/**
* Create admin account
*
* @access public
* @return @e void
*/
public static function createAdminAccount()
{
/* Build Entry */
$_mke_time = ipsRegistry::$settings['login_key_expire'] ? time() + intval(ipsRegistry::$settings['login_key_expire']) * 86400 : 0;
$salt = IPSMember::generatePasswordSalt(5);
$passhash = IPSMember::generateCompiledPasshash($salt, md5(IPSSetUp::getSavedData('admin_pass')));
$_dname = IPSSetUp::getSavedData('admin_user');
$member = array('name' => $_dname, 'members_l_username' => strtolower($_dname), 'members_display_name' => $_dname, 'members_l_display_name' => strtolower($_dname), 'members_seo_name' => IPSText::makeSeoTitle($_dname), 'member_login_key' => IPSMember::generateAutoLoginKey(), 'member_login_key_expire' => $_mke_time, 'title' => 'Administrator', 'email' => IPSSetUp::getSavedData('admin_email'), 'member_group_id' => 4, 'posts' => 1, 'joined' => time(), 'last_visit' => time(), 'last_activity' => time(), 'ip_address' => my_getenv('REMOTE_ADDR'), 'view_sigs' => 1, 'restrict_post' => 0, 'msg_show_notification' => 1, 'msg_count_total' => 0, 'msg_count_new' => 0, 'coppa_user' => 0, 'language' => IPSLib::getDefaultLanguage(), 'members_auto_dst' => 1, 'member_uploader' => 'flash', 'allow_admin_mails' => 0, 'members_pass_hash' => $passhash, 'members_pass_salt' => $salt, 'has_blog' => '', 'fb_token' => '', 'ignored_users' => '', 'members_cache' => '', 'failed_logins' => '', 'bday_day' => 0, 'bday_month' => 0, 'bday_year' => 0);
/* Insert: MEMBERS */
ipsRegistry::DB()->setDataType(array('name', 'members_display_name', 'members_l_username', 'members_l_display_name'), 'string');
ipsRegistry::DB()->insert('members', $member);
$member_id = ipsRegistry::DB()->getInsertId();
$member['member_id'] = $member_id;
/* Insert into the custom profile fields DB */
ipsRegistry::DB()->insert('pfields_content', array('member_id' => $member_id));
/* Insert into pp */
ipsRegistry::DB()->insert('profile_portal', array('pp_member_id' => $member_id, 'pp_setting_count_friends' => 1, 'signature' => '', 'pconversation_filters' => '', 'pp_setting_count_comments' => 1, 'pp_setting_count_visitors' => 1));
}
function step_11()
{
$this->DB->return_die = 1;
$start = intval($this->request['st']) ? intval($this->request['st']) : 0;
$lend = 300;
$end = $start + $lend;
$max = 0;
$this->DB->build(array('select' => 'id', 'from' => 'members', 'where' => "id > {$end}"));
$this->DB->execute();
$max = $this->DB->fetch();
$found = 0;
/* Grab session user */
$sessionUser = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'upgrade_sessions', 'where' => 'session_id=\'' . addslashes($this->request['s']) . '\''));
$o = $this->DB->query($this->sql_members_converge($start, $end));
$this->DB->build(array('select' => 'm.*', 'from' => array('members' => 'm'), 'where' => 'm.id >=' . $start . ' AND id < ' . $end, 'add_join' => array(array('select' => 'c.converge_id as cid', 'from' => array('members_converge' => 'c'), 'where' => 'c.converge_id=m.id', 'type' => 'left'))));
$o = $this->DB->execute();
//-----------------------------------------
// Do it...
//-----------------------------------------
while ($r = $this->DB->fetch($o)) {
if (!$r['cid'] or !$r['id']) {
$r['password'] = $r['password'] ? $r['password'] : $r['legacy_password'];
$salt = IPSMember::generatePasswordSalt();
$this->DB->insert('members_converge', array('converge_id' => $r['id'], 'converge_email' => strtolower($r['email']), 'converge_joined' => $r['joined'], 'converge_pass_hash' => md5(md5($salt) . $r['password']), 'converge_pass_salt' => $salt));
$member_login_key = IPSMember::generateAutoLoginKey();
/* Current session user? */
if ($sessionUser['session_member_id'] and $sessionUser['session_member_id'] == $r['id']) {
$member_login_key = $sessionUser['session_member_key'];
}
$this->DB->update('members', array('member_login_key' => $member_login_key, 'email' => strtolower($r['email'])), 'id=' . $r['id']);
}
$found++;
}
if (!$found and !$max['id']) {
$this->registry->output->addMessage("Converge completed, converting personal messages...");
$this->request['workact'] = 'step_12';
$this->request['st'] = 0;
} else {
$this->request['st'] = $end;
$this->registry->output->addMessage("Converge added: {$start} to {$end} completed....");
$this->request['workact'] = 'step_11';
}
}
/**
* Validation completion. This is the action hit when a user clicks a validation link from their email for
* lost password, email change and new registration.
*
* @access private
* @return void
*/
private function _autoValidate()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$in_user_id = intval(trim(urldecode($this->request['uid'])));
$in_validate_key = substr(IPSText::alphanumericalClean(urldecode($this->request['aid'])), 0, 32);
$in_type = trim($this->request['type']);
$in_type = $in_type ? $in_type : 'reg';
//-----------------------------------------
// Attempt to get the profile of the requesting user
//-----------------------------------------
$member = IPSMember::load($in_user_id, 'members');
if (!$member['member_id']) {
$this->_showManualForm($in_type, 'reg_error_validate');
return;
}
//-----------------------------------------
// Get validating info..
//-----------------------------------------
if ($in_type == 'lostpass') {
$validate = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'validating', 'where' => 'member_id=' . $in_user_id . " AND lost_pass=1"));
} else {
if ($in_type == 'newemail') {
$validate = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'validating', 'where' => 'member_id=' . $in_user_id . " AND email_chg=1"));
} else {
$validate = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'validating', 'where' => 'member_id=' . $in_user_id));
}
}
//-----------------------------------------
// Checks...
//-----------------------------------------
if (!$validate['member_id']) {
$this->registry->output->showError('no_validate_key', 10120);
}
if ($validate['new_reg'] == 1 && $this->settings['reg_auth_type'] == "admin") {
$this->registry->output->showError('validate_admin_turn', 10121);
}
if ($validate['vid'] != $in_validate_key) {
$this->registry->output->showError('validation_key_invalid', 10122);
}
//-----------------------------------------
// Captcha (from posted form, not GET)
//-----------------------------------------
if ($this->settings['use_captcha'] and $this->request['uid']) {
if ($this->registry->getClass('class_captcha')->validate($this->request['captcha_unique_id'], $this->request['captcha_input']) !== TRUE) {
$this->_showManualForm($in_type, 'reg_error_anti_spam');
return;
}
}
//-----------------------------------------
// REGISTER VALIDATE
//-----------------------------------------
if ($validate['new_reg'] == 1) {
if (!$validate['real_group']) {
$validate['real_group'] = $this->settings['member_group'];
}
//-----------------------------------------
// SELF-VERIFICATION...
//-----------------------------------------
if ($this->settings['reg_auth_type'] != 'admin_user') {
IPSMember::save($member['member_id'], array('members' => array('member_group_id' => $validate['real_group'])));
/* Reset newest member */
$stat_cache = $this->caches['stats'];
if ($member['members_display_name'] and $member['member_id']) {
$stat_cache['last_mem_name'] = $member['members_display_name'];
$stat_cache['last_mem_id'] = $member['member_id'];
}
$stat_cache['mem_count'] += 1;
$this->cache->setCache('stats', $stat_cache, array('array' => 1, 'deletefirst' => 0));
//-----------------------------------------
// Remove "dead" validation
//-----------------------------------------
$this->DB->delete('validating', "vid='" . $validate['vid'] . "'");
$this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&fromreg=1');
} else {
//-----------------------------------------
// Update DB row...
//-----------------------------------------
$this->DB->update('validating', array('user_verified' => 1), 'vid="' . $validate['vid'] . '"');
//-----------------------------------------
// Print message
//-----------------------------------------
$this->registry->output->setTitle($this->lang->words['validation_complete']);
$this->output = $this->registry->getClass('output')->getTemplate('register')->showPreview($member);
}
} else {
if ($validate['lost_pass'] == 1) {
//-----------------------------------------
// INIT
//-----------------------------------------
$save_array = array();
//-----------------------------------------
// Generate a new random password
//-----------------------------------------
$new_pass = IPSLib::makePassword();
//-----------------------------------------
// Generate a new salt
//-----------------------------------------
$salt = IPSMember::generatePasswordSalt(5);
$salt = str_replace('\\', "\\\\", $salt);
//-----------------------------------------
// New log in key
//-----------------------------------------
$key = IPSMember::generateAutoLoginKey();
//-----------------------------------------
// Update...
//-----------------------------------------
$save_array['members_pass_salt'] = $salt;
$save_array['members_pass_hash'] = md5(md5($salt) . md5($new_pass));
$save_array['member_login_key'] = $key;
$save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24;
//-----------------------------------------
// Load handler...
//-----------------------------------------
require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
$this->han_login = new han_login($this->registry);
$this->han_login->init();
$this->han_login->changePass($member['email_address'], md5($new_pass));
if ($this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'SUCCESS') {
$this->registry->output->showError('lostpass_external_fail', 2015, true);
}
IPSMember::save($member['member_id'], array('members' => $save_array));
//-----------------------------------------
// Send out the email...
