F:\WEBSITES\testbed\zipped\yabb_svn_new\branches\2.5.2\cgi-bin\yabb2\Sources\LogInOut.pl F:\WEBSITES\testbed\zipped\yabb_svn_new\trunk\cgi-bin\yabb2\Sources\LogInOut.pm
############################################################################### ###############################################################################
# LogInOut.pl                                                                 # # LogInOut.pm                                                                 #
  # $Date: 01.05.16 $                                                           #
############################################################################### ###############################################################################
# YaBB: Yet another Bulletin Board                                            # # YaBB: Yet another Bulletin Board                                            #
# Open-Source Community Software for Webmasters                               # # Open-Source Community Software for Webmasters                               #
# Version:        YaBB 2.5.2                                                  # # Version:        YaBB 2.6.12                                                 #
# Packaged:       October 21, 2012                                            # # Packaged:       January 5, 2016                                             #
# Distributed by: http://www.yabbforum.com                                    # # Distributed by: http://www.yabbforum.com                                    #
# =========================================================================== # # =========================================================================== #
# Copyright (c) 2000-2012 YaBB (www.yabbforum.com) - All Rights Reserved.     # # Copyright (c) 2000-2016 YaBB (www.yabbforum.com) - All Rights Reserved.     #
# Software by:  The YaBB Development Team                                     # # Software by:  The YaBB Development Team                                     #
#               with assistance from the YaBB community.                      # #               with assistance from the YaBB community.                      #
############################################################################### ###############################################################################
  use CGI::Carp qw(fatalsToBrowser);
  our $VERSION = '2.6.12';
   
$loginoutplver = 'YaBB 2.5.2 $Revision: 1.1 $'; $loginoutpmver = 'YaBB 2.6.12 $Revision: 1651 $';
if ($action eq 'detailedversion') { return 1; } if ( $action eq 'detailedversion' ) { return 1; }
   
if ($regcheck) { require "$sourcedir/Decoder.pl"; } if ($regcheck) { require Sources::Decoder; }
&LoadLanguage('LogInOut');  LoadLanguage('LogInOut'); 
   
$regstyle = '';  $regstyle = q{}; 
   
sub Login { sub Login {
   if (!$iamguest && $sessionvalid == 1) { &fatal_error("logged_in_already",$username); }     if ( !$iamguest && $sessionvalid == 1 ) { 
   $sharedLogin_title = $loginout_txt{'34'};         fatal_error( 'logged_in_already', $username ); 
   $yymain .= &sharedLogin . qq~<script type="text/javascript" language="JavaScript">     } 
<!--    $sharedLogin_title = $loginout_txt{'34'}; 
   document.loginform.username.focus();     $yymain .= sharedLogin() . q~<script type="text/javascript"> 
//-->     document.loginform.username.focus(); 
</script>~; </script>~;
   $yytitle = $loginout_txt{'34'};    $yytitle = $loginout_txt{'34'};
   &template;     template(); 
     return;
} }
   
