//ALL-write else {$sections[]= "ALL%%0";} //ALL-read $newsettings.=''. implode('|',$sections).''; $re=f_write_tagged_data('registration',$newsettings,$ca_db_settings_file, $ca_template_file_f); $output.=''.(($re==true)?f_ucfirst($ca_lang_l['settings saved']):"Settings not saved. ERROR.")."".$f_br.$f_br; } $output=f_fmt_admin_screen($output, build_menu($action_id)); $output=GT($output); print $output; } # ----------------- build HTML functions function GT($html_output,$include_counter_flag=false) { global $ca_template_file_f, $ca_lang_l, $template_in_root, $f_ct; $contents=f_fmt_in_template($ca_template_file_f,$html_output,'','',true,$include_counter_flag); $contents=str_replace(f_GFSAbi($contents,'',''), ''.$ca_lang_l['CENTRAL ADMIN'].'', $contents); if($template_in_root) { $contents=str_replace('',' ',' '),'[/error_message]-->
'.$ms.$f_br.$f_br.'
',$contents); $contents=str_replace(f_GFSAbi($contents,'centraladmin.php?pageid=','"'), 'centraladmin.php?pageid='.$thispage_id.($ref_url!=''?'&ref_url='.urlencode($ref_url):'').'"', $contents); } elseif(isset($_GET['indexflag'])) { $contents=str_replace(f_GFSAbi($contents,'centraladmin.php?pageid=','"'), 'centraladmin.php?pageid='.$thispage_id.(isset($_GET['indexflag'])?'&indexflag=index':'').'"', $contents);} } else // when protected page (without login) is accessed { if(!empty($user_account) && $user_account['details']['status']=='0') $err_msg=f_ucfirst($ca_lang_l['blocked_err_msg']); else $err_msg=$ca_lang_l['use correct username']; $contents='' .'
'; //event manager $contents.=$f_br.""."" ."" ."" ."" .""; if($sr_enable) { $contents.=''; } $contents.="
".f_ucfirst($ca_lang_l['ca login'])."".$f_br."
".f_ucfirst($ca_lang_l['username'])."
".f_ucfirst($ca_lang_l['password'])."

'.$f_br.'' .$ca_lang_l['forgot q'].'

 

'.$ca_lang_l['member q'].'

"; } if((!isset($_GET['pageid']) || isset($_GET['indexflag']) || $ref_url!='') && !$direct_flag || in_array($pageid_info[4],$lister_array)) { $pattern=f_GFS($contents,'method="post" action="','">'); // login form action fixation if($pattern=='') $pattern=f_GFS($contents,'method=post action=','>'); if(isset($_GET['indexflag'])) {$r_with=$doc_dir."centraladmin.php?pageid=".$thispage_id."&indexflag=index&".$ca_l;} elseif(isset($_GET['pageid']) && (in_array($pageid_info[4],$lister_array) || $ref_url!='') ) { $r_with=$doc_dir."centraladmin.php?pageid="; if(in_array($pageid_info[4],$lister_array)) $r_with.=intval($_GET['pageid'])."&".$ca_l; else $r_with.=$thispage_id."&".$ca_l.'&ref_url='.urlencode($ref_url); } else $r_with=$prot_page_name; $contents=str_replace($pattern,$r_with,$contents); if(in_array($prot_page_info[4],array('136','137','138','143','144','20'))) // Special PHP pages { if(!$prot_page_inroot) $f_dir='../'.f_GFS($prot_page_info[1],'../','/').'/'; elseif($prot_page_info[6]!=='TRUE') $f_dir='../'; else $f_dir=''; $f_dir=str_replace('//','/',$f_dir); $prot_page_name_fixed=($prot_page_info[15]=='0' && $prot_page_info[3]=='1')?$f_dir.'SUB_':$f_dir; $prot_page_name_fixed.=$thispage_id.($prot_page_info[6]=='TRUE'?'.php':'.html'); } elseif(in_array($prot_page_info[4],$lister_array)) // shop and lister pages { $f_dir='../'.f_GFS($prot_page_info[1],'../','/').'