{$ax['log_new_reg']}:


{$ax['log_un']}:{$uName}
{$ax['log_em']}:{$eMail}
{$ax['log_date_time']}:".IDtoDD(date('Y-m-d'))." {$ax['at_time']} ".ITtoDT(date("H:i"))."
"; //send email $result = sendEml($subject,$msgBody,$set['calendarEmail'],1,0,0); return $result; } $user = array(); $xCode = isset($_POST['xCode']) ? $_POST['xCode'] : ''; $user['ID'] = isset($_POST['ID']) ? $_POST['ID'] : ''; $user['un_em'] = isset($_POST['un_em']) ? $_POST['un_em'] : ''; $user['name'] = isset($_POST['uname']) ? $_POST['uname'] : ''; $user['pword'] = isset($_POST['pword']) ? $_POST['pword'] : ''; $user['pword2'] = isset($_POST['pword2']) ? $_POST['pword2'] : ''; $user['email'] = isset($_POST['email']) ? $_POST['email'] : ''; $user['phone'] = isset($_POST['phone']) ? preg_replace("%[\s\\/-]%",'',$_POST['phone']) : ''; $user['usrNr'] = isset($_POST['usrNr']) ? $_POST['usrNr'] : ''; $user['lang'] = isset($_POST['lang']) ? $_POST['lang'] : $set['language']; $cookie = empty($_POST['cookie']) ? '0' : '1'; function loginUser(&$user,$chg) { //login user global $ax, $xCode, $cookie, $nowTS; $msg = ''; do { if (!$user['un_em']) { $msg = $ax['log_no_un_em']; break; } if (!$user['pword']) { $msg = $ax['log_no_pw']; break; } if (!$xCode OR $xCode > $nowTS OR $xCode < $nowTS-300) { $msg = $ax['log_time_out']; break; } $md5Pw = md5($user['pword']); $stH = stPrep("SELECT u.`ID`,u.`password`,u.`tPassword`,u.`language`,g.`privs` FROM `users` AS u INNER JOIN `groups` AS g ON g.`ID` = u.`groupID` WHERE (u.`name` = ? OR `email` = ?) AND (`password` = ? OR `tPassword` = ?) AND u.`status` >= 0"); stExec($stH,array($user['un_em'],$user['un_em'],$md5Pw,$md5Pw)); $row = $stH->fetch(PDO::FETCH_ASSOC); //fetch user details $stH = null; if (!$row) { $msg = $ax['log_un_em_pw_invalid']; break; } $user['ID'] = $row['ID']; if (!$chg) { //login and start calendar if ($row['privs'] < 1) { $msg = $ax['log_no_rights']; break; } if ($row['tPassword']) { //temp password set $stH = stPrep("UPDATE `users` SET `password` = ?,`tPassword` = ? WHERE `ID` = ?"); stExec($stH,array($md5Pw,'',$row['ID'])); } $_SESSION['cL'] = $row['language']; //set cL to user language echo "\n"; //goto default page } } while (false); return $msg; } function registerUser(&$user) { //register user global $ax, $set, $rxEmail, $xCode, $nowTS; $msg = ''; do { if (!$xCode OR $xCode > $nowTS OR $xCode < $nowTS-300) { $msg = $ax['log_time_out']; break; } if (!$user['name']) { $msg = $ax['log_no_un']; break; } if (!$user['email']) { $msg = $ax['log_no_em']; break; } if (!preg_match("/^[\w\s\._-]{2,}$/u", $user['name'])) { $msg = $ax['log_un_invalid']; break; } if (!preg_match($rxEmail,$user['email'])) { $msg = $ax['log_em_invalid']; break; } if ($user['phone'] and !preg_match("/^\+?[\d]{4,19}$/",$user['phone'])) { $msg = $ax['log_ph_invalid']; break; } $stH = stPrep("SELECT `name` FROM `users` WHERE `name` = ? AND `status` >= 0"); stExec($stH,array($user['name'])); if ($stH->fetchAll()) { $msg = $ax['log_un_exists']; break; } //un already exists $stH = stPrep("SELECT `email` FROM `users` WHERE `email` = ? AND `status` >= 0"); stExec($stH,array($user['email'])); if ($stH->fetchAll()) { $msg = $ax['log_em_exists']; break; } //em already exists $newPw = substr(md5($user['name'].microtime()), 0, 8); $stH = stPrep("INSERT INTO `users` (`name`,`password`,`email`,`phone`,`number`,`groupID`,`language`) VALUES (?,?,?,?,?,?,?)"); stExec($stH,array($user['name'],md5($newPw),$user['email'],$user['phone'],$user['usrNr'],$set['selfRegGrp'],$user['lang'])); $stH = null; $msgBody = "

