1.2<::/VERSION> // <::DATE>07-22-2009<::/DATE> // <::LOCATION>%forum_root%<::/LOCATION> //------------------------------------------------------------------// session_start(); include("config.php"); include("class/hryampcha.php"); $capt = new captchaZDR; $db=new My_db; $db->connect(); // MyNG setting up... init(); $message =''; // Set up the language modules_get_language(); // Templates $t = new Template($_SESSION['conf_system_root']."/themes/".$_SESSION['conf_vis_theme']."/templates/"); if(isset($_POST) && !empty($_POST)) { /* $logfile = '/home/diettosu/record_reg.txt'; $current_time = date(DATE_RFC822, time()); $referer = $_SERVER['HTTP_REFERER']; $ip=$_SERVER['REMOTE_ADDR']; $content = " [NEW REGISTRATION] SUBMITTED: " . $current_time . " USER IP: " . $ip . " REFERRER: " . $referer . " (careful - Referrer data is not to be trusted) ********************************************** "; $content .= print_r($_POST, true); $content .= " [END OF REGISTRATION] ********************************************** "; logwrite($content); */ // Check all required variables: if(!isset($_POST['registro_usuario']) || $_POST['registro_usuario'] != "ok") return_registration_error(); if(!isset($_POST['id_user']) || $_POST['id_user'] == "") return_registration_error(); if(!isset($_POST['hashpasswd']) || $_POST['hashpasswd'] == "") return_registration_error(); if(!isset($_POST['hashpasswd2']) || $_POST['hashpasswd2'] == "") return_registration_error(); if(!isset($_POST['email']) || $_POST['email'] == "") return_registration_error(); if(!($capt->check_result())) { $message = "Error: Sorry, you did not pass the image test. Please try again!
"; $t->set_var("error",$message); $left_bar = manage_login(time(),$t,$db); $system_info = $message; $main = "register.htm"; $t->set_file("main",$main); $t->set_var("id_user",$id_user); $t->set_var("email",$email); //$t->set_var("country",$country); // Show the text of the template in the required language parse_text($t); // Show all the page show_layout($t,$left_bar,$system_info,MYNG_VERSION); $message =''; exit; } } // Check if the user pushed 'register!' if($_POST['registro_usuario'] == "ok"){ // Sanitize all input now! //sanitize($input, 10, $min='', $max=''); $email = sanitize($_POST['email'], 10, $min='', $max=''); $id_user = sanitize($_POST['id_user'], 10, $min='', $max=''); $first_name = sanitize($_POST['first_name'], 10, $min='', $max=''); $last_name = sanitize($_POST['last_name'], 10, $min='', $max=''); $hashpasswd = sanitize($_POST['hashpasswd'], 10, $min='', $max=''); $hashpasswd2 = sanitize($_POST['hashpasswd2'], 10, $min='', $max=''); $visible = sanitize($_POST['visible'], 10, $min='', $max=''); // Do not use $_POST beyond this point! // Instantiate an 'user' object, with the variables passed // through the form $new_user = new User($id_user,$hashpasswd,$email,$visible,$first_name,$last_name); // Call the required methods $response = $new_user->register_user($hashpasswd2); if($response['ok'] == 1){ mail_confirm_code($email, $id_user); // The registration was succesfully completed $left_bar = manage_login(time(),$t,$db); $system_info = $response['message']; $main = "register_confirm.htm"; $t->set_file("main",$main); // Show all the page show_layout($t,$left_bar,$system_info,MYNG_VERSION); }else{ // Something has happended $left_bar = manage_login(time(),$t,$db); $system_info = $response['message']; $main = "register.htm"; $t->set_file("main",$main); $t->set_var("error","Error: ".$response['message']."