/'; $prot_page_name_fixed=($prot_page_info[15]=='0' && $prot_page_info[3]=='1')?$f_dir.'SUB_':$f_dir; $prot_page_name_fixed.=$thispage_id.'.html'; } elseif($prot_page_info[4]=='133') { if(!$prot_page_inroot) $prot_page_name_fixed=$prot_page_name; elseif($prot_page_info[6]!=='TRUE') $prot_page_name_fixed='../'.$prot_page_name; else $prot_page_name_fixed=$prot_page_name; $prot_page_name_fixed=str_replace('//','/',$prot_page_name_fixed); } else $prot_page_name_fixed=$prot_page_name; if(strpos($prot_page_name_fixed,'../')===false && isset($_GET['indexflag'])) $prot_page_name_fixed='../'.$prot_page_name_fixed; if(file_exists($prot_page_name_fixed)) $protpage_content=f_read_file($prot_page_name_fixed); else $protpage_content='missing'; $contents=str_replace(array(''),array(''),$contents); if(strpos($contents,'')!==false) $replace_with=f_GFS($contents,'',''); else $replace_with=f_GFS($contents,f_GFSAbi($contents,''),''); $login_page_scripts=f_GFS($contents,'',''); if(strpos($protpage_content,'')!==false) {$for_replace=f_GFS($protpage_content,'','');} else $for_replace=f_GFS($protpage_content,f_GFSAbi($protpage_content,''),''); $contents=str_replace($for_replace,$replace_with,$protpage_content); $contents=str_replace(f_GFS($contents,'',''),'',$contents); $contents=str_replace('',$login_page_scripts.'',$contents); $contents=preg_replace("'<\?php.*?\?>'si",'',$contents); if(strpos($prot_page_info[1],'../')===false) { $url=$f_http_prefix.$_SERVER['HTTP_HOST'].str_replace('//','/',str_replace('documents','',dirname($_SERVER['PHP_SELF'])).'/'); $contents=str_replace('',' 'si",'',$contents); $contents=str_replace(array('GMload();','GUnload();'),array('',''),$contents); return $contents; } function build_menu($action_id) { global $pref_dir,$ca_lang_l,$ca_l,$f_br; $url_base=$pref_dir.'centraladmin.php?process='; $captions=array(); $urls=array(); $indexes=array(); $captions[]=$ca_lang_l['site map']; $urls[]=$url_base."index&".$ca_l; $indexes[]="index"; $captions[]=$ca_lang_l['manage users']; $urls[]=$url_base."manageusers&".$ca_l; $indexes[]="manageusers"; $captions[]=$ca_lang_l['counter settings']; $urls[]=$url_base."confcounter&".$ca_l; $indexes[]="confcounter"; $captions[]=$ca_lang_l['registration settings']; $urls[]=$url_base."confreg&".$ca_l; $indexes[]="confreg"; $captions[]=$ca_lang_l['settings']; $urls[]=$url_base."conflang&".$ca_l; $indexes[]="conflang"; $captions[]=$ca_lang_l['log']; $urls[]=$url_base."log&".$ca_l; $indexes[]="log"; $captions[]=$ca_lang_l['logout'].'[ADMIN]'; $urls[]=$url_base."logoutadmin&".$ca_l; $indexes[]="logoutadmin"; $action_key=array_search(trim($action_id),$indexes); if($action_key!==false) $selected=$action_key; elseif(in_array($action_id,array('processuser', 'pendingreg'))) $selected=array_search('manageusers',$indexes); elseif($action_id=='resetcounter') $selected=array_search('confcounter',$indexes); elseif($action_id=='clearlog') $selected=array_search('log',$indexes); elseif($action_id=='confreglang') $selected=array_search('confreg',$indexes); else $selected=''; $output=f_admin_navigation($captions,$urls,$selected); return $output; } function build_login_form_ca($msg) { global $pref_dir,$ca_lang_l,$ca_l,$f_ct; $output='
'; $output.='' .''; $output.='
'.$msg.'