{$ax['log_pw_msg']}: {$set['calendarTitle']}:


{$ax['log_un']}: {$user['name']} {$ax['or']} {$ax['log_em']}: {$user['email']}

{$ax['log_pw']}: {$newPw}

"; $result = sendEml($ax['log_pw_subject'],$msgBody,$user['email'],1,0,0); //send email $user['un_em'] = $user['name']; //save for login if (!$result) { $msg = $ax['log_em_problem_not_sent']; } if ($set['selfRegNot']) { $result = notifyReg($user['name'],$user['email']); if (!$result and empty($msg)) { $msg = $ax['log_em_problem_not_noti']; } } } while (false); return $msg; } function changeUser($user) { //change user data global $ax, $rxEmail, $xCode, $nowTS; $msg = ''; $lNewPw = isset($_POST["lNewPw"]) ? trim($_POST["lNewPw"]) : ''; do { if (!$xCode OR $xCode > $nowTS OR $xCode < $nowTS-300) { $msg = $ax['log_time_out']; break; } if (!$user['name']) { $msg = $ax['log_no_un_em']; break; } if (!preg_match("~^[\w\s-.]{2,}$~", $user['name'])) { $msg = $ax['log_un_invalid']; break; } if (!preg_match($rxEmail,$user['email'])) { $msg = $ax['log_em_invalid']; break; } if ($user['phone'] and !preg_match("~^\+?[\d]{4,19}$~",$user['phone'])) { $msg = $ax['log_ph_invalid']; break; } if ($user['pword'] != $user['pword2']) { $msg = $ax['log_pw_error']; break; } $stH = stPrep("SELECT `name`,`email` FROM `users` WHERE `ID` = ?"); stExec($stH,array($user['ID'])); $row = $stH->fetch(PDO::FETCH_NUM); //fetch user details $stH = null; if (!$row) { $msg = $ax['log_un_em_pw_invalid']; break; } list($name,$email) = $row; if ($name != $user['name']) { //username changed $stH = stPrep("SELECT `ID` FROM `users` WHERE `ID` != ? AND `name` = ? AND `status` >= 0"); stExec($stH,array($user['ID'],$user['name'])); if ($stH->fetchAll()) { $msg = $ax['log_new_un_exists']; break; } //un already exists } if ($email != $user['email']) { //email changed $stH = stPrep("SELECT `ID` FROM `users` WHERE `ID` != ? AND `email` = ? AND `status` >= 0"); stExec($stH,array($user['ID'],$user['email'])); if ($stH->fetchAll()) { $msg = $ax['log_new_em_exists']; break; } //em already exists } $stH = stPrep("UPDATE `users` SET `name` = ?,`email` = ?,`phone` = ?,`number` = ?,`language` = ? WHERE `ID` = ?"); stExec($stH,array($user['name'],$user['email'],$user['phone'],$user['usrNr'],$user['lang'],$user['ID'])); if ($user['pword']) { $md5Pw = md5($user['pword']); $stH = stPrep("UPDATE `users` SET `password` = ? WHERE `ID` = ?"); stExec($stH,array($md5Pw,$user['ID'])); } $_SESSION['cL'] = $user['lang']; //set cL to selected language } while (false); return $msg; } function sendNewPw($user) { //send new password global $ax, $set; $msg = ''; do { if (!$user['un_em']) { $msg = $ax['log_no_un_em']; break; } $stH = stPrep("SELECT `name`,`email` FROM `users` WHERE (`name` = ? OR `email` = ?) AND `status` >= 0"); stExec($stH,array($user['un_em'],$user['un_em'])); $row = $stH->fetch(PDO::FETCH_ASSOC); //fetch user details $stH = null; if (!$row) { $msg = $ax['log_un_em_invalid']; break; } $sendto = $row['email']; $uname = $row['name']; $newPw = substr(md5($user['un_em'].microtime()),0,8); $cryptpw = md5($newPw); $stH = stPrep("UPDATE `users` SET `tPassword` = ? WHERE `name` = ? OR `email` = ?"); stExec($stH,array(md5($newPw),$user['un_em'],$user['un_em'])); $msgBody = "

