about summary refs log tree commit diff stats
path: root/central/trunk/includes/instadisc.php
diff options
context:
space:
mode:
Diffstat (limited to 'central/trunk/includes/instadisc.php')
-rw-r--r--central/trunk/includes/instadisc.php108
1 files changed, 3 insertions, 105 deletions
diff --git a/central/trunk/includes/instadisc.php b/central/trunk/includes/instadisc.php index 1f40b7a..320ff80 100644 --- a/central/trunk/includes/instadisc.php +++ b/central/trunk/includes/instadisc.php
@@ -3,7 +3,6 @@
3/* InstaDisc Server - A Four Island Project */ 3/* InstaDisc Server - A Four Island Project */
4 4
5include_once('includes/db.php'); 5include_once('includes/db.php');
6include_once('includes/class.phpmailer.php');
7 6
8function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField) 7function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField)
9{ 8{
@@ -99,111 +98,10 @@ function instaDisc_addItem($username, $subscription, $title, $author, $url, $sem
99 } 98 }
100} 99}
101 100
102function instaDisc_phpMailer() 101function instaDisc_createUser($username, $password, $email)
103{ 102{
104 $mail = new PHPMailer(); 103 $insuser = "INSERT INTO users (username, password, email) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($password) . "\", \"" . mysql_real_escape_string($email) . "\")";
105 $mail->IsSMTP(); 104 $insuser2 = mysql_query($insuser);
106 $mail->From = 'instadisc@' . instaDisc_getConfig('mailDomain');
107 $mail->FromName = 'InstaDisc';
108 $mail->Host = instaDisc_getConfig('smtpHost');
109 if (instaDisc_getConfig('smtpAuth') == 'true')
110 {
111 $mail->SMTPAuth = true;
112 $mail->Username = instaDisc_getConfig('smtpUser');
113 $mail->Password = instaDisc_getConfig('smtpPass');
114 }
115 $mail->Helo = $_SERVER['SERVER_NAME'];
116 $mail->ClearAddresses();
117
118 return $mail;
119}
120
121function instaDisc_sendActivationEmail($username, $password, $email)
122{
123 $penKey = md5(rand(1,2147483647));
124
125 $inspending = "INSERT INTO pending (username, password, email, code) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string(md5($password)) . "\", \"" . mysql_real_escape_string($email) . "\", \"" . mysql_real_escape_string($penKey) . "\")";
126 $inspending2 = mysql_query($inspending);
127
128 $mail = instaDisc_phpMailer();
129 $mail->AddAddress($email, $username);
130 $mail->Subject = 'InstaDisc Account Verification';
131 $mail->Body = "Hello, someone has recently registered an account at " . $_SERVER['SERVER_NAME'] . " with your email address. If that was you, and your chosen username IS " . $username . ", then copy the account verification code below to our Account Verification page, enter your username and press Activate!\r\n\r\n" . $penKey . "\r\n\r\nIf that was not you, copy the above code to our Account Verification page, enter the above username, and click Delete.";
132 $mail->Send();
133
134 return ($mail->IsError() ? $mail->ErrorInfo : true);
135}
136
137function instaDisc_activateAccount($username, $penKey)
138{
139 $getuser = "SELECT * FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\" AND code = \"" . mysql_real_escape_string($penKey) . "\"";
140 $getuser2 = mysql_query($getuser);
141 $getuser3 = mysql_fetch_array($getuser2);
142 if ($getuser3['username'] == $username)
143 {
144 $insuser = "INSERT INTO users (username, password, email) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($getuser3['password']) . "\", \"" . mysql_real_escape_string($getuser3['email']) . "\")";
145 $insuser2 = mysql_query($insuser);
146
147 $delpending = "DELETE FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\"";
148 $delpending2 = mysql_query($delpending);
149
150 $mail = instaDisc_phpMailer();
151 $mail->AddAddress($getuser3['email'], $username);
152 $mail->Subject = 'Welcome to InstaDisc!';
153 $mail->Body = "Welcome to InstaDisc! Thank you for registering at " . instaDisc_getConfig('siteName') . " Central Server, we hope you enjoy our service! Now, when you download an InstaDisc Client, it will ask you for the following information which you will need to enter into it for it to work:\r\n\r\nUsername: " . $username . "\r\nPassword: (you should know this, it's not displayed here for security reasons)\r\nCentral Server URL: " . instaDisc_getConfig("xmlrpcURL") . "\r\n\r\nOnce again, thank you for choosing " . instaDisc_getConfig("siteName") . "!";
154 $mail->Send();
155
156 return ($mail->IsError() ? $mail->ErrorInfo : true);
157 } else {
158 return false;
159 }
160}
161
162function instaDisc_deactivateAccount($username, $penKey)
163{
164 $getuser = "SELECT * FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\" AND code = \"" . mysql_real_escape_string($penKey) . "\"";
165 $getuser2 = mysql_query($getuser);
166 $getuser3 = mysql_fetch_array($getuser2);
167 if ($getuser3['username'] == $username)
168 {
169 $delpending = "DELETE FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\"";
170 $delpending2 = mysql_query($delpending);
171
172 return true;
173 } else {
174 return false;
175 }
176}
177
178function instaDisc_verifyUser($username, $password)
179{
180 $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username). "\" AND password = \"" . mysql_real_escape_string(md5($password)) . "\"";
181 $getuser2 = mysql_query($getuser);
182 $getuser3 = mysql_fetch_array($getuser2);
183
184 return ($getuser3['username'] == $username);
185}
186
187function instaDisc_deleteAccount($username)
188{
189 $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\"";
190 $getuser2 = mysql_query($getuser);
191 $getuser3 = mysql_fetch_array($getuser2);
192 if ($getuser3['username'] == $username)
193 {
194 $deluser = "DELETE FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\"";
195 $deluser2 = mysql_query($deluser);
196
197 $delsubs = "DELETE FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\"";
198 $delsubs2 = mysql_query($delsubs);
199
200 $delitems = "DELETE FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\"";
201 $delitems2 = mysql_query($delitems);
202
203 return true;
204 }
205
206 return false;
207} 105}
208 106
209function instaDisc_getConfig($key) 107function instaDisc_getConfig($key)