' .f_ucfirst($ca_lang_l['username']).'
'.f_ucfirst($ca_lang_l['password']).'
'; return $output; } function build_add_user_form($msg='') { global $access_type_ex,$pref_dir,$ca_lang_l,$ca_l,$f_br,$f_ct,$pref,$f_fmt_star,$f_fmt_hidden; $buffer_id=array(); $buffer_access=array(); $username=(isset($_POST['save'])?un_esc($_POST['username']):''); $input='
'.($msg!=''? $msg.$f_br:''); $table_data[]=array($ca_lang_l['username'].$f_fmt_star, sprintf($f_fmt_hidden,'flag','add').sprintf($f_fmt_hidden,'old_username',$username).sprintf($input,'username',$username)); $table_data[]=array($ca_lang_l['name'], sprintf($input,'name',(isset($_POST['save'])?un_esc($_POST['name']):''))); $table_data[]=array($ca_lang_l['surname'], sprintf($input,'sirname',(isset($_POST['save'])?un_esc($_POST['sirname']):''))); $table_data[]=array($ca_lang_l['email'], sprintf($input,'email',(isset($_POST['save'])?$_POST['email']:''))); $table_data[]=array($ca_lang_l['password'].$f_fmt_star, sprintf($input_ps,'password')); $table_data[]=array($ca_lang_l['repeat password'].$f_fmt_star, sprintf($input_ps,'repeatedpassword')); $access_line=ca_build_access_block(); $table_data[]=array($ca_lang_l['access to'], $access_line); // event manager $news_line=''; $calendar_categories=get_calendar_categories(); if(!empty($calendar_categories)) { $news_for=array(); if(isset($data['news']) && !empty($data['news'])) {foreach($data['news'] as $key=>$val) $news_for[]=$val['page'].'%'.$val['cat'];} $news_line.=$f_br; foreach($calendar_categories as $k=>$v) { $ckbox_value=$v['pageid'].'%'.$v['catid']; $news_line.=''.$v['pagename'].' - '.$v['catname'].''.$f_br; } } if(!empty($news_line)) $table_data[]=array($ca_lang_l['want to get'], $news_line); $base=f_build_self_url('centraladmin.php'); $end='('.$f_fmt_star.') '.$ca_lang_l['required fields'].''.$f_br; $end.=$f_br.'function tS(id){if(document.getElementById('access_type'+id).selectedIndex==2) document.getElementById('section'+id).style.display='block'; else document.getElementById('section'+id).style.display='none'; } function show_div(id){document.getElementById(id).style.display='block';} function hide_div(id){document.getElementById(id).style.display='none';}"; return $output; } function ca_build_access_block() { global $ca_lang_l, $access_type_ex, $f_br, $f_ct; $select_all_flag=(isset($_POST['select_all'])? true: false); $select_all_val=($select_all_flag)?$_POST["select_all"]:'undefined'; $checked_all_read=(!$select_all_flag || $select_all_val=='yes'); $checked_all_write=($select_all_flag && $select_all_val=='yesw'); $checked_selected=($select_all_flag && $select_all_val=='no'); $selected_sec_flag=(isset($_POST['selected_sections'])? true: false); $section_id=array(); $section_access=array(); $access_line=''.f_ucfirst($ca_lang_l['view all'])."".$f_br; $access_line.=''.f_ucfirst($ca_lang_l['edit all'])."".$f_br; $section_list=get_sections_list(); if(!empty($section_list)) { $access_line.=' '.f_ucfirst($ca_lang_l['selected']).' '.$f_br; } else {$access_line.=$f_br.''.f_ucfirst($ca_lang_l['adduser_msg1']).'';} $selected_sec_ids=array(); if($checked_selected && $selected_sec_flag && !empty($_POST["selected_sections"])) { foreach($_POST["selected_sections"] as $k=>$v) {$selected_sec_ids[]=$v;$selected_sec_access[]=$_POST["access_type".$v];} } $access_line.='
'; foreach($section_list as $k=>$v) { $cur_sec_id=str_replace('','',$v[10]); $cur_sec_name=$v[8]; $secaccess_type=(!$checked_selected)? '2': '0'; $index=array_search($cur_sec_id,$selected_sec_ids); if($index!==false) $secaccess_type=$selected_sec_access[$index]; $access_line.='
'.$cur_sec_name."  " .f_build_select('access_type'.$cur_sec_id,$access_type_ex,$secaccess_type,'onchange="javascript:tS(\''.$cur_sec_id.'\');"').'
