* @package astat core * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id: 1d95225f51779025d8fd4c4571c7ac76dfe8cd63 $ */ /** *Set error_reporting * */ error_reporting(E_ALL ^E_NOTICE); $basepath=''; require_once 'core/init_core.inc.php'; /** * PLUGIN HOOK usercp_begin * */ $plugin->run_hook('usercp_begin'); $session->page_begin('usercp', TRUE); $emsg=false; $cpwd=false; If(isset($_POST['submit'])){ if($_POST['password']!=''){ $result = $db->query("SELECT `password`,`openid_identity` FROM `" . $config['prefix'] . "users` WHERE `uid`='".$session->userdata['uid']."' LIMIT 1"); $data=$db->fetch_array($result); if((!isset($_POST['oldpassword']) || $_POST['oldpassword']=='') && $data['password']!=''){ $emsg.=''.$lang->_('OLDPASSWORDMISSING').'
'; }elseif((hash('sha256',$db->escape($_POST['oldpassword']))!=$data['password']) && $data['password']!=''){ $emsg.=''.$lang->_('OLDPASSWORDWRONG').'
'; }elseif($_POST['password']!=$_POST['cpassword']){ $emsg.=''.$lang->_('PASSWORDSNOTMATCH').'
'; }elseif(strlen($_POST['password'])<6){ $emsg.=''.$lang->_('PASSWORDTOOSHORT').'
'; }elseif(strlen($_POST['password'])>20){ $emsg.=''.$lang->_('PASSWORDTOOLONG').'
'; } $loginkey=$session->generate_Key(50); $pass =hash('sha256',$db->escape($_POST['password'])); $pwd=",`password`='".$pass."', `loginkey`='".$loginkey."'"; } if(!preg_match('/^(?!(?:(?:\x22?\x5C[\x00-\x7E]\x22?)|(?:\x22?[^\x5C\x22]\x22?)){255,})(?!(?:(?:\x22?\x5C[\x00-\x7E]\x22?)|(?:\x22?[^\x5C\x22]\x22?)){65,}@)(?:(?:[\x21\x23-\x27\x2A\x2B\x2D\x2F-\x39\x3D\x3F\x5E-\x7E]+)|(?:\x22(?:[\x01-\x08\x0B\x0C\x0E-\x1F\x21\x23-\x5B\x5D-\x7F]|(?:\x5C[\x00-\x7F]))*\x22))(?:\.(?:(?:[\x21\x23-\x27\x2A\x2B\x2D\x2F-\x39\x3D\x3F\x5E-\x7E]+)|(?:\x22(?:[\x01-\x08\x0B\x0C\x0E-\x1F\x21\x23-\x5B\x5D-\x7F]|(?:\x5C[\x00-\x7F]))*\x22)))*@(?:(?:(?!.*[^.]{64,})(?:(?:(?:xn--)?[a-z0-9]+(?:-[a-z0-9]+)*\.){1,126}){1,}(?:(?:[a-z][a-z0-9]*)|(?:(?:xn--)[a-z0-9]+))(?:-[a-z0-9]+)*)|(?:\[(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})|(?:(?!(?:.*[a-f0-9][:\]]){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?)))|(?:(?:IPv6:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){5}:)|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?)))?(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))(?:\.(?:(?:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))){3}))\]))$/iD',$_POST['email'])){ $emsg.=''.$lang->_('EMAILINVALID').'
'; } if(!$emsg){ $sql="UPDATE `" . $config['prefix'] . "users` SET `openid_identity`='".$db->escape($_POST['openid_identity'])."',`realname`='".$db->escape($_POST['realname'])."',`email`='".$db->escape($_POST['email'])."',`gender`='".$db->escape($_POST['gender'])."',`allow_grimdark`='".intval($_POST['allow_gd'])."',`lang`='".$db->escape($_POST['lang'])."',`from`='".$db->escape($_POST['from'])."',`birthday`='".strtotime($db->escape($_POST['birthday']))."'".$pwd." WHERE `uid`='".$session->userdata['uid']."'"; $result = $db->query($sql); $sdata=array('uid'=>$session->userdata['uid'],'username'=>$session->userdata['username'],'pwd_md5'=>hash('md5',$_POST['password']),'pwd_sha2'=>$pass,'email'=>$db->escape($_POST['email']),'realname'=>$db->escape($_POST['realname']),'gender'=>$db->escape($_POST['gender']),'from'=>$db->escape($_POST['from']),'lang'=>$db->escape($_POST['lang']),'birthday'=>strtotime($db->escape($_POST['birthday']))); /** * PLUGIN HOOK usercp_end * gets a array with some Userdata. * */ $plugin->run_hook('usercp_end',array('sdata'=>$sdata)); $core->message($lang->_('SUCCESS'),$lang->_('DATASAVED'),TRUE,$config['path'].'/index.php',3); } } $meta=' '; $tpl->assign('emsg',$emsg); $langs=''; $data[$session->userdata['gender']]='selected="selected"'; $ln=$lang->getlanguages(); foreach($ln as $d){ if($d['short']==$session->userdata['lang']){ $langs.=''.$d['name'].''; }else{ $langs.=''.$d['name'].''; } } if($config['use_openid']==1 && $session->userdata['password']==''){ $tpl->assign('oldpw','disabled="disabled"'); } if($session->userdata['allow_grimdark']==1){ $tpl->assign('allow_gd','checked="checked"'); } $tpl->assign('connect_openid',$config['use_openid']); $tpl->assign('gender',$data); $tpl->assign('langs',$langs); $tpl->assign('birthday',date('d.m.Y',$session->userdata['birthday'])); $tpl->assign('data',$session->userdata); $content=$tpl->fetch('usercp.tpl'); $core->make_page($content); ?>