"1.png", "code"=>"fdmze"); $mwh_capt[2] = array ("bild"=>"2.png", "code"=>"pmder"); $mwh_capt[3] = array ("bild"=>"3.png", "code"=>"at4u2"); $korrekt_cp = false; foreach ($mwh_capt as $wert) { if ($ccode == $wert['code']) { $korrekt_cp = true; break; } } if ($ccode == "" || $korrekt_cp == false) {UhOh("Sie müssen die Zeichen der Grafik korrekt eingeben!");} // ENDE - Ă„nderungen medienwerk 12.4.2009 if ($username == "") {UhOh($txt['errNoUsername']);} if ($password == "") {UhOh($txt['errNoPassword']);} if ($email == "") {UhOh($txt['errNoEmail']);} if ($password != $password2) {UhOh($txt['errPasswordMismatch']);} if ((strlen($username) > 25) || (strlen($username) < 4)) {UhOh($txt['errUsernameLength']);} if ((strlen($password) > 15) || (strlen($password) < 4)) {UhOh($txt['errPasswordLength']);} if ((strlen($email) > 50) || (strlen($email) < 5)) {UhOh($txt['errEmailLength']);} if (!(eregi("^[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,3}$",$email))) {UhOh($txt['errInvalidEmail']);} if (HasSpecialChar($username)) {UhOh($txt['errUsernameFormat']);} if (HasSpecialChar($password)) {UhOh($txt['errBadPassword']);} $query = "SELECT count(*) from t_users WHERE UserName ='".$username."'"; $result = mysql_query($query); $row = mysql_fetch_row($result); if ($row[0] >= 1) { UhOh($txt['errUsernameTaken']);} $query = "SELECT count(*) from t_users WHERE Email ='".$email."'"; $result = mysql_query($query); $row = mysql_fetch_row($result); if ($row[0] >= 1) { UhOh($txt['errEmailTaken']);} } function EditProfile() { global $username,$password,$newpassword,$email,$homepage,$icqnumber,$aolhandle,$yahoohandle,$signature,$savepass,$txt,$timezone; ParseEditProfForm(); $UserInfo = GrabUserInfo($username); $ID = $UserInfo['ID']; $newpassword = htmlspecialchars($newpassword); $email = htmlspecialchars($email); $homepage = htmlspecialchars($homepage); $icqnumber = htmlspecialchars($icqnumber); $aolhandle = htmlspecialchars($aolhandle); $yahoohandle = htmlspecialchars($yahoohandle); $signature = addslashes($signature); $savepass = htmlspecialchars($savepass); if ($newpassword) $query = "UPDATE t_users SET Password='$newpassword',Email='$email',Homepage='$homepage',ICQNumber='$icqnumber',YahooHandle='$yahoohandle',AOLHandle='$aolhandle',Signature='$signature',SavePass='$savepass',timezone='$timezone' WHERE ID = '$ID'"; else $query = "UPDATE t_users SET Email='$email',Homepage='$homepage',ICQNumber='$icqnumber',YahooHandle='$yahoohandle',AOLHandle='$aolhandle',Signature='$signature',SavePass='$savepass',timezone='$timezone' WHERE ID = '$ID'"; $result = mysql_query($query); if ($result) { CookieStuff(0,$username,$newpassword); fHeader(); echo $txt['ProfileEdited']; } else {fHeader();UhOh(mysql_error());} } function ParseEditProfForm() { global $username,$password,$newpassword,$newpassword2,$email,$txt; if (CheckPassword($username,$password) != 1) {fHeader();UhOh($txt['errInvalidUser']);} if ($email == "") {UhOh(errNoEmail);} if (($newpassword) || ($newpassword2)) { if ($newpassword != $newpassword2) {fHeader();UhOh($txt['errPasswordMismatch2']);} if ((strlen($newpassword) > 15) || (strlen($newpassword) < 4)) {fHeader();UhOh($txt['errPasswordLength']);} if (HasSpecialChar($newpassword)) {fHeader();UhOh($txt['errBadPassword']);} } if ((strlen($email) > 50) || (strlen($email) < 4)) {UhOh($txt['errEmailLength']);} if (!(eregi("^[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,3}$",$email))) {fHeader();UhOh($txt['errInvalidEmail']);} $query = "SELECT count(*) from t_users WHERE Email ='".$email."'"; $result = mysql_query($query); $row = mysql_fetch_row($result); if ($row[0] >= 2) {fHeader();UhOh($txt['errUsernameTaken']);} } function Login() { // global $username,$password,$url,$txt; $username = $GLOBALS['username']; $password = $GLOBALS['password']; $url = $GLOBALS['url']; $txt = $GLOBALS['txt']; if (HasSpecialChar($username)) {fHeader();UhOh($txt['errInvalidUser']);} if (HasSpecialChar($password)) {fHeader();UhOh($txt['errInvalidUser']);} if (CheckPassword($username,$password)) { $query = "SELECT SavePass from t_users WHERE UserName = '$username'"; $result = mysql_query($query); $row = mysql_fetch_row($result); if ($row[0] == 'yes') CookieStuff(time()+30240000,$username,$password); else CookieStuff(0,$username,$password); $now = time(); $query = "UPDATE t_users SET LastActive=$now WHERE UserName LIKE '$username'"; mysql_query($query) || die("Can't update user info. Reason: ".mysql_error()); Redirect("Login success! You're now being redirected to the location you were at. If you don't want to wait, please click here",$url); } else {fHeader();UhOh($txt['errInvalidUser']);} } function