Menu
▾
▴
[Phpbb-checkins] CVS: phpBB2/includes usercp_activate.php,1.6.2.1,1.6.2.2 usercp_register.php,1.20.2.8,1.20.2.9 usercp_sendpasswd.php,1.6,1.6.2.1
|
From: Paul S. O. <ps...@us...> - 2002-05-12 17:57:37
|
Update of /cvsroot/phpbb/phpBB2/includes
In directory usw-pr-cvs1:/tmp/cvs-serv8432/includes
Modified Files:
Tag: phpBB-2_0_0
usercp_activate.php usercp_register.php usercp_sendpasswd.php
Log Message:
More fixes, addresses double activation attempt
Index: usercp_activate.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/usercp_activate.php,v
retrieving revision 1.6.2.1
retrieving revision 1.6.2.2
diff -C2 -r1.6.2.1 -r1.6.2.2
*** usercp_activate.php 12 May 2002 00:47:41 -0000 1.6.2.1
--- usercp_activate.php 12 May 2002 17:57:34 -0000 1.6.2.2
***************
*** 28,96 ****
}
! $sql = "SELECT user_id, user_email, user_newpasswd, user_lang
FROM " . USERS_TABLE . "
! WHERE user_actkey = '" . str_replace("\'", "''", $HTTP_GET_VARS['act_key']) . "'";
! if ( $result = $db->sql_query($sql) )
{
! if ( $row = $db->sql_fetchrow($result) )
{
! $sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : "";
$sql = "UPDATE " . USERS_TABLE . "
SET user_active = 1, user_actkey = ''" . $sql_update_pass . "
! WHERE user_id = " . $row['user_id'];
! if ( $result = $db->sql_query($sql) )
{
! if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
! {
! include($phpbb_root_path . 'includes/emailer.'.$phpEx);
! $emailer = new emailer($board_config['smtp_delivery']);
!
! $email_headers = 'From: ' . $board_config['board_email'] . "\r\nReturn-Path: " . $board_config['board_email'] . "\r\n";
!
! $emailer->use_template('admin_welcome_activated', $row['user_lang']);
! $emailer->email_address($row['user_email']);
! $emailer->set_subject();//$lang['Account_activated_subject']
! $emailer->extra_headers($email_headers);
!
! $emailer->assign_vars(array(
! 'SITENAME' => $board_config['sitename'],
! 'USERNAME' => $username,
! 'PASSWORD' => $password_confirm,
! 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']))
! );
! $emailer->send();
! $emailer->reset();
!
! $template->assign_vars(array(
! 'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
! );
!
! message_die(GENERAL_MESSAGE, $lang['Account_active_admin']);
! }
! else
! {
! $template->assign_vars(array(
! 'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
! );
!
! $message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated'];
! message_die(GENERAL_MESSAGE, $message);
! }
}
else
{
! message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql_update);
}
}
else
{
! message_die(GENERAL_MESSAGE, $lang['Wrong_activation']); //wrongactiv
}
}
else
{
! message_die(GENERAL_ERROR, 'Could not obtain user information', '', __LINE__, __FILE__, $sql);
}
! ?>
--- 28,107 ----
}
! $sql = "SELECT user_active, user_id, user_email, user_newpasswd, user_lang, user_actkey
FROM " . USERS_TABLE . "
! WHERE user_id = " . intval($HTTP_GET_VARS[POST_USERS_URL]);
! if ( !($result = $db->sql_query($sql)) )
{
! message_die(GENERAL_ERROR, 'Could not obtain user information', '', __LINE__, __FILE__, $sql);
! }
!
! if ( $row = $db->sql_fetchrow($result) )
! {
! if ( $row['user_active'] && $row['user_actkey'] == '' )
{
! $template->assign_vars(array(
! 'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
! );
!
! message_die(GENERAL_MESSAGE, $lang['Already_activated']);
! }
! else if ( $row['user_actkey'] == $HTTP_GET_VARS['act_key'] )
! {
! $sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
$sql = "UPDATE " . USERS_TABLE . "
SET user_active = 1, user_actkey = ''" . $sql_update_pass . "
! WHERE user_id = " . $row['user_id'];
! if ( !($result = $db->sql_query($sql)) )
{
! message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql_update);
! }
!
! if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
! {
! include($phpbb_root_path . 'includes/emailer.'.$phpEx);
! $emailer = new emailer($board_config['smtp_delivery']);
!
