publish to profile
if ($options['autopublish_profile'] && !get_post_meta($id, '_fb_post_id_profile', true)) {
$url = "https://graph.facebook.com/{$options['user']}/feed";
// check the cookie for an access token. If not found, try to use the stored one.
$cookie = sfc_cookie_parse();
if ($cookie['access_token']) {
$attachment['access_token'] = $cookie['access_token'];
} else {
$attachment['access_token'] = $options['access_token'];
}
$data = wp_remote_post($url, array('body' => http_build_query($attachment)));
if (!is_wp_error($data)) {
$resp = json_decode($data['body'], true);
if ($resp['id']) {
update_post_meta($id, '_fb_post_id_profile', $resp['id']);
}
}
}
}
function sfc_like_meta()
{
if (is_singular()) {
the_post();
rewind_posts();
$content = get_the_content();
$content = apply_filters('the_content', $content);
?>
<meta property="og:type" content="article" />
<meta property="og:title" content="<?php
echo esc_attr(get_the_title());
?>
" />
<?php
// look for image to add with image_src (simple, just add first image)
// get the post thumbnail, put it first in the image list
if (current_theme_supports('post-thumbnails') && has_post_thumbnail(get_the_ID())) {
$thumbid = get_post_thumbnail_id(get_the_ID());
$att = wp_get_attachment_image_src($thumbid, 'full');
if (!empty($att[0])) {
?>
<link rel="image_src" href="<?php
echo $att[0];
?>
" /><?php
}
} else {
if (preg_match('/<img (.+?)>/', $content, $matches)) {
foreach (wp_kses_hair($matches[1], array('http')) as $attr) {
$img[$attr['name']] = $attr['value'];
}
if (isset($img['src'])) {
if (!isset($img['class']) || isset($img['class']) && false === straipos($img['class'], apply_filters('sfc_img_exclude', array('wp-smiley')))) {
// ignore smilies
?>
<meta property="og:image" content="<?php
echo $img['src'];
?>
" />
<?php
}
}
}
}
} else {
if (is_home()) {
?>
<meta property="og:type" content="blog" />
<meta property="og:title" content="<?php
bloginfo('name');
?>
" />
<?php
}
}
}
function aggiungiutente()
{
global $SITENAME, $SITEEMAIL, $BASEURL, $VALIDATION, $USERLANG, $USE_IMAGECODE, $TABLE_PREFIX, $XBTT_USE, $language, $THIS_BASEPATH, $FORUMLINK, $db_prefix, $btit_settings;
$utente = isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $_POST["user"]) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : "");
$pwd = isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $_POST["pwd"]) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : "");
$pwd1 = isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $_POST["pwd1"]) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : "");
$email = isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $_POST["email"]) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : "");
$idlangue = intval($_POST["language"]);
$idstyle = intval($_POST["style"]);
$idflag = intval($_POST["flag"]);
$timezone = intval($_POST["timezone"]);
if (strtoupper($utente) == strtoupper("Guest")) {
err_msg($language["ERROR"], $language["ERR_GUEST_EXISTS"]);
stdfoot();
exit;
}
if ($pwd != $pwd1) {
err_msg($language["ERROR"], $language["DIF_PASSWORDS"]);
stdfoot();
exit;
}
if ($VALIDATION == "none") {
$idlevel = 3;
} else {
$idlevel = 2;
}
# Create Random number
$floor = 100000;
$ceiling = 999999;
srand((double) microtime() * 1000000);
$random = rand($floor, $ceiling);
if ($utente == "" || $pwd == "" || $email == "") {
return -1;
exit;
}
$res = do_sqlquery("SELECT email FROM {$TABLE_PREFIX}users WHERE email='{$email}'", true);
if (mysqli_num_rows($res) > 0) {
return -2;
exit;
}
// valid email check - by vibes
$regex = '/\\b[\\w\\.-]+@[\\w\\.-]+\\.\\w{2,4}\\b/i';
if (!preg_match($regex, $email)) {
return -3;
exit;
}
// valid email check end
// duplicate username
$res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE username='******'", true);
if (mysqli_num_rows($res) > 0) {
return -4;
exit;
}
// duplicate username
if (strpos(isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $utente) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : ""), " ") == true) {
return -7;
exit;
}
if ($USE_IMAGECODE) {
if (extension_loaded('gd')) {
$arr = gd_info();
if ($arr['FreeType Support'] == 1) {
$public = $_POST['public_key'];
$private = $_POST['private_key'];
$p = new ocr_captcha();
if ($p->check_captcha($public, $private) != true) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
} else {
include "{$THIS_BASEPATH}/include/security_code.php";
$scode_index = intval($_POST["security_index"]);
if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
}
} else {
include "{$THIS_BASEPATH}/include/security_code.php";
$scode_index = intval($_POST["security_index"]);
if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
}
} else {
include "{$THIS_BASEPATH}/include/security_code.php";
$scode_index = intval($_POST["security_index"]);
if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) {
err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]);
stdfoot();
exit;
}
}
$bannedchar = array("\\", "/", ":", "*", "?", "\"", "@", "\$", "'", "`", ",", ";", ".", "<", ">", "!", "£", "%", "^", "&", "(", ")", "+", "=", "#", "~");
