require 'classes/validation.class.php'; require 'include/function_smarty.php'; if (isset($_POST['submit_lost'])) { $filter = new VFilter(); $valid = new VValidation(); $email = $filter->get('email'); if ($email == '') { $errors[] = $lang['confirm.expl']; } elseif (!$valid->email($email)) { $errors[] = $lang['global.email_invalid']; } elseif (!$valid->emailExists($email)) { $errors[] = $lang['confirm.email_invalid']; } else { require 'classes/random.class.php'; require 'classes/email.class.php'; $passwd = VRandom::generate(8); $password = md5($passwd); $sql = "SELECT username FROM signup WHERE email = '" . mysql_real_escape_string($email) . "' LIMIT 1"; $rs = $conn->execute($sql); $username = $rs->fields['username']; $sql = "UPDATE signup SET pwd = '" . mysql_real_escape_string($password) . "'\n WHERE username = '******' LIMIT 1"; $conn->execute($sql); $smarty->assign('receiver_name', $username); $smarty->assign('password', $passwd); $sql = "SELECT * FROM emailinfo WHERE email_id = 'recover_password' LIMIT 1"; $rs = $conn->execute($sql); $subject = str_replace('{$site_name}', $config['site_name'], $rs->fields['email_subject']); $email_path = $config['BASE_DIR'] . '/templates/' . $rs->fields['email_path']; $body = $smarty->fetch($email_path); $mail = new VMail(); $mail->set();
} else { $gender = $gender == 'Male' ? 'Male' : 'Female'; $signup['gender'] = $gender; } if (!$errors) { require 'classes/random.class.php'; $password_clear = $password; $password = md5($password); $sql = "INSERT INTO signup SET email = '" . mysql_real_escape_string($email) . "', username = '******',\n pwd = '" . mysql_real_escape_string($password) . "', gender = '" . $gender . "',\n addtime = '" . time() . "', logintime = '" . time() . "'"; $conn->execute($sql); $uid = mysql_insert_id(); $sql = "INSERT INTO users_prefs (UID) VALUES (" . $uid . ")"; $conn->execute($sql); $sql = "INSERT INTO users_online (UID, online) VALUES (" . $uid . ", " . time() . ")"; $conn->execute($sql); $code = VRandom::generate(10, 'confirmation'); $sql = "INSERT INTO confirm (UID, code) VALUES (" . $uid . ",'" . mysql_real_escape_string($code) . "')"; $conn->execute($sql); $sql = "SELECT email_subject, email_path FROM emailinfo\n WHERE email_id = 'verify_email' LIMIT 1"; $rs = $conn->execute($sql); $email_subject = str_replace('{$site_name}', $config['site_name'], $rs->fields['email_subject']); $email_path = $config['BASE_DIR'] . '/templates/' . $rs->fields['email_path']; $smarty->assign('username', $username); $smarty->assign('password', $password_clear); $smarty->assign('uid', $uid); $smarty->assign('code', $code); $body = $smarty->fetch($email_path); $mail = new VMail(); $mail->setNoReply(); $mail->Subject = $email_subject; $mail->AltBody = $body;