Digitalstack/ZnoteAAC
2
0
Fork 0
mirror of https://github.com/Znote/ZnoteAAC.git synced 2025-04-29 18:59:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Recovery System

Browse Source 
Similar to this original from Tibia.
This commit is contained in:
ElGovanni 2016-04-19 20:41:57 +02:00
parent dfa6ceaa32
commit 91d0ffa95c
5 changed files with 318 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
config.php
View File

@ -12,7 +12,7 @@
$config['site_title_context'] = 'Because open communities are good communities. :3'; $config['site_title_context'] = 'Because open communities are good communities. :3';
// Path to server folder without / Example: C:\Users\Alvaro\Documents\GitHub\forgottenserver // Path to server folder without / Example: C:\Users\Alvaro\Documents\GitHub\forgottenserver
$config['server_path'] = ''; $config['server_path'] = '';
// ------------------------ \\ // ------------------------ \\
@ -35,7 +35,7 @@
- getClock() = returns current time in numbers. - getClock() = returns current time in numbers.
- getClock(time(), true) = returns current time in formatted date - getClock(time(), true) = returns current time in formatted date
- getClock(false, true) = same as above - getClock(false, true) = same as above
- getClock(false, true, false) = get current time, don't adjust timezone - getClock(false, true, false) = get current time, don't adjust timezone
- echo getClock($profile_data['lastlogin'], true); = from characterprofile, - echo getClock($profile_data['lastlogin'], true); = from characterprofile,
explains when user was last logged in. */ explains when user was last logged in. */
function getClock($time = false, $format = false, $adjust = true) { function getClock($time = false, $format = false, $adjust = true) {
@ -51,7 +51,7 @@
// ------------------- \\ // ------------------- \\
// CUSTOM SERVER STUFF \\ // CUSTOM SERVER STUFF \\
// ------------------- \\ // ------------------- \\
// Enable / disable Questlog function (true / false) // Enable / disable Questlog function (true / false)
$config['EnableQuests'] = false; $config['EnableQuests'] = false;
// array for filling questlog (Questid, max value, name, end of the quest fill 1 for the last part 0 for all others) // array for filling questlog (Questid, max value, name, end of the quest fill 1 for the last part 0 for all others)
@ -131,8 +131,8 @@
'secret' => true 'secret' => true
), ),
30001 => array( 30001 => array(
'Allow Cookies?', 'Allow Cookies?',
'With a perfectly harmless smile you fooled all of those wicecrackers into eating your exploding cookies. Consider a boy or girl scout outfit next time to make the trick even better.', 'With a perfectly harmless smile you fooled all of those wicecrackers into eating your exploding cookies. Consider a boy or girl scout outfit next time to make the trick even better.',
'points' => '10', // 1-3 points (1star), 4-6 points(2 stars), 7-9 points(3 stars), 10 points => (4 stars) 'points' => '10', // 1-3 points (1star), 4-6 points(2 stars), 7-9 points(3 stars), 10 points => (4 stars)
'secret' => true // show "secret" image 'secret' => true // show "secret" image
), ),
@ -143,7 +143,7 @@
), ),
30003 => array( 30003 => array(
'Bearhugger', 'Bearhugger',
'Warm, furry and cuddly - though that same bear you just hugged would probably rip you into pieces if he had been conscious, he reminded you of that old teddy bear which always slept in your bed when you were still small.', 'Warm, furry and cuddly - though that same bear you just hugged would probably rip you into pieces if he had been conscious, he reminded you of that old teddy bear which always slept in your bed when you were still small.',
'points' => '4' 'points' => '4'
), ),
30004 => array( 30004 => array(
@ -153,23 +153,23 @@
), ),
30005 => array( 30005 => array(
'Chorister', 'Chorister',
'Lalalala... you now know the cult\'s hymn sung in Liberty Bay by heart. Not that hard, considering that it mainly consists of two notes and repetitive lyrics.', 'Lalalala... you now know the cult\'s hymn sung in Liberty Bay by heart. Not that hard, considering that it mainly consists of two notes and repetitive lyrics.',
'points' => '1' 'points' => '1'
), ),
30006 => array( 30006 => array(
'Fountain of Life', 'Fountain of Life',