sub Login2 { sub Login2 {
   if (!$iamguest && $sessionvalid == 1) { &fatal_error("logged_in_already",$username); }     if ( !$iamguest && $sessionvalid == 1 ) { 
   &fatal_error("no_username") if ($FORM{'username'} eq "");         fatal_error( 'logged_in_already', $username ); 
   &fatal_error("no_password") if ($FORM{'passwrd'}  eq "");     } 
   $username = $FORM{'username'};     if ( $FORM{'username'} eq q{} ) { fatal_error('no_username'); } 
   $username =~ s/\s/_/g;     if ( $FORM{'passwrd'}  eq q{} ) { fatal_error('no_password'); } 
   &fatal_error("invalid_character","$loginout_txt{'35'} $loginout_txt{'241'}") if $username =~ /[^ \w\x80-\xFF\[\]\(\)#\%\+,\-\|\.:=\?\@\^]/;     $username = $FORM{'username'}; 
   &fatal_error("only_numbers_allowed") if $FORM{'cookielength'} !~ /^[0-9]+$/;     $username =~ s/\s/_/gxsm; 
     if ( $username =~ /[^ \w\x80-\xFF\[\]\(\)#\%\+,\-\|\.:=\?\@\^]/sm ) {
   ## Check if login ID is not and email address or screenname ##         $error_txt = isempty($loginout_txt{'35a'}, "$loginout_txt{'35'} $loginout_txt{'241'}"); 
   if (!-e "$memberdir/$username.vars"){         fatal_error( 'invalid_character', 
       $test_id = &MemberIndex("who_is", "$FORM{'username'}");             "$error_txt" ); 
       if ($test_id ne "") { $username = $test_id; } else { &fatal_error("bad_credentials"); }     } 
   }  
   if (-e "$memberdir/$username.pre" && -e "$memberdir/$username.vars") { unlink "$memberdir/$username.pre"; }     ## Check if login ID is not an email address ## 
   if (-e "$memberdir/$username.pre" && ($regtype == 1 || $regtype == 2)) { &fatal_error('not_activated'); }     if ( !-e "$memberdir/$username.vars" ) { 
         $test_id = MemberIndex( 'who_is', "$FORM{'username'}" );
   # Need to do this to get correct case of username,         if ( $test_id ) { $username = $test_id; } 
   # for case insensitive systems. Can cause weird issues otherwise     } 
   $caseright = 0;  
   &ManageMemberlist("load");     if ( -e "$memberdir/$username.pre" && ( $regtype == 1 || $regtype == 2 ) ) { 
   while (($curmemb, $value) = each(%memberlist)) {         fatal_error('not_activated'); 
       if ($username =~ m/\A\Q$curmemb\E\Z/) { $caseright = 1; last; }    }
   }     elsif ( -e "$memberdir/$username.wait" && $regtype == 1 ) { 
   undef %memberlist;         fatal_error('prereg_wait'); 
   if(!$caseright) {     } 
       $username = "Guest";     elsif ( !-e "$memberdir/$username.vars" ) { fatal_error('bad_credentials'); } 
       &fatal_error("bad_credentials");  
   }     if ( -e "$memberdir/$username.pre" && -e "$memberdir/$username.vars" ) { 
         unlink "$memberdir/$username.pre";
   if (-e "$memberdir/$username.vars") {     } 
       &LoadUser($username);  
       my $spass     = ${$uid.$username}{'password'};     # Need to do this to get correct case of user ID, 
       my $cryptpass = &encode_password("$FORM{'passwrd'}");     # for case insensitive systems. Can cause weird issues otherwise 
     $caseright = 0;
       # convert non encrypted password to MD5 crypted one     ManageMemberlist('load'); 
       if ($spass eq $FORM{'passwrd'} && $spass ne $cryptpass) {    while ( ( $curmemb, $value ) = each %memberlist ) {
           # only encrypt the password if it's not already MD5 encrypted         if ( $username eq $curmemb ) { $caseright = 1; last; } 
           # MD5 hashes in YaBB are always 22 chars long (base64)     } 
           if (length(${$uid.$username}{'password'}) != 22) {     undef %memberlist; 
               ${$uid.$username}{'password'} = $cryptpass;  
               &UserAccount($username);     if ( !$caseright ) { 
               $spass = $cryptpass;         $username = 'Guest'; 
           }         fatal_error('bad_credentials'); 
       }    }
       if ($spass ne $cryptpass) {  
           $username = "Guest";     if ( -e "$memberdir/$username.vars" ) { 
           &fatal_error("bad_credentials");         LoadUser($username); 
       }         my $spass     = ${ $uid . $username }{'password'}; 
   } else {         my $cryptpass = encode_password("$FORM{'passwrd'}"); 
       $username = "Guest";  
       &fatal_error("bad_credentials");         # convert non encrypted password to MD5 encrypted one 
   }         if ( $spass eq $FORM{'passwrd'} && $spass ne $cryptpass ) { 
   
   $iamadmin     = ${$uid.$username}{'position'} eq 'Administrator' ? 1 : 0;             # only encrypt the password if it's not already MD5 encrypted 
   $iamgmod      = ${$uid.$username}{'position'} eq 'Global Moderator' ? 1 : 0;             # MD5 hashes in YaBB are always 22 chars long (base64) 
   $sessionvalid = 1;             if ( length( ${ $uid . $username }{'password'} ) != 22 ) { 
   $iamguest = 0;                 ${ $uid . $username }{'password'} = $cryptpass; 
                 UserAccount($username);
   if ($maintenance && !$iamadmin) { $username = 'Guest'; &fatal_error("admin_login_only"); }                 $spass = $cryptpass; 
   &banning;             } 
         }
   if ($FORM{'cookielength'} == 1) { $ck{'len'} = 'Sunday, 17-Jan-2038 00:00:00 GMT'; }         if ( $spass ne $cryptpass ) { 
   elsif ($FORM{'cookielength'} == 2) { $ck{'len'} = ''; }             $username = 'Guest'; 
   else { $ck{'len'} = "+$FORM{'cookielength'}m"; }             fatal_error('bad_credentials'); 
   ${$uid.$username}{'session'} = &encode_password($user_ip);         } 
   &UpdateCookie("write", $username, &encode_password($FORM{'passwrd'}), ${$uid.$username}{'session'}, "/", $ck{'len'});     } 
     else {
   &UserAccount($username, "update", "-"); # "-" to not update 'lastonline' here         $username = 'Guest'; 
   &buildIMS($username,'load'); # isn't loaded because was Guest before         fatal_error('bad_credentials'); 
   &buildIMS($username,''); # rebuild the Members/$username.ims file on login     } 
   