//-----------------------------------------
IPSText::getTextClass('email')->getTemplate("lost_pass_email_pass");
IPSText::getTextClass('email')->buildMessage(array('NAME' => $member['members_display_name'], 'THE_LINK' => $this->settings['base_url'] . 'app=core&module=usercp&tab=core&area=password', 'PASSWORD' => $new_pass, 'LOGIN' => $this->settings['base_url'] . 'app=core&module=global§ion=login', 'USERNAME' => $member['name'], 'EMAIL' => $member['email'], 'ID' => $member['member_id']));
IPSText::getTextClass('email')->subject = $this->lang->words['lp_random_pass_subject'] . ' ' . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
$this->registry->output->setTitle($this->lang->words['validation_complete']);
//-----------------------------------------
// Remove "dead" validation
//-----------------------------------------
$this->DB->delete('validating', "vid='" . $validate['vid'] . "' OR (member_id={$member['member_id']} AND lost_pass=1)");
$this->output = $this->registry->getClass('output')->getTemplate('register')->showLostPassWaitRandom($member);
} else {
if ($validate['email_chg'] == 1) {
if (!$validate['real_group']) {
$validate['real_group'] = $this->settings['member_group'];
}
IPSMember::save($member['member_id'], array('members' => array('member_group_id' => intval($validate['real_group']))));
IPSCookie::set("member_id", $member['member_id'], 1);
IPSCookie::set("pass_hash", $member['member_login_key'], 1);
//-----------------------------------------
// Remove "dead" validation
//-----------------------------------------
$this->DB->delete('validating', "vid='" . $validate['vid'] . "' OR (member_id={$member['member_id']} AND email_chg=1)");
$this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&fromemail=1');
}
}
}
}
/**
* Validates a lost password request
*
* @return @e void
*/
public function lostPasswordValidate()
{
/* Check for input and it's in a valid format. */
$in_user_id = intval(trim(urldecode($this->request['uid'])));
$in_validate_key = IPSText::md5Clean(trim(urldecode($this->request['aid'])));
/* Check Input */
if (!$in_validate_key) {
$this->registry->output->showError('validation_key_incorrect', 1015);
}
if (!preg_match('/^(?:\\d){1,}$/', $in_user_id)) {
$this->registry->output->showError('uid_key_incorrect', 1016);
}
/* Attempt to get the profile of the requesting user */
$member = IPSMember::load($in_user_id);
if (!$member['member_id']) {
$this->registry->output->showError('lostpass_no_member', 1017);
}
/* Get validating info.. */
$validate = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'validating', 'where' => 'member_id=' . $in_user_id . ' and lost_pass=1'));
if (!$validate['member_id']) {
$this->registry->output->showError('lostpass_not_validating', 1018);
}
if ($validate['new_reg'] == 1 && $this->settings['reg_auth_type'] == "admin") {
$this->registry->output->showError('lostpass_new_reg', 4010, true);
}
if ($validate['vid'] != $in_validate_key) {
$this->registry->output->showError('lostpass_key_wrong', 1019);
} else {
/* On the same page? */
if ($validate['lost_pass'] != 1) {
$this->registry->output->showError('lostpass_not_lostpass', 4011, true);
}
/* Send a new random password? */
if ($this->settings['lp_method'] == 'random') {
//-----------------------------------------
// INIT
//-----------------------------------------
$save_array = array();
//-----------------------------------------
// Generate a new random password
//-----------------------------------------
$new_pass = IPSMember::makePassword();
//-----------------------------------------
// Generate a new salt
//-----------------------------------------
$salt = IPSMember::generatePasswordSalt(5);
$salt = str_replace('\\', "\\\\", $salt);
//-----------------------------------------
// New log in key
//-----------------------------------------
$key = IPSMember::generateAutoLoginKey();
//-----------------------------------------
// Update...
//-----------------------------------------
$save_array['members_pass_salt'] = $salt;
$save_array['members_pass_hash'] = md5(md5($salt) . md5($new_pass));
$save_array['member_login_key'] = $key;
$save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24;
$save_array['failed_logins'] = null;
$save_array['failed_login_count'] = 0;
//-----------------------------------------
// Load handler...
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
$this->han_login->changePass($member['email'], md5($new_pass), $new_pass, $member);
//if ( $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'SUCCESS' )
//{
// $this->registry->output->showError( $this->lang->words['lostpass_external_fail'], 2013 );
//}
IPSMember::save($member['member_id'], array('members' => $save_array));
/* Password has been changed! */
IPSLib::runMemberSync('onPassChange', $member['member_id'], $new_pass);
//-----------------------------------------
// Send out the email...
//-----------------------------------------
$message = array('NAME' => $member['members_display_name'], 'THE_LINK' => $this->registry->getClass('output')->buildUrl('app=core&module=usercp&tab=core&area=email', 'publicNoSession'), 'PASSWORD' => $new_pass, 'LOGIN' => $this->registry->getClass('output')->buildUrl('app=core&module=global§ion=login', 'publicNoSession'), 'USERNAME' => $member['name'], 'EMAIL' => $member['email'], 'ID' => $member['member_id']);
IPSText::getTextClass('email')->setPlainTextTemplate(IPSText::getTextClass('email')->getTemplate("lost_pass_email_pass", $member['language']));
IPSText::getTextClass('email')->buildPlainTextContent($message);
IPSText::getTextClass('email')->buildHtmlContent($message);
IPSText::getTextClass('email')->subject = $this->lang->words['lp_random_pass_subject'] . ' ' . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
$this->registry->output->setTitle($this->lang->words['activation_form'] . ' - ' . ipsRegistry::$settings['board_name']);
$this->output = $this->registry->getClass('output')->getTemplate('register')->showLostPassWaitRandom($member);
} else {
if ($_POST['pass1'] == "") {
$this->registry->output->showError('pass_blank', 10184);
}
if ($_POST['pass2'] == "") {
$this->registry->output->showError('pass_blank', 10185);
}
$pass_a = trim($this->request['pass1']);
$pass_b = trim($this->request['pass2']);
/*
There's no reason for this - http://community.invisionpower.com/resources/bugs.html/_/ip-board/registrations-limit-passwords-to-32-characters-for-no-apparent-reason-r37770
if( strlen( $pass_a ) < 3 )
{
$this->registry->output->showError( 'pass_too_short', 10186 );
}
*/
if ($pass_a != $pass_b) {
$this->registry->output->showError('pass_no_match', 10187);
}
$new_pass = md5($pass_a);
/* Update Member Array */
$save_array = array();
/* Generate a new salt */
$salt = IPSMember::generatePasswordSalt(5);
$salt = str_replace('\\', "\\\\", $salt);
/* New log in key */
$key = IPSMember::generateAutoLoginKey();
/* Update Array */
$save_array['members_pass_salt'] = $salt;
$save_array['members_pass_hash'] = md5(md5($salt) . $new_pass);
$save_array['member_login_key'] = $key;
$save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24;
$save_array['failed_logins'] = null;
$save_array['failed_login_count'] = 0;
/* Change the password */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
$this->han_login->changePass($member['email'], $new_pass, $pass_a, $member);
//-----------------------------------------
// We'll ignore any remote errors
//-----------------------------------------
/*if( $this->han_login->return_code != 'METHOD_NOT_DEFINED' AND $this->han_login->return_code != 'SUCCESS' )
{
// Pass not changed remotely
}*/
/* Update the member */
IPSMember::save($member['member_id'], array('members' => $save_array));
/* Password has been changed! */
IPSLib::runMemberSync('onPassChange', $member['member_id'], $pass_a);
/* Remove "dead" validation */
$this->DB->delete('validating', "vid='{$validate['vid']}' OR (member_id={$member['member_id']} AND lost_pass=1)");
$this->registry->output->silentRedirect($this->registry->getClass('output')->buildUrl('app=core&module=global§ion=login&do=autologin&frompass=1'));
}
}
}
/**
* Create new member
* Very basic functionality at this point.
*
* @access public
* @param array Fields to save in the following format: array( 'members' => array( 'email' => '*****@*****.**',
* 'joined' => time() ),
* 'extendedProfile' => array( 'signature' => 'My signature' ) );
* Tables: members, pfields_content, profile_portal.
