本文整理汇总了PHP中generateValidationCode函数的典型用法代码示例。如果您正苦于以下问题:PHP generateValidationCode函数的具体用法?PHP generateValidationCode怎么用?PHP generateValidationCode使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了generateValidationCode函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: AdminApprove
function AdminApprove()
{
global $txt, $context, $scripturl, $modSettings, $sourcedir, $language, $user_info, $smcFunc;
// First, check our session.
checkSession();
require_once $sourcedir . '/Subs-Post.php';
// We also need to the login languages here - for emails.
loadLanguage('Login');
// Sort out where we are going...
$browse_type = isset($_REQUEST['type']) ? $_REQUEST['type'] : (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? 'activate' : 'approve');
$current_filter = (int) $_REQUEST['orig_filter'];
// If we are applying a filter do just that - then redirect.
if (isset($_REQUEST['filter']) && $_REQUEST['filter'] != $_REQUEST['orig_filter']) {
redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $_REQUEST['filter'] . ';start=' . $_REQUEST['start']);
}
// Nothing to do?
if (!isset($_POST['todoAction']) && !isset($_POST['time_passed'])) {
redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
}
// Are we dealing with members who have been waiting for > set amount of time?
if (isset($_POST['time_passed'])) {
$timeBefore = time() - 86400 * (int) $_POST['time_passed'];
$condition = '
AND date_registered < {int:time_before}';
} else {
$members = array();
foreach ($_POST['todoAction'] as $id) {
$members[] = (int) $id;
}
$condition = '
AND id_member IN ({array_int:members})';
}
// Get information on each of the members, things that are important to us, like email address...
$request = $smcFunc['db_query']('', '
SELECT id_member, member_name, real_name, email_address, validation_code, lngfile
FROM {db_prefix}members
WHERE is_activated = {int:activated_status}' . $condition . '
ORDER BY lngfile', array('activated_status' => $current_filter, 'time_before' => empty($timeBefore) ? 0 : $timeBefore, 'members' => empty($members) ? array() : $members));
$member_count = $smcFunc['db_num_rows']($request);
// If no results then just return!
if ($member_count == 0) {
redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
}
$member_info = array();
$members = array();
// Fill the info array.
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$members[] = $row['id_member'];
$member_info[] = array('id' => $row['id_member'], 'username' => $row['member_name'], 'name' => $row['real_name'], 'email' => $row['email_address'], 'language' => empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'], 'code' => $row['validation_code']);
}
$smcFunc['db_free_result']($request);
// Are we activating or approving the members?
if ($_POST['todo'] == 'ok' || $_POST['todo'] == 'okemail') {
// Approve/activate this member.
$smcFunc['db_query']('', '
UPDATE {db_prefix}members
SET validation_code = {string:blank_string}, is_activated = {int:is_activated}
WHERE is_activated = {int:activated_status}' . $condition, array('is_activated' => 1, 'time_before' => empty($timeBefore) ? 0 : $timeBefore, 'members' => empty($members) ? array() : $members, 'activated_status' => $current_filter, 'blank_string' => ''));
// Do we have to let the integration code know about the activations?
if (!empty($modSettings['integrate_activate'])) {
foreach ($member_info as $member) {
call_integration_hook('integrate_activate', array($member['username']));
}
}
// Check for email.
if ($_POST['todo'] == 'okemail') {
foreach ($member_info as $member) {
$replacements = array('NAME' => $member['name'], 'USERNAME' => $member['username'], 'PROFILELINK' => $scripturl . '?action=profile;u=' . $member['id'], 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder');
$emaildata = loadEmailTemplate('admin_approve_accept', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
}
}
} elseif ($_POST['todo'] == 'require_activation') {
require_once $sourcedir . '/Subs-Members.php';
// We have to do this for each member I'm afraid.
foreach ($member_info as $member) {
// Generate a random activation code.
$validation_code = generateValidationCode();
// Set these members for activation - I know this includes two id_member checks but it's safer than bodging $condition ;).
$smcFunc['db_query']('', '
UPDATE {db_prefix}members
SET validation_code = {string:validation_code}, is_activated = {int:not_activated}
WHERE is_activated = {int:activated_status}
' . $condition . '
AND id_member = {int:selected_member}', array('not_activated' => 0, 'activated_status' => $current_filter, 'selected_member' => $member['id'], 'validation_code' => $validation_code, 'time_before' => empty($timeBefore) ? 0 : $timeBefore, 'members' => empty($members) ? array() : $members));
$replacements = array('USERNAME' => $member['name'], 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $validation_code, 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $member['id'], 'ACTIVATIONCODE' => $validation_code);
$emaildata = loadEmailTemplate('admin_approve_activation', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
}
} elseif ($_POST['todo'] == 'reject' || $_POST['todo'] == 'rejectemail') {
require_once $sourcedir . '/Subs-Members.php';
deleteMembers($members);
// Send email telling them they aren't welcome?
if ($_POST['todo'] == 'rejectemail') {
foreach ($member_info as $member) {
$replacements = array('USERNAME' => $member['name']);
$emaildata = loadEmailTemplate('admin_approve_reject', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
}
}
//.........这里部分代码省略.........
示例2: AdminApprove
function AdminApprove()
{
global $txt, $context, $db_prefix, $scripturl, $modSettings, $sourcedir, $language, $user_info;
require_once $sourcedir . '/Subs-Post.php';
// We also need to the login languages here - for emails.
loadLanguage('Login');
// Sort out where we are going...
$browse_type = isset($_REQUEST['type']) ? $_REQUEST['type'] : (!empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? 'activate' : 'approve');
$current_filter = (int) $_REQUEST['orig_filter'];
// If we are applying a filter do just that - then redirect.
if (isset($_REQUEST['filter']) && $_REQUEST['filter'] != $_REQUEST['orig_filter']) {
redirectexit('action=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $_REQUEST['filter'] . ';start=' . $_REQUEST['start']);
}
// Nothing to do?
if (!isset($_POST['todoAction']) && !isset($_POST['time_passed'])) {
redirectexit('action=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
}
// Are we dealing with members who have been waiting for > set amount of time?
if (isset($_POST['time_passed'])) {
$timeBefore = time() - 86400 * (int) $_POST['time_passed'];
$condition = "\n\t\t\tAND dateRegistered < {$timeBefore}";
} else {
$members = array();
foreach ($_POST['todoAction'] as $id) {
$members[] = (int) $id;
}
$condition = "\n\t\t\tAND ID_MEMBER IN (" . implode(', ', $members) . ")";
}
// Get information on each of the members, things that are important to us, like email address...
$request = db_query("\n\t\tSELECT ID_MEMBER, memberName, realName, emailAddress, validation_code, lngfile\n\t\tFROM {$db_prefix}members\n\t\tWHERE is_activated = {$current_filter}{$condition}\n\t\tORDER BY lngfile", __FILE__, __LINE__);
$member_count = mysql_num_rows($request);
// If no results then just return!
if ($member_count == 0) {
redirectexit('action=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
}
$member_info = array();
$members = array();
// Fill the info array.
while ($row = mysql_fetch_assoc($request)) {
$members[] = $row['ID_MEMBER'];
$member_info[] = array('id' => $row['ID_MEMBER'], 'username' => $row['memberName'], 'name' => $row['realName'], 'email' => $row['emailAddress'], 'language' => empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'], 'code' => $row['validation_code']);
}
mysql_free_result($request);
// Are we activating or approving the members?
if ($_POST['todo'] == 'ok' || $_POST['todo'] == 'okemail') {
// Approve/activate this member.
db_query("\n\t\t\tUPDATE {$db_prefix}members\n\t\t\tSET validation_code = '', is_activated = 1\n\t\t\tWHERE is_activated = {$current_filter}{$condition}\n\t\t\tLIMIT {$member_count}", __FILE__, __LINE__);
// Do we have to let the integration code know about the activations?