Logout() { global $url; CookieStuff(0,"Guest",""); Redirect("Logout success! You're now being redirected to the location you were at. If you don't want to wait, please click here",$url); } function SendMail() { $fSettings = $GLOBALS['fSettings']; $Action = $GLOBALS['Action']; $username = $GLOBALS['username']; $password = $GLOBALS['password']; $subject = $GLOBALS['subject']; $message = $GLOBALS['message']; $TopicID = $GLOBALS['TopicID']; $Destination = $GLOBALS['Destination']; $txt = $GLOBALS['txt']; if ($username == "") {fHeader();UhOh($txt['errNeedUsername']);} if ($message == "") {fHeader();UhOh($txt['errEmptyMessage']);} if ($Destination == "") {fHeader();UhOh($txt['errNoRecipient']);} if ((strlen($username) > 25) || (strlen($username) < 4)) {fHeader();UhOh($txt['errPasswordLength']);} if ((strlen($Destination) > 25) || (strlen($Destination) < 4)) {fHeader();UhOh($txt['errBadDestEmail']);} if (HasSpecialChar($username)) {fHeader();UhOh($txt['errBadPassword']);} if (HasSpecialChar($Destination)) {fHeader();UhOh($txt['errBadDestEmail']);} if (CheckPassword($username,$password) != 1) { fHeader(); UhOh($txt['errInvalidUser']); } else { $query = "SELECT Password,SavePass from t_users WHERE UserName = '$username'"; $result = mysql_query($query); $row = mysql_fetch_array($result); if ($row["SavePass"] == 'yes') CookieStuff(time()+30240000,$username,$row["Password"]); else CookieStuff(0,$username,$row["Password"]); mysql_query($query); } $subject = htmlspecialchars($subject); $subject = stripslashes($subject); $message = stripslashes($message); $FromUser = GrabUserInfo($username); $ToUser = GrabUserInfo($Destination); mail($ToUser["UserName"]." <".$ToUser["Email"].">", $subject, $message, "From: ".$FromUser["UserName"]." <".$FromUser["Email"].">"); $prevlink = $fSettings["ScriptURL"]."/member.php?Action=viewprofile&username=".rawurlencode($username); Redirect("Your email has been sent. You're now being redirected to the location you were at. If you don't want to wait, please click here",$prevlink); } function SendPassword() { global $fSettings,$username,$txt; if ($username == "") {fHeader();UhOh($txt['errNoUsername']);} if (HasSpecialChar($username)) {fHeader();UhOh($txt['errUsernameFormat']);} $query = "SELECT Password from t_users WHERE UserName = '$username'"; $result = mysql_query($query); $row = mysql_fetch_array($result); if (!$row) {fHeader();UhOh($txt['errInvalidUser']);} $subject = "tForum Password Retrieval"; $message = "You or someone else has filled out the lost password form for tForum at: ".$fSettings["ScriptURL"]."/index.php.\n\nYour password is: ".$row["Password"]; $ToUser = GrabUserInfo($username); mail($ToUser["UserName"]." <".$ToUser["Email"].">", $subject, $message, "From: tForum Admin <".$fSettings["Email"].">"); $prevlink = $fSettings["ScriptURL"]."/index.php"; Redirect("Your password has been sent. You're now being redirected to the main forum. If you don't want to wait, please click here",$prevlink); } if (isset($_GET['username'])&&$_GET['username']!="") { $username=$_GET['username']; } if (isset($_POST['username'])&&$_POST['username']!="") { $username=$_POST['username']; } if (isset($_POST['password'])&&$_POST['password']!="") { $password=$_POST['password']; } if (isset($_POST['password2'])&&$_POST['password2']!="") { $password2=$_POST['password2']; } if (isset($_POST['url'])&&$_POST['url']!="") { $url=$_POST['url']; } if (isset($_POST['username'])&&$_POST['username']!="") { $username=$_POST['username']; } if (isset($_POST['ccode'])&&$_POST['ccode']!="") { $ccode=$_POST['ccode']; } if (isset($_POST['email'])&&$_POST['email']!="") { $email=$_POST['email']; } if (isset($_POST['timezone'])&&$_POST['timezone']!="") { $timezone=$_POST['timezone']; } if (empty($_GET['Action']) && empty($_Post['Action'])) $Action = ""; if (isset($_POST['Action'])&&$_POST['Action']!="") { $Action=$_POST['Action']; } if (isset($_GET['Action'])&&$_GET['Action']!="") { $Action=$_GET['Action']; } switch ($Action) { case "Register": fHeader(); PrintRegForm(); fFooter(); break; case "AddMember": fHeader(); AddMember(); fFooter(); break; case "Login": Login(); break; case "Logout": Logout(); break; case "viewprofile": fHeader(); ViewProfile(); fFooter(); break; case "editprofile": fHeader(); PrintEditProfile(); fFooter(); break; case "editprofile2": EditProfile(); fFooter(); break; case "email": fHeader(); PrintMailForm(); fFooter(); break; case "SendMail": SendMail(); break; case "lostpassword": fHeader(); PrintSendPasswordForm(); fFooter(); break; case "SendPassword": SendPassword(); break; default: fHeader(); UhOh("Nothing specified!"); } ?>