* You can also use the aliases: 'core [members]', 'extendedProfile [profile_portal]', and 'customFields [pfields_content]'
* @param bool Flag to attempt to auto create a name if the desired is taken
* @param bool Bypass custom field saving (if using the sso session integration this is required as member object isn't ready yet)
* @return array Final member Data including member_id
*
* EXCEPTION CODES
* CUSTOM_FIELDS_EMPTY - Custom fields were not populated
* CUSTOM_FIELDS_INVALID - Custom fields were invalid
* CUSTOM_FIELDS_TOOBIG - Custom fields too big
*/
public static function create($tables = array(), $autoCreateName = FALSE, $bypassCfields = FALSE)
{
//-----------------------------------------
// INIT
//-----------------------------------------
$finalTables = array();
$password = '';
$bitWiseFields = ipsRegistry::fetchBitWiseOptions('global');
//-----------------------------------------
// Remap tables if required
//-----------------------------------------
foreach ($tables as $table => $data) {
$_name = isset(self::$remap[$table]) ? self::$remap[$table] : $table;
if ($_name == 'members') {
/* Magic password field */
$password = isset($data['password']) ? trim($data['password']) : IPSLib::makePassword();
$md_5_password = md5($password);
unset($data['password']);
}
$finalTables[$_name] = $data;
}
//-----------------------------------------
// Custom profile field stuff
//-----------------------------------------
if (!$bypassCfields) {
require_once IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php';
$fields = new customProfileFields();
if (is_array($finalTables['pfields_content']) and count($finalTables['pfields_content'])) {
$fields->member_data = $finalTables['pfields_content'];
}
$_cfieldMode = 'normal';
$fields->initData('edit');
$fields->parseToSave($finalTables['pfields_content'], 'register');
/* Check */
if (count($fields->error_fields['empty'])) {
//throw new Exception( 'CUSTOM_FIELDS_EMPTY' );
}
if (count($fields->error_fields['invalid'])) {
//throw new Exception( 'CUSTOM_FIELDS_INVALID' );
}
if (count($fields->error_fields['toobig'])) {
//throw new Exception( 'CUSTOM_FIELDS_TOOBIG' );
}
}
//-----------------------------------------
// Make sure the account doesn't exist
//-----------------------------------------
if ($finalTables['members']['email']) {
$existing = IPSMember::load($finalTables['members']['email'], 'all');
if ($existing['member_id']) {
$existing['full'] = true;
$existing['timenow'] = time();
return $existing;
}
}
//-----------------------------------------
// Fix up usernames and display names
//-----------------------------------------
/* Ensure we have a display name */
$finalTables['members']['members_display_name'] = $finalTables['members']['members_display_name'] ? $finalTables['members']['members_display_name'] : $finalTables['members']['name'];
//-----------------------------------------
// Clean up characters
//-----------------------------------------
if ($finalTables['members']['name']) {
$userName = IPSMember::getFunction()->cleanAndCheckName($finalTables['members']['name'], array(), 'name');
if ($userName['errors']) {
$finalTables['members']['name'] = '';
} else {
$finalTables['members']['name'] = $userName['username'];
}
}
if ($finalTables['members']['members_display_name']) {
$displayName = IPSMember::getFunction()->cleanAndCheckName($finalTables['members']['members_display_name']);
if ($displayName['errors']) {
$finalTables['members']['members_display_name'] = '';
} else {
$finalTables['members']['members_display_name'] = $displayName['members_display_name'];
}
}
//-----------------------------------------
// Remove some basic HTML tags
//-----------------------------------------
$finalTables['members']['members_display_name'] = str_replace(array('<', '>', '"'), '', $finalTables['members']['members_display_name']);
$finalTables['members']['name'] = str_replace(array('<', '>', '"'), '', $finalTables['members']['name']);
//-----------------------------------------
// Make sure the names are unique
//-----------------------------------------
if ($finalTables['members']['members_display_name']) {
try {
if (IPSMember::getFunction()->checkNameExists($finalTables['members']['members_display_name'], array(), 'members_display_name', true) === true) {
if ($autoCreateName === TRUE) {
/* Now, make sure we have a unique display name */
$max = ipsRegistry::DB()->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_display_name LIKE '" . $this->DB->addSlashes(strtolower($finalTables['members']['members_display_name'])) . "%'"));
if ($max['max']) {
$_num = $max['max'] + 1;
$finalTables['members']['members_display_name'] = $finalTables['members']['members_display_name'] . '_' . $_num;
}
} else {
$finalTables['members']['members_display_name'] = '';
}
}
} catch (Exception $e) {
}
}
if ($finalTables['members']['name']) {
try {
if (IPSMember::getFunction()->checkNameExists($finalTables['members']['name'], array(), 'name', true) === true) {
if ($autoCreateName === TRUE) {
/* Now, make sure we have a unique username */
$max = ipsRegistry::DB()->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_username LIKE '" . $this->DB->addSlashes(strtolower($finalTables['members']['name'])) . "%'"));
if ($max['max']) {
$_num = $max['max'] + 1;
$finalTables['members']['name'] = $finalTables['members']['name'] . '_' . $_num;
}
} else {
$finalTables['members']['name'] = '';
}
}
} catch (Exception $e) {
}
}
//-----------------------------------------
// Populate member table(s)
//-----------------------------------------
$finalTables['members']['members_l_username'] = isset($finalTables['members']['name']) ? strtolower($finalTables['members']['name']) : '';
$finalTables['members']['joined'] = $finalTables['members']['joined'] ? $finalTables['members']['joined'] : time();
$finalTables['members']['email'] = $finalTables['members']['email'] ? $finalTables['members']['email'] : $finalTables['members']['name'] . '@' . $finalTables['members']['joined'];
$finalTables['members']['member_group_id'] = $finalTables['members']['member_group_id'] ? $finalTables['members']['member_group_id'] : ipsRegistry::$settings['member_group'];
$finalTables['members']['ip_address'] = $finalTables['members']['ip_address'] ? $finalTables['members']['ip_address'] : ipsRegistry::member()->ip_address;
$finalTables['members']['members_created_remote'] = intval($finalTables['members']['members_created_remote']);
$finalTables['members']['member_login_key'] = IPSMember::generateAutoLoginKey();
$finalTables['members']['member_login_key_expire'] = ipsRegistry::$settings['login_key_expire'] ? time() + intval(ipsRegistry::$settings['login_key_expire']) * 86400 : 0;
$finalTables['members']['view_sigs'] = 1;
$finalTables['members']['email_pm'] = 1;
$finalTables['members']['view_img'] = 1;
$finalTables['members']['view_avs'] = 1;
$finalTables['members']['restrict_post'] = intval($finalTables['members']['restrict_post']);
$finalTables['members']['view_pop'] = 1;
$finalTables['members']['msg_count_total'] = 0;
$finalTables['members']['msg_count_new'] = 0;
$finalTables['members']['msg_show_notification'] = 1;
$finalTables['members']['coppa_user'] = 0;
$finalTables['members']['auto_track'] = intval($finalTables['members']['auto_track']);
$finalTables['members']['last_visit'] = $finalTables['members']['last_visit'] ? $finalTables['members']['last_visit'] : time();
$finalTables['members']['last_activity'] = $finalTables['members']['last_activity'] ? $finalTables['members']['last_activity'] : time();
$finalTables['members']['language'] = IPSLib::getDefaultLanguage();
$finalTables['members']['members_editor_choice'] = ipsRegistry::$settings['ips_default_editor'];
$finalTables['members']['members_pass_salt'] = IPSMember::generatePasswordSalt(5);
$finalTables['members']['members_pass_hash'] = IPSMember::generateCompiledPasshash($finalTables['members']['members_pass_salt'], $md_5_password);
$finalTables['members']['members_display_name'] = isset($finalTables['members']['members_display_name']) ? $finalTables['members']['members_display_name'] : '';
$finalTables['members']['members_l_display_name'] = isset($finalTables['members']['members_display_name']) ? strtolower($finalTables['members']['members_display_name']) : '';
$finalTables['members']['fb_uid'] = isset($finalTables['members']['fb_uid']) ? $finalTables['members']['fb_uid'] : 0;
$finalTables['members']['fb_emailhash'] = isset($finalTables['members']['fb_emailhash']) ? strtolower($finalTables['members']['fb_emailhash']) : '';
$finalTables['members']['members_seo_name'] = IPSText::makeSeoTitle($finalTables['members']['members_display_name']);
$finalTables['members']['bw_is_spammer'] = intval($finalTables['members']['bw_is_spammer']);
//-----------------------------------------
// Insert: MEMBERS
//-----------------------------------------
ipsRegistry::DB()->force_data_type = array('name' => 'string', 'members_l_username' => 'string', 'members_display_name' => 'string', 'members_l_display_name' => 'string', 'members_seo_name' => 'string', 'email' => 'string');
/* Bitwise options */
if (is_array($bitWiseFields['members'])) {
$_freeze = array();
foreach ($bitWiseFields['members'] as $field) {
if (isset($finalTables['members'][$field])) {
/* Add to freezeable array */
$_freeze[$field] = $finalTables['members'][$field];
/* Remove it from the fields to save to DB */
unset($finalTables['members'][$field]);
}
}
if (count($_freeze)) {
$finalTables['members']['members_bitoptions'] = IPSBWOptions::freeze($_freeze, 'members', 'global');
}
}
ipsRegistry::DB()->insert('members', $finalTables['members']);
//-----------------------------------------
// Get the member id
//-----------------------------------------
$finalTables['members']['member_id'] = ipsRegistry::DB()->getInsertId();
//-----------------------------------------
// Insert: PROFILE PORTAL
//-----------------------------------------
$finalTables['profile_portal']['pp_member_id'] = $finalTables['members']['member_id'];
$finalTables['profile_portal']['pp_setting_count_friends'] = 1;
$finalTables['profile_portal']['pp_setting_count_comments'] = 1;
ipsRegistry::DB()->insert('profile_portal', $finalTables['profile_portal']);
//-----------------------------------------
// Insert into the custom profile fields DB
//-----------------------------------------
if (!$bypassCfields) {
$fields->out_fields['member_id'] = $finalTables['members']['member_id'];
ipsRegistry::DB()->delete('pfields_content', 'member_id=' . $finalTables['members']['member_id']);
ipsRegistry::DB()->insert('pfields_content', $fields->out_fields);
} else {
ipsRegistry::DB()->delete('pfields_content', 'member_id=' . $finalTables['members']['member_id']);
ipsRegistry::DB()->insert('pfields_content', array('member_id' => $finalTables['members']['member_id']));
}
//-----------------------------------------
// Insert into partial ID table
//-----------------------------------------
$full_account = false;
if ($finalTables['members']['members_display_name'] and $finalTables['members']['name'] and $finalTables['members']['email'] != $finalTables['members']['name'] . '@' . $finalTables['members']['joined']) {
$full_account = true;
}
if (!$full_account) {
ipsRegistry::DB()->insert('members_partial', array('partial_member_id' => $finalTables['members']['member_id'], 'partial_date' => $finalTables['members']['joined'], 'partial_email_ok' => $finalTables['members']['email'] == $finalTables['members']['name'] . '@' . $finalTables['members']['joined'] ? 0 : 1));
}
//IPSMember::updateSearchIndex( $finalTables['members']['member_id'] );
IPSLib::runMemberSync('onCreateAccount', $finalTables['members']);
return array_merge($finalTables['members'], $finalTables['profile_portal'], !$bypassCfields ? $fields->out_fields : array(), array('timenow' => $finalTables['members']['joined'], 'full' => $full_account));
}
/**
* Convert a member
*
* @access public
* @param array Basic data (id number, username, email, group, joined date, password)
* @param array Data to insert to members table
* @param array Data to insert to profile table
* @param array Data to insert to custom profile fields table
* @param string Path to avatars folder
* @param string Path to profile pictures folder
* @return boolean Success or fail
**/
public function convertMember($info, $members, $profile, $custom, $pic_path = '', $groupLink = TRUE)
{
//-----------------------------------------
// Make sure we have everything we need
//-----------------------------------------
if (!$info['id']) {
$this->logError($info['id'], 'No ID number provided');
return false;
}
if (!$info['username']) {
$this->logError($info['id'], 'No username provided');
return false;
}
if (!$info['email']) {
// See Tracker Report #28874 for reasons why this got changed.
$info['email'] = $info['id'] . '@' . time() . '.com';
//$info['email'] = rand(1, 100).'@'.time().'.com';
$this->logError($info['id'], 'No email address provided - member converted with ' . $info['email']);
}
// Check profile photo
if (!is_writeable($this->settings['upload_dir'] . '/profile')) {
$this->error($this->settings['upload_dir'] . '/profile is not writeable, cannot continue');
return false;
}
//-----------------------------------------
// Set some needed variables
//-----------------------------------------
$now = time();
$joined = $info['joined'] ? $info['joined'] : $now;
if ($info['md5pass']) {
$salt = IPSMember::generatePasswordSalt(5);
$hash = IPSMember::generateCompiledPasshash($salt, $info['md5pass']);
} elseif ($info['plainpass']) {
$salt = IPSMember::generatePasswordSalt(5);
$hash = IPSMember::generateCompiledPasshash($salt, md5($info['plainpass']));
} elseif ($info['pass_hash']) {
$salt = $info['pass_salt'];
$hash = $info['pass_hash'];
} elseif ($info['password'] !== NULL) {
$members['conv_password'] = $info['password'];
} else {
// give em a random pass, let's stop those posts by these users being lost and assigned to guests.