"); $t->set_var("id_user",$id_user); $t->set_var("email",$email); //$t->set_var("country",$country); // Show the text of the template in the required language parse_text($t); // Show all the page show_layout($t,$left_bar,$system_info,MYNG_VERSION); } }else{ // Check if the login system is activated or not if($_SESSION['conf_system_login_yn']=="Y"){ // We only display the required form $left_bar = manage_login(time(),$t,$db); // Only if left_bar = 'login' !! $challenge=md5(uniqid($_SESSION['conf_sec_secret_string'])); $t->set_var("secret_challenge",$challenge); $system_info = _MYNGFILL_FORM; $main = "register.htm"; $t->set_file("main",$main); // Show the text of the template in the required language parse_text($t); $finish = finish_time($start); $t->set_var("page_time",$finish); // Show all the page show_layout($t,$left_bar,$system_info,MYNG_VERSION); }else{ // There's no login system $left_bar = manage_login($current_time,$t,$db); //$left_bar = "poweredby.htm"; $challenge=md5(uniqid($myng['cadena'])); $t->set_var("secret_challenge",$challenge); $system_info = _MYNGMUST_LOGIN; $main = "error.htm"; $t->set_file("main",$main); $t->set_var("error_message",_MYNGMUST_LOGIN); $finish = finish_time($start); $t->set_var("page_time",$finish); // Show all the page show_layout($t,$left_bar,$system_info,MYNG_VERSION); exit(); } } function parse_text(&$t){ // Registration text $t->set_var("_myngfill_form",_MYNGFILL_FORM); $t->set_var("_myngall_fields",_MYNGALL_FIELDS); $t->set_var("_myngrequired",_MYNGREQUIRED); $t->set_var("_mynguser_name",_MYNGUSER_NAME); $t->set_var("_myngemail",_MYNGEMAIL); $t->set_var("_myngpassword",_MYNGPASSWORD); $t->set_var("_myngvisible",_MYNGVISIBLE); $t->set_var("_myngyes",_MYNGYES); $t->set_var("_myngno",_MYNGNO); $t->set_var("_myngpassword_again",_MYNGPASSWORD_AGAIN); $t->set_var("_mynginsert_valid_email",_MYNGINSERT_VALID_EMAIL); $t->set_var("_myngspam_protected",_MYNGSPAM_PROTECTED); $t->set_var("_myngpassword_transfer",_MYNGPASSWORD_TRANSFER); $t->set_var("_myngsecure_login",_MYNGSECURE_LOGIN); $t->set_var("_myngcountry",_MYNGCOUNTRY); } function mail_confirm_code($email,$id_user) { $db=new My_db; $db->connect(); // BUILD PASSWORD RESET CODE HERE $code = $email . 'per*aspera#ad@astra' . $id_user . time(); // OK, save the password now $hashedpass = md5($code); //garble it first ;-) $query = "UPDATE myng_user SET usr_conf_code='".$hashedpass."' WHERE usr_name = '" . $id_user."';"; $db->query($query); if($db->num_rows() == 0) { global $system_info; global $message; $system_info = "Error: cannot update user's record with the new code - please contact the site administrator"; $message = $system_info; } $mail = new PHPMailer(); $mail->IsSendmail(); // set mailer to use sendmail() //$mail->Host = "smtp1.example.com;smtp2.example.com"; // specify main and backup server //$mail->SMTPAuth = true; // turn on SMTP authentication //$mail->Username = "jswan"; // SMTP username //$mail->Password = "secret"; // SMTP password $admin_host = preg_replace("/(.*?)\.(.*)/","\\2",$_SERVER['SERVER_NAME']); $admin_email = "info@" . $admin_host; $mail->Sender = $admin_email; $mail->Hostname = $admin_host; $mail->From = $admin_email; $mail->FromName = $_SERVER['SERVER_NAME'] . " New Accounts"; $mail->AddAddress("$email", $id_user); //$mail->AddAddress("ellen@example.com"); // name is optional $mail->AddReplyTo("$admin_email", "Administrator"); $mail->WordWrap = 50; // set word wrap to 50 characters //$mail->AddAttachment("/var/tmp/file.tar.gz"); // add attachments //$mail->AddAttachment("/tmp/image.jpg", "new.jpg"); // optional name $reset_URL = 'http://' . $_SERVER['SERVER_NAME'] . $_SESSION['conf_system_prefix'] . "confirm_new.php?c=" . $hashedpass; $mail->IsHTML(false); // set email format to HTML $mail->Subject = "Your attention required: new account at " . $_SERVER['SERVER_NAME'] . " needs to be confirmed"; $mail->Body = "Hello $id_user, \nthank you for creating an account at " . $_SERVER['SERVER_NAME']; $mail->Body .= "\n
Here is your confirmation code: " . $hashedpass . ""; $mail->Body .= "\n
Please visit this page to confirm your e-mail and start using your account: ". '' . $reset_URL . ''; $mail->AltBody = "Hello $id_user, \nthank you for creating an account at " . $_SERVER['SERVER_NAME']; $mail->AltBody = "\nHere is your confirmation code: " . $hashedpass; $mail->AltBody .= "\nPlease visit this page to confirm your e-mail and start using your account: ". $reset_URL . "\n"; if(!$mail->Send()) { echo "Message could not be sent.

"; echo "Mailer Error: " . $mail->ErrorInfo; return false; exit; } else { return true; } } function logwrite($message){ global $v; global $logfile; if (!$handle = fopen($logfile, 'a')) { if ($v) echo "Cannot open file ($logfile)"; exit; } if (fwrite($handle, $message) === FALSE) { if ($v) echo "Cannot write to file ($logfile)"; exit; } fclose($handle); } function return_registration_error() { $t = new Template($_SESSION['conf_system_root']."/themes/".$_SESSION['conf_vis_theme']."/templates/"); $message = "Please fill in all required information!
"; $t->set_var("error",$message); $left_bar = manage_login(time(),$t,$db); $system_info = $message; $main = "register.htm"; $t->set_file("main",$main); $t->set_var("id_user",$id_user); $t->set_var("email",$email); //$t->set_var("country",$country); // Show the text of the template in the required language parse_text($t); // Show all the page show_layout($t,$left_bar,$system_info,MYNG_VERSION); exit; } ?>