   if($FORM{'sredir'}) {     $iamadmin = ${ $uid . $username }{'position'} eq 'Administrator'    ? 1 : 0; 
       $FORM{'sredir'} =~ s/\~/\=/g;     $iamgmod  = ${ $uid . $username }{'position'} eq 'Global Moderator' ? 1 : 0; 
       $FORM{'sredir'} =~ s/x3B/;/g;     $sessionvalid = 1; 
       $FORM{'sredir'} =~ s/search2/search/g;     $iamguest     = 0; 
       $FORM{'sredir'} = qq~?$FORM{'sredir'}~;  
#       $FORM{'sredir'} = '' if $FORM{'sredir'} =~ /action=(register|login2)/;     if ( $maintenance && !$iamadmin ) { 
       $FORM{'sredir'} = '' if $FORM{'sredir'} =~ /action=(register|login2|reminder|reminder2)/;         $username = 'Guest'; 
   }         fatal_error('admin_login_only'); 
   $yySetLocation = qq~$scripturl$FORM{'sredir'}~;     } 
   &redirectexit;     banning(); 
   
     if ( $FORM{'cookielength'} == 1 ) {
         $ck{'len'} = 'Sunday, 17-Jan-2038 00:00:00 GMT';
     }
     else { $ck{'len'} = q{}; }
   
     ${ $uid . $username }{'session'} = encode_password($user_ip);
     UpdateCookie(
         'write', $username,
         encode_password( $FORM{'passwrd'} ),
         ${ $uid . $username }{'session'},
         q{/}, $ck{'len'}
     );
   
     UserAccount( $username, 'update', q{-} );
   
     # "-" to not update 'lastonline' here
     buildIMS( $username, 'load' );    # isn't loaded because was Guest before
     buildIMS( $username, q{} );
   
     # rebuild the Members/$username.ims file on login
     WriteLog();
   
     if ( $FORM{'sredir'} ) {
         $FORM{'sredir'} =~ s/\~/\=/gxsm;
         $FORM{'sredir'} =~ s/x3B/;/gsm;
         $FORM{'sredir'} =~ s/search2/search/gsm;
         $FORM{'sredir'} = qq~?$FORM{'sredir'}~;
         if ( $FORM{'sredir'} =~
             /action=(register|login2|reminder|reminder2)/xsm )
         {
             $FORM{'sredir'} = q{};
         }
     }
     $yySetLocation = qq~$scripturl$FORM{'sredir'}~;
     redirectexit();
     return;
} }
   
sub Logout { sub Logout {
   if ($username ne 'Guest') {    if ( $username ne 'Guest' ) {
       &RemoveUserOnline($username); # Remove user from online log        RemoveUserOnline($username);    # Remove user from online log
       &UserAccount($username, "update", "lastonline");         UserAccount( $username, 'update', 'lastonline' ); 
   }    }
   
   &UpdateCookie("delete");     UpdateCookie('delete'); 
   $yySetLocation = $guestaccess ? $scripturl : qq~$scripturl?action=login~;    $yySetLocation = $guestaccess ? $scripturl : qq~$scripturl?action=login~;
   $username = 'Guest';    $username = 'Guest';
   &redirectexit;     redirectexit(); 
     return;
} }
   
sub sharedLogin { sub sharedLogin {
   if ($action eq 'login' || $maintenance) {     get_template('Loginout'); 
       $yynavigation = qq~&rsaquo; $loginout_txt{'34'}~;     if ( $action eq 'login' || $maintenance ) { 
       $border = qq~<div class="bordercolor" style="width: 100%; margin-bottom: 8px; margin-left: auto; margin-right: auto;">~;         $yynavigation = qq~&rsaquo; $loginout_txt{'34'}~; 
       $border_with_title = qq~<div class="bordercolor" style="width: 700px; margin-bottom: 8px; margin-left: auto; margin-right: auto;">~;     } 
       $border_bottom = qq~</div>~;  
   }  
   
