funchat/usercp.php

<?php
/**
 * Project:     astat - simple site engine
 * File:        usercp.php
 * 
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 *
 * @link http://www.astat.org SVN: $URL: http://svn.becast.at/astat/trunk/usercp.php $
 * @copyright 2009 becast.at
 * @author Bernhard Jaud <bernhard at becast dot at>
 * @package astat core
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
 * @version $Id: 1d95225f51779025d8fd4c4571c7ac76dfe8cd63 $
*/

/**
*Set error_reporting
*
*/
error_reporting(E_ALL ^E_NOTICE);
$basepath=''; 
require_once 'core/init_core.inc.php';

/**
* PLUGIN HOOK usercp_begin
*
*/
$plugin->run_hook('usercp_begin');
$session->page_begin('usercp', TRUE);
$emsg=false;
$cpwd=false;
If(isset($_POST['submit'])){
	if($_POST['password']!=''){
		$result = $db->query("SELECT `password`,`openid_identity` FROM `" . $config['prefix'] . "users` WHERE `uid`='".$session->userdata['uid']."' LIMIT 1");
		$data=$db->fetch_array($result);
		if((!isset($_POST['oldpassword']) || $_POST['oldpassword']=='') && $data['password']!=''){
			$emsg.='<span style="color:red; font-weight:bold">'.$lang->_('OLDPASSWORDMISSING').'</span><br />';	
		}elseif((hash('sha256',$db->escape($_POST['oldpassword']))!=$data['password']) && $data['password']!=''){
			$emsg.='<span style="color:red; font-weight:bold">'.$lang->_('OLDPASSWORDWRONG').'</span><br />';				
		}elseif($_POST['password']!=$_POST['cpassword']){
			$emsg.='<span style="color:red; font-weight:bold">'.$lang->_('PASSWORDSNOTMATCH').'</span><br />';
		}elseif(strlen($_POST['password'])<6){
			$emsg.='<span style="color:red; font-weight:bold">'.$lang->_('PASSWORDTOOSHORT').'</span><br />';
		}elseif(strlen($_POST['password'])>20){
			$emsg.='<span style="color:red; font-weight:bold">'.$lang->_('PASSWORDTOOLONG').'</span><br />';
		}
		$loginkey=$session->generate_Key(50);
		$pass =hash('sha256',$db->escape($_POST['password']));
		$pwd=",`password`='".$pass."', `loginkey`='".$loginkey."'";
	}
	if(!preg_match('/^(?!(?:(?:\x22?\x5C[\x00-\x7E]\x22?)|(?:\x22?[^\x5C\x22]\x22?)){255,})(?!(?:(?:\x22?\x5C[\x00-\x7E]\x22?)|(?:\x22?[^\x5C\x22]\x22?)){65,}@)(?:(?:[\x21\x23-\x27\x2A\x2B\x2D\x2F-\x39\x3D\x3F\x5E-\x7E]+)|(?:\x22(?:[\x01-\x08\x0B\x0C\x0E-\x1F\x21\x23-\x5B\x5D-\x7F]|(?:\x5C[\x00-\x7F]))*\x22))(?:\.(?:(?:[\x21\x23-\x27\x2A\x2B\x2D\x2F-\x39\x3D\x3F\x5E-\x7E]+)|(?:\x22(?:[\x01-\x08\x0B\x0C\x0E-\x1F\x21\x23-\x5B\x5D-\x7F]|(?:\x5C[\x00-\x7F]))*\x22)))*@(?:(?:(?!.*[^.]{64,})(?:(?:(?:xn--)?[a-z0-9]+(?:-[a-z0-9]+)*\.){1,126}){1,}(?:(?:[a-z][a-z0-9]*)|(?:(?:xn--)[a-z0-9]+))(?:-[a-z0-9]+)*)|(?:\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})|(?:(?!(?:.*[a-f0-9][:\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))|(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))(?:\.(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))){3}))\]))$/iD',$_POST['email'])){
			$emsg.='<span style="color:red; font-weight:bold">'.$lang->_('EMAILINVALID').'</span><br />';
	}
	if(!$emsg){
		$sql="UPDATE `" . $config['prefix'] . "users` SET `openid_identity`='".$db->escape($_POST['openid_identity'])."',`realname`='".$db->escape($_POST['realname'])."',`email`='".$db->escape($_POST['email'])."',`gender`='".$db->escape($_POST['gender'])."',`allow_grimdark`='".intval($_POST['allow_gd'])."',`lang`='".$db->escape($_POST['lang'])."',`from`='".$db->escape($_POST['from'])."',`birthday`='".strtotime($db->escape($_POST['birthday']))."'".$pwd." WHERE `uid`='".$session->userdata['uid']."'";
		$result = $db->query($sql);
		$sdata=array('uid'=>$session->userdata['uid'],'username'=>$session->userdata['username'],'pwd_md5'=>hash('md5',$_POST['password']),'pwd_sha2'=>$pass,'email'=>$db->escape($_POST['email']),'realname'=>$db->escape($_POST['realname']),'gender'=>$db->escape($_POST['gender']),'from'=>$db->escape($_POST['from']),'lang'=>$db->escape($_POST['lang']),'birthday'=>strtotime($db->escape($_POST['birthday'])));
		