'; $access_line.='
'; $access_line.=check_section_range(0,$cur_sec_id).'
'; } $access_line.='
'.$f_br.''.f_ucfirst($ca_lang_l['view']).' - ' .f_ucfirst($ca_lang_l['adduser_msg2']).$f_br .''.f_ucfirst($ca_lang_l['edit']).' - ' .f_ucfirst($ca_lang_l['adduser_msg3']).''; return $access_line; } function build_edit_user_form($flag,$msg='',$username='',$data='',$usrid=0,$user_data='') //flags - add,editpass,editaccess,editdetails { global $access_type_ex,$pref_dir,$ca_lang_l,$ca_l,$f_br,$f_ct,$pref,$f_fmt_star,$f_fmt_hidden; $buffer_id=array(); $buffer_access=array(); $input='"; $span8=$span8_nobr.$f_br; $output='
'; $output.='
'; $output.=sprintf($f_fmt_hidden,'flag',$flag).($msg!=''? $msg.$f_br.$f_br:''); $output.=($flag=='editdetails'? sprintf($span8,f_ucfirst($ca_lang_l['username']).$f_fmt_star): ''); if($usrid>0) $output.=sprintf($f_fmt_hidden,'id',$usrid); if($flag=='editdetails') { $creation_date=($data!=''?$data['details']['creation_date']:$_POST['creation_date']); $output.=sprintf($f_fmt_hidden,'creation_date',$creation_date); $output.=sprintf($f_fmt_hidden,'sr', ($data!=''?$data['details']['sr']:$_POST['sr']) ); $output.=sprintf($f_fmt_hidden,'status', ($data!=''?$data['details']['status']:$_POST['status']) ); } if($flag=='editdetails') $output.=sprintf($f_fmt_hidden,'old_username',$username).sprintf($input,'username',$username); elseif($flag=='editaccess') $output.=sprintf($f_fmt_hidden,'username',$username); else $output.=sprintf($f_fmt_hidden,'username',$username); if($flag=='editdetails') { $output.=sprintf($span8,f_ucfirst($ca_lang_l['name'])) .sprintf($input,'name',($data!=''?un_esc($data['details']['name']):(isset($_POST['save'])?un_esc($_POST['name']):''))); $output.=sprintf($span8,f_ucfirst($ca_lang_l['surname'])) .sprintf($input,'sirname',($data!=''?un_esc($data['details']['sirname']):(isset($_POST['save'])?un_esc($_POST['sirname']):''))); $output.=sprintf($span8,f_ucfirst($ca_lang_l['email'])) .sprintf($input,'email',($data!=''?$data['details']['email']:(isset($_POST['save'])?$_POST['email']:''))); if($flag=='editdetails') { $output.=''.f_ucfirst($ca_lang_l['creation date']).': '.($creation_date!=''? date('r',f_tzone_date($creation_date)): 'NA').''.$f_br;} } if($flag=='editpass') { $output.=sprintf($span8,f_ucfirst($ca_lang_l['password']).$f_fmt_star).sprintf($input_ps,'password'); $output.=sprintf($span8,f_ucfirst($ca_lang_l['repeat password']).$f_fmt_star).sprintf($input_ps,'repeatedpassword'); } if($flag=='editaccess') // sections and access { $select_all_flag=(empty($data) && isset($_POST['select_all'])? true: false); $select_all_val=($select_all_flag)?