[Phpbb-checkins] CVS: phpBB2 profile.php,1.182,1.183

[Paul S. O. <ps...@us...>]

Update of /cvsroot/phpbb/phpBB2
In directory usw-pr-cvs1:/tmp/cvs-serv21860

Modified Files:
	profile.php 
Log Message:
Fix COPPA problems

Index: profile.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/profile.php,v
retrieving revision 1.182
retrieving revision 1.183
diff -C2 -r1.182 -r1.183
*** profile.php	19 Feb 2002 16:30:03 -0000	1.182
--- profile.php	25 Feb 2002 01:17:59 -0000	1.183
***************
*** 102,134 ****
  function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$location, &$occupation, &$interests, &$sig)
  {
! 	// ICQ number has to be only numbers.
! 	if (!preg_match("/^[0-9]+$/", $icq))
! 	{
! 		$icq = "";
! 	}
! 	
! 	// AIM address has to have length >= 2.
! 	if (strlen($aim) < 2)
  	{
! 		$aim = "";
  	}
! 	
! 	// MSNM address has to have length >= 2.
! 	if (strlen($msnm) < 2)
  	{
! 		$msnm = "";
  	}
  	
- 	// YIM address has to have length >= 2.
- 	if (strlen($yim) < 2)
- 	{
- 		$yim = "";
- 	}
- 
  	// website has to start with http://, followed by something with length at least 3 that
  	// contains at least one dot.
! 	if($website != "")
  	{
! 		if( !preg_match("#^http:\/\/#i", $website) )
  		{
  			$website = "http://" . $website;
--- 102,126 ----
  function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$location, &$occupation, &$interests, &$sig)
  {
! 	$check_var_length = array('aim', 'msnm', 'yim', 'location', 'occupation', 'interests', 'sig');
! 
! 	for($i = 0; $i < count($check_var_length); $i++)
  	{
! 		if ( strlen($$check_var_length[$i]) < 2 )
! 		{
! 			$$check_var_length[$i] = "";
! 		}
  	}
! 
! 	// ICQ number has to be only numbers.
! 	if ( !preg_match("/^[0-9]+$/", $icq) )
  	{
! 		$icq = "";
  	}
  	
  	// website has to start with http://, followed by something with length at least 3 that
  	// contains at least one dot.
! 	if ( $website != "" )
  	{
! 		if ( !preg_match("#^http:\/\/#i", $website) )
  		{
  			$website = "http://" . $website;
***************
*** 140,172 ****
  		}
  	}
! 	
! 	// location has to have length >= 2.
! 	if (strlen($location) < 2)
! 	{
! 		$location = "";
! 	}
! 	
! 	// occupation has to have length >= 2.
! 	if (strlen($occupation) < 2)
! 	{
! 		$occupation = "";
! 	}
! 	
! 	// interests has to have length >= 2.
! 	if (strlen($interests) < 2)
! 	{
! 		$interests = "";
! 	}
! 	
! 	// sig has to have length >= 2.
! 	if (strlen($sig) < 2)
! 	{
! 		$sig = "";
! 	}
! 	
  	return;
  }
  
! function generate_password()
  {
  	$chars = array( 
--- 132,140 ----
  		}
  	}
! 
  	return;
  }
  
! function gen_rand_string($hash)
  {
  	$chars = array( 
***************
*** 177,186 ****
  	srand((double)microtime()*1000000);
  	
  	for($i = 0; $i < 8; $i++)
  	{
! 		$new_passwd = ($i == 0) ? $chars[rand(0, $max_chars)] : $new_passwd . $chars[rand(0, $max_chars)];
  	}
  
! 	return($new_passwd);
  }
  //
--- 145,155 ----
  	srand((double)microtime()*1000000);
  	
+ 	$rand_str = "";
  	for($i = 0; $i < 8; $i++)
  	{
! 		$rand_str = ( $i == 0 ) ? $chars[rand(0, $max_chars)] : $rand_str . $chars[rand(0, $max_chars)];
  	}
  
! 	return ( $hash ) ? md5($rand_str) : $rand_str;
  }
  //
***************
*** 195,201 ****
  {
  	$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
! 	//
! 	// Begin page proper
! 	//
  	if ( $mode == "viewprofile" )
  	{
--- 164,168 ----
  {
  	$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
! 
  	if ( $mode == "viewprofile" )
  	{
***************
*** 218,223 ****
  		
  		//
! 		// Output page header and
! 		// profile_view template
  		//
  		$template->set_filenames(array(
--- 185,189 ----
  		
  		//
! 		// Output page header and profile_view template
  		//
  		$template->set_filenames(array(
***************
*** 236,242 ****
  		);
  		$template->assign_var_from_handle("JUMPBOX", "jumpbox");
- 		//
- 		// End header
- 		//
  