$randPass = IPSMember::makePassword();
$salt = IPSMember::generatePasswordSalt(5);
$hash = IPSMember::generateCompiledPasshash($salt, $randPass);
$this->logError($info['id'], 'No password provided. Member has still been converted with password: '******'email'], 'all');
if ($duplicateMember['member_id']) {
$this->logError($info['id'], "Duplicate member found. {$info['username']} has been merged with the account email {$duplicateMember['username']}");
$this->addLink($duplicateMember['member_id'], $info['id'], 'members');
$this->DB->update('conv_link', array('duplicate' => '1'), "type = 'members' AND app={$this->app['app_id']} AND foreign_id='{$info['id']}'");
if ($info['posts'] > 0) {
$this->DB->update('members', array('posts' => "posts+'{$info['posts']}'"), "member_id='{$duplicateMember['member_id']}'");
}
// we have a customavatar and the one we have on file does not match what we've been given, time to update it.
if ($profile['photo_type'] == 'custom' and $duplicateMember['pp_main_photo'] != $profile['pp_main_photo']) {
if ($profile['photo_data']) {
// open file for writing
if (!($handle = fopen($this->settings['upload_dir'] . '/profile/photo-' . $profile['pp_member_id'] . '.png', 'w'))) {
$this->logError($info['id'], 'Could not write to file.');
}
// Write image to our opened file.
if (fwrite($handle, $profile['photo_data']) === FALSE) {
$this->logError($info['id'], 'Could not write to file.');
}
// log it all into DB
$profile['pp_main_photo'] = 'profile/photo-' . $profile['pp_member_id'] . '.png';
}
}
return TRUE;
}
//-----------------------------------------
// Handle Names
//-----------------------------------------
// Apostrophe is an allowed character but needs converting
$info['username'] = str_replace("'", ''', $info['username']);
$info['username'] = str_replace("!", '!', $info['username']);
// as is an excalamation point.
$nameCheck = IPSMember::getFunction()->cleanAndCheckName($info['username'], array(), 'name');
// Check for illegal characters
if ($nameCheck['errors']['username'] == ipsRegistry::getClass('class_localization')->words['reg_error_chars']) {
// Illegal characters exist, clean them out with dashes
$nameCheckMap['disallowed'] = array("'", "\"", """, "<", ">", "\\", "\", "\$", "$", "]", "[", ",", "|");
$nameCheckMap['replace'] = array(''', '&#quot;', '&#quot;', '&#lt;', '&#gt;', '-', '-', '-', '-', '-', '-', '-', '-');
$nameCheck['members_display_name'] = str_replace($nameCheckMap['disallowed'], $nameCheckMap['replace'], $nameCheck['username']);
$this->logError($info['id'], "{$nameCheck['errors']['username']} with name {$info['username']}. Member has still been created but with username as {$nameCheck['username']}");
// Now check for duplicate username.
try {
if (IPSMember::getFunction()->checkNameExists($nameCheck['username'], array(), 'name', true, true)) {
$t = time();
$this->logError($info['id'], ipsRegistry::getClass('class_localization')->words['reg_error_username_taken'] . " with name {$nameCheck['username']}. Member has still been created but with username as {$nameCheck['username']}{$t}");
$nameCheck['username'] = $nameCheck['username'] . $t;
}
} catch (Exception $e) {
//-----------------------------------------
// Name exists, let's return appropriately
//-----------------------------------------
switch ($e->getMessage()) {
default:
$this->logError($info['id'], "Unexpected error with name: {$info['username']}. Member was skipped.");
return false;
}
}
} elseif ($nameCheck['errors']['username'] == 'reg_error_username_taken') {
$nameCheck['username'] = $nameCheck['username'] . time();
$this->logError($info['id'], "{$nameCheck['errors']['username']} with name: {$info['username']}. Member has still been created but with username as {$nameCheck['username']}");
}
$username = $displayname = $nameCheck['username'];
// Begin check and clean for display name if provided.
if (isset($info['displayname'])) {
// Apostrophe is an allowed character but needs converting
$info['displayname'] = str_replace("'", ''', $info['displayname']);
$displayname = NULL;
$nameCheck = IPSMember::getFunction()->cleanAndCheckName($info['displayname'], array(), 'members_display_name');
if ($nameCheck['errors']['dname'] == str_replace('{chars}', ipsRegistry::$settings['username_characters'], ipsRegistry::$settings['username_errormsg'])) {
$nameCheckMap['disallowed'] = array("'", "\"", """, "<", ">", "\\", "\", "\$", "$", "]", "[", ",", "|");
$nameCheckMap['replace'] = array(''', '&#quot;', '&#quot;', '&#lt;', '&#gt;', '-', '-', '-', '-', '-', '-', '-', '-');
$nameCheck['members_display_name'] = str_replace($nameCheckMap['disallowed'], $nameCheckMap['replace'], $nameCheck['members_display_name']);
$this->logError($info['id'], "{$nameCheck['errors']['dname']} with name: {$info['displayname']}. Member has still been created but with display name as {$nameCheck['members_display_name']}");
// Now check for duplicate display name.
try {
if (IPSMember::getFunction()->checkNameExists($nameCheck['members_display_name'], array(), 'members_display_name', true, true)) {
$t = time();
$this->logError($info['id'], ipsRegistry::getClass('class_localization')->words['reg_error_username_taken'] . " with name {$nameCheck['members_display_name']}. Member has still been created but with display name as {$nameCheck['members_display_name']}{$t}");
$nameCheck['members_display_name'] = $nameCheck['members_display_name'] . $t;
}
} catch (Exception $e) {
//-----------------------------------------
// Name exists, let's return appropriately
//-----------------------------------------
switch ($e->getMessage()) {
default:
$this->logError($info['id'], "Unexpected error with display name: {$info['displayname']}. Member was skipped.");
return false;
}
}
} elseif ($nameCheck['errors']['dname'] == 'reg_error_username_taken') {
$nameCheck['members_display_name'] = $nameCheck['members_display_name'] . time();
$this->logError($info['id'], "{$nameCheck['errors']['dname']} with name: {$info['displayname']}. Member has still been created but with display name as {$nameCheck['members_display_name']}");
}
$displayname = $nameCheck['members_display_name'];
}
// Check we have a path
if (!$this->settings['upload_dir']) {
$this->logError($info['id'], 'Your IP.Board uploads path has not been configured');
return false;
}
//-----------------------------------------
// Insert
//-----------------------------------------
$members['title'] = str_replace("'", ''', $members['title']);
//$members['member_id'] = $info['id'];
$members['name'] = $username;
$members['last_post'] = intval($members['last_post']);
if (empty($info['member_group_id'])) {
$members['member_group_id'] = $info['group'] ? $groupLink === TRUE ? $this->getLink($info['group'], 'groups') : $info['group'] : $this->settings['member_group'];
} else {
$members['member_group_id'] = $info['member_group_id'];
}
$members['email'] = $info['email'];
$members['joined'] = $joined;
$members['member_login_key'] = IPSMember::generateAutoLoginKey();
$members['member_login_key_expire'] = ipsRegistry::$settings['login_key_expire'] ? time() + intval(ipsRegistry::$settings['login_key_expire']) * 86400 : 0;
$members['members_display_name'] = $displayname;
$members['members_seo_name'] = IPSText::makeSeoTitle($displayname);
$members['members_l_display_name'] = IPSText::mbstrtolower($displayname);
$members['members_l_username'] = IPSText::mbstrtolower($username);
$members['members_pass_hash'] = $hash;
$members['members_pass_salt'] = $salt;
$members['posts'] = $members['posts'] ? $members['posts'] : 0;
$members['warn_level'] = (int) $members['warn_level'];
// Sort out secondary groups
if (!empty($info['secondary_groups'])) {
// explode so we can loop through for the getLink
$secondary_groups = explode(",", $info['secondary_groups']);
$_secondary = array();
if (!empty($secondary_groups)) {
foreach ($secondary_groups as $group) {
if (!empty($group)) {
$newGroup = $this->getLink($group, 'groups', true);
if ($newGroup) {
$_secondary[] = $newGroup;
}
}
/**else
{
$this->logError($info['id'] .' - '. $group, 'empty secondary group id');
}**/
}
}
$members['mgroup_others'] = implode(",", $_secondary);
}
// Sneaky hack with the comments and friends
if (!in_array('pp_setting_count_comments', $profile)) {
$profile['pp_setting_count_comments'] = 1;
}
if (!in_array('pp_setting_count_friends', $profile)) {
$profile['pp_setting_count_friends'] = 1;
}
// We better turn on allow_admin_mails if it isn't set
$members['allow_admin_mails'] = isset($members['allow_admin_mails']) ? $members['allow_admin_mails'] : 1;
// Fix up the birthday since STRICT complains..
$members['bday_day'] = intval($members['bday_day']);
$members['bday_month'] = intval($members['bday_month']);
$members['bday_year'] = intval($members['bday_year']);
// No idea why birthdays are messing up.., so I'll just hack this bit. - Alex
// #020372 tracker
if ($members['bday_year'] < 1900) {
// Don't think we can really be this old ya know.