{$ax['log_pw_msg']}: {$set['calendarTitle']}:


{$ax['log_un']}: {$uname} {$ax['or']} {$ax['log_em']}: {$sendto}

{$ax['log_pw']}: {$newPw}

"; $result = sendEml($ax['log_npw_subject'],$msgBody,$sendto,1,0,0); //send email if (!$result) { $msg = $ax['log_em_problem_not_sent']; } } while (false); return $msg; } function loginForm($user) { //send new password global $calID, $ax, $set, $lcI, $nowTS; if (!empty($user['name'])) { $user['un_em'] = $user['name']; } echo "{$ax['log_log_in']}
{$ax['log_un_or_em']}


{$ax['log_pw']}






   \n"; if ($set['selfReg']) { echo "

\n"; } echo "
\n"; } function registerForm($user) { //register form global $ax, $lcI, $nowTS; if ($user['un_em']) { if (strpos($user['un_em'],'@')) { $user['email'] = $user['un_em']; } else { $user['name'] = $user['un_em']; } } echo "{$ax['log_register']}
{$ax['log_un']}*


{$ax['log_em']}*


{$ax['log_ph']}


{$ax['log_nr']}


{$ax['log_ui_language']}  

\n"; } function changeForm($user) { //change my data global $ax, $lcI, $nowTS; $stH = stPrep("SELECT `ID`,`name`,`email`,`phone`,`number`,`language` FROM `users` WHERE `ID` = ?"); stExec($stH,array($user['ID'])); $row = $stH->fetch(PDO::FETCH_ASSOC); //fetch user details $stH = null; echo "{$ax['log_change_my_data']}
{$ax['log_un']}*


{$ax['log_em']}*


{$ax['log_ph']}


{$ax['log_nr']}


{$ax['log_ui_language']}  

{$ax['log_new_pw']}


{$ax['log_con_pw']}


\n"; } //control logic $msg = ''; $class = 'error'; $action = isset($_POST['action']) ? $_POST['action'] : ''; switch ($action) { case "logExe": //login $msg = loginUser($user,0); $action = 'back'; break; case "logChg": //login user to change data $msg = loginUser($user,1); $action = !$msg ? 'chg' : 'back'; break; case "logSpw": //send new password $msg = sendNewPw($user); if (!$msg) { $msg = $ax['log_npw_sent']; $class == 'confirm'; } $action = 'back'; break; case "rgrExe": //register $msg = registerUser($user); if (!$msg) { $msg = $ax['log_registered']; $class == 'confirm'; } $action = 'rgr'; //register form break; case "chgExe": //change data $msg = changeUser($user); if (!$msg) { $msg = $ax['usr_updated']; $class == 'confirm';} $action = 'chg'; break; } //display form echo "

{$msg}


\n"; echo "
\n
\n
\n"; if (!$action or $action == 'back') { //login form $msg = loginForm($user); } elseif ($action == 'rgr') { //register form $msg = registerForm($user); } elseif ($action == 'chg') { //change data form $msg = changeForm($user); } echo "
\n
\n
\n"; echo ''."\n"; ?>