   if    ($Cookie_Length == 1)    { $clsel1    = ' selected="selected"'; }  
   elsif ($Cookie_Length == 2)    { $clsel2    = ' selected="selected"'; }  
   elsif ($Cookie_Length == 60)   { $clsel60   = ' selected="selected"'; }  
   elsif ($Cookie_Length == 180)  { $clsel180  = ' selected="selected"'; }  
   elsif ($Cookie_Length == 360)  { $clsel360  = ' selected="selected"'; }  
   elsif ($Cookie_Length == 480)  { $clsel480  = ' selected="selected"'; }  
   elsif ($Cookie_Length == 600)  { $clsel600  = ' selected="selected"'; }  
   elsif ($Cookie_Length == 720)  { $clsel720  = ' selected="selected"'; }  
   elsif ($Cookie_Length == 1440) { $clsel1440 = ' selected="selected"'; }  
   if ($sharedLogin_title ne "") {  
       $sharedlog .= qq~  
$border_with_title  
<table cellpadding="4" cellspacing="1" border="0" width="100%" align="center">  
   <tr><td class="titlebg" colspan="2"><b>$sharedLogin_title</b></td></tr>~;  
       if ($sharedLogin_text ne "") {  
           $sharedlog .= qq~  
   <tr><td class="windowbg" colspan="2" align="left">$sharedLogin_text</td></tr>~;  
       }  
       $sharedlog .= qq~  
   <tr>  
       <td class="windowbg2" colspan="2" align="center" valign="middle" style="padding: 10px;">~;  
   } else {  
       $sharedlog .= qq~  
$border  
<table class="bordercolor" align="center" cellpadding="0" cellspacing="1" border="0" width="100%">  
   <tr><td class="tabtitle" colspan="2" valign="middle" align="center" height="25">$loginout_txt{'34'}</td></tr>  
   <tr>  
       <td class="windowbg" width="5%" valign="middle" align="center"><img src="$imagesdir/login.gif" border="0" alt="" /></td>  
       <td class="windowbg2" align="center" valign="middle" style="padding: 10px;">~;  
   }  
   if ($maintenance) { $hide_passbutton = " visibility: hidden;"; }  
   if ($maintenance || !$regtype) { $hide_regbutton = " visibility: hidden;"; }  
       $sharedlog .= qq~  
           <form name="loginform" action="$scripturl?action=login2" method="post">  
               <input type="hidden" name="sredir" value="$INFO{'sesredir'}" />  
               <div style="width: 600px;">  
                   <span style="float: left; width: 50%; text-align: left; margin-bottom: 5px;">  
                       <label for="username">$loginout_txt{'35'}</label>:<br />  
                       <input type="text" name="username" id="username" size="30" maxlength="100" style="width: 285px;" tabindex="1"$regstyle />  
                   </span>  
                   <span style="float: left; width: 23%; text-align: center; margin-bottom: 5px;">  
                       &nbsp;  
                   </span>  
                   <span style="float: left; width: 27%; text-align: right; margin-bottom: 5px;">  
                       &nbsp;<br />  
                                   <input type="button" value="$maintxt{'97'}" style="width: 160px;$hide_regbutton" onclick="location.href='$scripturl?action=register'" tabindex="6" class="button" />  
                   </span>  
               </div>  
               <div style="width: 600px;">  
                   <span style="float: left; width: 29%; text-align: left; margin-bottom: 5px;">  
                       <label for="passwrd">$loginout_txt{'36'}</label>:<br />  
                       <input type="password" name="passwrd" id="passwrd" size="15" maxlength="30" style="width: 110px;" tabindex="2" onkeypress="capsLock(event,'shared_login')" />  
                   </span>  
                   <span style="float: left; width: 21%; text-align: left; margin-bottom: 5px;">  
                       <label for="cookielength">$loginout_txt{'497'}</label>:<br />  
                       <select name="cookielength" id="cookielength" style="width: 117px;" tabindex="3">  
                       <option value="2"$clsel2>$loginout_txt{'497d'}</option>  
                       <option value="1"$clsel1>$loginout_txt{'497c'}</option>  
                       <option value="60"$clsel60>1 $loginout_txt{'497a'}</option>  
                       <option value="180"$clsel180>3 $loginout_txt{'497b'}</option>  
                       <option value="360"$clsel360>6 $loginout_txt{'497b'}</option>  
                       <option value="480"$clsel480>8 $loginout_txt{'497b'}</option>  
                       <option value="600"$clsel600>10 $loginout_txt{'497b'}</option>  
                       <option value="720"$clsel720>12 $loginout_txt{'497b'}</option>  
                       <option value="1440"$clsel1440>24 $loginout_txt{'497b'}</option>  
                       </select>  
                   </span>  
                   <span style="float: left; width: 23%; text-align: center; margin-bottom: 5px;">  
                       &nbsp;<br />  
                       <input type="submit" value="$loginout_txt{'34'}" tabindex="4" accesskey="l" style="width: 100px;" class="button" />  
                   </span>  
                   <span style="float: left; width: 27%; text-align: right; margin-bottom: 5px;">  
                       &nbsp;<br />  
                                   <input type="button" value="$loginout_txt{'315'}" style="width: 160px;$hide_passbutton" onclick="location.href='$scripturl?action=reminder'" tabindex="5" class="button" />  
                             </span>  
                   <br /><br />  
               </div>  
               <div style="width: 600px; text-align: left; color: red; font-weight: bold; display: none" id="shared_login">$loginout_txt{'capslock'}</div>  
               <div style="width: 600px; text-align: left; color: red; font-weight: bold; display: none" id="shared_login_char">$loginout_txt{'wrong_char'}: <span id="shared_login_character">&nbsp;</span></div>  
           </form>  
       </td>  
   </tr>  
</table>  
$border_bottom  
~;  
   