$members['bday_day'] = 0;
$members['bday_month'] = 0;
$members['bday_year'] = 0;
}
// 3.1.3 dropped columns
unset($members['email_pm']);
// 3.2.0 Dropped columns
unset($members['hide_email']);
unset($members['view_avs']);
// 3.3.0 Dropped columns
unset($members['members_editor_choice']);
// First member?
if ($info['id'] != $this->memberData['member_id']) {
if ($this->usingExtendedInserts) {
// Add it to the extended insert array which runs on next()
$this->extendedInserts['members'][] = $this->DB->compileInsertString($members);
//$memberId = $members['member_id'];
$memberId = $info['id'];
} else {
//unset( $members['member_id'] );
$this->DB->insert('members', $members);
$memberId = $this->DB->getInsertId();
// Add a link
$this->addLink($memberId, $info['id'], 'members');
}
} else {
if ($this->usingExtendedInserts) {
// Unset important information to stop locking us out
$unset = array('member_id', 'members_pass_salt', 'members_pass_hash', 'name', 'members_l_username', 'members_display_name', 'members_l_display_name', 'members_seo_name', 'member_banned', 'conv_password', 'email', 'member_group_id');
foreach ($unset as $k) {
unset($members[$k]);
}
$this->DB->update('members', $members, "member_id=" . $this->memberData['member_id']);
$memberId = $this->memberData['member_id'];
$this->logError($memberId, "<strong><span style='size: 1.15em;'>{$username} has been merged with {$this->memberData['members_display_name']}. This is because you are logged in as {$this->memberData['members_display_name']} and due to both members sharing the same ID. You are not running the conversion in 'merge' mode and therefore you WILL have to manually update this members name, email address, AND member group.</span></strong><br /><ul><li>Username: {$username}</li><li>Email Address: {$info['email']}</li></ul>");
} else {
//unset( $members['member_id'] );
$this->DB->insert('members', $members);
$memberId = $this->DB->getInsertId();
// Add a link
$this->addLink($memberId, $info['id'], 'members');
}
}
// If user group is the auth group, add them to validating table.
if ($members['member_group_id'] == $this->settings['auth_group'] && ($this->settings['reg_auth_type'] == 'user' || $this->settings['reg_auth_type'] == 'admin' || $this->settings['reg_auth_type'] == 'admin_user')) {
//-----------------------------------------
// We want to validate all reg's via email,
// after email verificiation has taken place,
// we restore their previous group and remove the validate_key
//-----------------------------------------
$validating = array('vid' => md5(uniqid()), 'member_id' => $memberId, 'real_group' => $this->settings['member_group'], 'temp_group' => $this->settings['auth_group'], 'entry_date' => time(), 'coppa_user' => 0, 'new_reg' => 1, 'ip_address' => $members['ip_address'], 'spam_flag' => 0);
if ($this->usingExtendedInserts) {
$this->extendedInserts['validating'][] = $this->DB->compileInsertString($validating);
} else {
$this->DB->insert('validating', $validating);
}
}
$profile['pp_member_id'] = $memberId;
// Defaults if not specified (prevents "Column Count Mismatches" in MySQL)
$profile['pp_thumb_photo'] = $profile['pp_thumb_photo'] ? $profile['pp_thumb_photo'] : '';
$profile['pp_main_photo'] = $profile['pp_main_photo'] ? $profile['pp_main_photo'] : '';
$profile['pp_main_width'] = $profile['pp_main_width'] ? $profile['pp_main_width'] : 0;
$profile['pp_main_height'] = $profile['pp_main_height'] ? $profile['pp_main_height'] : 0;
$profile['pp_thumb_width'] = $profile['pp_thumb_width'] ? $profile['pp_thumb_width'] : 0;
$profile['pp_thumb_height'] = $profile['pp_thumb_height'] ? $profile['pp_thumb_height'] : 0;
//-----------------------------------------
// Sort out uploaded avatars / photos
//-----------------------------------------
// we send profile_type of custom if we have a photo at all
if ($profile['photo_type'] == 'custom') {
if ($profile['photo_data']) {
// open file for writing
if (!($handle = fopen($this->settings['upload_dir'] . '/profile/photo-' . $profile['pp_member_id'] . '.png', 'w'))) {
$this->logError($info['id'], 'Could not write to file.');
}
// Write image to our opened file.
if (fwrite($handle, $profile['photo_data']) === FALSE) {
$this->logError($info['id'], 'Could not write to file.');
}
// log it all into DB
$profile['pp_main_photo'] = 'profile/photo-' . $profile['pp_member_id'] . '.png';
}
}
if ($profile['photo_type'] == 'url') {
// Make an attempt at fetching the remote pic. If not, log an error.
$profile['pp_main_photo'] = '';
if ($remote = @file_get_contents($profile['photo_location'])) {
$image_dims = @getimagesize($profile['photo_location']);
if ($image_dims[0]) {
$profile['photo_data'] = $remote;
$profile['photo_type'] = 'custom';
$profile['pp_main_photo'] = $profile['photo_location'];
if (!isset($profile['photo_filesize'])) {
$profile['photo_filesize'] = strlen($remote);
}
} else {
$this->logError($info['id'], 'Remote picture file does not appear to be an image.');
}
} else {
$this->logError($info['id'], 'Could not fetch remote picture file.');
}
}
// Oops... I screwed up... workaround for now... will fix properly soon.
if ($profile['photo_type'] != 'url' and $profile['photo_location'] and !$profile['pp_main_photo']) {
$profile['pp_main_photo'] = $profile['photo_location'];
}
if (!is_dir($pic_path) and $profile['pp_main_photo'] and !$profile['photo_data']) {
$this->logError($info['id'], 'Incorrect profile pictures path');
//return false;
}
// Move em or create em
if ($profile['pp_main_photo']) {
//-----------------------------------------
// Already a dir?
//-----------------------------------------
$upload_path = $this->settings['upload_dir'];
$upload_dir;
if (!file_exists($upload_path . "/profile")) {
if (@mkdir($upload_path . "/profile", 0777)) {
@file_put_contents($upload_path . '/profile/index.html', '');
@chmod($upload_path . "/profile", 0777);
# Set path and dir correct
$upload_path .= "/profile";
$upload_dir = "profile/";
} else {
# Set path and dir correct
$upload_dir = "";
}
} else {
# Set path and dir correct
$upload_path .= "/profile";
$upload_dir = "profile/";
}
// What's the extension?
$e = explode('.', $profile['pp_main_photo']);
$extension = array_pop($e);
// There's an issue with profile photo thumbnail rebuilds. Waiting on the deal with that issue before adjusting this.
// For now, we'll just set the thumbnail the same as the main photo.
$profile['pp_thumb_photo'] = "{$upload_dir}photo-{$memberId}.{$extension}";
if ($profile['photo_data']) {
//$this->createFile($profile['pp_main_photo'], $profile['photo_data'], $profile['photo_filesize'], $this->settings['upload_dir']);
$this->createFile("photo-{$memberId}.{$extension}", $profile['photo_data'], $profile['photo_filesize'], $upload_path);
$profile['pp_main_photo'] = "{$upload_dir}photo-{$memberId}.{$extension}";
} else {
//$this->moveFiles(array($profile['pp_main_photo']), $profile_path, $this->settings['upload_dir']);
$this->moveFiles(array($profile['pp_main_photo']), $pic_path, $upload_path);
if ($upload_dir != '' && @rename($upload_path . "/{$profile['pp_main_photo']}", $upload_path . "/photo-{$memberId}.{$extension}")) {
$profile['pp_main_photo'] = "{$upload_dir}photo-{$memberId}.{$extension}";
}
}
// Try and get width and height.
$dimensions = @getimagesize($upload_dir . 'photo-' . $memberId . '.' . $extension);
// Add some triple checks.
$profile['pp_main_width'] = $dimensions[0] ? $dimensions[0] : 1;
$profile['pp_main_height'] = $dimensions[1] ? $dimensions[1] : 1;
$profile['pp_thumb_width'] = $dimensions[0] ? $dimensions[0] : 1;
$profile['pp_thumb_height'] = $dimensions[1] ? $dimensions[1] : 1;
}
$profile['pp_photo_type'] = $profile['photo_type'];
unset($profile['avatar_data']);
unset($profile['photo_data']);
unset($profile['photo_filesize']);
unset($profile['avatar_filesize']);
unset($profile['photo_type']);
unset($profile['photo_location']);
unset($profile['notes']);
// need to stop fields which have been added by hooks getting through. See ticket 854980 as to why this is needed.
if (is_array($profile)) {
// set the fields we're allowed (I can't think of a better way of populating this array unfortunately)
$allowedFields = array('pp_member_id', 'pp_last_visitors', 'pp_rating_hits', 'pp_rating_value', 'pp_rating_real', 'pp_main_photo', 'pp_main_width', 'pp_main_height', 'pp_thumb_photo', 'pp_thumb_width', 'pp_thumb_height', 'pp_setting_moderate_comments', 'pp_setting_moderate_friends', 'pp_setting_count_friends', 'pp_setting_count_comments', 'pp_setting_count_visitors', 'pp_about_me', 'pp_reputation_points', 'pp_gravatar', 'pp_photo_type', 'signature', 'avatar_location', 'avatar_size', 'avatar_type', 'pconversation_filters', 'fb_photo', 'fb_photo_thumb', 'fb_bwoptions', 'tc_last_sid_import', 'tc_photo', 'tc_bwoptions', 'pp_customization', 'pp_profile_update');
foreach ($profile as $k => $v) {
// not in allowed array? unset. (this stops fields from hooks making it through)
if (!in_array($k, $allowedFields)) {
unset($profile[$k]);
}
}
}
// check if we passed in custom..
$profileFields = array();
$profileFields['member_id'] = $memberId;
if (!empty($custom)) {
$profileFields = array_merge($profileFields, $custom);
}
// First member?
if ($info['id'] != $this->memberData['member_id']) {
if ($this->usingExtendedInserts) {
// Add it to the extended insert array which runs on next()
$this->extendedInserts['profile_portal'][] = $this->DB->compileInsertString($profile);
// Custom profile fields
$this->extendedInserts['pfields_content'][] = $this->DB->compileInsertString($profileFields);
} else {
$this->DB->insert('profile_portal', $profile);
$this->DB->insert('pfields_content', $profileFields);
}
} else {
if ($this->usingExtendedInserts) {
unset($profileFields['member_id']);
unset($profile['pp_member_id']);
$this->DB->update('profile_portal', $profile, "pp_member_id=" . $this->memberData['member_id']);
$this->DB->update('pfields_content', $profileFields, "member_id=" . $this->memberData['member_id']);
} else {
$this->DB->insert('profile_portal', $profile);
$this->DB->insert('pfields_content', $profileFields);
}
}
// Conversion cycle complete
return true;
}
public function changePW($newPass, $member, $currentPass = false)
{
//-----------------------------------------
// INIT
//-----------------------------------------
$save_array = array();
//-----------------------------------------
// Generate a new random password
//-----------------------------------------
$new_pass = IPSText::parseCleanValue(urldecode($newPass));
//-----------------------------------------
// Generate a new salt
//-----------------------------------------
$salt = IPSMember::generatePasswordSalt(5);
$salt = str_replace('\\', "\\\\", $salt);
//-----------------------------------------
// New log in key
//-----------------------------------------
$key = IPSMember::generateAutoLoginKey();
//-----------------------------------------
// Update...
