forked from Kliqqi-CMS/Kliqqi-CMS
-
Notifications
You must be signed in to change notification settings - Fork 0
/
validation.php
63 lines (53 loc) · 2.47 KB
/
validation.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
<?php
include_once('internal/Smarty.class.php');
$main_smarty = new Smarty;
include('config.php');
include(mnminclude.'html1.php');
include(mnminclude.'link.php');
include(mnminclude.'smartyvariables.php');
// Get values from the end user
$rcode=$db->escape(trim($_GET['code']));
$username=$db->escape(trim($_GET['uid']));
// Retrieve values from database
$user=("SELECT user_email, user_pass, user_karma, user_lastlogin FROM " . table_users . " WHERE user_login = '$username'");
global $db;
$result = $db->get_row ($user);
if($result)
if($_GET['email'])
$decode=md5($_GET['email'] . $result->user_karma . $username. pligg_hash().$main_smarty->get_config_vars('PLIGG_Visual_Name'));
else
$decode=md5($result->user_email . $result->user_karma . $username. pligg_hash().$main_smarty->get_config_vars('PLIGG_Visual_Name'));
else
$main_smarty->assign('error', $main_smarty->get_config_vars('PLIGG_Validation_No_Results'));
// Compare values
if($rcode==$decode)
{
$lastlogin = $db->get_var("SELECT user_lastlogin FROM " . table_users . " WHERE user_login = '$username'");
if($lastlogin == "0000-00-00 00:00:00"){
$login_url=getmyurl("loginNoVar");
$message = sprintf($main_smarty->get_config_vars('PLIGG_Validation_Message'),$login_url);
$main_smarty->assign('message', $message);
$sql="UPDATE " . table_users . " SET user_lastlogin = now() WHERE user_login='$username'";
if(!@mysql_query($sql))
$main_smarty->assign('error', $main_smarty->get_config_vars('PLIGG_Validation_Mysql_Error'));
}
elseif($_GET['email'] && $_GET['email']!=$result->user_email)
{
$login_url=getmyurl("loginNoVar");
$message = sprintf($main_smarty->get_config_vars('PLIGG_Validation_Message'),$login_url);
$main_smarty->assign('message', $message);
$sql="UPDATE " . table_users . " SET user_email = '".mysql_real_escape_string($_GET['email'])."' WHERE user_login='$username'";
if(!@mysql_query($sql))
$main_smarty->assign('error', $main_smarty->get_config_vars('PLIGG_Validation_Mysql_Error'));
}
else
$main_smarty->assign('error', $main_smarty->get_config_vars('PLIGG_Validation_Already_Activated'));
}
else
$main_smarty->assign('error', $main_smarty->get_config_vars('PLIGG_Validation_Invalid_Code'));
define('pagename', 'validation');
$main_smarty->assign('pagename', pagename);
do_sidebar($main_smarty);
$main_smarty->assign('tpl_center', $the_template . '/user_validation_center');
$main_smarty->display($the_template . '/pligg.tpl');
?>