if (isset($modSettings['integrate_activate']) && function_exists($modSettings['integrate_activate'])) {
foreach ($member_info as $member) {
call_user_func($modSettings['integrate_activate'], $member['username']);
}
}
// Check for email.
if ($_POST['todo'] == 'okemail') {
foreach ($member_info as $member) {
if (empty($current_language) || $current_language != $member['language']) {
$current_language = loadLanguage('index', $member['language'], false);
loadLanguage('ManageMembers', $member['language'], false);
}
sendmail($member['email'], $txt['register_subject'], "{$txt['hello_guest']} {$member['name']}!\n\n" . "{$txt['admin_approve_accept_desc']} {$txt['719']} {$member['username']}\n\n" . "{$txt['701']}\n" . "{$scripturl}?action=profile\n\n" . $txt[130]);
}
}
} elseif ($_POST['todo'] == 'require_activation') {
require_once $sourcedir . '/Subs-Members.php';
// We have to do this for each member I'm afraid.
foreach ($member_info as $member) {
// Generate a random activation code.
$validation_code = generateValidationCode();
// Set these members for activation - I know this includes two ID_MEMBER checks but it's safer than bodging $condition ;).
db_query("\n\t\t\t\tUPDATE {$db_prefix}members\n\t\t\t\tSET validation_code = '{$validation_code}', is_activated = 0\n\t\t\t\tWHERE is_activated = {$current_filter}\n\t\t\t\t\t{$condition}\n\t\t\t\t\tAND ID_MEMBER = {$member['id']}\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
if (empty($current_language) || $current_language != $member['language']) {
$current_language = loadLanguage('index', $member['language'], false);
loadLanguage('ManageMembers', $member['language'], false);
}
// Send out the activation email.
sendmail($member['email'], $txt['register_subject'], "{$txt['hello_guest']} {$member['name']}!\n\n" . "{$txt['admin_approve_require_activation']} {$txt['admin_approve_remind_desc2']}\n" . "{$scripturl}?action=activate;u={$member['id']};code={$validation_code}\n\n" . $txt[130]);
}
} elseif ($_POST['todo'] == 'reject' || $_POST['todo'] == 'rejectemail') {
require_once $sourcedir . '/Subs-Members.php';
deleteMembers($members);
// Send email telling them they aren't welcome?
if ($_POST['todo'] == 'rejectemail') {
foreach ($member_info as $member) {
if (empty($current_language) || $current_language != $member['language']) {
$current_language = loadLanguage('ManageMembers', $member['language'], false);
}
sendmail($member['email'], $txt['admin_approve_reject'], "{$member['name']},\n\n" . "{$txt['admin_approve_reject_desc']}\n\n" . $txt[130]);
}
}
} elseif ($_POST['todo'] == 'delete' || $_POST['todo'] == 'deleteemail') {
require_once $sourcedir . '/Subs-Members.php';
deleteMembers($members);
// Send email telling them they aren't welcome?
if ($_POST['todo'] == 'deleteemail') {
foreach ($member_info as $member) {
if (empty($current_language) || $current_language != $member['language']) {
$current_language = loadLanguage('ManageMembers', $member['language'], false);
}
sendmail($member['email'], $txt['admin_approve_delete'], "{$member['name']},\n\n" . "{$txt['admin_approve_delete_desc']}\n\n" . $txt[130]);
//.........这里部分代码省略.........
示例3: registerMember
function registerMember(&$regOptions, $return_errors = false)
{
global $scripturl, $txt, $modSettings, $context, $sourcedir;
global $user_info, $options, $settings, $smcFunc;
loadLanguage('Login');
// We'll need some external functions.
require_once $sourcedir . '/lib/Subs-Auth.php';
require_once $sourcedir . '/lib/Subs-Post.php';
// Put any errors in here.
$reg_errors = array();
// Registration from the admin center, let them sweat a little more.
if ($regOptions['interface'] == 'admin') {
is_not_guest();
isAllowedTo('moderate_forum');
} elseif ($regOptions['interface'] == 'guest') {
// You cannot register twice...
if (empty($user_info['is_guest'])) {
redirectexit();
}
// Make sure they didn't just register with this session.
if (!empty($_SESSION['just_registered']) && empty($modSettings['disableRegisterCheck'])) {
fatal_lang_error('register_only_once', false);
}
}
// What method of authorization are we going to use?
if (empty($regOptions['auth_method']) || !in_array($regOptions['auth_method'], array('password', 'openid'))) {
if (!empty($regOptions['openid'])) {
$regOptions['auth_method'] = 'openid';
} else {
$regOptions['auth_method'] = 'password';
}
}
// No name?! How can you register with no name?
if (empty($regOptions['username'])) {
$reg_errors[] = array('lang', 'need_username');
}
// Spaces and other odd characters are evil...
$regOptions['username'] = preg_replace('~[\\t\\n\\r\\x0B\\0' . ($context['server']['complex_preg_chars'] ? '\\x{A0}' : " ") . ']+~u', ' ', $regOptions['username']);
// Don't use too long a name.
if (commonAPI::strlen($regOptions['username']) > 25) {
$reg_errors[] = array('lang', 'error_long_name');
}
// Only these characters are permitted.
if (preg_match('~[<>&"\'=\\\\]~', preg_replace('~&#(?:\\d{1,7}|x[0-9a-fA-F]{1,6});~', '', $regOptions['username'])) != 0 || $regOptions['username'] == '_' || $regOptions['username'] == '|' || strpos($regOptions['username'], '[code') !== false || strpos($regOptions['username'], '[/code') !== false) {
$reg_errors[] = array('lang', 'error_invalid_characters_username');
}
if (commonAPI::strtolower($regOptions['username']) === commonAPI::strtolower($txt['guest_title'])) {
$reg_errors[] = array('lang', 'username_reserved', 'general', array($txt['guest_title']));
}
// !!! Separate the sprintf?
if (empty($regOptions['email']) || preg_match('~^[0-9A-Za-z=_+\\-/][0-9A-Za-z=_\'+\\-/\\.]*@[\\w\\-]+(\\.[\\w\\-]+)*(\\.[\\w]{2,6})$~', $regOptions['email']) === 0 || strlen($regOptions['email']) > 255) {
$reg_errors[] = array('done', sprintf($txt['valid_email_needed'], commonAPI::htmlspecialchars($regOptions['username'])));
}
if (!empty($regOptions['check_reserved_name']) && isReservedName($regOptions['username'], 0, false)) {
if ($regOptions['password'] == 'chocolate cake') {
$reg_errors[] = array('done', 'Sorry, I don\'t take bribes... you\'ll need to come up with a different name.');
}
$reg_errors[] = array('done', '(' . htmlspecialchars($regOptions['username']) . ') ' . $txt['name_in_use']);
}
// Generate a validation code if it's supposed to be emailed.
$validation_code = '';
if ($regOptions['require'] == 'activation') {
$validation_code = generateValidationCode();
}
// If you haven't put in a password generate one.
if ($regOptions['interface'] == 'admin' && $regOptions['password'] == '' && $regOptions['auth_method'] == 'password') {
mt_srand(time() + 1277);
$regOptions['password'] = generateValidationCode();
$regOptions['password_check'] = $regOptions['password'];
} elseif ($regOptions['password'] != $regOptions['password_check'] && $regOptions['auth_method'] == 'password') {
$reg_errors[] = array('lang', 'passwords_dont_match');
}
// That's kind of easy to guess...
if ($regOptions['password'] == '') {
if ($regOptions['auth_method'] == 'password') {
$reg_errors[] = array('lang', 'no_password');
} else {
$regOptions['password'] = sha1(mt_rand());
}
}
// Now perform hard password validation as required.
if (!empty($regOptions['check_password_strength'])) {
$passwordError = validatePassword($regOptions['password'], $regOptions['username'], array($regOptions['email']));
// Password isn't legal?
if ($passwordError != null) {
$reg_errors[] = array('lang', 'profile_error_password_' . $passwordError);
}
}
// If they are using an OpenID that hasn't been verified yet error out.