'You found and took a sip from the Fountain of Life. Thought it didn\'t grant you eternal life, you feel changed and somehow at peace.', 'You found and took a sip from the Fountain of Life. Thought it didn\'t grant you eternal life, you feel changed and somehow at peace.',
'points' => '1', 'points' => '1',
'secret' => true 'secret' => true
), ),
30007 => array( 30007 => array(
'Here, Fishy Fishy!', 'Here, Fishy Fishy!',
'Ah, the smell of the sea! Standing at the shore and casting a line is one of your favourite activities. For you, fishing is relaxing - and at the same time, providing easy food. Perfect!', 'Ah, the smell of the sea! Standing at the shore and casting a line is one of your favourite activities. For you, fishing is relaxing - and at the same time, providing easy food. Perfect!',
'points' => '1' 'points' => '1'
), ),
30008 => array( 30008 => array(
'Honorary Barbarian', 'Honorary Barbarian',
'You\'ve hugged bears, pushed mammoths and proved your drinking skills. And even though you have a slight hangover, a partially fractured rib and some greasy hair on your tongue, you\'re quite proud to call yourself a honorary barbarian from now on.', 'You\'ve hugged bears, pushed mammoths and proved your drinking skills. And even though you have a slight hangover, a partially fractured rib and some greasy hair on your tongue, you\'re quite proud to call yourself a honorary barbarian from now on.',
'points' => '1' 'points' => '1'
), ),
30009 => array( 30009 => array(
@ -179,12 +179,12 @@
), ),
300010 => array( 300010 => array(
'Just in Time', 'Just in Time',
'You\'re a fast runner and are good at delivering wares which are bound to decay just in the nick of time, even if you can\'t use any means of transportation or if your hands get cold or smelly in the process.', 'You\'re a fast runner and are good at delivering wares which are bound to decay just in the nick of time, even if you can\'t use any means of transportation or if your hands get cold or smelly in the process.',
'points' => '1' 'points' => '1'
), ),
30011 => array( 30011 => array(
'Matchmaker', 'Matchmaker',
'You don\'t believe in romance to be a coincidence or in love at first sight. In fact - love potions, bouquets of flowers and cheesy poems do the trick much better than ever could. Keep those hormones flowing!', 'You don\'t believe in romance to be a coincidence or in love at first sight. In fact - love potions, bouquets of flowers and cheesy poems do the trick much better than ever could. Keep those hormones flowing!',
'points' => '1', 'points' => '1',
'secret' => true 'secret' => true
), ),
@ -202,7 +202,7 @@
), ),
30014 => array( 30014 => array(
'Secret Agent', 'Secret Agent',
'Pack your spy gear and get ready for some dangerous missions in service of a secret agency. You\'ve shown you want to - but can you really do it? Time will tell.', 'Pack your spy gear and get ready for some dangerous missions in service of a secret agency. You\'ve shown you want to - but can you really do it? Time will tell.',
'points' => '1', 'points' => '1',
'secret' => true 'secret' => true
), ),
@ -218,7 +218,7 @@
), ),
30017 => array( 30017 => array(
'Worm Whacker', 'Worm Whacker',
'Weehee! Whack those worms! You sure know how to handle a big hammer.', 'Weehee! Whack those worms! You sure know how to handle a big hammer.',
'points' => '1', 'points' => '1',
'secret' => true 'secret' => true
), ),
@ -229,7 +229,7 @@
), ),
30019 => array( 30019 => array(
'Amateur Actor', 'Amateur Actor',
'You helped bringing Princess Buttercup, Doctor Dumbness and Lucky the Wonder Dog to life - and will probably dream of them tonight, since you memorised your lines perfectly. What a .. special piece of.. screenplay.', 'You helped bringing Princess Buttercup, Doctor Dumbness and Lucky the Wonder Dog to life - and will probably dream of them tonight, since you memorised your lines perfectly. What a .. special piece of.. screenplay.',
'points' => '2' 'points' => '2'
), ),
30020 => array( 30020 => array(
@ -242,7 +242,7 @@
// TFS 1.0 powergamers and top online // TFS 1.0 powergamers and top online
//Before enabling powergamers, make sure that you have added LUA files and possible cloums to your server. //Before enabling powergamers, make sure that you have added LUA files and possible cloums to your server.