//-----------------------------------------
$save_array['members_pass_salt'] = $salt;
$save_array['members_pass_hash'] = md5(md5($salt) . md5($new_pass));
$save_array['member_login_key'] = $key;
$save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24;
$save_array['failed_logins'] = null;
$save_array['failed_login_count'] = 0;
//-----------------------------------------
// Load handler...
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$this->han_login = new $classToLoad($this->registry);
$this->han_login->init();
$this->han_login->changePass($member['email'], md5($new_pass), $new_pass, $member);
IPSMember::save($member['member_id'], array('members' => $save_array));
IPSMember::updatePassword($member['member_id'], md5($new_pass));
IPSLib::runMemberSync('onPassChange', $member['member_id'], $new_pass);
}
/**
* Change a member's password
*
* @return @e void [Outputs to screen]
*/
protected function save_password()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$member_id = intval($this->request['member_id']);
$password = IPSText::parseCleanValue($_POST['password']);
$password2 = IPSText::parseCleanValue($_POST['password2']);
$new_key = intval($this->request['new_key']);
$new_salt = intval($this->request['new_salt']);
$salt = str_replace('\\', "\\\\", IPSMember::generatePasswordSalt(5));
$key = IPSMember::generateAutoLoginKey();
$md5_once = md5(trim($password));
//-----------------------------------------
// AJAX debug
//-----------------------------------------
IPSDebug::fireBug('info', array('Password: '******'password_nogood']);
}
if ($password != $password2) {
$this->registry->output->showError($this->lang->words['m_passmatch']);
}
//-----------------------------------------
// Get member
//-----------------------------------------
$member = IPSMember::load($member_id);
//-----------------------------------------
// Allowed to edit administrators?
//-----------------------------------------
if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin', 'members', 'members')) {
$this->registry->output->showError($this->lang->words['m_editadmin']);
}
//-----------------------------------------
// Check Converge: Password
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$han_login = new $classToLoad($this->registry);
$han_login->init();
$han_login->changePass($member['email'], $md5_once, $password, $member);
/*if ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' )
{
$this->returnJsonError( $this->lang->words['m_passchange']);
exit();
}*/
//-----------------------------------------
// Local DB
//-----------------------------------------
$update = array();
if ($new_salt) {
$update['members_pass_salt'] = $salt;
}
if ($new_key) {
$update['member_login_key'] = $key;
}
if (count($update)) {
IPSMember::save($member_id, array('core' => $update));
}
IPSMember::updatePassword($member_id, $md5_once);
IPSLib::runMemberSync('onPassChange', $member_id, $password);
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_passlog'], $member_id));
$this->registry->output->global_message = $this->lang->words['pw_updated_success'];
$this->registry->output->silentRedirectWithMessage($this->settings['base_url'] . 'module=members&do=viewmember&member_id=' . $member_id);
}
function step_11()
{
$this->DB->return_die = 1;
$start = intval($this->request['st']) ? intval($this->request['st']) : 0;
$lend = 300;
$end = $start + $lend;
$max = 0;
$this->DB->build(array('select' => 'id', 'from' => 'members', 'where' => "id > {$end}"));
$this->DB->execute();
$max = $this->DB->fetch();
$o = $this->DB->query($this->sql_members_converge($start, $end));
$found = 0;
//-----------------------------------------
// Do it...
//-----------------------------------------
while ($r = $this->DB->fetch($o)) {
if (!$r['cid'] or !$r['id']) {
$r['password'] = $r['password'] ? $r['password'] : $r['legacy_password'];
$salt = IPSMember::generatePasswordSalt(5);
$salt = str_replace('\\', "\\\\", $salt);
$this->DB->insert('members_converge', array('converge_id' => $r['id'], 'converge_email' => strtolower($r['email']), 'converge_joined' => $r['joined'], 'members_pass_hash' => md5(md5($salt) . $r['password']), 'members_pass_salt' => $salt));
$member_login_key = IPSMember::generateAutoLoginKey();
$this->DB->update('members', array('member_login_key' => $member_login_key, 'email' => strtolower($r['email'])), 'id=' . $r['id']);
if ($r['id'] == IPSSetUp::getSavedData('mid')) {
// Reset loginkey
IPSSetUp::setSavedData('loginkey', $member_login_key);
$this->member->setProperty('member_login_key', $member_login_key);
IPSSetUp::setSavedData('securekey', $this->member->form_hash);
}
}
$found++;
}
if (!$found and !$max['id']) {
$this->registry->output->addMessage("Converge completed, converting personal messages...");
$this->request['workact'] = 'step_12';
$this->request['st'] = 0;
} else {
$this->request['st'] = $end;
$this->registry->output->addMessage("Converge added: {$start} to {$end} completed....");
$this->request['workact'] = 'step_11';
}
}
/**
* Save new email and/or pass
*
* @return @e void
*/
protected function _saveForm()
{
if (!$this->request['email'] and !$this->request['password']) {
$this->registry->output->global_error = $this->lang->words['change_nothing_update'];
$this->_showForm();
return;
}
if ($this->request['email']) {
if (!$this->request['email_confirm']) {
$this->registry->output->global_error = $this->lang->words['change_both_fields'];
$this->_showForm();
return;
} else {
if ($this->request['email'] != $this->request['email_confirm']) {
$this->registry->output->global_error = $this->lang->words['change_not_match'];
$this->_showForm();
return;
}
}
$email = trim($this->request['email']);
if (!IPSText::checkEmailAddress($email)) {
$this->registry->output->global_error = $this->lang->words['bad_email_supplied'];
$this->_showForm();
return;
}
$email_check = IPSMember::load(strtolower($email));
if ($email_check['member_id']) {
if ($email_check['member_id'] == $this->memberData['member_id']) {
$this->registry->output->global_error = $this->lang->words['already_using_email'];
} else {
$this->registry->output->global_error = $this->lang->words['change_email_already_used'];
}
$this->_showForm();
return;
}
//-----------------------------------------
// Load handler...
//-----------------------------------------
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$han_login = new $classToLoad($this->registry);
$han_login->init();
$han_login->changeEmail(trim(strtolower($this->memberData['email'])), trim(strtolower($email)), $this->memberData);
IPSLib::runMemberSync('onEmailChange', $this->memberData['member_id'], strtolower($email), $this->memberData['email']);
IPSMember::save($this->memberData['member_id'], array('core' => array('email' => strtolower($email))));
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['changed_email'], $email));
}
if ($this->request['password']) {
if (!$this->request['password_confirm']) {
$this->registry->output->global_error = $this->lang->words['change_both_fields'];
$this->_showForm();
return;
} else {
if ($this->request['password'] != $this->request['password_confirm']) {
$this->registry->output->global_error = $this->lang->words['change_not_match_pw'];
$this->_showForm();
return;
}
}
$password = $this->request['password'];
$salt = str_replace('\\', "\\\\", IPSMember::generatePasswordSalt(5));
$key = IPSMember::generateAutoLoginKey();
$md5_once = md5(trim($password));
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/handlers/han_login.php', 'han_login');
$han_login = new $classToLoad($this->registry);
$han_login->init();
$han_login->changePass($this->memberData['email'], $md5_once, $password, $this->memberData);
IPSMember::save($this->memberData['member_id'], array('core' => array('members_pass_salt' => $salt, 'member_login_key' => $key)));
IPSMember::updatePassword($this->memberData['member_id'], $md5_once);
IPSLib::runMemberSync('onPassChange', $this->memberData['member_id'], $password);
ipsRegistry::getClass('adminFunctions')->saveAdminLog($this->lang->words['changed_password']);
}
$this->registry->output->global_message = $this->lang->words['details_updated'];
$this->registry->output->silentRedirectWithMessage($this->settings['base_url']);
}
/**
* Create new member
* Very basic functionality at this point.
*
* @param array Fields to save in the following format: array( 'members' => array( 'email' => '*****@*****.**',
* 'joined' => time() ),
* 'extendedProfile' => array( 'signature' => 'My signature' ) );
* Tables: members, pfields_content, profile_portal.