// !!! Change this so they can register without having to attempt a login first
if ($regOptions['auth_method'] == 'openid' && (empty($_SESSION['openid']['verified']) || $_SESSION['openid']['openid_uri'] != $regOptions['openid'])) {
$reg_errors[] = array('lang', 'openid_not_verified');
}
// You may not be allowed to register this email.
if (!empty($regOptions['check_email_ban'])) {
isBannedEmail($regOptions['email'], 'cannot_register', $txt['ban_register_prohibited']);
}
// Check if the email address is in use.
$request = smf_db_query('
SELECT id_member
//.........这里部分代码省略.........
示例4: saveProfileChanges
//.........这里部分代码省略.........
if (trim($_POST['realName']) == '') {
$post_errors[] = 'no_name';
} elseif ($func['strlen']($_POST['realName']) > 60) {
$post_errors[] = 'name_too_long';
} else {
require_once $sourcedir . '/Subs-Members.php';
if (isReservedName($_POST['realName'], $memID)) {
$post_errors[] = 'name_taken';
}
}
if (isset($_POST['realName'])) {
$profile_vars['realName'] = '\'' . $_POST['realName'] . '\'';
}
}
// Change the registration date.
if (!empty($_POST['dateRegistered']) && allowedTo('admin_forum')) {
// Bad date! Go try again - please?
if (($_POST['dateRegistered'] = strtotime($_POST['dateRegistered'])) === -1) {
fatal_error($txt['smf233'] . ' ' . strftime('%d %b %Y ' . (strpos($user_info['time_format'], '%H') !== false ? '%I:%M:%S %p' : '%H:%M:%S'), forum_time(false)), false);
} elseif ($_POST['dateRegistered'] != $txt[470] && $_POST['dateRegistered'] != strtotime(strftime('%Y-%m-%d', $user_profile[$memID]['dateRegistered'] + ($user_info['time_offset'] + $modSettings['time_offset']) * 3600))) {
$profile_vars['dateRegistered'] = $_POST['dateRegistered'] - ($user_info['time_offset'] + $modSettings['time_offset']) * 3600;
}
}
// Change the number of posts.
if (isset($_POST['posts']) && allowedTo('moderate_forum')) {
$profile_vars['posts'] = $_POST['posts'] != '' ? (int) strtr($_POST['posts'], array(',' => '', '.' => '', ' ' => '')) : '\'\'';
}
// This block is only concerned with email address validation..
if (isset($_POST['emailAddress']) && strtolower($_POST['emailAddress']) != strtolower($old_profile['emailAddress'])) {
$_POST['emailAddress'] = strtr($_POST['emailAddress'], array(''' => '\\\''));
// Prepare the new password, or check if they want to change their own.
if (!empty($modSettings['send_validation_onChange']) && !allowedTo('moderate_forum')) {
require_once $sourcedir . '/Subs-Members.php';
$validationCode = generateValidationCode();
$profile_vars['validation_code'] = '\'' . $validationCode . '\'';
$profile_vars['is_activated'] = '2';
$newpassemail = true;
}
// Check the name and email for validity.
if (trim($_POST['emailAddress']) == '') {
$post_errors[] = 'no_email';
}
if (preg_match('~^[0-9A-Za-z=_+\\-/][0-9A-Za-z=_\'+\\-/\\.]*@[\\w\\-]+(\\.[\\w\\-]+)*(\\.[\\w]{2,6})$~', stripslashes($_POST['emailAddress'])) == 0) {
$post_errors[] = 'bad_email';
}
// Email addresses should be and stay unique.
$request = db_query("\n\t\t\t\tSELECT ID_MEMBER\n\t\t\t\tFROM {$db_prefix}members\n\t\t\t\tWHERE ID_MEMBER != {$memID}\n\t\t\t\t\tAND emailAddress = '{$_POST['emailAddress']}'\n\t\t\t\tLIMIT 1", __FILE__, __LINE__);
if (mysql_num_rows($request) > 0) {
$post_errors[] = 'email_taken';
}
mysql_free_result($request);
$profile_vars['emailAddress'] = '\'' . $_POST['emailAddress'] . '\'';
}
// Hide email address?
if (isset($_POST['hideEmail']) && (!empty($modSettings['allow_hideEmail']) || allowedTo('moderate_forum'))) {
$profile_vars['hideEmail'] = empty($_POST['hideEmail']) ? '0' : '1';
}
// Are they allowed to change their hide status?
if (isset($_POST['showOnline']) && (!empty($modSettings['allow_hideOnline']) || allowedTo('moderate_forum'))) {
$profile_vars['showOnline'] = empty($_POST['showOnline']) ? '0' : '1';
}
// If they're trying to change the password, let's check they pick a sensible one.
if (isset($_POST['passwrd1']) && $_POST['passwrd1'] != '') {
// Do the two entries for the password even match?
if ($_POST['passwrd1'] != $_POST['passwrd2']) {
$post_errors[] = 'bad_new_password';示例5: RemindMail
function RemindMail()
{
global $db_prefix, $context, $txt, $scripturl, $sourcedir, $user_info, $webmaster_email;
checkSession();
// You must enter a username/email address.
if (!isset($_POST['user']) || $_POST['user'] == '') {
fatal_lang_error(40, false);
}
// Find the user!
$request = db_query("\n\t\tSELECT ID_MEMBER, realName, memberName, emailAddress, is_activated, validation_code\n\t\tFROM {$db_prefix}members\n\t\tWHERE memberName = '{$_POST['user']}'\n\t\tLIMIT 1", __FILE__, __LINE__);
if (mysql_num_rows($request) == 0) {
mysql_free_result($request);
$request = db_query("\n\t\t\tSELECT ID_MEMBER, realName, memberName, emailAddress, is_activated, validation_code\n\t\t\tFROM {$db_prefix}members\n\t\t\tWHERE emailAddress = '{$_POST['user']}'\n\t\t\tLIMIT 1", __FILE__, __LINE__);
if (mysql_num_rows($request) == 0) {
fatal_lang_error(40, false);
}
}
$row = mysql_fetch_assoc($request);
mysql_free_result($request);
// If the user isn't activated/approved, give them some feedback on what to do next.
if ($row['is_activated'] != 1) {
// Awaiting approval...
if (trim($row['validation_code']) == '') {
fatal_error($txt['registration_not_approved'] . ' <a href="' . $scripturl . '?action=activate;user=' . $_POST['user'] . '">' . $txt[662] . '</a>.', false);
} else {
fatal_error($txt['registration_not_activated'] . ' <a href="' . $scripturl . '?action=activate;user=' . $_POST['user'] . '">' . $txt[662] . '</a>.', false);
}
}
// You can't get emailed if you have no email address.
$row['emailAddress'] = trim($row['emailAddress']);
if ($row['emailAddress'] == '') {
fatal_error('<b>' . $txt[394] . '<br />' . $txt[395] . ' <a href="mailto:' . $webmaster_email . '">webmaster</a> ' . $txt[396] . '.');
}
// Randomly generate a new password, with only alpha numeric characters that is a max length of 10 chars.
require_once $sourcedir . '/Subs-Members.php';
$password = generateValidationCode();
// Set the password in the database.
updateMemberData($row['ID_MEMBER'], array('validation_code' => "'" . substr(md5($password), 0, 10) . "'"));
require_once $sourcedir . '/Subs-Post.php';
sendmail($row['emailAddress'], $txt['reminder_subject'], sprintf($txt['sendtopic_dear'], $row['realName']) . "\n\n" . "{$txt['reminder_mail']}:\n\n" . "{$scripturl}?action=reminder;sa=setpassword;u={$row['ID_MEMBER']};code={$password}\n\n" . "{$txt['512']}: {$user_info['ip']}\n\n" . "{$txt['35']}: {$row['memberName']}\n\n" . $txt[130]);
// Set up the template.