//files can be found at Lua folder. //files can be found at Lua folder.
$config['powergamers'] = array( $config['powergamers'] = array(
'enabled' => true, // Enable or disable page 'enabled' => true, // Enable or disable page
'limit' => 20, //Number of players that it will show. 'limit' => 20, //Number of players that it will show.
@ -350,7 +350,7 @@
5 => 'Ended', 5 => 'Ended',
); );
/* -- SUB PAGES -- /* -- SUB PAGES --
Some custom layouts/templates have custom pages, they can use Some custom layouts/templates have custom pages, they can use
this sub page functionality for that. this sub page functionality for that.
*/ */
@ -429,7 +429,7 @@
'status_port' => "7171", 'status_port' => "7171",
); );
$config['delete_character_interval'] = '3 DAY'; // Delay after user character delete request is executed eg. 1 DAY, 2 HOUR, 3 MONTH etc. $config['delete_character_interval'] = '3 DAY'; // Delay after user character delete request is executed eg. 1 DAY, 2 HOUR, 3 MONTH etc.
$config['validate_IP'] = true; // Only allow legal IP addresses to register and create character. $config['validate_IP'] = true; // Only allow legal IP addresses to register and create character.
$config['salt'] = false; // Some noob 0.3.6 servers don't support salt. $config['salt'] = false; // Some noob 0.3.6 servers don't support salt.
@ -439,7 +439,7 @@
// Use guild logo system // Use guild logo system
$config['use_guild_logos'] = true; $config['use_guild_logos'] = true;
// Use country flags // Use country flags
$config['country_flags'] = false; $config['country_flags'] = false;
@ -533,6 +533,13 @@
'debug' => false, // Enable debugging if you have problems and are looking for errors. 'debug' => false, // Enable debugging if you have problems and are looking for errors.
'fromName' => $config['site_title'], 'fromName' => $config['site_title'],
); );
//Recovery System by ElGovanni (https://github.com/ElGovanni) //know as Burczyk
$config['recovery_key'] = array(
'enabled' => true,
'length' => 10, //less or equal value from database (default is: 20)
'send_to_mail' => true,
'change_email_by_recovery' => true,
);
// Use Znote's External Open Tibia Services Server // Use Znote's External Open Tibia Services Server
// Currently in Alpha and is pretty useless, but will contain paypal blacklist etc in future. // Currently in Alpha and is pretty useless, but will contain paypal blacklist etc in future.
// You can use the official server: http://zeotss.znote.eu/ // You can use the official server: http://zeotss.znote.eu/
@ -560,7 +567,7 @@
// Available options: LINUX or WINDOWS // Available options: LINUX or WINDOWS
$config['os'] = 'WINDOWS'; $config['os'] = 'WINDOWS';
// Measure how much players are lagging in-game. (Not completed). // Measure how much players are lagging in-game. (Not completed).
$config['ping'] = false; $config['ping'] = false;
// BAN STUFF - Don't touch this unless you know what you are doing. // BAN STUFF - Don't touch this unless you know what you are doing.
@ -638,13 +645,13 @@
$config['session_prefix'] = 'znote_'; $config['session_prefix'] = 'znote_';
/* Store visitor data /* Store visitor data
Store visitor data in the database, logging every IP visitng site, Store visitor data in the database, logging every IP visitng site,
and how many times they have visited the site. And sometimes what and how many times they have visited the site. And sometimes what
they do on the site. they do on the site.
This helps to prevent POST SPAM (like register 1000 accounts in a few seconds) This helps to prevent POST SPAM (like register 1000 accounts in a few seconds)
and other things which can stress and slow down the server. and other things which can stress and slow down the server.
The only downside is that database can get pretty fed up with much IP data The only downside is that database can get pretty fed up with much IP data
if table never gets flushed once in a while. So I highly recommend you if table never gets flushed once in a while. So I highly recommend you
to configure flush_ip_logs if IPs are logged. to configure flush_ip_logs if IPs are logged.
@ -652,7 +659,7 @@
$config['log_ip'] = false; $config['log_ip'] = false;
// Flush IP logs each configured seconds, 60 * 15 = 15 minutes. // Flush IP logs each configured seconds, 60 * 15 = 15 minutes.