$_POST["select_all"]:'undefined'; $checked_all_read=($flag=='editaccess' && !empty($data) && $data[0]['section']=='ALL'); $checked_all_write=($flag=='editaccess' && !empty($data) && $data[0]['section']=='ALL' && $data[0]['type']=='1'); $checked_selected=($select_all_flag && $_POST["select_all"]=='no' || !empty($data) && $data[0]['section']!='ALL'); $selected_sec_flag=(isset($_POST['selected_sections'])? true: false); $section_id=array(); $section_access=array(); $output.='
'.sprintf($span8_nobr,f_ucfirst($ca_lang_l['access to'])).$f_fmt_star.''; $output.=''.f_ucfirst($ca_lang_l['view all'])."".$f_br; $output.=''.f_ucfirst($ca_lang_l['edit all'])."".$f_br; $section_list=get_sections_list(); if(!empty($section_list)) { $output.=' '.f_ucfirst($ca_lang_l['selected']).' '.$f_br; } else {$output.=$f_br.''.f_ucfirst($ca_lang_l['adduser_msg1']).'';} $selected_sec_ids=array(); if($data!='') { foreach($data as $k=>$v) {$selected_sec_ids[]=$v['section']; $selected_sec_access[]=$v['type'];} } elseif($selected_sec_flag && !empty($_POST["selected_sections"])) { foreach($_POST["selected_sections"] as $k=>$v) {$selected_sec_ids[]=$v;$selected_sec_access[]=$_POST["access_type".$v];} } $output.='
'; foreach($section_list as $k=>$v) { $cur_sec_id=str_replace('','',$v[10]); $cur_sec_name=$v[8]; $secaccess_type=(!$checked_selected)? '2': '0'; if($flag=='editaccess') { $index=array_search($cur_sec_id,$selected_sec_ids); if($index!==false) $secaccess_type=$selected_sec_access[$index]; } $output.='
'.$cur_sec_name."  " .f_build_select('access_type'.$cur_sec_id.'_'.$usrid,$access_type_ex,$secaccess_type,'onchange="javascript:tS(\''.$cur_sec_id.'_'.$usrid.'\');"').'
'; $output.='
'; $output.=check_section_range(0,$cur_sec_id,$usrid,$user_data)."
"; } $output.='
'; $output.=$f_br.''.f_ucfirst($ca_lang_l['view']).' - '.f_ucfirst($ca_lang_l['adduser_msg2']) .$f_br.''.f_ucfirst($ca_lang_l['edit']).' - '.f_ucfirst($ca_lang_l['adduser_msg3']).''.$f_br.$f_br.'
'; } if($flag=='editdetails') // event manager { $calendar_categories=get_calendar_categories(); if(!empty($calendar_categories)) { $news_for=array(); if(isset($data['news']) && !empty($data['news'])) { foreach($data['news'] as $key=>$val) $news_for[]=$val['page'].'%'.$val['cat']; } $output.=$f_br.'
'.sprintf($span8_nobr,$ca_lang_l['want to get']).''.$f_br; foreach($calendar_categories as $k=>$v) { $ckbox_value=$v['pageid'].'%'.$v['catid']; $output.=''.$v['pagename'].' - '.$v['catname'].''.$f_br; } $output.=$f_br.'
