", ${subject}, ${message}, "From: SVRAILforum Admin <${fSettings[Email]}>"); echo "Your registration has been completed sucessfully and "; echo "your password has been been sent to ${email}."; echo "Thank you for joining our forum.

"; echo "To continue browsing click the"; echo ""; echo ""; echo "logo."; } else {UhOh(mysql_error());} } function ParseRegForm() { global $username,$password,$password2,$email,$txt; if ($username == "") {UhOh($txt['errNoUsername']);} if ($email == "") {UhOh($txt['errNoEmail']);} if ((strlen($username) > 25) || (strlen($username) < 4)) {UhOh($txt['errUsernameLength']);} if ((strlen($email) > 50) || (strlen($email) < 5)) {UhOh($txt['errEmailLength']);} if (!(eregi("^[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,3}$",$email))) {UhOh($txt['errInvalidEmail']);} if (HasSpecialChar($username)) {UhOh($txt['errUsernameFormat']);} $query = "SELECT count(*) from t_users WHERE UserName ='".$username."'"; $result = mysql_query($query); $row = mysql_fetch_row($result); if ($row[0] >= 1) { UhOh($txt['errUsernameTaken']);} if (".$username." == ".Guest.") { UhOh($txt['errUsernameTaken']); } $query = "SELECT count(*) from t_users WHERE Email ='".$email."'"; $result = mysql_query($query); $row = mysql_fetch_row($result); if ($row[0] >= 1) { UhOh($txt['errEmailTaken']);} } function EditProfile() { global $username,$password,$newpassword,$email,$txt; global $EmailOK, $FirstName, $LastName, $StreetAddress, $City, $ZipPlus4; global $PhoneNumber; global $fSettings; global $fSession; ParseEditProfForm(); ${UserPass} = GrabUserPass(); $username = ${UserPass}[UserName]; $UserInfo = GrabUserInfo($username); $ID = $UserInfo['ID']; $newpassword = htmlspecialchars($newpassword); $email = htmlspecialchars($email); ${FirstName} = htmlspecialchars("${FirstName}"); ${LastName} = htmlspecialchars("${LastName}"); ${StreetAddress} = htmlspecialchars("${StreetAddress}"); ${City} = htmlspecialchars("${City}"); ${ZipPlus4} = htmlspecialchars("${ZipPlus4}"); ${PhoneNumber} = htmlspecialchars("${PhoneNumber}"); if (${email} != $UserInfo[Email]) { ${newpassword} = substr(crypt(${email}), 2, 8); } ${update} = "UPDATE t_users SET "; if (${newpassword}) { ${update} = ${update} . "Password='${newpassword}',"; } ${update} = ${update} . "Email='${email}', FirstName='${FirstName}'," . "LastName='${LastName}', StreetAddress='${StreetAddress}'," . "City='${City}',ZipPlus4='${ZipPlus4}',PhoneNumber='${PhoneNumber}'," . "EmailOK='${EmailOK}' WHERE ID=$ID"; $result = mysql_query(${update}); if ($result) { CookieStuff(0,$username,$newpassword); if (${email} != $UserInfo[Email]) { ${message} = "Your SVRAILforum email address has been changed." . "When this happens, your password is automatically changed" . " and the new password is sent to the new address." . " The following password\n\t${password}\nwill allow you" . " continue to use your username." . " To change your" . " password after you log in, click on the \"profile\" icon" . " and enter a new password.\n\nThank you for you support of" . " SVRAIL."; ${subject} = "SVRAILforum Password"; mail("${FirstName} ${LastName} <${email}>", ${subject}, ${message}, "From: SVRAILforum Admin <${fSettings[Email]}>"); } $url = $fSettings[ScriptURL] . "/index.php?fSession=${fSession}"; $msg = $txt['ProfileEdited'] . ". You are now being redirected to " . "the main page of the forum. If you don't want to wait, " . "please click here"; Redirect(${msg},$url); fHeader(); echo $txt['ProfileEdited']; } else {fHeader();UhOh(mysql_error());} } function ParseEditProfForm() { global $username,$password,$newpassword,$newpassword2,$email,$txt; global $EmailOK; ${currentUserPass} = GrabUserPass(); if (".$currentUserPass[UserName]." == "..") { UhOh($txt['errInvalidUser']); } if ($email == "") {UhOh(errNoEmail);} if (($newpassword) || ($newpassword2)) { if ($newpassword != $newpassword2) {UhOh($txt['errPasswordMismatch2']);} if ((strlen($newpassword) > 15) || (strlen($newpassword) < 4)) {UhOh($txt['errPasswordLength']);} if (HasSpecialChar($newpassword)) {UhOh($txt['errBadPassword']);} } if ((strlen($email) > 50) || (strlen($email) < 4)) {UhOh($txt['errEmailLength']);} if (!(eregi("^[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,3}$",$email))) {UhOh($txt['errInvalidEmail']);} $query = "SELECT count(*) from t_users WHERE Email ='".