		
		/**
		* PLUGIN HOOK usercp_end
		* gets a array with some Userdata.
		*
		*/
		
		$plugin->run_hook('usercp_end',array('sdata'=>$sdata));
		$core->message($lang->_('SUCCESS'),$lang->_('DATASAVED'),TRUE,$config['path'].'/index.php',3);

	}
}

$meta='<link type="text/css" rel="stylesheet" href="'.$config['path'].'js/calendar/dhtmlgoodies_calendar.css?random=20060118" media="screen"></link>
<script src="'.$config['path'].'js/calendar/dhtmlgoodies_calendar.js?random=20060118" type="text/javascript">
</script>';
$tpl->assign('emsg',$emsg);
$langs='';
$data[$session->userdata['gender']]='selected="selected"';
$ln=$lang->getlanguages();

foreach($ln as $d){
	if($d['short']==$session->userdata['lang']){

		$langs.='<option selected="selected" value="'.$d['short'].'">'.$d['name'].'</option>';
	}else{
		$langs.='<option value="'.$d['short'].'">'.$d['name'].'</option>';
	}
}
if($config['use_openid']==1 && $session->userdata['password']==''){
	$tpl->assign('oldpw','disabled="disabled"');
}
if($session->userdata['allow_grimdark']==1){
	$tpl->assign('allow_gd','checked="checked"');
}
$tpl->assign('connect_openid',$config['use_openid']);
$tpl->assign('gender',$data);
$tpl->assign('langs',$langs);
$tpl->assign('birthday',date('d.m.Y',$session->userdata['birthday']));
$tpl->assign('data',$session->userdata);
$content=$tpl->fetch('usercp.tpl');
$core->make_page($content);

?>
Initial commit 2025-06-02 10:01:12 +02:00			`<?php`
			`/**`
			`* Project: astat - simple site engine`
			`* File: usercp.php`
			`*`
			`* This library is free software; you can redistribute it and/or`
			`* modify it under the terms of the GNU Lesser General Public`
			`* License as published by the Free Software Foundation; either`
			`* version 2.1 of the License, or (at your option) any later version.`
			`*`
			`* This library is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU`
			`* Lesser General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Lesser General Public`
			`* License along with this library; if not, write to the Free Software`
			`* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA`
			`*`
			`* @link http://www.astat.org SVN: $URL: http://svn.becast.at/astat/trunk/usercp.php $`
			`* @copyright 2009 becast.at`
			`* @author Bernhard Jaud <bernhard at becast dot at>`
			`* @package astat core`
			`* @license http://opensource.org/licenses/gpl-license.php GNU Public License`
Update to latest version 2025-06-24 23:26:25 +02:00			`* @version $Id: 1d95225f51779025d8fd4c4571c7ac76dfe8cd63 $`
Initial commit 2025-06-02 10:01:12 +02:00			`*/`

			`/**`
			`*Set error_reporting`
			`*`
			`*/`
			`error_reporting(E_ALL ^E_NOTICE);`
			`$basepath='';`
			`require_once 'core/init_core.inc.php';`