if (straipos(isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $utente) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : ""), $bannedchar) == true) {
return -8;
exit;
}
$pass_to_test = $_POST["pwd"];
$pass_min_req = explode(",", $btit_settings["secsui_pass_min_req"]);
if (strlen($pass_to_test) < $pass_min_req[0]) {
return -9;
exit;
}
$lct_count = 0;
$uct_count = 0;
$num_count = 0;
$sym_count = 0;
$pass_end = (int) (strlen($pass_to_test) - 1);
$pass_position = 0;
$pattern1 = '#[a-z]#';
$pattern2 = '#[A-Z]#';
$pattern3 = '#[0-9]#';
$pattern4 = '/[¬!"£$%^&*()`{}\\[\\]:@~;\'#<>?,.\\/\\-=_+\\|]/';
for ($pass_position = 0; $pass_position <= $pass_end; $pass_position++) {
if (preg_match($pattern1, substr($pass_to_test, $pass_position, 1), $matches)) {
$lct_count++;
} elseif (preg_match($pattern2, substr($pass_to_test, $pass_position, 1), $matches)) {
$uct_count++;
} elseif (preg_match($pattern3, substr($pass_to_test, $pass_position, 1), $matches)) {
$num_count++;
} elseif (preg_match($pattern4, substr($pass_to_test, $pass_position, 1), $matches)) {
$sym_count++;
}
}
if ($lct_count < $pass_min_req[1] || $uct_count < $pass_min_req[2] || $num_count < $pass_min_req[3] || $sym_count < $pass_min_req[4]) {
return -998;
exit;
}
$multipass = hash_generate(array("salt" => ""), $_POST["pwd"], $_POST["user"]);
$i = $btit_settings["secsui_pass_type"];
$pid = md5(uniqid(rand(), true));
do_sqlquery("INSERT INTO `{$TABLE_PREFIX}users` (`username`, `password`, `salt`, `pass_type`, `dupe_hash`, `random`, `id_level`, `email`, `style`, `language`, `flag`, `joined`, `lastconnect`, `pid`, `time_offset`) VALUES ('" . $utente . "', '" . (isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $multipass[$i]["rehash"]) : (trigger_error("[MySQLConverterToo] Fix the mysqli_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : "")) . "', '" . (isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $multipass[$i]["salt"]) : (trigger_error("[MySQLConverterToo] Fix the mysqli_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : "")) . "', '" . $i . "', '" . (isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $multipass[$i]["dupehash"]) : (trigger_error("[MySQLConverterToo] Fix the mysqli_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : "")) . "', " . $random . ", " . $idlevel . ", '" . $email . "', " . $idstyle . ", " . $idlangue . ", " . $idflag . ", NOW(), NOW(),'" . $pid . "', '" . $timezone . "')", true);
$newuid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res;
// Continue to create smf members if they disable smf mode
$test = do_sqlquery("SHOW TABLES LIKE '{$db_prefix}members'", true);
if (substr($FORUMLINK, 0, 3) == "smf" || mysqli_num_rows($test)) {
$smfpass = smf_passgen($utente, $pwd);
$fetch = get_result("SELECT `smf_group_mirror` FROM `{$TABLE_PREFIX}users_level` WHERE `id`=" . $idlevel, true, $btit_settings["cache_duration"]);
$flevel = $fetch[0]["smf_group_mirror"] > 0 ? $fetch[0]["smf_group_mirror"] : $idlevel + 10;
if ($FORUMLINK == "smf") {
do_sqlquery("INSERT INTO `{$db_prefix}members` (`memberName`, `dateRegistered`, `ID_GROUP`, `realName`, `passwd`, `emailAddress`, `memberIP`, `memberIP2`, `is_activated`, `passwordSalt`) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')", true);
} else {
do_sqlquery("INSERT INTO `{$db_prefix}members` (`member_name`, `date_registered`, `id_group`, `real_name`, `passwd`, `email_address`, `member_ip`, `member_ip2`, `is_activated`, `password_salt`) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')", true);
}
$fid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res;
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = {$fid} WHERE `variable` = 'latestMember'", true);
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = '{$utente}' WHERE `variable` = 'latestRealName'", true);
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = UNIX_TIMESTAMP() WHERE `variable` = 'memberlist_updated'", true);
do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = `value` + 1 WHERE `variable` = 'totalMembers'", true);
do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `smf_fid`={$fid} WHERE `id`={$newuid}", true);
}
// Continue to create ipb members if they disable ipb mode
$test = do_sqlquery("SHOW TABLES LIKE '{$ipb_prefix}members'");
if ($FORUMLINK == "ipb" || mysqli_num_rows($test)) {
ipb_create($utente, $email, $pwd, $idlevel, $newuid);
}
// xbt
if ($XBTT_USE) {
$resin = do_sqlquery("INSERT INTO xbt_users (uid, torrent_pass) VALUES ({$newuid},'{$pid}')", true);
}
if ($VALIDATION == "user") {
ini_set("sendmail_from", "");
if ((is_object($GLOBALS["___mysqli_ston"]) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false)) == 0) {
send_mail($email, $language["ACCOUNT_CONFIRM"], $language["ACCOUNT_MSG"] . "\n\n" . $BASEURL . "/index.php?page=account&act=confirm&confirm={$random}&language={$idlangue}");
write_log("Signup new user {$utente} ({$email})", "add");
} else {
die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false));
}
}
return is_object($GLOBALS["___mysqli_ston"]) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false);
}