'; } } $base=f_build_self_url('centraladmin.php'); $output.=$f_br.'function tS(id){if(document.getElementById('access_type'+id).selectedIndex==2) document.getElementById('section'+id).style.display='block'; else document.getElementById('section'+id).style.display='none'; } function show_div(id){document.getElementById(id).style.display='block';} function hide_div(id){document.getElementById(id).style.display='none';}"; return $output; } function build_register_form($msg='',$data='') { global $pref_dir,$ca_lang_l,$ca_settings,$ca_l,$f_br,$f_ct,$trtdsp; $sr_termsofuse_urls=''; $settings=f_GFS($ca_settings,'',''); if(strpos($settings,'')!==false) $sr_termsofuse_urls=f_GFS($settings,'',''); if(strpos($settings,'')!==false) $sr_notes=f_GFS($settings,'',''); if($sr_termsofuse_urls!='') { if(strpos($sr_termsofuse_urls,'../')!==false && strpos($pref_dir,'../')===false) {$sr_termsofuse_urls=str_replace('../','',$sr_termsofuse_urls);} } $output=$f_br.""; $output.="
"; $output.=$trtdsp.f_ucfirst($ca_lang_l['username'])."*"; $output.=$trtdsp.f_ucfirst($ca_lang_l['name'])."*"; $output.=$trtdsp.f_ucfirst($ca_lang_l['surname'])."*"; $output.=$trtdsp.f_ucfirst($ca_lang_l['email'])."*"; $output.=$trtdsp.f_ucfirst($ca_lang_l['password'])."*"; $output.=$trtdsp.f_ucfirst($ca_lang_l['repeat password'])."*"; $output.=$trtdsp.f_ucfirst($ca_lang_l['code'])."*"; $output.=""; if(isset($sr_notes) && !empty($sr_notes)) $output.=""; $calendar_categories=get_calendar_categories(); if(!empty($calendar_categories)) //event manager { $output.=""; foreach($calendar_categories as $k=>$v) { $output.=""; } $output.=" "; } $output.=""; $output.="
".f_ucfirst($ca_lang_l['registration']).$msg."".$f_br.$f_br."
"; $sr_agree_msg_fixed=f_ucfirst($ca_lang_l['sr_agree_msg']); if($sr_termsofuse_urls!='') { $pattern=f_GFS($sr_agree_msg_fixed,'%%','%%'); $sr_agree_msg_fixed=str_replace('%%'.$pattern.'%%',''.$pattern.'',$sr_agree_msg_fixed); } else $sr_agree_msg_fixed=str_replace('%%','',$sr_agree_msg_fixed); $output.="
*"; $output.=$sr_agree_msg_fixed."
".$sr_notes."
".$ca_lang_l['want to get'].$f_br."
".$v['pagename'].' - '.$v['catname']."
(*) ".$ca_lang_l['required fields']."
"; return $output; } function build_forgotpass_form($msg='') { global $pref_dir,$ca_lang_l,$ca_l,$f_br,$f_ct; $output=$f_br.'
'; $output.='
'; $output.=''; $output.=''; $output.='
'.f_ucfirst($ca_lang_l['forgotten password']).' '.$msg.''.$f_br.$f_br.'' .f_ucfirst($ca_lang_l['sr_forgotpass_note']).$f_br.$f_br.'
'.f_ucfirst($ca_lang_l['username']).'
'.f_ucfirst($ca_lang_l['email']).'
'; return $output; } function build_changepass_form($username,$msg='') { global $pref_dir,$ca_lang_l,$ca_l,$f_br,$f_ct; $output=$f_br."
"; $output.="
"; $output.=""; $output.=""; $output.=""; $output.=""; $output.=""; $output.="
".f_ucfirst($ca_lang_l['change password']).' '.$msg."
".f_ucfirst($ca_lang_l['old password'])."*
".f_ucfirst($ca_lang_l['new password'])."*
".f_ucfirst($ca_lang_l['repeat password'])."*
(*) ".$ca_lang_l['required fields']."
"; return $output; } function build_editprofile_form($username,$data='',$msg='') { global $pref_dir,$ca_lang_l,$ca_l,$f_br,$f_ct,$trtdsp; $output=$f_br."
