| ############################################################################### |
| ############################################################################### |
| # LogInOut.pl # |
| # LogInOut.pm # |
| |
| # $Date: 01.05.16 $ # |
| ############################################################################### |
| ############################################################################### |
| # YaBB: Yet another Bulletin Board # |
| # YaBB: Yet another Bulletin Board # |
| # Open-Source Community Software for Webmasters # |
| # Open-Source Community Software for Webmasters # |
| # Version: YaBB 2.5.2 # |
| # Version: YaBB 2.6.12 # |
| # Packaged: October 21, 2012 # |
| # Packaged: January 5, 2016 # |
| # Distributed by: http://www.yabbforum.com # |
| # Distributed by: http://www.yabbforum.com # |
| # =========================================================================== # |
| # =========================================================================== # |
| # Copyright (c) 2000-2012 YaBB (www.yabbforum.com) - All Rights Reserved. # |
| # Copyright (c) 2000-2016 YaBB (www.yabbforum.com) - All Rights Reserved. # |
| # Software by: The YaBB Development Team # |
| # Software by: The YaBB Development Team # |
| # with assistance from the YaBB community. # |
| # with assistance from the YaBB community. # |
| ############################################################################### |
| ############################################################################### |
| |
| use CGI::Carp qw(fatalsToBrowser); |
| |
| our $VERSION = '2.6.12'; |
| |
| |
| $loginoutplver = 'YaBB 2.5.2 $Revision: 1.1 $'; |
| $loginoutpmver = 'YaBB 2.6.12 $Revision: 1651 $'; |
| if ($action eq 'detailedversion') { return 1; } |
| if ( $action eq 'detailedversion' ) { return 1; } |
| |
| |
| if ($regcheck) { require "$sourcedir/Decoder.pl"; } |
| if ($regcheck) { require Sources::Decoder; } |
| &LoadLanguage('LogInOut'); |
| LoadLanguage('LogInOut'); |
| |
| |
| $regstyle = ''; |
| $regstyle = q{}; |
| |
| |
| sub Login { |
| sub Login { |
| if (!$iamguest && $sessionvalid == 1) { &fatal_error("logged_in_already",$username); } |
| if ( !$iamguest && $sessionvalid == 1 ) { |
| $sharedLogin_title = $loginout_txt{'34'}; |
| fatal_error( 'logged_in_already', $username ); |
| $yymain .= &sharedLogin . qq~<script type="text/javascript" language="JavaScript"> |
| } |
| <!-- |
| $sharedLogin_title = $loginout_txt{'34'}; |
| document.loginform.username.focus(); |
| $yymain .= sharedLogin() . q~<script type="text/javascript"> |
| //--> |
| document.loginform.username.focus(); |
| </script>~; |
| </script>~; |
| $yytitle = $loginout_txt{'34'}; |
| $yytitle = $loginout_txt{'34'}; |
| &template; |
| template(); |
| |
| return; |
| } |
| } |
| |
| |
| sub Login2 { |
| sub Login2 { |
| if (!$iamguest && $sessionvalid == 1) { &fatal_error("logged_in_already",$username); } |
| if ( !$iamguest && $sessionvalid == 1 ) { |
| &fatal_error("no_username") if ($FORM{'username'} eq ""); |
| fatal_error( 'logged_in_already', $username ); |
| &fatal_error("no_password") if ($FORM{'passwrd'} eq ""); |
| } |
| $username = $FORM{'username'}; |
| if ( $FORM{'username'} eq q{} ) { fatal_error('no_username'); } |
| $username =~ s/\s/_/g; |
| if ( $FORM{'passwrd'} eq q{} ) { fatal_error('no_password'); } |
| &fatal_error("invalid_character","$loginout_txt{'35'} $loginout_txt{'241'}") if $username =~ /[^ \w\x80-\xFF\[\]\(\)#\%\+,\-\|\.:=\?\@\^]/; |
| $username = $FORM{'username'}; |
| &fatal_error("only_numbers_allowed") if $FORM{'cookielength'} !~ /^[0-9]+$/; |
| $username =~ s/\s/_/gxsm; |
| |
| if ( $username =~ /[^ \w\x80-\xFF\[\]\(\)#\%\+,\-\|\.:=\?\@\^]/sm ) { |
| ## Check if login ID is not and email address or screenname ## |
| $error_txt = isempty($loginout_txt{'35a'}, "$loginout_txt{'35'} $loginout_txt{'241'}"); |
| if (!-e "$memberdir/$username.vars"){ |
| fatal_error( 'invalid_character', |
| $test_id = &MemberIndex("who_is", "$FORM{'username'}"); |
| "$error_txt" ); |