   $loginform = 1;     #cookie length is now all or nothing. 
   $sharedLogin_title = '';     if ( $sharedLogin_title ne q{} ) { 
   $sharedLogin_text = '';         $sharedlog = $mysharedloga; 
   return $sharedlog;         $sharedlog =~ s/{yabb sharedLogin_title}/$sharedLogin_title/sm; 
         if ( $sharedLogin_text ne q{} ) {
             $sharedlog .= $mysharedlogb;
             $sharedlog =~ s/{yabb sharedLogin_text}/$sharedLogin_text/sm;
         }
         $sharedlog .= $mysharedlogc;
         $sharedbot = $myborder_bottom;
     }
     else {
         $sharedlog = $mysharedlog_top;
         $sharedbot = $mysharedbot;
     }
     if ($maintenance) { $hide_passlink = ' style="visibility: hidden;"' }
     if ( $maintenance || !$regtype ) {
         $hide_reglink = ' style="visibility: hidden;"';;
     }
     $sharedlog .= qq~
             <form id="loginform" name="loginform" action="$scripturl?action=login2" method="post" accept-charset="$yymycharset">
                 <input type="hidden" name="sredir" value="$INFO{'sesredir'}" />
     $mysharedlog_bodya
     $sharedbot~;
     $sharedlog =~ s/{yabb regstyle}/$regstyle/sm;
     $sharedlog =~ s/{yabb hide_reglink}/$hide_reglink/gsm;
     $sharedlog =~ s/{yabb hide_passlink}/$hide_passlink/gsm;
     my $cookielength_sel = q{};
     if ( $Cookie_Length  ) { $cookielength_sel = ' checked="checked"'}
     $sharedlog =~ s/{yabb cookielength_sel}/$cookielength_sel/gsm;
     $loginform         = 1;
     $sharedLogin_title = q{};
     $sharedLogin_text  = q{};
     return $sharedlog;
} }
   
sub Reminder { sub Reminder {
#   if (!$iamguest) { &fatal_error("logged_in_already",$username); }     if ( !$iamguest && $sessionvalid == 1 ) { 
   if (!$iamguest && $sessionvalid == 1) { &fatal_error("logged_in_already",$username); }         fatal_error( 'logged_in_already', $username ); 
   $yymain .= qq~<br /><br />     } 
<form action="$scripturl?action=reminder2" method="post" name="reminder" onsubmit="return CheckReminderField();">     get_template('Loginout'); 
<table border="0" width="400" cellspacing="1" cellpadding="3" align="center" class="bordercolor">  
   <tr>  
   <td class="titlebg">  
   <span class="text1"><b>$mbname $loginout_txt{'36'} $loginout_txt{'194'}</b></span>  
   </td>  
   </tr><tr>  
   <td class="windowbg">  
   <label for="user"><span class="text1"><b>$loginout_txt{'35'}:</b></span></label>  
   <input type="text" name="user" id="user" $regstyle size="50" />  
   </td>  
   </tr>  
~;  
   