"; $creation_date=($data!=''?$data['details']['creation_date']:$_POST['creation_date']); $output.=""; $output.=$trtdsp.f_ucfirst($ca_lang_l['name'])."*"; $output.=$trtdsp.f_ucfirst($ca_lang_l['surname'])."*"; $output.=$trtdsp.f_ucfirst($ca_lang_l['email'])."*"; $calendar_categories=get_calendar_categories(); if(!empty($calendar_categories)) { $news_for=array(); if(isset($data['news']) && !empty($data['news'])) { foreach($data['news'] as $key=>$val) $news_for[]=$val['page'].'%'.$val['cat']; } $output.='
'.f_ucfirst($ca_lang_l['want to get']).' '.$f_br; foreach($calendar_categories as $k=>$v) { $ckbox_value=$v['pageid'].'%'.$v['catid']; $output.="".$v['pagename'].' - '.$v['catname']."".$f_br; } $output.=$f_br.'
'; } $output.="(*) ".$ca_lang_l['required fields'].""; $output.=""; $output.="
"; return $output; } # ------------ self-registration function process_register($action_id,$ms='') { global $ca_db_file,$ca_lang_l,$ca_l,$ca_settings,$f_lf,$ca_template_file_f,$sr_notif_enabled,$ca_user_msg,$f_br,$f_fmt_span8em,$ca_site_url; $err_msg=''; if(isset($_POST['save'])) // send registration email { if(!isset($_SESSION)) {f_int_start_session();} if(!isset($_SESSION['CAPTCHA_CODE'])) {echo "This is illegal operation. You are not allowed to register.";exit;} else { foreach($_POST as $k=>$v) {if(!is_array($v)) $_POST[$k]=trim($v);} $post_user=f_strip_tags($_POST['username']); if(empty($_POST['username'])) $err_msg.=$f_br.f_ucfirst($ca_lang_l['fill in']).' '.f_strtoupper($ca_lang_l['username']); elseif(!preg_match("/^[A-Za-z_0-9]+$/",$post_user)) $err_msg.=$f_br.f_ucfirst($ca_lang_l['can contain only']); elseif(duplicated_user($post_user)) $err_msg.=$f_br.f_ucfirst($ca_lang_l['username exists']); if(empty($_POST['name'])) $err_msg.=$f_br.f_ucfirst($ca_lang_l['fill in']).' '.f_strtoupper($ca_lang_l['name']); if(empty($_POST['sirname'])) $err_msg.=$f_br.f_ucfirst($ca_lang_l['fill in']).' '.f_strtoupper($ca_lang_l['surname']); if(empty($_POST['email'])) $err_msg.=$f_br.f_ucfirst($ca_lang_l['fill in']).' '.f_strtoupper($ca_lang_l['email']); elseif(!empty($_POST["email"]) && !f_validate_email(f_strip_tags($_POST["email"]))) $err_msg.=$f_br.f_ucfirst($ca_lang_l['nonvalid email']); if(empty($_POST['password'])) $err_msg.=$f_br.f_ucfirst($ca_lang_l['fill in']).' '.f_strtoupper($ca_lang_l['password']); elseif(strlen(trim($_POST['password']))<5) $err_msg.=$f_br.f_ucfirst($ca_lang_l['your password should be']); elseif(empty($_POST['repeatedpassword'])) $err_msg.=$f_br.f_ucfirst($ca_lang_l['repeat password']); elseif($_POST['password']!=$_POST['repeatedpassword']) $err_msg.=$f_br.f_ucfirst($ca_lang_l['password and repeated password']); elseif(strtolower($post_user)=='admin' && strtolower($_POST['password'])=='admin') $err_msg.=$f_br.$ca_user_msg; if(empty($_POST['code']) || md5(strtoupper($_POST['code']))!= $_SESSION['CAPTCHA_CODE']) $err_msg.=$f_br.f_strtoupper($ca_lang_l['code']).' '.$ca_lang_l['field should match the text on the right']; if(!isset($_POST['agree'])) $err_msg.