* You can also use the aliases: 'core [members]', 'extendedProfile [profile_portal]', and 'customFields [pfields_content]'
* @param bool Flag to attempt to auto create a name if the desired is taken
* @param bool Bypass custom field saving (if using the sso session integration this is required as member object isn't ready yet)
* @param bool Whether or not to recache the stats so as to update the board's last member data
* @return array Final member Data including member_id
*
* EXCEPTION CODES
* CUSTOM_FIELDS_EMPTY - Custom fields were not populated
* CUSTOM_FIELDS_INVALID - Custom fields were invalid
* CUSTOM_FIELDS_TOOBIG - Custom fields too big
*/
public static function create($tables = array(), $autoCreateName = FALSE, $bypassCfields = FALSE, $doStatsRecache = TRUE)
{
//-----------------------------------------
// INIT
//-----------------------------------------
$finalTables = array();
$password = '';
$plainPassword = '';
$bitWiseFields = ipsRegistry::fetchBitWiseOptions('global');
$md_5_password = '';
//-----------------------------------------
// Remap tables if required
//-----------------------------------------
foreach ($tables as $table => $data) {
$_name = isset(self::$remap[$table]) ? self::$remap[$table] : $table;
if ($_name == 'members') {
/* Magic password field */
if (!empty($data['md5_hash_password'])) {
$md_5_password = trim($data['md5_hash_password']);
$plainPassword = null;
unset($data['md5_hash_password']);
} else {
$password = isset($data['password']) ? trim($data['password']) : self::makePassword();
$plainPassword = $password;
$md_5_password = md5($password);
unset($data['password']);
}
}
$finalTables[$_name] = $data;
}
//-----------------------------------------
// Custom profile field stuff
//-----------------------------------------
if (!$bypassCfields) {
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/customfields/profileFields.php', 'customProfileFields');
$fields = new $classToLoad();
if (is_array($finalTables['pfields_content']) and count($finalTables['pfields_content'])) {
$fields->member_data = $finalTables['pfields_content'];
}
$fields->initData('edit');
$fields->parseToSave($finalTables['pfields_content'], 'register');
/* Check */
/*if( count( $fields->error_fields['empty'] ) )
{
throw new Exception( 'CUSTOM_FIELDS_EMPTY' );
}
if( count( $fields->error_fields['invalid'] ) )
{
throw new Exception( 'CUSTOM_FIELDS_INVALID' );
}
if( count( $fields->error_fields['toobig'] ) )
{
throw new Exception( 'CUSTOM_FIELDS_TOOBIG' );
}*/
}
//-----------------------------------------
// Make sure the account doesn't exist
//-----------------------------------------
if ($finalTables['members']['email']) {
if (IPSText::mbstrlen($finalTables['members']['email']) > 150 or strstr($finalTables['members']['email'], ' ')) {
/* Allow it to be auto created */
$finalTables['members']['email'] = false;
} else {
$existing = IPSMember::load($finalTables['members']['email'], 'all');
if ($existing['member_id']) {
$existing['full'] = true;
$existing['timenow'] = time();
return $existing;
}
}
}
//-----------------------------------------
// Fix up usernames and display names
//-----------------------------------------
/* Ensure we have a display name */
if ($autoCreateName and $finalTables['members']['members_display_name'] !== FALSE) {
$finalTables['members']['members_display_name'] = $finalTables['members']['members_display_name'] ? $finalTables['members']['members_display_name'] : $finalTables['members']['name'];
}
//-----------------------------------------
// Remove some basic HTML tags
//-----------------------------------------
if ($finalTables['members']['members_display_name']) {
if (IPSText::mbstrlen($finalTables['members']['members_display_name']) > 255) {
$finalTables['members']['members_display_name'] = false;
}
$finalTables['members']['members_display_name'] = str_replace(array('<', '>', '"'), '', $finalTables['members']['members_display_name']);
}
if ($finalTables['members']['name']) {
if (IPSText::mbstrlen($finalTables['members']['name']) > 255) {
$finalTables['members']['name'] = false;
}
$finalTables['members']['name'] = str_replace(array('<', '>', '"'), '', $finalTables['members']['name']);
}
//-----------------------------------------
// Make sure the names are unique
//-----------------------------------------
/* Can specify display name of FALSE to force no entry to force partial member */
if ($finalTables['members']['members_display_name'] !== FALSE) {
try {
if (IPSMember::getFunction()->checkNameExists($finalTables['members']['members_display_name'], array(), 'members_display_name', true) === true) {
if ($autoCreateName === TRUE) {
/* Now, make sure we have a unique display name */
$max = ipsRegistry::DB()->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_display_name LIKE '" . ipsRegistry::DB()->addSlashes(strtolower($finalTables['members']['members_display_name'])) . "%'"));
if ($max['max']) {
$_num = $max['max'] + 1;
$finalTables['members']['members_display_name'] = $finalTables['members']['members_display_name'] . '_' . $_num;
}
} else {
$finalTables['members']['members_display_name'] = '';
}
}
} catch (Exception $e) {
}
}
if ($finalTables['members']['name']) {
try {
if (IPSMember::getFunction()->checkNameExists($finalTables['members']['name'], array(), 'name', true) === true) {
if ($autoCreateName === TRUE) {
/* Now, make sure we have a unique username */
$max = ipsRegistry::DB()->buildAndFetch(array('select' => 'MAX(member_id) as max', 'from' => 'members', 'where' => "members_l_username LIKE '" . ipsRegistry::DB()->addSlashes(strtolower($finalTables['members']['name'])) . "%'"));
if ($max['max']) {
$_num = $max['max'] + 1;
$finalTables['members']['name'] = $finalTables['members']['name'] . '_' . $_num;
}
} else {
$finalTables['members']['name'] = '';
}
}
} catch (Exception $e) {
}
}
//-----------------------------------------
// Clean up characters
//-----------------------------------------
if ($finalTables['members']['name']) {
$userName = IPSMember::getFunction()->cleanAndCheckName($finalTables['members']['name'], array(), 'name');
if ($userName['errors']) {
$finalTables['members']['name'] = $finalTables['members']['email'];
} else {
$finalTables['members']['name'] = $userName['username'];
}
}
if ($finalTables['members']['members_display_name']) {
$displayName = IPSMember::getFunction()->cleanAndCheckName($finalTables['members']['members_display_name']);
if ($displayName['errors']) {
$finalTables['members']['members_display_name'] = '';
} else {
$finalTables['members']['members_display_name'] = $displayName['members_display_name'];
}
}
//-----------------------------------------
// Populate member table(s)
//-----------------------------------------
$finalTables['members']['members_l_username'] = isset($finalTables['members']['name']) ? strtolower($finalTables['members']['name']) : '';
$finalTables['members']['joined'] = $finalTables['members']['joined'] ? $finalTables['members']['joined'] : time();
$finalTables['members']['email'] = $finalTables['members']['email'] ? $finalTables['members']['email'] : $finalTables['members']['name'] . '@' . $finalTables['members']['joined'];
$finalTables['members']['member_group_id'] = $finalTables['members']['member_group_id'] ? $finalTables['members']['member_group_id'] : ipsRegistry::$settings['member_group'];
$finalTables['members']['ip_address'] = $finalTables['members']['ip_address'] ? $finalTables['members']['ip_address'] : ipsRegistry::member()->ip_address;
$finalTables['members']['members_created_remote'] = intval($finalTables['members']['members_created_remote']);
$finalTables['members']['member_login_key'] = IPSMember::generateAutoLoginKey();
$finalTables['members']['member_login_key_expire'] = ipsRegistry::$settings['login_key_expire'] ? time() + intval(ipsRegistry::$settings['login_key_expire']) * 86400 : 0;
$finalTables['members']['view_sigs'] = 1;
$finalTables['members']['bday_day'] = intval($finalTables['members']['bday_day']);
$finalTables['members']['bday_month'] = intval($finalTables['members']['bday_month']);
$finalTables['members']['bday_year'] = intval($finalTables['members']['bday_year']);
$finalTables['members']['restrict_post'] = intval($finalTables['members']['restrict_post']);
$finalTables['members']['auto_track'] = $finalTables['members']['auto_track'] ? $finalTables['members']['auto_track'] : ipsRegistry::$settings['auto_track_method'];
$finalTables['members']['msg_count_total'] = 0;
$finalTables['members']['msg_count_new'] = 0;
$finalTables['members']['msg_show_notification'] = 1;
$finalTables['members']['coppa_user'] = 0;
$finalTables['members']['auto_track'] = substr($finalTables['members']['auto_track'], 0, 50);
$finalTables['members']['last_visit'] = $finalTables['members']['last_visit'] ? $finalTables['members']['last_visit'] : time();
$finalTables['members']['last_activity'] = $finalTables['members']['last_activity'] ? $finalTables['members']['last_activity'] : time();
$finalTables['members']['language'] = $finalTables['members']['language'] ? $finalTables['members']['language'] : IPSLib::getDefaultLanguage();
$finalTables['members']['member_uploader'] = ipsRegistry::$settings['uploadFormType'] ? 'flash' : 'default';
$finalTables['members']['members_pass_salt'] = IPSMember::generatePasswordSalt(5);
$finalTables['members']['members_pass_hash'] = IPSMember::generateCompiledPasshash($finalTables['members']['members_pass_salt'], $md_5_password);
$finalTables['members']['members_display_name'] = isset($finalTables['members']['members_display_name']) ? $finalTables['members']['members_display_name'] : '';
$finalTables['members']['members_l_display_name'] = isset($finalTables['members']['members_display_name']) ? strtolower($finalTables['members']['members_display_name']) : '';
$finalTables['members']['fb_uid'] = isset($finalTables['members']['fb_uid']) ? $finalTables['members']['fb_uid'] : 0;
$finalTables['members']['fb_emailhash'] = isset($finalTables['members']['fb_emailhash']) ? strtolower($finalTables['members']['fb_emailhash']) : '';
$finalTables['members']['members_seo_name'] = IPSText::makeSeoTitle($finalTables['members']['members_display_name']);
$finalTables['members']['bw_is_spammer'] = intval($finalTables['members']['bw_is_spammer']);
//-----------------------------------------
// Insert: MEMBERS
//-----------------------------------------
ipsRegistry::DB()->setDataType(array('name', 'members_l_username', 'members_display_name', 'members_l_display_name', 'members_seo_name', 'email'), 'string');
/* Bitwise options */
if (is_array($bitWiseFields['members'])) {
$_freeze = array();
foreach ($bitWiseFields['members'] as $field) {
if (isset($finalTables['members'][$field])) {
/* Add to freezeable array */
$_freeze[$field] = $finalTables['members'][$field];
/* Remove it from the fields to save to DB */
unset($finalTables['members'][$field]);
}
}
if (count($_freeze)) {
$finalTables['members']['members_bitoptions'] = IPSBWOptions::freeze($_freeze, 'members', 'global');
}
}
ipsRegistry::DB()->insert('members', $finalTables['members']);
//-----------------------------------------
// Get the member id
//-----------------------------------------
$finalTables['members']['member_id'] = ipsRegistry::DB()->getInsertId();
//-----------------------------------------
// Insert: PROFILE PORTAL
//-----------------------------------------
$finalTables['profile_portal']['pp_member_id'] = $finalTables['members']['member_id'];
$finalTables['profile_portal']['pp_setting_count_friends'] = 1;
$finalTables['profile_portal']['pp_setting_count_comments'] = 1;
$finalTables['profile_portal']['pp_setting_count_visitors'] = 1;
$finalTables['profile_portal']['pp_customization'] = serialize(array());
foreach (array('pp_last_visitors', 'pp_about_me', 'signature', 'fb_photo', 'fb_photo_thumb', 'pconversation_filters') as $f) {
$finalTables['profile_portal'][$f] = $finalTables['profile_portal'][$f] ? $finalTables['profile_portal'][$f] : '';
}
ipsRegistry::DB()->insert('profile_portal', $finalTables['profile_portal']);
//-----------------------------------------
// Insert into the custom profile fields DB
//-----------------------------------------
if (!$bypassCfields) {
/* Check the website url field */
$website_field = $fields->getFieldIDByKey('website');
if ($website_field && $fields->out_fields['field_' . $website_field]) {
if (stristr($fields->out_fields['field_' . $website_field], 'http://') === FALSE && stristr($fields->out_fields['field_' . $website_field], 'https://') === FALSE) {
$fields->out_fields['field_' . $website_field] = 'http://' . $fields->out_fields['field_' . $website_field];
}
}
$fields->out_fields['member_id'] = $finalTables['members']['member_id'];
ipsRegistry::DB()->delete('pfields_content', 'member_id=' . $finalTables['members']['member_id']);
ipsRegistry::DB()->insert('pfields_content', $fields->out_fields);
} else {
ipsRegistry::DB()->delete('pfields_content', 'member_id=' . $finalTables['members']['member_id']);
ipsRegistry::DB()->insert('pfields_content', array('member_id' => $finalTables['members']['member_id']));
}
//-----------------------------------------
// Insert into partial ID table
//-----------------------------------------
$full_account = false;
if ($finalTables['members']['members_display_name'] and $finalTables['members']['name'] and $finalTables['members']['email'] and $finalTables['members']['email'] != $finalTables['members']['name'] . '@' . $finalTables['members']['joined']) {
$full_account = true;
}
if (!$full_account) {
ipsRegistry::DB()->insert('members_partial', array('partial_member_id' => $finalTables['members']['member_id'], 'partial_date' => $finalTables['members']['joined'], 'partial_email_ok' => $finalTables['members']['email'] == $finalTables['members']['name'] . '@' . $finalTables['members']['joined'] ? 0 : 1));
}
/* Add plain password and run sync */
$finalTables['members']['plainPassword'] = $plainPassword;
IPSLib::runMemberSync('onCreateAccount', $finalTables['members']);
/* Remove plain password */
unset($finalTables['members']['plainPassword']);
//-----------------------------------------
// Recache our stats (Ticket 627608)
//-----------------------------------------
if ($doStatsRecache == TRUE) {
ipsRegistry::cache()->rebuildCache('stats', 'global');
}
return array_merge($finalTables['members'], $finalTables['profile_portal'], !$bypassCfields ? $fields->out_fields : array(), array('timenow' => $finalTables['members']['joined'], 'full' => $full_account));
}
/**
* Change a member's password
*
* @access protected
* @return void [Outputs to screen]
*/
protected function save_password()
{
//-----------------------------------------
// INIT
//-----------------------------------------
$member_id = intval($this->request['member_id']);
$password = $this->request['password'];
$password2 = $this->request['password2'];
$new_key = intval($this->request['new_key']);
$new_salt = intval($this->request['new_salt']);
$salt = str_replace('\\', "\\\\", IPSMember::generatePasswordSalt(5));
$key = IPSMember::generateAutoLoginKey();
$md5_once = md5(trim($password));
//-----------------------------------------
// Check
//-----------------------------------------
if (!$password or !$password2) {
$this->returnJsonError($this->lang->words['password_nogood']);
exit;
}
if ($password != $password2) {
$this->returnJsonError($this->lang->words['m_passmatch']);
exit;
}
//-----------------------------------------
// Get member
//-----------------------------------------
$member = IPSMember::load($member_id);
//-----------------------------------------
// Allowed to edit administrators?