$context += array('page_title' => &$txt[194], 'sub_template' => 'sent', 'description' => &$txt['reminder_sent']);
}示例6: action_approve
/**
* This function handles the approval, rejection, activation or deletion of members.
*
* What it does:
* - Called by ?action=admin;area=viewmembers;sa=approve.
* - Requires the moderate_forum permission.
* - Redirects to ?action=admin;area=viewmembers;sa=browse
* with the same parameters as the calling page.
*/
public function action_approve()
{
global $scripturl, $modSettings;
// First, check our session.
checkSession();
require_once SUBSDIR . '/Mail.subs.php';
require_once SUBSDIR . '/Members.subs.php';
// We also need to the login languages here - for emails.
loadLanguage('Login');
// Start off clean
$conditions = array();
// Sort out where we are going...
$current_filter = $conditions['activated_status'] = (int) $_REQUEST['orig_filter'];
// If we are applying a filter do just that - then redirect.
if (isset($_REQUEST['filter']) && $_REQUEST['filter'] != $_REQUEST['orig_filter']) {
redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $_REQUEST['filter'] . ';start=' . $_REQUEST['start']);
}
// Nothing to do?
if (!isset($_POST['todoAction']) && !isset($_POST['time_passed'])) {
redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
}
// Are we dealing with members who have been waiting for > set amount of time?
if (isset($_POST['time_passed'])) {
$conditions['time_before'] = time() - 86400 * (int) $_POST['time_passed'];
} else {
$conditions['members'] = array();
foreach ($_POST['todoAction'] as $id) {
$conditions['members'][] = (int) $id;
}
}
$data = retrieveMemberData($conditions);
if ($data['member_count'] == 0) {
redirectexit('action=admin;area=viewmembers;sa=browse;type=' . $_REQUEST['type'] . ';sort=' . $_REQUEST['sort'] . ';filter=' . $current_filter . ';start=' . $_REQUEST['start']);
}
$member_info = $data['member_info'];
$conditions['members'] = $data['members'];
// Are we activating or approving the members?
if ($_POST['todo'] == 'ok' || $_POST['todo'] == 'okemail') {
// Approve / activate this member.
approveMembers($conditions);
// Check for email.
if ($_POST['todo'] == 'okemail') {
foreach ($member_info as $member) {
$replacements = array('NAME' => $member['name'], 'USERNAME' => $member['username'], 'PROFILELINK' => $scripturl . '?action=profile;u=' . $member['id'], 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder');
$emaildata = loadEmailTemplate('admin_approve_accept', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
}
}
// Update the menu action cache so its forced to refresh
cache_put_data('num_menu_errors', null, 900);
} elseif ($_POST['todo'] == 'require_activation') {
require_once SUBSDIR . '/Auth.subs.php';
// We have to do this for each member I'm afraid.
foreach ($member_info as $member) {
$conditions['selected_member'] = $member['id'];
// Generate a random activation code.
$conditions['validation_code'] = generateValidationCode();
// Set these members for activation - I know this includes two id_member checks but it's safer than bodging $condition ;).
enforceReactivation($conditions);
$replacements = array('USERNAME' => $member['name'], 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $conditions['validation_code'], 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $member['id'], 'ACTIVATIONCODE' => $conditions['validation_code']);
$emaildata = loadEmailTemplate('admin_approve_activation', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
}
} elseif ($_POST['todo'] == 'reject' || $_POST['todo'] == 'rejectemail') {
deleteMembers($conditions['members']);
// Send email telling them they aren't welcome?
if ($_POST['todo'] == 'rejectemail') {
foreach ($member_info as $member) {
$replacements = array('USERNAME' => $member['name']);
$emaildata = loadEmailTemplate('admin_approve_reject', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
}
}
} elseif ($_POST['todo'] == 'delete' || $_POST['todo'] == 'deleteemail') {
deleteMembers($conditions['members']);
// Send email telling them they aren't welcome?
if ($_POST['todo'] == 'deleteemail') {
foreach ($member_info as $member) {
$replacements = array('USERNAME' => $member['name']);
$emaildata = loadEmailTemplate('admin_approve_delete', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
}
}
} elseif ($_POST['todo'] == 'remind') {
foreach ($member_info as $member) {
$replacements = array('USERNAME' => $member['name'], 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $member['id'] . ';code=' . $member['code'], 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $member['id'], 'ACTIVATIONCODE' => $member['code']);
$emaildata = loadEmailTemplate('admin_approve_remind', $replacements, $member['language']);
sendmail($member['email'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
}
}
// Log what we did?
//.........这里部分代码省略.........
示例7: GenerateSecureLoginHash
function GenerateSecureLoginHash($memberID)
{
global $smcFunc, $modSettings, $sourcedir;
SetupLoginSecurityTable($memberID);
require_once $sourcedir . '/Subs-Members.php';
$newHash = generateValidationCode();
$newHash_sha1 = sha1($newHash);
// Setup the next experiation
$nextexpire = time() + $modSettings['ls_securehash_expire_minutes'] * 60;
$smcFunc['db_query']('', "\n\tUPDATE {db_prefix}login_security \n\tSET secureloginhash = '{$newHash_sha1}', secureloginhashexpiretime = {$nextexpire}\n\tWHERE ID_MEMBER = " . $memberID);
return $newHash_sha1;
}示例8: RemindPick
function RemindPick()
{
global $context, $txt, $scripturl, $sourcedir, $user_info, $webmaster_email, $smcFunc, $language, $modSettings;
checkSession();
// Coming with a known ID?
if (!empty($_REQUEST['uid'])) {
$where = 'id_member = {int:id_member}';
$where_params['id_member'] = (int) $_REQUEST['uid'];
} elseif (isset($_POST['user']) && $_POST['user'] != '') {
$where = 'member_name = {string:member_name}';
$where_params['member_name'] = $_POST['user'];
$where_params['email_address'] = $_POST['user'];
}
// You must enter a username/email address.
if (empty($where)) {
fatal_lang_error('username_no_exist', false);
}
// Find the user!
$request = $smcFunc['db_query']('', '
SELECT id_member, real_name, member_name, email_address, is_activated, validation_code, lngfile, openid_uri, secret_question
FROM {db_prefix}members
WHERE ' . $where . '
LIMIT 1', array_merge($where_params, array()));
// Maybe email?
if ($smcFunc['db_num_rows']($request) == 0 && empty($_REQUEST['uid'])) {
$smcFunc['db_free_result']($request);
$request = $smcFunc['db_query']('', '
SELECT id_member, real_name, member_name, email_address, is_activated, validation_code, lngfile, openid_uri, secret_question
FROM {db_prefix}members
WHERE email_address = {string:email_address}
LIMIT 1', array_merge($where_params, array()));
if ($smcFunc['db_num_rows']($request) == 0) {
fatal_lang_error('no_user_with_email', false);
}
}
$row = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
$context['account_type'] = !empty($row['openid_uri']) ? 'openid' : 'password';
// If the user isn't activated/approved, give them some feedback on what to do next.
if ($row['is_activated'] != 1) {
// Awaiting approval...
if (trim($row['validation_code']) == '') {
fatal_error($txt['registration_not_approved'] . ' <a href="' . $scripturl . '?action=activate;user=' . $_POST['user'] . '">' . $txt['here'] . '</a>.', false);
} else {
fatal_error($txt['registration_not_activated'] . ' <a href="' . $scripturl . '?action=activate;user=' . $_POST['user'] . '">' . $txt['here'] . '</a>.', false);
}
}
// You can't get emailed if you have no email address.