| if ($test_id ne "") { $username = $test_id; } else { &fatal_error("bad_credentials"); } |
| } |
| } |
| |
| if (-e "$memberdir/$username.pre" && -e "$memberdir/$username.vars") { unlink "$memberdir/$username.pre"; } |
| ## Check if login ID is not an email address ## |
| if (-e "$memberdir/$username.pre" && ($regtype == 1 || $regtype == 2)) { &fatal_error('not_activated'); } |
| if ( !-e "$memberdir/$username.vars" ) { |
| |
| $test_id = MemberIndex( 'who_is', "$FORM{'username'}" ); |
| # Need to do this to get correct case of username, |
| if ( $test_id ) { $username = $test_id; } |
| # for case insensitive systems. Can cause weird issues otherwise |
| } |
| $caseright = 0; |
| |
| &ManageMemberlist("load"); |
| if ( -e "$memberdir/$username.pre" && ( $regtype == 1 || $regtype == 2 ) ) { |
| while (($curmemb, $value) = each(%memberlist)) { |
| fatal_error('not_activated'); |
| if ($username =~ m/\A\Q$curmemb\E\Z/) { $caseright = 1; last; } |
| } |
| } |
| elsif ( -e "$memberdir/$username.wait" && $regtype == 1 ) { |
| undef %memberlist; |
| fatal_error('prereg_wait'); |
| if(!$caseright) { |
| } |
| $username = "Guest"; |
| elsif ( !-e "$memberdir/$username.vars" ) { fatal_error('bad_credentials'); } |
| &fatal_error("bad_credentials"); |
| |
| } |
| if ( -e "$memberdir/$username.pre" && -e "$memberdir/$username.vars" ) { |
| |
| unlink "$memberdir/$username.pre"; |
| if (-e "$memberdir/$username.vars") { |
| } |
| &LoadUser($username); |
| |
| my $spass = ${$uid.$username}{'password'}; |
| # Need to do this to get correct case of user ID, |
| my $cryptpass = &encode_password("$FORM{'passwrd'}"); |
| # for case insensitive systems. Can cause weird issues otherwise |
| |
| $caseright = 0; |
| # convert non encrypted password to MD5 crypted one |
| ManageMemberlist('load'); |
| if ($spass eq $FORM{'passwrd'} && $spass ne $cryptpass) { |
| while ( ( $curmemb, $value ) = each %memberlist ) { |
| # only encrypt the password if it's not already MD5 encrypted |
| if ( $username eq $curmemb ) { $caseright = 1; last; } |
| # MD5 hashes in YaBB are always 22 chars long (base64) |
| } |
| if (length(${$uid.$username}{'password'}) != 22) { |
| undef %memberlist; |
| ${$uid.$username}{'password'} = $cryptpass; |
| |
| &UserAccount($username); |
| if ( !$caseright ) { |
| $spass = $cryptpass; |
| $username = 'Guest'; |
| } |
| fatal_error('bad_credentials'); |
| } |
| } |
| if ($spass ne $cryptpass) { |
| |
| $username = "Guest"; |
| if ( -e "$memberdir/$username.vars" ) { |
| &fatal_error("bad_credentials"); |
| LoadUser($username); |
| } |
| my $spass = ${ $uid . $username }{'password'}; |
| } else { |
| my $cryptpass = encode_password("$FORM{'passwrd'}"); |
| $username = "Guest"; |
| |
| &fatal_error("bad_credentials"); |
| # convert non encrypted password to MD5 encrypted one |
| } |
| if ( $spass eq $FORM{'passwrd'} && $spass ne $cryptpass ) { |
| |
| |
| $iamadmin = ${$uid.$username}{'position'} eq 'Administrator' ? 1 : 0; |
| # only encrypt the password if it's not already MD5 encrypted |
| $iamgmod = ${$uid.$username}{'position'} eq 'Global Moderator' ? 1 : 0; |
| # MD5 hashes in YaBB are always 22 chars long (base64) |
| $sessionvalid = 1; |
| if ( length( ${ $uid . $username }{'password'} ) != 22 ) { |
| $iamguest = 0; |
| ${ $uid . $username }{'password'} = $cryptpass; |
| |
| UserAccount($username); |
| if ($maintenance && !$iamadmin) { $username = 'Guest'; &fatal_error("admin_login_only"); } |
| $spass = $cryptpass; |
| &banning; |
| } |
| |
| } |
| if ($FORM{'cookielength'} == 1) { $ck{'len'} = 'Sunday, 17-Jan-2038 00:00:00 GMT'; } |
| if ( $spass ne $cryptpass ) { |
| elsif ($FORM{'cookielength'} == 2) { $ck{'len'} = ''; } |
| $username = 'Guest'; |
| else { $ck{'len'} = "+$FORM{'cookielength'}m"; } |
| fatal_error('bad_credentials'); |
| ${$uid.$username}{'session'} = &encode_password($user_ip); |
| } |
| &UpdateCookie("write", $username, &encode_password($FORM{'passwrd'}), ${$uid.$username}{'session'}, "/", $ck{'len'}); |
| } |
| |