// Set to false to entirely disable ip log flush. // Set to false to entirely disable ip log flush.
// It is important to flush for optimal performance. // It is important to flush for optimal performance.
$config['flush_ip_logs'] = 59 * 27; $config['flush_ip_logs'] = 59 * 27;

4
layout/widgets/login.php
View File

@ -19,8 +19,8 @@
Token::create(); Token::create();
?> ?>
<center> <h3><a href="register.php">New account</a></h3> <center> <h3><a href="register.php">New account</a></h3>
<font size="1">- Lost <a href="recovery.php?mode=username">username</a> or <a href="recovery.php?mode=password">password</a>?</font></center> <font size="1">- <a href="lostaccount.php" title="recovery access to login">Problems with logging?</a></font></center>
</ul> </ul>
</form> </form>
</div> </div>
</div> </div>

222
lostaccount.php Normal file
View File

@ -0,0 +1,222 @@
<?php require_once 'engine/init.php'; include 'layout/overall/header.php';
$acceptedChars = '123456789ZXCVBNMASDFGHJKLQWERTYUIOPzxcvbnmasdfghjklqwertyuiop';
if (empty($_POST) === false) {
if(isset($_POST['step']) && !empty($_POST['step']) && getValue($_POST['step'])>2){
if (!Token::isValid($_POST['token'])) {
$errors[] = 'Token is invalid.';
}
}
}
if(empty($_GET)){
$step = (isset($_POST['step']) && !empty($_POST['step'])) ? getValue($_POST['step']) : false;
$character = (isset($_POST['character']) && !empty($_POST['character'])) ? getValue($_POST['character']) : false;
$option = (isset($_POST['option']) && !empty($_POST['option'])) ? getValue($_POST['option']) : false;
$new_email = (isset($_POST['new_email']) && !empty($_POST['new_email'])) ? getValue($_POST['new_email']) : false;
$rec_key = (isset($_POST['rec_key']) && !empty($_POST['rec_key'])) ? getValue($_POST['rec_key']) : false;
switch ($step) {
case '1':
{
{
?>
<form action="" method="post">
<h2>Specify your problem</h2>
<label><input type="radio" name="option" value=0> I have forgotten my password</label><br>
<label><input type="radio" name="option" value=1> I have forgotten my account name</label><br>
<?php
if($config['recovery_key']['change_email_by_recovery'] && empty($errors))
echo '<label><input type="radio" name="option" value=2> I don\'t have access to my e-mail</label><br>';
else
echo '<label><input type="radio" name="option" value=2> Recovery password by key</label><br>';
echo '<input type="hidden" name="character" value="'.$character.'">';
?>
<button type="submit" name="step" value=2>Submit</button>
</form>
<?php
}
}
break;
break;
case '2':
{
switch ($option) {
case '0':
header('Location: recovery.php?mode=password');
break;
case '1':
header('Location: recovery.php?mode=username');
break;
case '2':
{
if($config['recovery_key']['change_email_by_recovery']){
if(user_character_exist($character)){
?>
<h2>We'll send authentication code to your new e-mail and then new password</h2>
<form action="" method="post">
<label>New e-mail address<br><input type="text" placeholder="new e-mail address" name="new_email" autocomplete="off"></label><br><br>
<label>Recovery key<br><input type="text" placeholder="recovery key" name="rec_key" autocomplete="off"></label><br>
<?php echo '<input type="hidden" name="character" value="'.$character.'">'; Token::create();?>
<button type="submit" name="step" value=3>Submit</button>
</form>
<?php
}else {
echo 'We can\'t find that character';
}
}else{
?>
<form action="" method="post">
<label>Recovery key<br><input type="text" placeholder="recovery key" name="rec_key" autocomplete="off"></label><br>
<?php echo '<input type="hidden" name="character" value="'.$character.'">'; Token::create();?>
<button type="submit" name="step" value=3>Submit</button>
</form>
<?php
}
}
break;
default:
echo "Something went wrong, please conact with administrator.";
break;
}
}
break;
case '3':
{
if(user_character_exist($character) && empty($errors)){
$query = mysql_select_single("SELECT `p`.`id` AS `player_id`, `a`.`name`, `a`.`key`, `a`.`email_new_time`, `a`.`email`, `a`.`id` AS `account_id` FROM `players` `p` INNER JOIN `accounts` `a` ON `p`.`account_id`=`a`.`id` WHERE `p`.`name` = '$character' LIMIT 1;");
if($config['recovery_key']['change_email_by_recovery']){
if($query['key']==$rec_key && filter_var($new_email, FILTER_VALIDATE_EMAIL) != false && $query['email']!=$new_email){
if((intval($query['email_new_time']) - time())>=7140) //interval
echo "Something went wrong";
else {
$tempKey = NULL;
for($i=0; $i < 25; $i++) {
$cnum[$i] = $acceptedChars{mt_rand(0, 60)};
$tempKey .= $cnum[$i];
}
mysql_update("UPDATE `accounts` SET `email_code` = '".$tempKey."', `email_new` = '".$new_email."', `email_new_time` = '".intval(time()+7200)."' WHERE `id` = '".$query['account_id']."';");
$thisurl = "http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
$thisurl .= "?confirm&u=".$query['account_id']."&tempkey=".$tempKey;
//Authenticate email
$mailer = new Mail($config['mailserver']);
$title = "Please authenticate your account at $_SERVER[HTTP_HOST].";
$body = "<h1>Please click on the following link to authenticate your account:</h1>";
$body .= "<p><a href='$thisurl'>$thisurl</a></p>";
$body .= "<hr><p>I am an automatic no-reply e-mail. Any emails sent back to me will be ignored.</p>";
$mailer->sendMail($_POST['new_email'], $title, $body, $query['name']);
echo 'We have sent an e-mail to your new address with link to authenticate this e-mail, please check it.';
}
} else {
echo 'Incorrect e-mail or recovery key.<br>';
}
}else{
if((intval($query['email_new_time']) - time())>=7140) //interval
echo "Something went wrong";
else{
$newPassword = NULL;
for($i=0; $i < 10; $i++) {
$cnum[$i] = $acceptedChars{mt_rand(0, 60)};
$newPassword .= $cnum[$i];
}
$salt = '';
if ($config['TFSVersion'] != 'TFS_03') {
// TFS 0.2 and 1.0
$password = sha1($newPassword);
} else {
// TFS 0.3/4
if (config('salt') === true) {
$saltdata = mysql_select_single("SELECT `salt` FROM `accounts` WHERE `id` = $auid LIMIT 1;");
if ($saltdata !== false) $salt .= $saltdata['salt'];
}
$password = sha1($salt.$newPassword);
}
mysql_update("UPDATE `accounts` SET `password`='".$password."', `email_new_time` = '".intval(time()+7200)."' WHERE `id` = '".$query['account_id']."';");
echo "Your new password is: ".$newPassword."<br>Stay safe.";
}
}
} else {
echo output_errors($errors);
echo 'This character not exist.';
}
}
break;
default:
?>
<h2>Welcome to the Lost Account Interface!</h2><br>
<p>If you have lost access to your account, this interface can help you. Of course, you need to prove that your claim to the account is justified. Enter the requested data and follow the instructions carefully. Please understand there is no way to get access to your lost account if the interface cannot help you.</p>
<form action="" method="post">
Character name: <br>
<input type="text" name="character"><br>
<button type="submit" name="step" value=1>Submit</button>
</form>
<?php
break;
}
}elseif (isset($_GET['confirm']) && empty($_GET['confirm'])) {
$auid = (isset($_GET['u']) && (int)$_GET['u'] > 0) ? (int)$_GET['u'] : false;
$tempKey = (isset($_GET['tempkey'])) ? $_GET['tempkey'] : false;
$tempKeyStatus = true;
for($i = 0;$i<strlen($tempKey); $i++)
{
$homeStatus = false;
for($j = 0; $j<strlen($acceptedChars); $j++)
{
$homeStatus = false;
if($tempKey[$i] == $acceptedChars[$j]){
$homeStatus = true;
break;
}
}
if($homeStatus===false)
{
$tempKeyStatus=false;
break;
}
}
if($tempKeyStatus===false)
return false;