$row['email_address'] = trim($row['email_address']);
if ($row['email_address'] == '') {
fatal_error($txt['no_reminder_email'] . '<br />' . $txt['send_email'] . ' <a href="mailto:' . $webmaster_email . '">webmaster</a> ' . $txt['to_ask_password'] . '.');
}
// If they have no secret question then they can only get emailed the item, or they are requesting the email, send them an email.
if (empty($row['secret_question']) || isset($_POST['reminder_type']) && $_POST['reminder_type'] == 'email') {
// Randomly generate a new password, with only alpha numeric characters that is a max length of 10 chars.
require_once $sourcedir . '/Subs-Members.php';
$password = generateValidationCode();
require_once $sourcedir . '/Subs-Post.php';
$replacements = array('REALNAME' => $row['real_name'], 'REMINDLINK' => $scripturl . '?action=reminder;sa=setpassword;u=' . $row['id_member'] . ';code=' . $password, 'IP' => $user_info['ip'], 'MEMBERNAME' => $row['member_name'], 'OPENID' => $row['openid_uri']);
$emaildata = loadEmailTemplate('forgot_' . $context['account_type'], $replacements, empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']);
$context['description'] = $txt['reminder_' . (!empty($row['openid_uri']) ? 'openid_' : '') . 'sent'];
// If they were using OpenID simply email them their OpenID identity.
sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
if (empty($row['openid_uri'])) {
// Set the password in the database.
updateMemberData($row['id_member'], array('validation_code' => substr(md5($password), 0, 10)));
}
// Set up the template.
$context['sub_template'] = 'sent';
// Dont really.
return;
} elseif (isset($_POST['reminder_type']) && $_POST['reminder_type'] == 'secret') {
return SecretAnswerInput();
}
// No we're here setup the context for template number 2!
$context['sub_template'] = 'reminder_pick';
$context['current_member'] = array('id' => $row['id_member'], 'name' => $row['member_name']);
}示例9: resetPassword
function resetPassword($memID, $username = null)
{
global $db_prefix, $scripturl, $context, $txt, $sourcedir, $modSettings;
// Language... and a required file.
loadLanguage('Login');
require_once $sourcedir . '/Subs-Post.php';
// Get some important details.
$request = db_query("\n\t\tSELECT memberName, emailAddress\n\t\tFROM {$db_prefix}members\n\t\tWHERE ID_MEMBER = {$memID}", __FILE__, __LINE__);
list($user, $email) = mysql_fetch_row($request);
mysql_free_result($request);
if ($username !== null) {
$old_user = $user;
$user = trim($username);
}
// Generate a random password.
require_once $sourcedir . '/Subs-Members.php';
$newPassword = generateValidationCode();
$newPassword_sha1 = sha1(strtolower($user) . $newPassword);
// Do some checks on the username if needed.
if ($username !== null) {
// No name?! How can you register with no name?
if ($user == '') {
fatal_lang_error(37, false);
}
// Only these characters are permitted.
if (in_array($user, array('_', '|')) || preg_match('~[<>&"\'=\\\\]~', $user) != 0 || strpos($user, '[code') !== false || strpos($user, '[/code') !== false) {
fatal_lang_error(240, false);
}
if (stristr($user, $txt[28]) !== false) {
fatal_lang_error(244, true, array($txt[28]));
}
require_once $sourcedir . '/Subs-Members.php';
if (isReservedName($user, $memID, false)) {
fatal_error('(' . htmlspecialchars($user) . ') ' . $txt[473], false);
}
// Update the database...
updateMemberData($memID, array('memberName' => '\'' . $user . '\'', 'passwd' => '\'' . $newPassword_sha1 . '\''));
} else {
updateMemberData($memID, array('passwd' => '\'' . $newPassword_sha1 . '\''));
}
if (isset($modSettings['integrate_reset_pass']) && function_exists($modSettings['integrate_reset_pass'])) {
call_user_func($modSettings['integrate_reset_pass'], $old_user, $user, $newPassword);
}
// Send them the email informing them of the change - then we're done!
sendmail($email, $txt['change_password'], "{$txt['hello_member']} {$user}!\n\n" . "{$txt['change_password_1']} {$context['forum_name']} {$txt['change_password_2']}\n\n" . "{$txt['719']}{$user}, {$txt['492']} {$newPassword}\n\n" . "{$txt['701']}\n" . "{$scripturl}?action=profile\n\n" . $txt[130]);
}示例10: registerMember
function registerMember(&$regOptions)
{
global $scripturl, $txt, $modSettings, $db_prefix, $context, $sourcedir;
global $user_info, $options, $settings, $func;
loadLanguage('Login');
// We'll need some external functions.
require_once $sourcedir . '/Subs-Auth.php';
require_once $sourcedir . '/Subs-Post.php';
// Registration from the admin center, let them sweat a little more.
if ($regOptions['interface'] == 'admin') {
is_not_guest();
isAllowedTo('moderate_forum');
} elseif ($regOptions['interface'] == 'guest') {
spamProtection('register');
// You cannot register twice...
if (empty($user_info['is_guest'])) {
redirectexit();
}
// Make sure they didn't just register with this session.
if (!empty($_SESSION['just_registered']) && empty($modSettings['disableRegisterCheck'])) {
fatal_lang_error('register_only_once', false);
}
}
// No name?! How can you register with no name?
if (empty($regOptions['username'])) {
fatal_lang_error(37, false);
}
// Spaces and other odd characters are evil...
$regOptions['username'] = preg_replace('~[\\t\\n\\r\\x0B\\0' . ($context['utf8'] ? $context['server']['complex_preg_chars'] ? '\\x{A0}' : pack('C*', 0xc2, 0xa0) : '\\xA0') . ']+~' . ($context['utf8'] ? 'u' : ''), ' ', $regOptions['username']);
// Don't use too long a name.
if ($func['strlen']($regOptions['username']) > 25) {
$regOptions['username'] = $func['htmltrim']($func['substr']($regOptions['username'], 0, 25));
}
// Only these characters are permitted.
if (preg_match('~[<>&"\'=\\\\]~', $regOptions['username']) != 0 || $regOptions['username'] == '_' || $regOptions['username'] == '|' || strpos($regOptions['username'], '[code') !== false || strpos($regOptions['username'], '[/code') !== false) {
fatal_lang_error(240, false);
}
if (stristr($regOptions['username'], $txt[28]) !== false) {
fatal_lang_error(244, true, array($txt[28]));
}
// !!! Separate the sprintf?
if (empty($regOptions['email']) || preg_match('~^[0-9A-Za-z=_+\\-/][0-9A-Za-z=_\'+\\-/\\.]*@[\\w\\-]+(\\.[\\w\\-]+)*(\\.[\\w]{2,6})$~', stripslashes($regOptions['email'])) === 0 || strlen(stripslashes($regOptions['email'])) > 255) {
fatal_error(sprintf($txt[500], $regOptions['username']), false);
}
if (!empty($regOptions['check_reserved_name']) && isReservedName($regOptions['username'], 0, false)) {
if ($regOptions['password'] == 'chocolate cake') {
fatal_error('Sorry, I don\'t take bribes... you\'ll need to come up with a different name.', false);
}
fatal_error('(' . htmlspecialchars($regOptions['username']) . ') ' . $txt[473], false);
}
// Generate a validation code if it's supposed to be emailed.