| else { |
| &UserAccount($username, "update", "-"); # "-" to not update 'lastonline' here |
| $username = 'Guest'; |
| &buildIMS($username,'load'); # isn't loaded because was Guest before |
| fatal_error('bad_credentials'); |
| &buildIMS($username,''); # rebuild the Members/$username.ims file on login |
| } |
| |
| |
| if($FORM{'sredir'}) { |
| $iamadmin = ${ $uid . $username }{'position'} eq 'Administrator' ? 1 : 0; |
| $FORM{'sredir'} =~ s/\~/\=/g; |
| $iamgmod = ${ $uid . $username }{'position'} eq 'Global Moderator' ? 1 : 0; |
| $FORM{'sredir'} =~ s/x3B/;/g; |
| $sessionvalid = 1; |
| $FORM{'sredir'} =~ s/search2/search/g; |
| $iamguest = 0; |
| $FORM{'sredir'} = qq~?$FORM{'sredir'}~; |
| |
| # $FORM{'sredir'} = '' if $FORM{'sredir'} =~ /action=(register|login2)/; |
| if ( $maintenance && !$iamadmin ) { |
| $FORM{'sredir'} = '' if $FORM{'sredir'} =~ /action=(register|login2|reminder|reminder2)/; |
| $username = 'Guest'; |
| } |
| fatal_error('admin_login_only'); |
| $yySetLocation = qq~$scripturl$FORM{'sredir'}~; |
| } |
| &redirectexit; |
| banning(); |
| |
| |
| |
| if ( $FORM{'cookielength'} == 1 ) { |
| |
| $ck{'len'} = 'Sunday, 17-Jan-2038 00:00:00 GMT'; |
| |
| } |
| |
| else { $ck{'len'} = q{}; } |
| |
| |
| |
| ${ $uid . $username }{'session'} = encode_password($user_ip); |
| |
| UpdateCookie( |
| |
| 'write', $username, |
| |
| encode_password( $FORM{'passwrd'} ), |
| |
| ${ $uid . $username }{'session'}, |
| |
| q{/}, $ck{'len'} |
| |
| ); |
| |
| |
| |
| UserAccount( $username, 'update', q{-} ); |
| |
| |
| |
| # "-" to not update 'lastonline' here |
| |
| buildIMS( $username, 'load' ); # isn't loaded because was Guest before |
| |
| buildIMS( $username, q{} ); |
| |
| |
| |
| # rebuild the Members/$username.ims file on login |
| |
| WriteLog(); |
| |
| |
| |
| if ( $FORM{'sredir'} ) { |
| |
| $FORM{'sredir'} =~ s/\~/\=/gxsm; |
| |
| $FORM{'sredir'} =~ s/x3B/;/gsm; |
| |
| $FORM{'sredir'} =~ s/search2/search/gsm; |
| |
| $FORM{'sredir'} = qq~?$FORM{'sredir'}~; |
| |
| if ( $FORM{'sredir'} =~ |
| |
| /action=(register|login2|reminder|reminder2)/xsm ) |
| |
| { |
| |
| $FORM{'sredir'} = q{}; |
| |
| } |
| |
| } |
| |
| $yySetLocation = qq~$scripturl$FORM{'sredir'}~; |
| |
| redirectexit(); |
| |
| return; |
| } |
| } |
| |
| |
| sub Logout { |
| sub Logout { |
| if ($username ne 'Guest') { |
| if ( $username ne 'Guest' ) { |
| &RemoveUserOnline($username); # Remove user from online log |
| RemoveUserOnline($username); # Remove user from online log |
| &UserAccount($username, "update", "lastonline"); |
| UserAccount( $username, 'update', 'lastonline' ); |
| } |
| } |
| |
| |
| &UpdateCookie("delete"); |
| UpdateCookie('delete'); |
| $yySetLocation = $guestaccess ? $scripturl : qq~$scripturl?action=login~; |
| $yySetLocation = $guestaccess ? $scripturl : qq~$scripturl?action=login~; |
| $username = 'Guest'; |
| $username = 'Guest'; |
| &redirectexit; |
| redirectexit(); |
| |
| return; |
| } |
| } |
| |
| |
| sub sharedLogin { |
| sub sharedLogin { |
| if ($action eq 'login' || $maintenance) { |
| get_template('Loginout'); |
| $yynavigation = qq~› $loginout_txt{'34'}~; |
| if ( $action eq 'login' || $maintenance ) { |
| $border = qq~<div class="bordercolor" style="width: 100%; margin-bottom: 8px; margin-left: auto; margin-right: auto;">~; |
| $yynavigation = qq~› $loginout_txt{'34'}~; |
| $border_with_title = qq~<div class="bordercolor" style="width: 700px; margin-bottom: 8px; margin-left: auto; margin-right: auto;">~; |
| } |
| $border_bottom = qq~</div>~; |
| |
| } |
| |
| |
| |
| if ($Cookie_Length == 1) { $clsel1 = ' selected="selected"'; } |
| |
| elsif ($Cookie_Length == 2) { $clsel2 = ' selected="selected"'; } |
| |
| elsif ($Cookie_Length == 60) { $clsel60 = ' selected="selected"'; } |
| |
| elsif ($Cookie_Length == 180) { $clsel180 = ' selected="selected"'; } |
| |
| elsif ($Cookie_Length == 360) { $clsel360 = ' selected="selected"'; } |
| |
| elsif ($Cookie_Length == 480) { $clsel480 = ' selected="selected"'; } |
| |