   if ($regcheck) {     $yymain .= qq~<br /><br /> 
       &validation_code;  <form action="$scripturl?action=reminder2" method="post" name="reminder" onsubmit="return CheckReminderField();" accept-charset="$yymycharset"> 
       $yymain .= qq~  $myremindera~; 
   <tr>     $yymain =~ s/{yabb mbname}/$mbname/sm; 
   <td class="windowbg">     $yymain =~ s/{yabb regstyle}/$regstyle/sm; 
   <label for="verification"><span class="text1"><b>$floodtxt{'1'}: </b></span>  
   $showcheck     if ($regcheck) { 
   <br /><span class="small">$floodtxt{'casewarning'}</span></label>         validation_code(); 
   </td>         $yymain .= $myreminder_regcheck; 
   </tr><tr>         $yymain =~ s/{yabb flood_text}/$flood_text/sm; 
   <td class="windowbg">         $yymain =~ s/{yabb showcheck}/$showcheck/sm; 
   <label for="verification"><span class="text1"><b>$floodtxt{'3'}: </b></span></label>     } 
   <span class="text1"><input type="text" maxlength="30" name="verification" id="verification" size="20" /></span>     if ( $spam_questions_send && -e "$langdir/$language/spam.questions" ) { 
   </td>         SpamQuestion(); 
   </tr>         my $verification_question_desc; 
~;         if ($spam_questions_case) { 
   }             $verification_question_desc = 
   $yymain .= qq~               qq~<br />$loginout_txt{'verification_question_case'}~; 
   <tr>         } 
   <td align="center" class="windowbg">         $yymain .= $myreminder_vericheck; 
   <input type="submit" value="$loginout_txt{'339'}" class="button" />         $yymain =~ s/{yabb spam_question}/$spam_question/sm; 
   </td>         $yymain =~ s/{yabb spam_question_id}/$spam_question_id/sm; 
   </tr>         $yymain =~ s/{yabb spam_question_image}/$spam_image/sm; 
</table>        $yymain =~ 
</form>           s/{yabb verification_question_desc}/$verification_question_desc/sm; 
<script type="text/javascript" language="JavaScript">     } 
<!--  
     $yymain .= $myreminder_endform;
     $yymain .= qq~
  <script type="text/javascript">
   document.reminder.user.focus();    document.reminder.user.focus();
   
   function CheckReminderField() {    function CheckReminderField() {
       if (document.reminder.user.value == '') {        if (document.reminder.user.value == '') {
           alert("$loginout_txt{'error_user_info'}");            alert("$loginout_txt{'error_user_info'}");
           document.reminder.user.focus();            document.reminder.user.focus();
       return false;            return false;
       }         }~ . 
   
       (
         $regcheck
         ? qq~
         if (document.reminder.verification.value == '') {
             alert("$loginout_txt{'error_verification'}");
             document.reminder.verification.focus();
             return false;
         }~
         : q{}
       )
       .
   
       (
         $spam_questions_send && -e "$langdir/$language/spam.questions" 
         ? qq~
         if (document.reminder.verification_question.value == '') {
             alert("$loginout_txt{'error_verification_question'}");
             document.reminder.verification_question.focus();
             return false;
         }~
         : q{}
       )
   
       . q~
       return true;        return true;
   }    }
//-->  </script> 
</script> <br /><br /> <br /><br />
~; ~;
   
   $yytitle = $loginout_txt{'669'};    $yytitle      = $loginout_txt{'669'};
   $yynavigation = qq~&rsaquo; $loginout_txt{'669'}~;    $yynavigation = qq~&rsaquo; $loginout_txt{'669'}~;
   &template;     template(); 
     return;
} }
   
sub Reminder2 { sub Reminder2 {
   if (!$FORM{'user'}) { &fatal_error("", "$loginout_txt{'error_user_info'}"); }     if ( !$FORM{'user'} ) { 
   # generate random ID for password reset.         fatal_error( q{}, "$loginout_txt{'error_user_info'}" ); 
   if (!$iamguest && $sessionvalid == 1) { &fatal_error("logged_in_already",$username); }    }
   my $randid = &keygen(8,"A");  
   
   if ($regcheck) {  
       &validation_check($FORM{'verification'});  
   }  
   
   my $user = $FORM{'user'};  
   $user =~ s/\s/_/g;  
   
   if (!-e "$memberdir/$user.vars"){  
       $test_id = &MemberIndex("who_is", $FORM{'user'});  
       if ($test_id) { $user = $test_id; }  
       else { &fatal_error("", "$loginout_txt{'no_user_info_exists'}"); }  
   }  
   
   # Fix to make it load in their own language  
   &LoadUser($user);  
   &fatal_error("corrupt_member_file") if !${$uid.$user}{'email'};  
   
   $username = $user;  
   &WhatLanguage;  
   &LoadLanguage('LogInOut');  
   &LoadLanguage('Email');  
   undef $username;  
   
   $userfound = 0;  
   
   if (-e "$memberdir/forgotten.passes") {  
       require "$memberdir/forgotten.passes";  
   }  
   if (exists $pass{$user}) { delete $pass{$user}; }  
   $pass{"$user"} = $randid;  
   
   fopen(FILE, ">$memberdir/forgotten.passes") || &fatal_error("cannot_open","$memberdir/forgotten.passes", 1);  
   while (($key, $value) = each(%pass)) {  
       print FILE qq~\$pass{"$key"} = '$value';\n~;  
   }  
   print FILE "1;";  
   fclose(FILE);  
   
