Mercurial Mercurial > repos > enano-1.1 / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
plugins/SpecialUserFuncs.php
changeset 266 917dcc6c4ceb
parent 227 0eca1498a77b
parent 263 d57af0b0302e
child 271 f088805540ae
equal deleted inserted replaced
265:7e0cdf71b1bb 266:917dcc6c4ceb 
   500   if(isset($_POST['submit'])) 
   500   if(isset($_POST['submit'])) 
   501   {
 
   501   {
 
   502     $_GET['coppa'] = ( isset($_POST['coppa']) ) ? $_POST['coppa'] : 'x';
 
   502     $_GET['coppa'] = ( isset($_POST['coppa']) ) ? $_POST['coppa'] : 'x';
 
   503     
   503     
   504     $captcharesult = $session->get_captcha($_POST['captchahash']);
 
   504     $captcharesult = $session->get_captcha($_POST['captchahash']);
 
       
   505     $session->kill_captcha();
 
   505     if($captcharesult != $_POST['captchacode'])
 
   506     if($captcharesult != $_POST['captchacode'])
 
   506     {
 
   507     {
 
   507       $s = $lang->get('user_reg_err_captcha');
 
   508       $s = $lang->get('user_reg_err_captcha');
 
   508     }
 
   509     }
 
   509     else
 
   510     else
 
   882           {
 
   883           {
 
   883             var frm = document.forms.regform;
 
   884             var frm = document.forms.regform;
 
   884             
   885             
   885             if(!namegood)
 
   886             if(!namegood)
 
   886             {
 
   887             {
 
   887               var r = new RegExp('^([A-z0-9 \.:\!@\#\*]+){2,}$', 'g');
 
   888               <?php
 
   888               if(frm.username.value.match(r))
 
   889               // sorry for this ugly hack but jedit gets f***ed otherwise
 
       
   890               echo 'if(frm.username.value.match(/^([A-z0-9 \.:\!@\#\*]+){2,}$/ig))';
 
       
   891               ?>
 
   889               {
 
   892               {
 
   890                 document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/unknown.gif';
 
   893                 document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/unknown.gif';
 
   891                 document.getElementById('e_username').innerHTML = '&nbsp;';
 
   894                 document.getElementById('e_username').innerHTML = '&nbsp;';
 
   892               } else {
 
   895               } else {
 
   893                 document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/bad.gif';
 
   896                 document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/bad.gif';
 
  1150 }
 
  1153 }
 
  1151 
  1154 
  1152 function page_Special_Captcha()
 
  1155 function page_Special_Captcha()
 
  1153 {
 
  1156 {
 
  1154   global $db, $session, $paths, $template, $plugins; // Common objects
 
  1157   global $db, $session, $paths, $template, $plugins; // Common objects
 
  1155   if($paths->getParam(0) == 'make')
 
  1158   if ( $paths->getParam(0) == 'make' )
 
  1156   {
 
  1159   {
 
  1157     $session->kill_captcha();
 
  1160     $session->kill_captcha();
 
  1158     echo $session->make_captcha();
 
  1161     echo $session->make_captcha();
 
  1159     return;
 
  1162     return;
 
  1160   }
 
  1163   }
 
       
  1164   
  1161   $hash = $paths->getParam(0);
 
  1165   $hash = $paths->getParam(0);
 
  1162   if(!$hash || !preg_match('#^([0-9a-f]*){32,32}$#i', $hash)) $paths->main_page();
 
  1166   if ( !$hash || !preg_match('#^([0-9a-f]*){32,32}$#i', $hash) )
 
  1163   $code = $session->get_captcha($hash);
 
  1167   {
 
  1164   if(!$code) die('Invalid hash or IP address incorrect.');
 
  1168     $paths->main_page();
 
  1165   require(ENANO_ROOT.'/includes/captcha.php');
 
  1169   }
 
       
  1170   
       
  1171   // Determine code length
 
       
  1172   $ip = ip2hex($_SERVER['REMOTE_ADDR']);
 
       
  1173   if ( !$ip )
 
       
  1174     die('(very desperate) Hacking attempt');
 
       
  1175   $q = $db->sql_query('SELECT CHAR_LENGTH(salt) AS len FROM ' . table_prefix . 'session_keys WHERE session_key = \'' . $db->escape($hash) . '\' AND source_ip = \'' . $db->escape($ip) . '\';');
 
       
  1176   if ( !$q )
 
       
  1177     $db->_die('SpecialUserFuncs selecting CAPTCHA code');
 
       
  1178   if ( $db->numrows() < 1 )
 
       
  1179     die('Invalid hash or hacking attempt by IP');
 
       
  1180   
       
  1181   // Generate code
 
       
  1182   $row = $db->fetchrow();
 
       
  1183   $db->free_result();
 
       
  1184   $len = intval($row['len']);
 
       
  1185   if ( $len < 4 )
 
       
  1186     $len = 7;
 
       
  1187   $code = $session->generate_captcha_code($len);
 
       
  1188   
       
  1189   // Update database with new code
 
       
  1190   $q = $db->sql_query('UPDATE ' . table_prefix . 'session_keys SET salt = \'' . $code . '\' WHERE session_key = \'' . $db->escape($hash) . '\' AND source_ip = \'' . $db->escape($ip) . '\';');
 
       
  1191   if ( !$q )
 
       
  1192     $db->_die('SpecialUserFuncs generating new CAPTCHA confirmation code');
 
       
  1193   
       
  1194   require ( ENANO_ROOT.'/includes/captcha.php' );
 
  1166   $captcha = new captcha($code);
 
  1195   $captcha = new captcha($code);
 
  1167   //header('Content-disposition: attachment; filename=autocaptcha.png');
 
       
  1168   $captcha->make_image();
 
  1196   $captcha->make_image();
 
  1169   exit;
 
  1197   exit;
 
  1170 }
 
  1198 }
 
  1171 
  1199 
  1172 function page_Special_PasswordReset()
 
  1200 function page_Special_PasswordReset()
Enano CMS (1.1.x)