| elsif ($Cookie_Length == 600) { $clsel600 = ' selected="selected"'; } |
| |
| elsif ($Cookie_Length == 720) { $clsel720 = ' selected="selected"'; } |
| |
| elsif ($Cookie_Length == 1440) { $clsel1440 = ' selected="selected"'; } |
| |
| if ($sharedLogin_title ne "") { |
| |
| $sharedlog .= qq~ |
| |
| $border_with_title |
| |
| <table cellpadding="4" cellspacing="1" border="0" width="100%" align="center"> |
| |
| <tr><td class="titlebg" colspan="2"><b>$sharedLogin_title</b></td></tr>~; |
| |
| if ($sharedLogin_text ne "") { |
| |
| $sharedlog .= qq~ |
| |
| <tr><td class="windowbg" colspan="2" align="left">$sharedLogin_text</td></tr>~; |
| |
| } |
| |
| $sharedlog .= qq~ |
| |
| <tr> |
| |
| <td class="windowbg2" colspan="2" align="center" valign="middle" style="padding: 10px;">~; |
| |
| } else { |
| |
| $sharedlog .= qq~ |
| |
| $border |
| |
| <table class="bordercolor" align="center" cellpadding="0" cellspacing="1" border="0" width="100%"> |
| |
| <tr><td class="tabtitle" colspan="2" valign="middle" align="center" height="25">$loginout_txt{'34'}</td></tr> |
| |
| <tr> |
| |
| <td class="windowbg" width="5%" valign="middle" align="center"><img src="$imagesdir/login.gif" border="0" alt="" /></td> |
| |
| <td class="windowbg2" align="center" valign="middle" style="padding: 10px;">~; |
| |
| } |
| |
| if ($maintenance) { $hide_passbutton = " visibility: hidden;"; } |
| |
| if ($maintenance || !$regtype) { $hide_regbutton = " visibility: hidden;"; } |
| |
| $sharedlog .= qq~ |
| |
| <form name="loginform" action="$scripturl?action=login2" method="post"> |
| |
| <input type="hidden" name="sredir" value="$INFO{'sesredir'}" /> |
| |
| <div style="width: 600px;"> |
| |
| <span style="float: left; width: 50%; text-align: left; margin-bottom: 5px;"> |
| |
| <label for="username">$loginout_txt{'35'}</label>:<br /> |
| |
| <input type="text" name="username" id="username" size="30" maxlength="100" style="width: 285px;" tabindex="1"$regstyle /> |
| |
| </span> |
| |
| <span style="float: left; width: 23%; text-align: center; margin-bottom: 5px;"> |
| |
| |
| |
| </span> |
| |
| <span style="float: left; width: 27%; text-align: right; margin-bottom: 5px;"> |
| |
| <br /> |
| |
| <input type="button" value="$maintxt{'97'}" style="width: 160px;$hide_regbutton" onclick="location.href='$scripturl?action=register'" tabindex="6" class="button" /> |
| |
| </span> |
| |
| </div> |
| |
| <div style="width: 600px;"> |
| |
| <span style="float: left; width: 29%; text-align: left; margin-bottom: 5px;"> |
| |
| <label for="passwrd">$loginout_txt{'36'}</label>:<br /> |
| |
| <input type="password" name="passwrd" id="passwrd" size="15" maxlength="30" style="width: 110px;" tabindex="2" onkeypress="capsLock(event,'shared_login')" /> |
| |
| </span> |
| |
| <span style="float: left; width: 21%; text-align: left; margin-bottom: 5px;"> |
| |
| <label for="cookielength">$loginout_txt{'497'}</label>:<br /> |
| |
| <select name="cookielength" id="cookielength" style="width: 117px;" tabindex="3"> |
| |
| <option value="2"$clsel2>$loginout_txt{'497d'}</option> |
| |
| <option value="1"$clsel1>$loginout_txt{'497c'}</option> |
| |
| <option value="60"$clsel60>1 $loginout_txt{'497a'}</option> |
| |
| <option value="180"$clsel180>3 $loginout_txt{'497b'}</option> |
| |
| <option value="360"$clsel360>6 $loginout_txt{'497b'}</option> |
| |
| <option value="480"$clsel480>8 $loginout_txt{'497b'}</option> |
| |
| <option value="600"$clsel600>10 $loginout_txt{'497b'}</option> |
| |
| <option value="720"$clsel720>12 $loginout_txt{'497b'}</option> |
| |
| <option value="1440"$clsel1440>24 $loginout_txt{'497b'}</option> |
| |
| </select> |
| |
| </span> |
| |
| <span style="float: left; width: 23%; text-align: center; margin-bottom: 5px;"> |
| |
| <br /> |
| |
| <input type="submit" value="$loginout_txt{'34'}" tabindex="4" accesskey="l" style="width: 100px;" class="button" /> |
| |
| </span> |
| |
| <span style="float: left; width: 27%; text-align: right; margin-bottom: 5px;"> |
| |
| <br /> |