//-----------------------------------------
if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_edit_admin', 'members', 'members')) {
$this->returnJsonError($this->lang->words['m_editadmin']);
exit;
}
//-----------------------------------------
// Check Converge: Password
//-----------------------------------------
require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
$han_login = new han_login($this->registry);
$han_login->init();
$han_login->changePass($member['email'], $md5_once);
/*if ( $han_login->return_code != 'METHOD_NOT_DEFINED' AND $han_login->return_code != 'SUCCESS' )
{
$this->returnJsonError( $this->lang->words['m_passchange']);
exit();
}*/
//-----------------------------------------
// Local DB
//-----------------------------------------
$update = array();
if ($new_salt) {
$update['members_pass_salt'] = $salt;
}
if ($new_key) {
$update['member_login_key'] = $key;
}
if (count($update)) {
IPSMember::save($member_id, array('core' => $update));
}
IPSMember::updatePassword($member_id, $md5_once);
IPSLib::runMemberSync('onPassChange', $member_id, $password);
ipsRegistry::getClass('adminFunctions')->saveAdminLog(sprintf($this->lang->words['m_passlog'], $member_id));
$_string = <<<EOF
\t\t{
\t\t\t'success' : true,
\t\t\t'password' : "*************"
\t\t}
\t\t
EOF;
$this->returnString($_string);
}
/**
* Validates a lost password request
*
* @access public
* @return void
*/
public function lostPasswordValidate()
{
/* Check for input and it's in a valid format. */
$in_user_id = intval(trim(urldecode($this->request['uid'])));
$in_validate_key = IPSText::md5Clean(trim(urldecode($this->request['aid'])));
/* Check Input */
if (!$in_validate_key) {
$this->registry->output->showError('validation_key_incorrect', 1015);
}
if (!preg_match("/^(?:\\d){1,}\$/", $in_user_id)) {
$this->registry->output->showError('uid_key_incorrect', 1016);
}
/* Attempt to get the profile of the requesting user */
$member = IPSMember::load($in_user_id);
if (!$member['member_id']) {
$this->registry->output->showError('lostpass_no_member', 1017);
}
/* Get validating info.. */
$validate = $this->DB->buildAndFetch(array('select' => '*', 'from' => 'validating', 'where' => 'member_id=' . $in_user_id . ' and lost_pass=1'));
if (!$validate['member_id']) {
$this->registry->output->showError('lostpass_not_validating', 1018);
}
if ($validate['new_reg'] == 1 && $this->settings['reg_auth_type'] == "admin") {
$this->registry->output->showError('lostpass_new_reg', 4010, true);
}
if ($validate['vid'] != $in_validate_key) {
$this->registry->output->showError('lostpass_key_wrong', 1019);
} else {
/* On the same page? */
if ($validate['lost_pass'] != 1) {
$this->registry->output->showError('lostpass_not_lostpass', 4011, true);
}
/* Test GD image */
if ($this->settings['bot_antispam']) {
if ($this->registry->getClass('class_captcha')->validate() !== TRUE) {
$this->lostPasswordValidateForm('err_reg_code');
return;
}
}
/* Send a new random password? */
if ($this->settings['lp_method'] == 'random') {
//-----------------------------------------
// INIT
//-----------------------------------------
$save_array = array();
//-----------------------------------------
// Generate a new random password
//-----------------------------------------
$new_pass = IPSLib::makePassword();
//-----------------------------------------
// Generate a new salt
//-----------------------------------------
$salt = IPSMember::generatePasswordSalt(5);
$salt = str_replace('\\', "\\\\", $salt);
//-----------------------------------------
// New log in key
//-----------------------------------------
$key = IPSMember::generateAutoLoginKey();
//-----------------------------------------
// Update...
//-----------------------------------------
$save_array['members_pass_salt'] = $salt;
$save_array['members_pass_hash'] = md5(md5($salt) . md5($new_pass));
$save_array['member_login_key'] = $key;
$save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24;
$save_array['failed_logins'] = null;
$save_array['failed_login_count'] = 0;
//-----------------------------------------
// Load handler...
//-----------------------------------------
require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
$this->han_login = new han_login($this->registry);
$this->han_login->init();
$this->han_login->changePass($member['email'], md5($new_pass));
if ($this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'SUCCESS') {
$this->registry->output->showError($this->lang->words['lostpass_external_fail'], 2013);
}
IPSMember::save($member['member_id'], array('members' => $save_array));
//-----------------------------------------
// Send out the email...
//-----------------------------------------
IPSText::getTextClass('email')->getTemplate("lost_pass_email_pass");
IPSText::getTextClass('email')->buildMessage(array('NAME' => $member['members_display_name'], 'THE_LINK' => $this->settings['base_url'] . 'app=core&module=usercp&tab=core&area=password', 'PASSWORD' => $new_pass, 'LOGIN' => $this->settings['base_url'] . 'app=core&module=global§ion=login', 'USERNAME' => $member['name'], 'EMAIL' => $member['email'], 'ID' => $member['member_id']));
IPSText::getTextClass('email')->subject = $this->lang->words['lp_random_pass_subject'] . ' ' . $this->settings['board_name'];
IPSText::getTextClass('email')->to = $member['email'];
IPSText::getTextClass('email')->sendMail();
$this->registry->output->setTitle($this->lang->words['activation_form']);
$this->output = $this->registry->getClass('output')->getTemplate('register')->showLostPassWaitRandom($member);
} else {
if ($_POST['pass1'] == "") {
$this->registry->output->showError('pass_blank', 10184);
}
if ($_POST['pass2'] == "") {
$this->registry->output->showError('pass_blank', 10185);
}
$pass_a = trim($this->request['pass1']);
$pass_b = trim($this->request['pass2']);
if (strlen($pass_a) < 3) {
$this->registry->output->showError('pass_too_short', 10186);
}
if ($pass_a != $pass_b) {
$this->registry->output->showError('pass_no_match', 10187);
}
$new_pass = md5($pass_a);
/* Update Member Array */
$save_array = array();
/* Generate a new salt */
$salt = IPSMember::generatePasswordSalt(5);
$salt = str_replace('\\', "\\\\", $salt);
/* New log in key */
$key = IPSMember::generateAutoLoginKey();
/* Update Array */
$save_array['members_pass_salt'] = $salt;
$save_array['members_pass_hash'] = md5(md5($salt) . $new_pass);
$save_array['member_login_key'] = $key;
$save_array['member_login_key_expire'] = $this->settings['login_key_expire'] * 60 * 60 * 24;
$save_array['failed_logins'] = null;
$save_array['failed_login_count'] = 0;
/* Change the password */
require_once IPS_ROOT_PATH . 'sources/handlers/han_login.php';
$this->han_login = new han_login($this->registry);
$this->han_login->init();
$this->han_login->changePass($member['email'], md5($new_pass));
//-----------------------------------------
// We'll ignore any remote errors
//-----------------------------------------
if ($this->han_login->return_code != 'METHOD_NOT_DEFINED' and $this->han_login->return_code != 'SUCCESS') {
// Pass not changed remotely
}
/* Update the member */
IPSMember::save($member['member_id'], array('members' => $save_array));
/* Remove "dead" validation */
$this->DB->delete('validating', "vid='{$validate['vid']}' OR (member_id={$member['member_id']} AND lost_pass=1)");
$this->registry->output->silentRedirect($this->settings['base_url'] . '&app=core&module=global§ion=login&do=autologin&frompass=1');
}
}
}