			`/**`
			`* PLUGIN HOOK usercp_begin`
			`*`
			`*/`
			`$plugin->run_hook('usercp_begin');`
			`$session->page_begin('usercp', TRUE);`
			`$emsg=false;`
			`$cpwd=false;`
			`If(isset($_POST['submit'])){`
			`if($_POST['password']!=''){`
			$result = $db->query("SELECT `password`,`openid_identity` FROM `" . $config['prefix'] . "users` WHERE `uid`='".$session->userdata['uid']."' LIMIT 1");
			`$data=$db->fetch_array($result);`
			`if((!isset($_POST['oldpassword']) \|\| $_POST['oldpassword']=='') && $data['password']!=''){`
			`$emsg.='<span style="color:red; font-weight:bold">'.$lang->_('OLDPASSWORDMISSING').'</span><br />';`
			`}elseif((hash('sha256',$db->escape($_POST['oldpassword']))!=$data['password']) && $data['password']!=''){`
			`$emsg.='<span style="color:red; font-weight:bold">'.$lang->_('OLDPASSWORDWRONG').'</span><br />';`
			`}elseif($_POST['password']!=$_POST['cpassword']){`
			`$emsg.='<span style="color:red; font-weight:bold">'.$lang->_('PASSWORDSNOTMATCH').'</span><br />';`
			`}elseif(strlen($_POST['password'])<6){`
			`$emsg.='<span style="color:red; font-weight:bold">'.$lang->_('PASSWORDTOOSHORT').'</span><br />';`
			`}elseif(strlen($_POST['password'])>20){`
			`$emsg.='<span style="color:red; font-weight:bold">'.$lang->_('PASSWORDTOOLONG').'</span><br />';`
			`}`
			`$loginkey=$session->generate_Key(50);`
			`$pass =hash('sha256',$db->escape($_POST['password']));`
			$pwd=",`password`='".$pass."', `loginkey`='".$loginkey."'";
			`}`
			if(!preg_match('/^(?!(?:(?:\x22?\x5C[\x00-\x7E]\x22?)\|(?:\x22?[^\x5C\x22]\x22?)){255,})(?!(?:(?:\x22?\x5C[\x00-\x7E]\x22?)\|(?:\x22?[^\x5C\x22]\x22?)){65,}@)(?:(?:[\x21\x23-\x27\x2A\x2B\x2D\x2F-\x39\x3D\x3F\x5E-\x7E]+)\|(?:\x22(?:[\x01-\x08\x0B\x0C\x0E-\x1F\x21\x23-\x5B\x5D-\x7F]\|(?:\x5C[\x00-\x7F]))\x22))(?:\.(?:(?:[\x21\x23-\x27\x2A\x2B\x2D\x2F-\x39\x3D\x3F\x5E-\x7E]+)\|(?:\x22(?:[\x01-\x08\x0B\x0C\x0E-\x1F\x21\x23-\x5B\x5D-\x7F]\|(?:\x5C[\x00-\x7F]))\x22)))@(?:(?:(?!.[^.]{64,})(?:(?:(?:xn--)?[a-z0-9]+(?:-[a-z0-9]+)\.){1,126}){1,}(?:(?:[a-z][a-z0-9])\|(?:(?:xn--)[a-z0-9]+))(?:-[a-z0-9]+))\|(?:\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})\|(?:(?!(?:.[a-f0-9][:\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))\|(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)\|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])\|(?:2[0-4][0-9])\|(?:1[0-9]{2})\|(?:[1-9]?[0-9]))(?:\.(?:(?:25[0-5])\|(?:2[0-4][0-9])\|(?:1[0-9]{2})\|(?:[1-9]?[0-9]))){3}))\]))$/iD',$_POST['email'])){
			`$emsg.='<span style="color:red; font-weight:bold">'.$lang->_('EMAILINVALID').'</span><br />';`
			`}`
			`if(!$emsg){`
			$sql="UPDATE `" . $config['prefix'] . "users` SET `openid_identity`='".$db->escape($_POST['openid_identity'])."',`realname`='".$db->escape($_POST['realname'])."',`email`='".$db->escape($_POST['email'])."',`gender`='".$db->escape($_POST['gender'])."',`allow_grimdark`='".intval($_POST['allow_gd'])."',`lang`='".$db->escape($_POST['lang'])."',`from`='".$db->escape($_POST['from'])."',`birthday`='".strtotime($db->escape($_POST['birthday']))."'".$pwd." WHERE `uid`='".$session->userdata['uid']."'";
			`$result = $db->query($sql);`
			`$sdata=array('uid'=>$session->userdata['uid'],'username'=>$session->userdata['username'],'pwd_md5'=>hash('md5',$_POST['password']),'pwd_sha2'=>$pass,'email'=>$db->escape($_POST['email']),'realname'=>$db->escape($_POST['realname']),'gender'=>$db->escape($_POST['gender']),'from'=>$db->escape($_POST['from']),'lang'=>$db->escape($_POST['lang']),'birthday'=>strtotime($db->escape($_POST['birthday'])));`


			`/**`
			`* PLUGIN HOOK usercp_end`
			`* gets a array with some Userdata.`
			`*`
			`*/`

			`$plugin->run_hook('usercp_end',array('sdata'=>$sdata));`
			`$core->message($lang->_('SUCCESS'),$lang->_('DATASAVED'),TRUE,$config['path'].'/index.php',3);`

			`}`
			`}`

			`$meta='<link type="text/css" rel="stylesheet" href="'.$config['path'].'js/calendar/dhtmlgoodies_calendar.css?random=20060118" media="screen"></link>`
			`<script src="'.$config['path'].'js/calendar/dhtmlgoodies_calendar.js?random=20060118" type="text/javascript">`
			`</script>';`
			`$tpl->assign('emsg',$emsg);`
			`$langs='';`
			`$data[$session->userdata['gender']]='selected="selected"';`
			`$ln=$lang->getlanguages();`

			`foreach($ln as $d){`
			`if($d['short']==$session->userdata['lang']){`

			`$langs.='<option selected="selected" value="'.$d['short'].'">'.$d['name'].'</option>';`
			`}else{`
			`$langs.='<option value="'.$d['short'].'">'.$d['name'].'</option>';`
			`}`
			`}`
			`if($config['use_openid']==1 && $session->userdata['password']==''){`
			`$tpl->assign('oldpw','disabled="disabled"');`
			`}`
			`if($session->userdata['allow_grimdark']==1){`
			`$tpl->assign('allow_gd','checked="checked"');`
			`}`
			`$tpl->assign('connect_openid',$config['use_openid']);`
			`$tpl->assign('gender',$data);`
			`$tpl->assign('langs',$langs);`
			`$tpl->assign('birthday',date('d.m.Y',$session->userdata['birthday']));`
			`$tpl->assign('data',$session->userdata);`
			`$content=$tpl->fetch('usercp.tpl');`
			`$core->make_page($content);`

			`?>`