! $email_headers = 'From: ' . $board_config['board_email'] . "\r\nReturn-Path: " . $board_config['board_email'] . "\r\n";
!
! $emailer->use_template('admin_welcome_activated', $row['user_lang']);
! $emailer->email_address($row['user_email']);
! $emailer->set_subject();//$lang['Account_activated_subject']
! $emailer->extra_headers($email_headers);
!
! $emailer->assign_vars(array(
! 'SITENAME' => $board_config['sitename'],
! 'USERNAME' => $username,
! 'PASSWORD' => $password_confirm,
! 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']))
! );
! $emailer->send();
! $emailer->reset();
!
! $template->assign_vars(array(
! 'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
! );
!
! message_die(GENERAL_MESSAGE, $lang['Account_active_admin']);
}
else
{
! $template->assign_vars(array(
! 'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
! );
!
! $message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated'];
! message_die(GENERAL_MESSAGE, $message);
}
}
else
{
! message_die(GENERAL_MESSAGE, $lang['Wrong_activation']);
}
}
else
{
! message_die(GENERAL_MESSAGE, $lang['No_such_user']);
}
! ?>
\ No newline at end of file
Index: usercp_register.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/usercp_register.php,v
retrieving revision 1.20.2.8
retrieving revision 1.20.2.9
diff -C2 -r1.20.2.8 -r1.20.2.9
*** usercp_register.php 12 May 2002 15:57:45 -0000 1.20.2.8
--- usercp_register.php 12 May 2002 17:57:34 -0000 1.20.2.9
***************
*** 389,398 ****
if ( $mode == 'editprofile' )
{
! if ( $email != $current_email && ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN ) && $userdata['user_level'] != ADMIN )
{
$user_active = 0;
$user_actkey = gen_rand_string(true);
! $key_len = 54 - (strlen($server_url));
! $key_len = ($key_len > 6) ? $key_len : 6;
$user_actkey = substr($user_actkey, 0, $key_len);
--- 389,399 ----
if ( $mode == 'editprofile' )
{
! if ( $email != $userdata['user_email'] && $board_config['require_activation'] != USER_ACTIVATION_NONE && $userdata['user_level'] != ADMIN )
{
$user_active = 0;
+
$user_actkey = gen_rand_string(true);
! $key_len = 54 - ( strlen($server_url) );
! $key_len = ( $key_len > 6 ) ? $key_len : 6;
$user_actkey = substr($user_actkey, 0, $key_len);
***************
*** 436,440 ****
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
! 'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
);
$emailer->send();
--- 437,441 ----
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
! 'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
);
$emailer->send();
***************
*** 559,564 ****
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
- 'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey,
-
'FAX_INFO' => $board_config['coppa_fax'],
'MAIL_INFO' => $board_config['coppa_mail'],
--- 560,563 ----
***************
*** 583,587 ****
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
! 'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
);
}
--- 582,586 ----
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
! 'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
);
}
***************
*** 601,605 ****
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
! 'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
);
$emailer->send();
--- 600,604 ----
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
! 'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
);
$emailer->send();
Index: usercp_sendpasswd.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/includes/usercp_sendpasswd.php,v
retrieving revision 1.6
retrieving revision 1.6.2.1
diff -C2 -r1.6 -r1.6.2.1
*** usercp_sendpasswd.php 1 Apr 2002 19:19:49 -0000 1.6
--- usercp_sendpasswd.php 12 May 2002 17:57:34 -0000 1.6.2.1
***************
*** 47,50 ****
--- 47,51 ----
$username = $row['username'];
+ $user_id = $row['user_id'];
$user_actkey = gen_rand_string(true);
***************
*** 55,59 ****
$sql = "UPDATE " . USERS_TABLE . "
! SET user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey'
WHERE user_id = " . $row['user_id'];
if ( !$db->sql_query($sql) )
--- 56,60 ----
$sql = "UPDATE " . USERS_TABLE . "
! SET user_newpasswd = '" . md5($user_password) . "', user_actkey = '$user_actkey'
WHERE user_id = " . $row['user_id'];
if ( !$db->sql_query($sql) )
***************
*** 78,82 ****
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
! 'U_ACTIVATE' => $server_url . "?mode=activate&act_key=$user_actkey")
);
$emailer->send();
--- 79,83 ----
'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
! 'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
);
$emailer->send();
***************
*** 132,134 ****
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
--- 133,135 ----
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
\ No newline at end of file
|