$validation_code = '';
if ($regOptions['require'] == 'activation') {
$validation_code = generateValidationCode();
}
// If you haven't put in a password generated one.
if ($regOptions['interface'] == 'admin' && $regOptions['password'] == '') {
mt_srand(time() + 1277);
$regOptions['password'] = generateValidationCode();
$regOptions['password_check'] = $regOptions['password'];
} elseif ($regOptions['password'] != $regOptions['password_check']) {
fatal_lang_error(213, false);
}
// That's kind of easy to guess...
if ($regOptions['password'] == '') {
fatal_lang_error(91, false);
}
// Now perform hard password validation as required.
if (!empty($regOptions['check_password_strength'])) {
$passwordError = validatePassword($regOptions['password'], $regOptions['username'], array($regOptions['email']));
// Password isn't legal?
if ($passwordError != null) {
fatal_lang_error('profile_error_password_' . $passwordError, false);
}
}
// You may not be allowed to register this email.
if (!empty($regOptions['check_email_ban'])) {
isBannedEmail($regOptions['email'], 'cannot_register', $txt['ban_register_prohibited']);
}
// Check if the email address is in use.
$request = db_query("\n\t\tSELECT ID_MEMBER\n\t\tFROM {$db_prefix}members\n\t\tWHERE emailAddress = '{$regOptions['email']}'\n\t\t\tOR emailAddress = '{$regOptions['username']}'\n\t\tLIMIT 1", __FILE__, __LINE__);
// !!! Separate the sprintf?
if (mysql_num_rows($request) != 0) {
fatal_error(sprintf($txt[730], htmlspecialchars($regOptions['email'])), false);
}
mysql_free_result($request);
// Some of these might be overwritten. (the lower ones that are in the arrays below.)
$regOptions['register_vars'] = array('memberName' => "'{$regOptions['username']}'", 'emailAddress' => "'{$regOptions['email']}'", 'passwd' => '\'' . sha1(strtolower($regOptions['username']) . $regOptions['password']) . '\'', 'passwordSalt' => '\'' . substr(md5(mt_rand()), 0, 4) . '\'', 'posts' => 0, 'dateRegistered' => time(), 'memberIP' => "'{$user_info['ip']}'", 'memberIP2' => "'{$_SERVER['BAN_CHECK_IP']}'", 'validation_code' => "'{$validation_code}'", 'realName' => "'{$regOptions['username']}'", 'personalText' => '\'' . addslashes($modSettings['default_personalText']) . '\'', 'pm_email_notify' => 1, 'ID_THEME' => 0, 'ID_POST_GROUP' => 4, 'lngfile' => "''", 'buddy_list' => "''", 'pm_ignore_list' => "''", 'messageLabels' => "''", 'personalText' => "''", 'websiteTitle' => "''", 'websiteUrl' => "''", 'location' => "''", 'ICQ' => "''", 'AIM' => "''", 'YIM' => "''", 'MSN' => "''", 'timeFormat' => "''", 'signature' => "''", 'avatar' => "''", 'usertitle' => "''", 'secretQuestion' => "''", 'secretAnswer' => "''", 'additionalGroups' => "''", 'smileySet' => "''");
// Setup the activation status on this new account so it is correct - firstly is it an under age account?
if ($regOptions['require'] == 'coppa') {
$regOptions['register_vars']['is_activated'] = 5;
// !!! This should be changed. To what should be it be changed??
$regOptions['register_vars']['validation_code'] = "''";
} elseif ($regOptions['require'] == 'nothing') {
$regOptions['register_vars']['is_activated'] = 1;
} elseif ($regOptions['require'] == 'activation') {
$regOptions['register_vars']['is_activated'] = 0;
} else {
$regOptions['register_vars']['is_activated'] = 3;
}
//.........这里部分代码省略.........
示例11: action_picktype
/**
* Pick a reminder type.
* Accessed by sa=picktype
*/
public function action_picktype()
{
global $context, $txt, $scripturl, $user_info, $webmaster_email, $language, $modSettings;
checkSession();
validateToken('remind');
createToken('remind');
require_once SUBSDIR . '/Auth.subs.php';
// No where params just yet
$where_params = array();
// Coming with a known ID?
if (!empty($_REQUEST['uid'])) {
$where = 'id_member = {int:id_member}';
$where_params['id_member'] = (int) $_REQUEST['uid'];
} elseif (isset($_POST['user']) && $_POST['user'] != '') {
$where = 'member_name = {string:member_name}';
$where_params['member_name'] = $_POST['user'];
$where_params['email_address'] = $_POST['user'];
}
// You must enter a username/email address.
if (empty($where)) {
fatal_lang_error('username_no_exist', false);
}
// Make sure we are not being slammed
// Don't call this if you're coming from the "Choose a reminder type" page - otherwise you'll likely get an error
if (!isset($_POST['reminder_type']) || !in_array($_POST['reminder_type'], array('email', 'secret'))) {
spamProtection('remind');
}
$member = findUser($where, $where_params);
$context['account_type'] = !empty($member['openid_uri']) ? 'openid' : 'password';
// If the user isn't activated/approved, give them some feedback on what to do next.
if ($member['is_activated'] != 1) {
// Awaiting approval...
if (trim($member['validation_code']) == '') {
fatal_error($txt['registration_not_approved'] . ' <a href="' . $scripturl . '?action=activate;user=' . $_POST['user'] . '">' . $txt['here'] . '</a>.', false);
} else {
fatal_error($txt['registration_not_activated'] . ' <a href="' . $scripturl . '?action=activate;user=' . $_POST['user'] . '">' . $txt['here'] . '</a>.', false);
}
}
// You can't get emailed if you have no email address.
$member['email_address'] = trim($member['email_address']);
if ($member['email_address'] == '') {
fatal_error($txt['no_reminder_email'] . '<br />' . $txt['send_email'] . ' <a href="mailto:' . $webmaster_email . '">webmaster</a> ' . $txt['to_ask_password'] . '.');
}
// If they have no secret question then they can only get emailed the item, or they are requesting the email, send them an email.
if (empty($member['secret_question']) || isset($_POST['reminder_type']) && $_POST['reminder_type'] == 'email') {
// Randomly generate a new password, with only alpha numeric characters that is a max length of 10 chars.
$password = generateValidationCode();
require_once SUBSDIR . '/Mail.subs.php';
$replacements = array('REALNAME' => $member['real_name'], 'REMINDLINK' => $scripturl . '?action=reminder;sa=setpassword;u=' . $member['id_member'] . ';code=' . $password, 'IP' => $user_info['ip'], 'MEMBERNAME' => $member['member_name'], 'OPENID' => $member['openid_uri']);
$emaildata = loadEmailTemplate('forgot_' . $context['account_type'], $replacements, empty($member['lngfile']) || empty($modSettings['userLanguage']) ? $language : $member['lngfile']);
$context['description'] = $txt['reminder_' . (!empty($member['openid_uri']) ? 'openid_' : '') . 'sent'];
// If they were using OpenID simply email them their OpenID identity.
sendmail($member['email_address'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
if (empty($member['openid_uri'])) {
// Set the password in the database.
updateMemberData($member['id_member'], array('validation_code' => substr(md5($password), 0, 10)));
}
// Set up the template.
$context['sub_template'] = 'sent';
// Dont really.
return;
} elseif (isset($_POST['reminder_type']) && $_POST['reminder_type'] == 'secret') {
return secretAnswerInput();
}
// No we're here setup the context for template number 2!
$context['sub_template'] = 'reminder_pick';
$context['current_member'] = array('id' => $member['id_member'], 'name' => $member['member_name']);
}示例12: mob_update_email
function mob_update_email($rpcmsg)
{
global $txt, $modSettings;
global $cookiename, $context;
global $sourcedir, $scripturl, $db_prefix;
global $ID_MEMBER, $user_info;
global $newpassemail, $user_profile, $validationCode;
loadLanguage('Profile');
// Start with no updates and no errors.