| |
| <input type="button" value="$loginout_txt{'315'}" style="width: 160px;$hide_passbutton" onclick="location.href='$scripturl?action=reminder'" tabindex="5" class="button" /> |
| |
| </span> |
| |
| <br /><br /> |
| |
| </div> |
| |
| <div style="width: 600px; text-align: left; color: red; font-weight: bold; display: none" id="shared_login">$loginout_txt{'capslock'}</div> |
| |
| <div style="width: 600px; text-align: left; color: red; font-weight: bold; display: none" id="shared_login_char">$loginout_txt{'wrong_char'}: <span id="shared_login_character"> </span></div> |
| |
| </form> |
| |
| </td> |
| |
| </tr> |
| |
| </table> |
| |
| $border_bottom |
| |
| ~; |
| |
| |
| |
| $loginform = 1; |
| #cookie length is now all or nothing. |
| $sharedLogin_title = ''; |
| if ( $sharedLogin_title ne q{} ) { |
| $sharedLogin_text = ''; |
| $sharedlog = $mysharedloga; |
| return $sharedlog; |
| $sharedlog =~ s/{yabb sharedLogin_title}/$sharedLogin_title/sm; |
| |
| if ( $sharedLogin_text ne q{} ) { |
| |
| $sharedlog .= $mysharedlogb; |
| |
| $sharedlog =~ s/{yabb sharedLogin_text}/$sharedLogin_text/sm; |
| |
| } |
| |
| $sharedlog .= $mysharedlogc; |
| |
| $sharedbot = $myborder_bottom; |
| |
| } |
| |
| else { |
| |
| $sharedlog = $mysharedlog_top; |
| |
| $sharedbot = $mysharedbot; |
| |
| } |
| |
| if ($maintenance) { $hide_passlink = ' style="visibility: hidden;"' } |
| |
| if ( $maintenance || !$regtype ) { |
| |
| $hide_reglink = ' style="visibility: hidden;"';; |
| |
| } |
| |
| $sharedlog .= qq~ |
| |
| <form id="loginform" name="loginform" action="$scripturl?action=login2" method="post" accept-charset="$yymycharset"> |
| |
| <input type="hidden" name="sredir" value="$INFO{'sesredir'}" /> |
| |
| $mysharedlog_bodya |
| |
| $sharedbot~; |
| |
| $sharedlog =~ s/{yabb regstyle}/$regstyle/sm; |
| |
| $sharedlog =~ s/{yabb hide_reglink}/$hide_reglink/gsm; |
| |
| $sharedlog =~ s/{yabb hide_passlink}/$hide_passlink/gsm; |
| |
| my $cookielength_sel = q{}; |
| |
| if ( $Cookie_Length ) { $cookielength_sel = ' checked="checked"'} |
| |
| $sharedlog =~ s/{yabb cookielength_sel}/$cookielength_sel/gsm; |
| |
| $loginform = 1; |
| |
| $sharedLogin_title = q{}; |
| |
| $sharedLogin_text = q{}; |
| |
| return $sharedlog; |
| } |
| } |
| |
| |
| sub Reminder { |
| sub Reminder { |
| # if (!$iamguest) { &fatal_error("logged_in_already",$username); } |
| if ( !$iamguest && $sessionvalid == 1 ) { |
| if (!$iamguest && $sessionvalid == 1) { &fatal_error("logged_in_already",$username); } |
| fatal_error( 'logged_in_already', $username ); |
| $yymain .= qq~<br /><br /> |
| } |
| <form action="$scripturl?action=reminder2" method="post" name="reminder" onsubmit="return CheckReminderField();"> |
| get_template('Loginout'); |
| <table border="0" width="400" cellspacing="1" cellpadding="3" align="center" class="bordercolor"> |
| |
| <tr> |
| |
| <td class="titlebg"> |
| |
| <span class="text1"><b>$mbname $loginout_txt{'36'} $loginout_txt{'194'}</b></span> |
| |
| </td> |
| |
| </tr><tr> |
| |
| <td class="windowbg"> |
| |
| <label for="user"><span class="text1"><b>$loginout_txt{'35'}:</b></span></label> |
| |
| <input type="text" name="user" id="user" $regstyle size="50" /> |
| |
| </td> |
| |
| </tr> |
| |
| ~; |
| |
| |
| |
| if ($regcheck) { |
| $yymain .= qq~<br /><br /> |
| &validation_code; |
| <form action="$scripturl?action=reminder2" method="post" name="reminder" onsubmit="return CheckReminderField();" accept-charset="$yymycharset"> |
| $yymain .= qq~ |
| $myremindera~; |
| <tr> |
| $yymain =~ s/{yabb mbname}/$mbname/sm; |
| <td class="windowbg"> |
| $yymain =~ s/{yabb regstyle}/$regstyle/sm; |
| <label for="verification"><span class="text1"><b>$floodtxt{'1'}: </b></span> |
| |
| $showcheck |
| if ($regcheck) { |
| <br /><span class="small">$floodtxt{'casewarning'}</span></label> |
| validation_code(); |
| </td> |
| $yymain .= $myreminder_regcheck; |
| </tr><tr> |
| $yymain =~ s/{yabb flood_text}/$flood_text/sm; |
| <td class="windowbg"> |