$email."'"; $result = mysql_query($query); $row = mysql_fetch_row($result); if ($row[0] >= 2) {UhOh($txt['errUsernameTaken']);} if (isset(${EmailOK}) && (${EmailOK} == "on")) { ${EmailOK} = "yes"; } else { ${EmailOK} = "no"; } } function Login() { global $username,$password,$url,$txt; global $fSession; if (HasSpecialChar($username)) {fHeader();UhOh($txt['errInvalidUser']);} if (HasSpecialChar($password)) {fHeader();UhOh($txt['errInvalidUser']);} if (CheckPassword($username,$password)) { ${query} = "SELECT MAX(SessionKey) from t_Session"; ${result} = mysql_query(${query}); ${row} = mysql_fetch_row(${result}); ${fSession} = crypt("${row}"); $query = "INSERT into t_Session " ."(SessionID, SessionUser, SessionExpire) " ."SELECT \"${fSession}\", ID, DATE_ADD(NOW(), INTERVAL 30 MINUTE) " ."from t_users " . "WHERE UserName = '$username'"; $result = mysql_query($query); $pos = strrpos($url, "?"); if ($pos === false) { $url = $url . "?fSession=${fSession}"; } else { $url = $url . "&fSession=${fSession}"; } CookieStuff(0,$username,$password); $now = time(); $query = "UPDATE t_users SET LastActive=$now WHERE UserName LIKE '$username'"; mysql_query($query) || die("Can't update user info. Reason: ".mysql_error()); Redirect("Login success! You're now being redirected to the location you were at. If you don't want to wait, please click here",$url); } else {fHeader();UhOh($txt['errInvalidUser']);} } function Logout() { global $fSettings, $BrownieArray; global $fSession; ${query} = "UPDATE t_Session SET SessionId = '::::::::::' " . "WHERE SessionId = \"$fSession\""; ${resultHandle} = mysql_query(${query}); ${query} = "UPDATE t_users set LastActive = LastActive - 600 " . "WHERE UserName = \"$BrownieArray[UserName]\""; ${resultHandle} = mysql_query(${query}); /*CookieStuff(0,"Guest","");*/ $url = $fSettings[SiteURL]; Redirect("Logout success! You're now being redirected to the location you were at. If you don't want to wait, please click here",$url); } function SendMail() { global $fSettings,$Action,$username,$password,$subject,$message,$TopicID,$Destination,$txt; if ($username == "") {fHeader();UhOh($txt['errNeedUsername']);} if ($message == "") {fHeader();UhOh($txt['errEmptyMessage']);} if ($Destination == "") {fHeader();UhOh($txt['errNoRecipient']);} if ((strlen($username) > 25) || (strlen($username) < 4)) {fHeader();UhOh($txt['errPasswordLength']);} if ((strlen($Destination) > 25) || (strlen($Destination) < 4)) {fHeader();UhOh($txt['errBadDestEmail']);} if (HasSpecialChar($username)) {fHeader();UhOh($txt['errBadPassword']);} if (HasSpecialChar($Destination)) {fHeader();UhOh($txt['errBadDestEmail']);} if (CheckPassword($username,$password) != 1) { fHeader(); UhOh($txt['errInvalidUser']); } else { CookieStuff(0,$username,$password); } $subject = htmlspecialchars($subject); $subject = stripslashes($subject); $message = stripslashes($message); $FromUser = GrabUserInfo($username); $ToUser = GrabUserInfo($Destination); mail($ToUser["UserName"]." <".$ToUser["Email"].">", $subject, $message, "From: ".$FromUser["UserName"]." <".$FromUser["Email"].">"); $prevlink = $fSettings["ScriptURL"]."/index.php?fSession=${fSession}"; Redirect("Your email has been sent. You're now being redirected to the location you were at. If you don't want to wait, please click here",$prevlink); } function SendPassword() { global $fSettings,$username,$txt; if ($username == "") {fHeader();UhOh($txt['errNoUsername']);} if (HasSpecialChar($username)) {fHeader();UhOh($txt['errUsernameFormat']);} $query = "SELECT Password from t_users WHERE UserName = '$username'"; $result = mysql_query($query); $row = mysql_fetch_array($result); if (!$row) {fHeader();UhOh($txt['errInvalidUser']);} $subject = "SVRAILforum Password Retrieval"; $message = "You or someone else has filled out the lost password form for tForum at: ".$fSettings["ScriptURL"]."/index.php.\n\nYour password is: ".$row["Password"]; $ToUser = GrabUserInfo($username); mail($ToUser["UserName"]." <".$ToUser["Email"].">", $subject, $message, "From: SVRAILforum Admin <".$fSettings["Email"].">"); $prevlink = $fSettings["ScriptURL"]."/index.php"; Redirect("Your password has been sent. You're now being redirected to the main forum. If you don't want to wait, please click here",$prevlink); } if (empty($Action)) $Action = ""; switch ($Action) { case "Register": fHeader(); PrintRegForm(); fFooter(); break; case "AddMember": fHeader(); AddMember(); fFooter(); break; case "Login": Login(); break; case "Logout": Logout(); break; case "viewprofile": fHeader(); ViewProfile(); fFooter(); break; case "editprofile": fHeader(); PrintEditProfile(); fFooter(); break; case "editprofile2": EditProfile(); fFooter(); break; case "email": fHeader(); PrintMailForm(); fFooter(); break; case "SendMail": SendMail(); break; case "lostpassword": fHeader(); PrintSendPasswordForm(); fFooter(); break; case "SendPassword": SendPassword(); break; default: fHeader(); UhOh("Nothing specified!"); } ?>