$profile_vars = array();
$post_errors = array();
$_POST['oldpasswrd'] = $rpcmsg->getParam(0) ? $rpcmsg->getScalarValParam(0) : '';
$_POST['emailAddress'] = $rpcmsg->getParam(1) ? $rpcmsg->getScalarValParam(1) : '';
// Clean up the POST variables.
$_POST = htmltrim__recursive($_POST);
$_POST = stripslashes__recursive($_POST);
$_POST = htmlspecialchars__recursive($_POST);
$_POST = addslashes__recursive($_POST);
$memberResult = loadMemberData($ID_MEMBER, false, 'profile');
if (!is_array($memberResult)) {
fatal_lang_error(453, false);
}
$memID = $ID_MEMBER;
$newpassemail = false;
$context['user']['is_owner'] = true;
isAllowedTo(array('manage_membergroups', 'profile_identity_any', 'profile_identity_own'));
// You didn't even enter a password!
if (trim($_POST['oldpasswrd']) == '') {
fatal_error($txt['profile_error_no_password']);
}
// This block is only concerned with email address validation..
if (strtolower($_POST['emailAddress']) != strtolower($user_profile[$memID]['emailAddress'])) {
$_POST['emailAddress'] = strtr($_POST['emailAddress'], array(''' => '\\\''));
// Prepare the new password, or check if they want to change their own.
if (!empty($modSettings['send_validation_onChange']) && !allowedTo('moderate_forum')) {
require_once $sourcedir . '/Subs-Members.php';
$validationCode = generateValidationCode();
$profile_vars['validation_code'] = '\'' . $validationCode . '\'';
$profile_vars['is_activated'] = '2';
$newpassemail = true;
}
// Check the name and email for validity.
if (trim($_POST['emailAddress']) == '') {
fatal_error($txt['profile_error_no_email']);
}
if (preg_match('~^[0-9A-Za-z=_+\\-/][0-9A-Za-z=_\'+\\-/\\.]*@[\\w\\-]+(\\.[\\w\\-]+)*(\\.[\\w]{2,6})$~', stripslashes($_POST['emailAddress'])) == 0) {
fatal_error($txt['profile_error_bad_email']);
}
// Email addresses should be and stay unique.
$request = db_query("\n SELECT ID_MEMBER\n FROM {$db_prefix}members\n WHERE ID_MEMBER != {$memID}\n AND emailAddress = '{$_POST['emailAddress']}'\n LIMIT 1", __FILE__, __LINE__);
if (mysql_num_rows($request) > 0) {
fatal_error($txt['profile_error_email_taken']);
}
mysql_free_result($request);
$profile_vars['emailAddress'] = '\'' . $_POST['emailAddress'] . '\'';
}
if (!empty($profile_vars)) {
updateMemberData($memID, $profile_vars);
}
// Send an email?
if ($newpassemail) {
require_once $sourcedir . '/Subs-Post.php';
// Send off the email.
sendmail($_POST['emailAddress'], $txt['activate_reactivate_title'] . ' ' . $context['forum_name'], "{$txt['activate_reactivate_mail']}\n\n" . "{$scripturl}?action=activate;u={$memID};code={$validationCode}\n\n" . "{$txt['activate_code']}: {$validationCode}\n\n" . $txt[130]);
// Log the user out.
db_query("\n DELETE FROM {$db_prefix}log_online\n WHERE ID_MEMBER = {$memID}", __FILE__, __LINE__);
$_SESSION['log_time'] = 0;
$_SESSION['login_' . $cookiename] = serialize(array(0, '', 0));
}
$response = array('result' => new xmlrpcval(true, 'boolean'), 'result_text' => new xmlrpcval('', 'base64'));
return new xmlrpcresp(new xmlrpcval($response, 'struct'));
}示例13: loadProfileFields
function loadProfileFields($force_reload = false)
{
global $context, $profile_fields, $txt, $scripturl, $modSettings, $user_info, $old_profile, $smcFunc, $cur_profile, $language;
// Don't load this twice!
if (!empty($profile_fields) && !$force_reload) {
return;
}
/* This horrific array defines all the profile fields in the whole world!
In general each "field" has one array - the key of which is the database column name associated with said field. Each item
can have the following attributes:
string $type: The type of field this is - valid types are:
- callback: This is a field which has its own callback mechanism for templating.
- check: A simple checkbox.
- hidden: This doesn't have any visual aspects but may have some validity.
- password: A password box.
- select: A select box.
- text: A string of some description.
string $label: The label for this item - default will be $txt[$key] if this isn't set.
string $subtext: The subtext (Small label) for this item.
int $size: Optional size for a text area.
array $input_attr: An array of text strings to be added to the input box for this item.
string $value: The value of the item. If not set $cur_profile[$key] is assumed.
string $permission: Permission required for this item (Excluded _any/_own subfix which is applied automatically).
function $input_validate: A runtime function which validates the element before going to the database. It is passed
the relevant $_POST element if it exists and should be treated like a reference.
Return types:
- true: Element can be stored.
- false: Skip this element.
- a text string: An error occured - this is the error message.
function $preload: A function that is used to load data required for this element to be displayed. Must return
true to be displayed at all.
string $cast_type: If set casts the element to a certain type. Valid types (bool, int, float).
string $save_key: If the index of this element isn't the database column name it can be overriden
with this string.
bool $is_dummy: If set then nothing is acted upon for this element.
bool $enabled: A test to determine whether this is even available - if not is unset.
string $link_with: Key which links this field to an overall set.
Note that all elements that have a custom input_validate must ensure they set the value of $cur_profile correct to enable
the changes to be displayed correctly on submit of the form.
*/
$profile_fields = array('avatar_choice' => array('type' => 'callback_template', 'callback_name' => 'profile/avatar_select', 'preload' => 'profileLoadAvatarData', 'input_validate' => 'profileSaveAvatarData', 'save_key' => 'avatar'), 'bday1' => array('type' => 'callback_template', 'callback_name' => 'profile/birthdate_select', 'permission' => 'profile_extra', 'preload' => function () {
global $cur_profile, $context;
// Split up the birthdate....
list($uyear, $umonth, $uday) = explode('-', empty($cur_profile['birthdate']) || $cur_profile['birthdate'] == '0001-01-01' ? '0000-00-00' : $cur_profile['birthdate']);
$context['member']['birth_date'] = array('year' => $uyear == '0004' ? '0000' : $uyear, 'month' => $umonth, 'day' => $uday);
return true;
}, 'input_validate' => function (&$value) {
global $profile_vars, $cur_profile;
if (isset($_POST['bday2'], $_POST['bday3']) && $value > 0 && $_POST['bday2'] > 0) {
// Set to blank?
if ((int) $_POST['bday3'] == 1 && (int) $_POST['bday2'] == 1 && (int) $value == 1) {
$value = '0001-01-01';
} else {
$value = checkdate($value, $_POST['bday2'], $_POST['bday3'] < 4 ? 4 : $_POST['bday3']) ? sprintf('%04d-%02d-%02d', $_POST['bday3'] < 4 ? 4 : $_POST['bday3'], $_POST['bday1'], $_POST['bday2']) : '0001-01-01';
}
} else {
$value = '0001-01-01';
}
$profile_vars['birthdate'] = $value;
$cur_profile['birthdate'] = $value;
return false;
}), 'birthdate' => array('type' => 'hidden', 'permission' => 'profile_extra', 'input_validate' => function (&$value) {
global $cur_profile;
// !!! Should we check for this year and tell them they made a mistake :P? (based on coppa at least?)