| $yymain =~ s/{yabb showcheck}/$showcheck/sm; |
| <label for="verification"><span class="text1"><b>$floodtxt{'3'}: </b></span></label> |
| } |
| <span class="text1"><input type="text" maxlength="30" name="verification" id="verification" size="20" /></span> |
| if ( $spam_questions_send && -e "$langdir/$language/spam.questions" ) { |
| </td> |
| SpamQuestion(); |
| </tr> |
| my $verification_question_desc; |
| ~; |
| if ($spam_questions_case) { |
| } |
| $verification_question_desc = |
| $yymain .= qq~ |
| qq~<br />$loginout_txt{'verification_question_case'}~; |
| <tr> |
| } |
| <td align="center" class="windowbg"> |
| $yymain .= $myreminder_vericheck; |
| <input type="submit" value="$loginout_txt{'339'}" class="button" /> |
| $yymain =~ s/{yabb spam_question}/$spam_question/sm; |
| </td> |
| $yymain =~ s/{yabb spam_question_id}/$spam_question_id/sm; |
| </tr> |
| $yymain =~ s/{yabb spam_question_image}/$spam_image/sm; |
| </table> |
| $yymain =~ |
| </form> |
| s/{yabb verification_question_desc}/$verification_question_desc/sm; |
| <script type="text/javascript" language="JavaScript"> |
| } |
| <!-- |
| |
| |
| $yymain .= $myreminder_endform; |
| |
| $yymain .= qq~ |
| |
| <script type="text/javascript"> |
| document.reminder.user.focus(); |
| document.reminder.user.focus(); |
| |
| |
| function CheckReminderField() { |
| function CheckReminderField() { |
| if (document.reminder.user.value == '') { |
| if (document.reminder.user.value == '') { |
| alert("$loginout_txt{'error_user_info'}"); |
| alert("$loginout_txt{'error_user_info'}"); |
| document.reminder.user.focus(); |
| document.reminder.user.focus(); |
| return false; |
| return false; |
| } |
| }~ . |
| |
| |
| |
| ( |
| |
| $regcheck |
| |
| ? qq~ |
| |
| if (document.reminder.verification.value == '') { |
| |
| alert("$loginout_txt{'error_verification'}"); |
| |
| document.reminder.verification.focus(); |
| |
| return false; |
| |
| }~ |
| |
| : q{} |
| |
| ) |
| |
| . |
| |
| |
| |
| ( |
| |
| $spam_questions_send && -e "$langdir/$language/spam.questions" |
| |
| ? qq~ |
| |
| if (document.reminder.verification_question.value == '') { |
| |
| alert("$loginout_txt{'error_verification_question'}"); |
| |
| document.reminder.verification_question.focus(); |
| |
| return false; |
| |
| }~ |
| |
| : q{} |
| |
| ) |
| |
| |
| |
| . q~ |
| return true; |
| return true; |
| } |
| } |
| //--> |
| </script> |
| </script> <br /><br /> |
| <br /><br /> |
| ~; |
| ~; |
| |
| |
| $yytitle = $loginout_txt{'669'}; |
| $yytitle = $loginout_txt{'669'}; |
| $yynavigation = qq~› $loginout_txt{'669'}~; |
| $yynavigation = qq~› $loginout_txt{'669'}~; |
| &template; |
| template(); |
| |
| return; |
| } |
| } |
| |
| |
| sub Reminder2 { |
| sub Reminder2 { |
| if (!$FORM{'user'}) { &fatal_error("", "$loginout_txt{'error_user_info'}"); } |
| if ( !$FORM{'user'} ) { |
| # generate random ID for password reset. |
| fatal_error( q{}, "$loginout_txt{'error_user_info'}" ); |
| if (!$iamguest && $sessionvalid == 1) { &fatal_error("logged_in_already",$username); } |
| } |
| my $randid = &keygen(8,"A"); |
| |
| |
| |
| if ($regcheck) { |
| |
| &validation_check($FORM{'verification'}); |
| |
| } |
| |
| |
| |
| my $user = $FORM{'user'}; |
| |
| $user =~ s/\s/_/g; |
| |
| |
| |
| if (!-e "$memberdir/$user.vars"){ |
| |
| $test_id = &MemberIndex("who_is", $FORM{'user'}); |
| |
| if ($test_id) { $user = $test_id; } |
| |
| else { &fatal_error("", "$loginout_txt{'no_user_info_exists'}"); } |
| |
| } |
| |
| |
| |
| # Fix to make it load in their own language |
| |
| &LoadUser($user); |
| |
| &fatal_error("corrupt_member_file") if !${$uid.$user}{'email'}; |
| |
| |
| |
| $username = $user; |
| |
| &WhatLanguage; |
| |
| &LoadLanguage('LogInOut'); |
| |
| &LoadLanguage('Email'); |
| |
| undef $username; |
| |
| |
| |
| $userfound = 0; |
| |
| |
| |
| if (-e "$memberdir/forgotten.passes") { |
| |
| require "$memberdir/forgotten.passes"; |
| |
| } |
| |
| if (exists $pass{$user}) { delete $pass{$user}; } |
| |
| $pass{"$user"} = $randid; |