=$f_br.f_ucfirst($ca_lang_l['agree with terms']); if($err_msg!='') $output=build_register_form($f_br.sprintf($f_fmt_span8em,$err_msg)); else { $settings=f_GFS($ca_settings,'',''); $require_approval=f_GFS($settings,'',''); if($require_approval=='') $require_approval='0'; $access=array(); $access_str=(strpos($settings,'')!==false)? f_GFS($settings,'',''): ''; if($access_str!='') $temp_access=explode('|',$access_str); if(isset($temp_access)) { foreach($temp_access as $k=>$v) { $t=explode('%%',$v); $page_level_str=f_GFS($v,'(',')'); if(!empty($page_level_str)) $t[1]=str_replace('('.$page_level_str.')','',$t[1]); if($t[1]=='2') { $page_level_arr=explode(';',$page_level_str); foreach($page_level_arr as $kk=>$vv) { $value=explode('%',$vv); $page_access_arr []=array('page'=>$value[0], 'type'=>$value[1]); } $access[]=array('section'=>$t[0],'type'=>$t[1],'page_access'=>$page_access_arr); } else $access[]=array('section'=>$t[0],'type'=>$t[1]); } } $uniqueid=md5(uniqid(mt_rand(),true)); $link=f_build_self_url('centraladmin.php').'?id='.$uniqueid.'&process=register&'.$ca_l; $content=str_replace("##",'
',$ca_lang_l['sr_email_msg']); $content=str_replace(array("%CONFIRMLINK%",'%%site%%'), array(''.$link.'',$ca_site_url), $content); $content=str_replace(array("%CONFIRMLINK%",'%%site%%'), array(''.$link.'',$ca_site_url), $content); $content=str_replace(array('%%username%%','%%USERNAME%%'), array($post_user,$post_user),$content); $content_text=str_replace(array("##","%CONFIRMLINK%"), array($f_lf,$link), $ca_lang_l['sr_email_msg']); $content_text=str_replace("%%site%%", $ca_site_url, $content_text); $content_text=str_replace(array('%%username%%','%%USERNAME%%'), array($post_user,$post_user),$content_text); $subject=str_replace('%%site%%',$ca_site_url,$ca_lang_l['sr_email_subject']); if((strpos(f_strtolower($content),'mime-version')!==false) || (strpos(f_strtolower($content),'content-type')!==false)) {$log_msg=" Registration email CAN NOT be sent - possible dangerous content"; $output=$log_msg; } $send_to_email=f_strip_tags($_POST["email"]); $sections=''; $news=''; if(empty($access)) {$sections.='';} else { foreach($access as $k=>$v) { $sections.=''; if($v['type']=='2') { foreach($v['page_access'] as $key=>$val) { $sections.='

'; } } $sections.=''; } } if(isset($_POST["news_for"])) //event manager { foreach($_POST["news_for"] as $k=>$v) { if(strpos($v,'%')!==false) { list($p,$c)=explode('%',$v); } else { $p=$v; $c=''; } $news.=''; } } $details='

'; $log_msg='success'; $result=send_mail_ca($content,$content_text,$subject,$send_to_email); if($result) { db_write_user('selfreg',$uniqueid,$post_user,crypt($_POST['password']),$sections,$details,$news); //event manager $log_msg.=", email SENT"; $output = $f_br.'
'.$ca_lang_l['sr_success_msg'].'
'; } else {$log_msg.=", email FAILED"; $output=$f_br.'Email FAILED. Try again.';} write_log('reg','USER:'.$post_user,$log_msg); if(isset($_SESSION['CAPTCHA_CODE'])) $_SESSION['CAPTCHA_CODE']=''; } } } elseif(isset($_GET['id'])) // confirm registration { $file_contents='hi