  		//
--- 202,205 ----
***************
*** 245,249 ****
  		//
  		$regdate = $profiledata['user_regdate'];
- 
  		$memberdays = max(1, round( ( time() - $regdate ) / 86400 ));
  		$posts_per_day = $profiledata['user_posts'] / $memberdays;
--- 208,211 ----
***************
*** 1027,1031 ****
  					{
  						$user_active = 0;
! 						$user_actkey = generate_activation_key();
  
  						//
--- 989,993 ----
  					{
  						$user_active = 0;
! 						$user_actkey = gen_rand_string(true);
  
  						//
***************
*** 1034,1038 ****
  						$sql = "DELETE FROM " . SESSIONS_TABLE . "
  			  				  WHERE session_user_id = " . $userdata['user_id'];
- 
  				  		$db->sql_query($sql);
  
--- 996,999 ----
***************
*** 1116,1122 ****
  						VALUES ($new_user_id, '" . str_replace("\'", "''", $username) . "', " . time() . ", '" . str_replace("\'", "''", $password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', '" . str_replace("\'", "''", $avatar_filename) . "', $viewemail, '" . str_replace("\'", "''", $aim) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popuppm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, ";
  
! 					if( $board_config['require_activation'] ==USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN || $coppa == 1)
  					{
! 						$user_actkey = generate_activation_key();
  						$sql .= "0, '" . str_replace("\'", "''", $user_actkey) . "')";
  					}
--- 1077,1083 ----
  						VALUES ($new_user_id, '" . str_replace("\'", "''", $username) . "', " . time() . ", '" . str_replace("\'", "''", $password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', '" . str_replace("\'", "''", $avatar_filename) . "', $viewemail, '" . str_replace("\'", "''", $aim) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popuppm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, ";
  
! 					if ( $board_config['require_activation'] ==USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN || $coppa == 1)
  					{
! 						$user_actkey = gen_rand_string(true);
  						$sql .= "0, '" . str_replace("\'", "''", $user_actkey) . "')";
  					}
***************
*** 1126,1154 ****
  					}
  
! 					if( $result = $db->sql_query($sql, BEGIN_TRANSACTION) )
  					{
  						$sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_name, group_description, group_single_user, group_moderator)
  							VALUES ($new_group_id, '', 'Personal User', 1, 0)";
! 						if($result = $db->sql_query($sql))
  						{
  							$sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)
  								VALUES ($new_user_id, $new_group_id, 0)";
! 							if($result = $db->sql_query($sql, END_TRANSACTION))
  							{
! 								if( $board_config['require_activation'] == USER_ACTIVATION_SELF )
  								{
  									$message = $lang['Account_inactive'];
  									$email_template = "user_welcome_inactive";
  								}
! 								else if( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
  								{
  									$message = $lang['Account_inactive_admin'];
  									$email_template = "admin_welcome_inactive";
  								}
- 								else if( $coppa )
- 								{
- 									$message = $lang['COPPA'];
- 									$email_template = "coppa_welcome_inactive";
- 								}
  								else
  								{
--- 1087,1115 ----
  					}
  
! 					if ( $result = $db->sql_query($sql, BEGIN_TRANSACTION) )
  					{
  						$sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_name, group_description, group_single_user, group_moderator)
  							VALUES ($new_group_id, '', 'Personal User', 1, 0)";
! 						if ( $result = $db->sql_query($sql) )
  						{
  							$sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)
  								VALUES ($new_user_id, $new_group_id, 0)";
! 							if ( $result = $db->sql_query($sql, END_TRANSACTION) )
  							{
! 								if ( $coppa )
! 								{
! 									$message = $lang['COPPA'];
! 									$email_template = "coppa_welcome_inactive";
! 								}
! 								else if ( $board_config['require_activation'] == USER_ACTIVATION_SELF )
  								{
  									$message = $lang['Account_inactive'];
  									$email_template = "user_welcome_inactive";
  								}
! 								else if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
  								{
  									$message = $lang['Account_inactive_admin'];
  									$email_template = "admin_welcome_inactive";
  								}
  								else
  								{
***************
*** 1704,1709 ****
  				$username = $row['username'];
  
! 				$user_actkey = generate_activation_key();
! 				$user_password = generate_password();
  				
  				$sql = "UPDATE " . USERS_TABLE . " 
--- 1665,1670 ----
  				$username = $row['username'];
  
! 				$user_actkey = gen_rand_string(true);
! 				$user_password = gen_rand_string(false);
  				
  				$sql = "UPDATE " . USERS_TABLE . " 
***************
*** 2037,2039 ****
  }
  
! ?>
--- 1998,2000 ----
  }
  
! ?>
\ No newline at end of file