| |
| |
| |
| fopen(FILE, ">$memberdir/forgotten.passes") || &fatal_error("cannot_open","$memberdir/forgotten.passes", 1); |
| |
| while (($key, $value) = each(%pass)) { |
| |
| print FILE qq~\$pass{"$key"} = '$value';\n~; |
| |
| } |
| |
| print FILE "1;"; |
| |
| fclose(FILE); |
| |
| |
| |
| $subject = "$loginout_txt{'36'} $mbname: ${$uid.$user}{'realname'}"; |
| |
| if($do_scramble_id){$cryptusername = &cloak($user);} else {$cryptusername = $user; } |
| |
| require "$sourcedir/Mailer.pl"; |
| |
| &LoadLanguage('Email'); |
| |
| my $message = &template_email($passwordreminderemail, {'displayname' => ${$uid.$user}{'realname'}, 'cryptusername' => $cryptusername, 'remindercode' => $randid}); |
| |
| &sendmail(${$uid.$user}{'email'}, $subject, $message); |
| |
| |
| |
| $yymain .= qq~<br /><br /> |
| |
| <table border="0" width="400" cellspacing="1" cellpadding="3" align="center" class="bordercolor"> |
| |
| <tr> |
| |
| <td class="titlebg"> |
| |
| <span class="text1"><b>$mbname $loginout_txt{'36'} $loginout_txt{'194'}</b></span> |
| |
| </td> |
| |
| </tr><tr> |
| |
| <td class="windowbg" align="center"> |
| |
| <b>$loginout_txt{'192'} $FORM{'user'}</b></td> |
| |
| </tr> |
| |
| </table> |
| |
| <br /><p align="center"><a href="$scripturl">$maintxt{'go_to_board'}</a></p><br /> |
| |
| |
| |
| ~; |
| if ( !$iamguest && $sessionvalid == 1 && !$iamadmin ) { |
| $yytitle = "$loginout_txt{'669'}"; |
| fatal_error( 'logged_in_already', $username ); |
| &template; |
| } |
| |
| |
| |
| # generate random ID for password reset. |
| |
| my $randid = keygen( 8, 'A' ); |
| |
| |
| |
| if ( $regcheck && !$iamadmin ) { |
| |
| validation_check( $FORM{'verification'} ); |
| |
| } |
| |
| if ( $spam_questions_send && -e "$langdir/$language/spam.questions" ) { |
| |
| SpamQuestionCheck( $FORM{'verification_question'}, |
| |
| $FORM{'verification_question_id'} ); |
| |
| } |
| |
| |
| |
| my $user = $FORM{'user'}; |
| |
| $user =~ s/\s/_/gxsm; |
| |
| |
| |
| if ( !-e "$memberdir/$user.vars" ) { |
| |
| $test_id = MemberIndex( 'who_is', $FORM{'user'} ); |
| |
| if ($test_id) { $user = $test_id; } |
| |
| else { fatal_error( q{}, "$loginout_txt{'no_user_info_exists'}" ); } |
| |
| } |
| |
| |
| |
| # Fix to make it load in their own language |
| |
| LoadUser($user); |
| |
| if ( !${ $uid . $user }{'email'} ) { fatal_error('corrupt_member_file'); } |
| |
| |
| |
| $username = $user; |
| |
| WhatLanguage(); |
| |
| LoadLanguage('LogInOut'); |
| |
| LoadLanguage('Email'); |
| |
| undef $username; |
| |
| |
| |
| $userfound = 0; |
| |
| |
| |
| if ( -e "$memberdir/forgotten.passes" ) { |
| |
| require "$memberdir/forgotten.passes"; |
| |
| } |
| |
| if ( exists $pass{$user} ) { delete $pass{$user}; } |
| |
| $pass{"$user"} = $randid; |
| |
| |
| |
| fopen( FILE, ">$memberdir/forgotten.passes" ) |
| |
| or fatal_error( 'cannot_open', "$memberdir/forgotten.passes", 1 ); |
| |
| while ( ( $key, $value ) = each %pass ) { |
| |
| print {FILE} qq~\$pass{'$key'} = '$value';\n~ |
| |
| or croak "$croak{'print'} forgotten.passes"; |
| |
| } |
| |
| print {FILE} '1;' or croak "$croak{'print'} forgotten.passes"; |
| |
| fclose(FILE); |
| |
| |
| |
| $subject = "$mbname $loginout_txt{'36b'}: ${$uid.$user}{'realname'}"; |
| |
| if ($do_scramble_id) { $cryptusername = cloak($user); } |
| |
| else { $cryptusername = $user; } |
| |
| require Sources::Mailer; |
| |
| LoadLanguage('Email'); |
| |
| my $message = template_email( |
| |
| $passwordreminderemail, |
| |
| { |
| |
| 'displayname' => ${ $uid . $user }{'realname'}, |
| |
| 'cryptusername' => $cryptusername, |
| |
| 'remindercode' => $randid |
| |
| } |
| |
| ); |
| |
| sendmail( ${ $uid . $user }{'email'}, $subject, $message ); |
| |
| get_template('Loginout'); |
| |
| |
| |
| $yymain .= $myreminder2; |
| |
| $yymain =~ s/{yabb mbname}/$mbname/sm; |
| |
| $yymain =~ s/{yabb forum_user}/$FORM{'user'}/sm; |
| |
| |
| |
| $yytitle = "$loginout_txt{'669'}"; |
| |
| template(); |
| |
| return; |
| } |
| } |
| |
| |