   $subject = "$loginout_txt{'36'} $mbname: ${$uid.$user}{'realname'}";  
   if($do_scramble_id){$cryptusername = &cloak($user);} else {$cryptusername = $user; }  
   require "$sourcedir/Mailer.pl";  
   &LoadLanguage('Email');  
   my $message = &template_email($passwordreminderemail, {'displayname' => ${$uid.$user}{'realname'}, 'cryptusername' => $cryptusername, 'remindercode' => $randid});  
   &sendmail(${$uid.$user}{'email'}, $subject, $message);  
   
   $yymain .= qq~<br /><br />  
<table border="0" width="400" cellspacing="1" cellpadding="3" align="center" class="bordercolor">  
   <tr>  
   <td class="titlebg">  
   <span class="text1"><b>$mbname $loginout_txt{'36'} $loginout_txt{'194'}</b></span>  
   </td>  
   </tr><tr>  
    <td class="windowbg" align="center">  
   <b>$loginout_txt{'192'} $FORM{'user'}</b></td>  
     </tr>  
</table>  
<br /><p align="center"><a href="$scripturl">$maintxt{'go_to_board'}</a></p><br />  
   
~;     if ( !$iamguest && $sessionvalid == 1 && !$iamadmin ) { 
   $yytitle = "$loginout_txt{'669'}";         fatal_error( 'logged_in_already', $username ); 
   &template;     } 
   
     # generate random ID for password reset.
     my $randid = keygen( 8, 'A' );
   
     if ( $regcheck && !$iamadmin ) {
         validation_check( $FORM{'verification'} );
     }
     if ( $spam_questions_send && -e "$langdir/$language/spam.questions" ) {
         SpamQuestionCheck( $FORM{'verification_question'},
             $FORM{'verification_question_id'} );
     }
   
     my $user = $FORM{'user'};
     $user =~ s/\s/_/gxsm;
   
     if ( !-e "$memberdir/$user.vars" ) {
         $test_id = MemberIndex( 'who_is', $FORM{'user'} );
         if ($test_id) { $user = $test_id; }
         else { fatal_error( q{}, "$loginout_txt{'no_user_info_exists'}" ); }
     }
   
     # Fix to make it load in their own language
     LoadUser($user);
     if ( !${ $uid . $user }{'email'} ) { fatal_error('corrupt_member_file'); }
   
     $username = $user;
     WhatLanguage();
     LoadLanguage('LogInOut');
     LoadLanguage('Email');
     undef $username;
   
     $userfound = 0;
   
     if ( -e "$memberdir/forgotten.passes" ) {
         require "$memberdir/forgotten.passes";
     }
     if ( exists $pass{$user} ) { delete $pass{$user}; }
     $pass{"$user"} = $randid;
   
     fopen( FILE, ">$memberdir/forgotten.passes" )
       or fatal_error( 'cannot_open', "$memberdir/forgotten.passes", 1 );
     while ( ( $key, $value ) = each %pass ) {
         print {FILE} qq~\$pass{'$key'} = '$value';\n~
           or croak "$croak{'print'} forgotten.passes";
     }
     print {FILE} '1;' or croak "$croak{'print'} forgotten.passes";
     fclose(FILE);
   
     $subject = "$mbname $loginout_txt{'36b'}: ${$uid.$user}{'realname'}";
     if   ($do_scramble_id) { $cryptusername = cloak($user); }
     else                   { $cryptusername = $user; }
     require Sources::Mailer;
     LoadLanguage('Email');
     my $message = template_email(
         $passwordreminderemail,
         {
             'displayname'   => ${ $uid . $user }{'realname'},
             'cryptusername' => $cryptusername,
             'remindercode'  => $randid
         }
     );
     sendmail( ${ $uid . $user }{'email'}, $subject, $message );
     get_template('Loginout');
   
     $yymain .= $myreminder2;
     $yymain =~ s/{yabb mbname}/$mbname/sm;
     $yymain =~ s/{yabb forum_user}/$FORM{'user'}/sm;
   