if (preg_match('/(\\d{4})[\\-\\., ](\\d{2})[\\-\\., ](\\d{2})/', $value, $dates) === 1) {
$value = checkdate($dates[2], $dates[3], $dates[1] < 4 ? 4 : $dates[1]) ? sprintf('%04d-%02d-%02d', $dates[1] < 4 ? 4 : $dates[1], $dates[2], $dates[3]) : '0001-01-01';
return true;
} else {
$value = empty($cur_profile['birthdate']) ? '0001-01-01' : $cur_profile['birthdate'];
return false;
}
}), 'date_registered' => array('type' => 'text', 'value' => empty($cur_profile['date_registered']) ? $txt['not_applicable'] : strftime('%Y-%m-%d', $cur_profile['date_registered'] + ($user_info['time_offset'] + $modSettings['time_offset']) * 3600), 'label' => $txt['date_registered'], 'log_change' => true, 'permission' => 'moderate_forum', 'input_validate' => function (&$value) {
global $txt, $user_info, $modSettings, $cur_profile, $context;
// Bad date! Go try again - please?
if (($value = strtotime($value)) === -1) {
$value = $cur_profile['date_registered'];
return $txt['invalid_registration'] . ' ' . strftime('%d %b %Y ' . (strpos($user_info['time_format'], '%H') !== false ? '%I:%M:%S %p' : '%H:%M:%S'), forum_time(false));
} elseif ($value != $txt['not_applicable'] && $value != strtotime(strftime('%Y-%m-%d', $cur_profile['date_registered'] + ($user_info['time_offset'] + $modSettings['time_offset']) * 3600))) {
$value = $value - ($user_info['time_offset'] + $modSettings['time_offset']) * 3600;
} else {
$value = $cur_profile['date_registered'];
}
return true;
}), 'email_address' => array('type' => 'text', 'label' => $txt['email'], 'subtext' => $txt['valid_email'], 'log_change' => true, 'permission' => 'profile_identity', 'input_validate' => function (&$value) {
global $context, $old_profile, $context, $profile_vars, $sourcedir, $modSettings;
if (strtolower($value) == strtolower($old_profile['email_address'])) {
return false;
}
$isValid = profileValidateEmail($value, $context['id_member']);
// Do they need to revalidate? If so schedule the function!
if ($isValid === true && !empty($modSettings['send_validation_onChange']) && !allowedTo('moderate_forum')) {
require_once $sourcedir . '/lib/Subs-Members.php';
$profile_vars['validation_code'] = generateValidationCode();
//.........这里部分代码省略.........
示例14: ValidationCodeGateway
$password = $_POST['password'];
$names = $_POST['names'];
$emails = $_POST['emails'];
$msg = $_POST['msg'];
$gateway = new ValidationCodeGateway();
if ($password != 'Evgeny') {
die('Invalid Password');
}
echo "Validation codes are sent to following addresses: <br/>";
$i = -1;
foreach ($emails as $email) {
$i++;
if (empty($email)) {
continue;
}
$validationCode = generateValidationCode(15);
$gateway->insertValidationCode($email, $validationCode);
$vars = array("@@name@@", "@@email@@", "@@validationCode@@");
$vals = array($names[$i], $email, $validationCode);
$newMsg = str_replace($vars, $vals, $msg);
sendValidationCode($email, $validationCode, $newMsg);
echo "{$email} <br/>";
}
function generateValidationCode($length)
{
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, strlen($characters) - 1)];
}
return $randomString;示例15: registerMember
/**
* Registers a member to the forum.
*
* What it does:
* - Allows two types of interface: 'guest' and 'admin'. The first
* - includes hammering protection, the latter can perform the registration silently.
* - The strings used in the options array are assumed to be escaped.
* - Allows to perform several checks on the input, e.g. reserved names.
* - The function will adjust member statistics.
* - If an error is detected will fatal error on all errors unless return_errors is true.
*
* @package Members
* @uses Auth.subs.php
* @uses Mail.subs.php
* @param mixed[] $regOptions
* @param string $error_context
* @return integer the ID of the newly created member
*/
function registerMember(&$regOptions, $error_context = 'register')
{
global $scripturl, $txt, $modSettings, $user_info;
$db = database();
loadLanguage('Login');
// We'll need some external functions.
require_once SUBSDIR . '/Auth.subs.php';
require_once SUBSDIR . '/Mail.subs.php';
// Put any errors in here.
$reg_errors = Error_Context::context($error_context, 0);
// Registration from the admin center, let them sweat a little more.
if ($regOptions['interface'] == 'admin') {
is_not_guest();
isAllowedTo('moderate_forum');
} elseif ($regOptions['interface'] == 'guest') {
// You cannot register twice...
if (empty($user_info['is_guest'])) {
redirectexit();
}
// Make sure they didn't just register with this session.
if (!empty($_SESSION['just_registered']) && empty($modSettings['disableRegisterCheck'])) {
fatal_lang_error('register_only_once', false);
}
}
// What method of authorization are we going to use?
if (empty($regOptions['auth_method']) || !in_array($regOptions['auth_method'], array('password', 'openid'))) {
if (!empty($regOptions['openid'])) {
$regOptions['auth_method'] = 'openid';
} else {
$regOptions['auth_method'] = 'password';
}
}
// Spaces and other odd characters are evil...
$regOptions['username'] = trim(preg_replace('~[\\t\\n\\r \\x0B\\0\\x{A0}\\x{AD}\\x{2000}-\\x{200F}\\x{201F}\\x{202F}\\x{3000}\\x{FEFF}]+~u', ' ', $regOptions['username']));
// Valid emails only
require_once SUBSDIR . '/DataValidator.class.php';
if (!Data_Validator::is_valid($regOptions, array('email' => 'valid_email|required|max_length[255]'), array('email' => 'trim'))) {
$reg_errors->addError('bad_email');
}
validateUsername(0, $regOptions['username'], $error_context, !empty($regOptions['check_reserved_name']));
// Generate a validation code if it's supposed to be emailed.
$validation_code = '';
if ($regOptions['require'] == 'activation') {
$validation_code = generateValidationCode();
}
// If you haven't put in a password generate one.
if ($regOptions['interface'] == 'admin' && $regOptions['password'] == '' && $regOptions['auth_method'] == 'password') {
mt_srand(time() + 1277);
$regOptions['password'] = generateValidationCode();
$regOptions['password_check'] = $regOptions['password'];
} elseif ($regOptions['password'] != $regOptions['password_check'] && $regOptions['auth_method'] == 'password') {
$reg_errors->addError('passwords_dont_match');
}
// That's kind of easy to guess...
if ($regOptions['password'] == '') {
if ($regOptions['auth_method'] == 'password') {
$reg_errors->addError('no_password');
} else {
$regOptions['password'] = sha1(mt_rand());
}
}
// Now perform hard password validation as required.
if (!empty($regOptions['check_password_strength']) && $regOptions['password'] != '') {
$passwordError = validatePassword($regOptions['password'], $regOptions['username'], array($regOptions['email']));
// Password isn't legal?
if ($passwordError != null) {
$reg_errors->addError('profile_error_password_' . $passwordError);
}
}
// You may not be allowed to register this email.
if (!empty($regOptions['check_email_ban'])) {
isBannedEmail($regOptions['email'], 'cannot_register', $txt['ban_register_prohibited']);
}
// Check if the email address is in use.
$request = $db->query('', '
SELECT id_member
FROM {db_prefix}members
WHERE email_address = {string:email_address}
OR email_address = {string:username}
LIMIT 1', array('email_address' => $regOptions['email'], 'username' => $regOptions['username']));
if ($db->num_rows($request) != 0) {
$reg_errors->addError(array('email_in_use', array(htmlspecialchars($regOptions['email'], ENT_COMPAT, 'UTF-8'))));
//.........这里部分代码省略.........