| sub Reminder3 { |
| sub Reminder3 { |
| $id = $INFO{'ID'}; |
| $id = $INFO{'ID'}; |
| if($do_scramble_id){$user = &decloak($INFO{'user'});} else { $user = $INFO{'user'};} |
| if ($do_scramble_id) { $user = decloak( $INFO{'user'} ); } |
| |
| else { $user = $INFO{'user'}; } |
| |
| |
| |
| if ( $id !~ /[a-zA-Z0-9]+/xsm ) { |
| |
| fatal_error( 'invalid_character', "ID $loginout_txt{'241'}" ); |
| |
| } |
| |
| if ( $user =~ /[^\w#\%\+\-\.\@\^]/xsm ) { |
| |
| fatal_error( 'invalid_character', "User $loginout_txt{'241'}" ); |
| |
| } |
| |
| |
| if ($id !~ /[a-zA-Z0-9]+/) { &fatal_error("invalid_character","ID $loginout_txt{'241'}"); } |
| # generate a new random password as the old one is one-way encrypted. |
| if ($user =~ /[^\w#\%\+\-\.\@\^]/) { &fatal_error("invalid_character","User $loginout_txt{'241'}"); } |
| @chararray = |
| |
| qw(0 1 2 3 4 5 6 7 8 9 a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z); |
| |
| my $newpassword; |
| |
| for my $i ( 0 .. 7 ) { |
| |
| $newpassword .= $chararray[ int rand 61 ]; |
| |
| } |
| |
| |
| |
| # load old userdata |
| |
| LoadUser($user); |
| |
| |
| |
| # update forgotten passwords database |
| |
| require "$memberdir/forgotten.passes"; |
| |
| if ( $pass{$user} ne $id ) { fatal_error('wrong_id'); } |
| |
| delete $pass{$user}; |
| |
| fopen( FORGOTTEN, ">$memberdir/forgotten.passes" ) |
| |
| or fatal_error( 'cannot_open', "$memberdir/forgotten.passes", 1 ); |
| |
| while ( ( $key, $value ) = each %pass ) { |
| |
| print {FORGOTTEN} qq~\$pass{'$key'} = '$value';\n~ |
| |
| or croak "$croak{'print'} FORGOTTEN"; |
| |
| } |
| |
| print {FORGOTTEN} "\n1;" or croak "$croak{'print'} FORGOTTEN"; |
| |
| fclose(FORGOTTEN); |
| |
| |
| # generate a new random password as the old one is one-way encrypted. |
| # add newly generated password to user data |
| @chararray = qw(0 1 2 3 4 5 6 7 8 9 a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z); |
| ${ $uid . $user }{'password'} = encode_password($newpassword); |
| my $newpassword; |
| UserAccount( $user, 'update' ); |
| for (my $i; $i < 8; $i++) { |
| |
| $newpassword .= $chararray[int(rand(61))]; |
| $FORM{'username'} = $user; |
| } |
| $FORM{'passwrd'} = $newpassword; |
| |
| $FORM{'cookielength'} = 10; |
| # load old userdata |
| $FORM{'sredir'} = |
| &LoadUser($user); |
| qq*action~profileCheck2;redir~myprofile;username~$INFO{'user'};passwrd~$newpassword;newpassword~1*; |
| |
| Login2(); |
| # update forgotten passwords database |
| return; |
| require "$memberdir/forgotten.passes"; |
| |
| if ($pass{$user} ne $id) { &fatal_error("wrong_id"); } |
| |
| delete $pass{$user}; |
| |
| fopen(FORGOTTEN, ">$memberdir/forgotten.passes") || &fatal_error("cannot_open","$memberdir/forgotten.passes", 1); |
| |
| while (($key, $value) = each(%pass)) { |
| |
| print FORGOTTEN qq~\$pass{"$key"} = '$value';\n~; |
| |
| } |
| |
| print FORGOTTEN "\n1;"; |
| |
| fclose(FORGOTTEN); |
| |
| |
| |
| # add newly generated password to user data |
| |
| ${$uid.$user}{'password'} = &encode_password($newpassword); |
| |
| &UserAccount($user, "update"); |
| |
| |
| |
| $FORM{'username'} = $user; |
| |
| $FORM{'passwrd'} = $newpassword; |
| |
| $FORM{'cookielength'} = 10; |
| |
| $FORM{'sredir'} = qq*action~profileCheck2;redir~myprofile;username~$INFO{'user'};passwrd~$newpassword;newpassword~1*; |
| |
| &Login2; |
| |
| } |
| } |
| |
| |
| sub InMaintenance { |
| sub InMaintenance { |
| if ($maintenancetext ne "") { $maintxt{'157'} = $maintenancetext; } |
| if ( $maintenancetext ne q{} ) { $maintxt{'157'} = $maintenancetext; } |
| $sharedLogin_title = "$maintxt{'114'}"; |
| $sharedLogin_title = "$maintxt{'114'}"; |
| $sharedLogin_text = "<b>$maintxt{'156'}</b><br />$maintxt{'157'}"; |
| $sharedLogin_text = "<b>$maintxt{'156'}</b><br />$maintxt{'157'}"; |
| $yymain .= &sharedLogin; |
| $yymain .= sharedLogin(); |
| $yytitle = "$maintxt{'155'}"; |
| $yytitle = "$maintxt{'155'}"; |
| &template; |
| template(); |
| |
| return; |
| } |
| } |
| |
| |
| 1; |
| 1; |
| |
| |