     $yytitle = "$loginout_txt{'669'}";
     template();
     return;
} }
   
sub Reminder3 { sub Reminder3 {
   $id   = $INFO{'ID'};    $id = $INFO{'ID'};
   if($do_scramble_id){$user = &decloak($INFO{'user'});} else { $user = $INFO{'user'};}     if   ($do_scramble_id) { $user = decloak( $INFO{'user'} ); } 
     else                   { $user = $INFO{'user'}; }
   
     if ( $id !~ /[a-zA-Z0-9]+/xsm ) {
         fatal_error( 'invalid_character', "ID $loginout_txt{'241'}" );
     }
     if ( $user =~ /[^\w#\%\+\-\.\@\^]/xsm ) {
         fatal_error( 'invalid_character', "User $loginout_txt{'241'}" );
     }
   
   if ($id !~ /[a-zA-Z0-9]+/) { &fatal_error("invalid_character","ID $loginout_txt{'241'}"); }     # generate a new random password as the old one is one-way encrypted. 
   if ($user =~ /[^\w#\%\+\-\.\@\^]/) { &fatal_error("invalid_character","User $loginout_txt{'241'}"); }     @chararray = 
       qw(0 1 2 3 4 5 6 7 8 9 a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z);
     my $newpassword;
     for my $i ( 0 .. 7 ) {
         $newpassword .= $chararray[ int rand 61 ];
     }
   
     # load old userdata
     LoadUser($user);
   
     # update forgotten passwords database
     require "$memberdir/forgotten.passes";
     if ( $pass{$user} ne $id ) { fatal_error('wrong_id'); }
     delete $pass{$user};
     fopen( FORGOTTEN, ">$memberdir/forgotten.passes" )
       or fatal_error( 'cannot_open', "$memberdir/forgotten.passes", 1 );
     while ( ( $key, $value ) = each %pass ) {
         print {FORGOTTEN} qq~\$pass{'$key'} = '$value';\n~
           or croak "$croak{'print'} FORGOTTEN";
     }
     print {FORGOTTEN} "\n1;" or croak "$croak{'print'} FORGOTTEN";
     fclose(FORGOTTEN);
   
   # generate a new random password as the old one is one-way encrypted.     # add newly generated password to user data 
   @chararray = qw(0 1 2 3 4 5 6 7 8 9 a b c d e f g h i j k l m n o p q r s t u v w x y z A B C D E F G H I J K L M N O P Q R S T U V W X Y Z);     ${ $uid . $user }{'password'} = encode_password($newpassword); 
   my $newpassword;     UserAccount( $user, 'update' ); 
   for (my $i; $i < 8; $i++) {  
       $newpassword .= $chararray[int(rand(61))];     $FORM{'username'}     = $user; 
   }     $FORM{'passwrd'}      = $newpassword; 
     $FORM{'cookielength'} = 10;
   # load old userdata     $FORM{'sredir'} = 
   &LoadUser($user);  qq*action~profileCheck2;redir~myprofile;username~$INFO{'user'};passwrd~$newpassword;newpassword~1*; 
     Login2();
   # update forgotten passwords database     return; 
   require "$memberdir/forgotten.passes";  
   if ($pass{$user} ne $id) { &fatal_error("wrong_id"); }  
   delete $pass{$user};  
   fopen(FORGOTTEN, ">$memberdir/forgotten.passes") || &fatal_error("cannot_open","$memberdir/forgotten.passes", 1);  
   while (($key, $value) = each(%pass)) {  
       print FORGOTTEN qq~\$pass{"$key"} = '$value';\n~;  
   }  
   print FORGOTTEN "\n1;";  
   fclose(FORGOTTEN);  
   
   # add newly generated password to user data  
   ${$uid.$user}{'password'} = &encode_password($newpassword);  
   &UserAccount($user, "update");  
   
   $FORM{'username'} = $user;  
   $FORM{'passwrd'} = $newpassword;  
   $FORM{'cookielength'} = 10;  
   $FORM{'sredir'} = qq*action~profileCheck2;redir~myprofile;username~$INFO{'user'};passwrd~$newpassword;newpassword~1*;  
   &Login2;  
} }
   
sub InMaintenance { sub InMaintenance {
   if ($maintenancetext ne "") { $maintxt{'157'} = $maintenancetext; }    if ( $maintenancetext ne q{} ) { $maintxt{'157'} = $maintenancetext; }
   $sharedLogin_title = "$maintxt{'114'}";    $sharedLogin_title = "$maintxt{'114'}";
   $sharedLogin_text  = "<b>$maintxt{'156'}</b><br />$maintxt{'157'}";    $sharedLogin_text  = "<b>$maintxt{'156'}</b><br />$maintxt{'157'}";
   $yymain .= &sharedLogin;     $yymain .= sharedLogin(); 
   $yytitle = "$maintxt{'155'}";    $yytitle = "$maintxt{'155'}";
   &template;     template(); 
     return;
} }
   
1; 1;