$query = mysql_select_single("SELECT `email_code`, `email_new`, `name`, `password` FROM `accounts` WHERE `id` = $auid LIMIT 1;");
if($query!==false && $query['email_code']==$tempKey && $query['email_new']){
$newPassword = NULL;
for($i=0; $i < 10; $i++) {
$cnum[$i] = $acceptedChars{mt_rand(0, 60)};
$newPassword .= $cnum[$i];
}
$salt = '';
if ($config['TFSVersion'] != 'TFS_03') {
// TFS 0.2 and 1.0
$password = sha1($newPassword);
} else {
// TFS 0.3/4
if (config('salt') === true) {
$saltdata = mysql_select_single("SELECT `salt` FROM `accounts` WHERE `id` = $auid LIMIT 1;");
if ($saltdata !== false) $salt .= $saltdata['salt'];
}
$password = sha1($salt.$newPassword);
}
//Send new password
$mailer = new Mail($config['mailserver']);
$title = "This is your new password at $_SERVER[HTTP_HOST].";
$body = "<p>Password: ".$newPassword."</p>";
$body .= "<p>Stay safe at ".$config['mailserver']['fromName'].".</p>";
$body .= "<hr><p>I am an automatic no-reply e-mail. Any emails sent back to me will be ignored.</p>";
$mailer->sendMail($query['email_new'], $title, $body, $query['name']);
mysql_update("UPDATE `accounts` SET `email` = '".$query['email_new']."', `email_new` = '0', `email_code` = '0', `password` = '$password' WHERE `id` = $auid LIMIT 1;");
echo "We have sent new password to your new e-mail, have fun! :)";
}else{
echo 'Something went wrong';
}
}
include 'layout/overall/footer.php'; ?>

2
recovery.php
View File

@ -139,4 +139,4 @@ if ($config['mailserver']['accountRecovery']) {
<p>The admin have disabled automatic account recovery.</p> <p>The admin have disabled automatic account recovery.</p>
<?php <?php
} }
include 'layout/overall/footer.php'; ?> include 'layout/overall/footer.php'; ?>

81
settings.php
View File

@ -8,20 +8,21 @@ if (empty($_POST) === false) {
/* Token used for cross site scripting security */ /* Token used for cross site scripting security */
if (!Token::isValid($_POST['token'])) { if (!Token::isValid($_POST['token'])) {
$errors[] = 'Token is invalid.'; $errors[] = 'Token is invalid.';
} } elseif(isset($_POST['create_rkey'])!=true){
$required_fields = array('new_email', 'new_flag'); $required_fields = array('new_email', 'new_flag');
foreach($_POST as $key=>$value) { foreach($_POST as $key=>$value) {
if (empty($value) && in_array($key, $required_fields) === true) { if (empty($value) && in_array($key, $required_fields) === true) {
$errors[] = 'You need to fill in all fields.'; $errors[] = 'You need to fill in all fields.';
break 1; break 1;
}
} }
}
if (empty($errors) === true) {
if (empty($errors) === true) { if (filter_var($_POST['new_email'], FILTER_VALIDATE_EMAIL) === false) {
if (filter_var($_POST['new_email'], FILTER_VALIDATE_EMAIL) === false) { $errors[] = 'A valid email address is required.';
$errors[] = 'A valid email address is required.'; } else if (user_email_exist($_POST['new_email']) === true && $user_data['email'] !== $_POST['new_email']) {
} else if (user_email_exist($_POST['new_email']) === true && $user_data['email'] !== $_POST['new_email']) { $errors[] = 'That email address is already in use.';
$errors[] = 'That email address is already in use.'; }
} }
} }
} }
@ -29,28 +30,54 @@ if (empty($_POST) === false) {
<h1>Settings</h1> <h1>Settings</h1>
<?php <?php
if (isset($_GET['success']) === true && empty($_GET['success']) === true) { if(isset($_POST['create_rkey']) && $config['recovery_key']['enabled']) {
$acceptedChars = '123456789ZXCVBNMASDFGHJKLQWERTYUIOPzxcvbnmasdfghjklqwertyuiop';
$randomString = NULL;
for($i=0; $i < $config['recovery_key']['length']; $i++) {
$cnum[$i] = $acceptedChars{mt_rand(0, 60)};
$randomString .= $cnum[$i];
}
$update_data = array(
'key' => $randomString,
'reckey_created' => time()
);
user_update_account($update_data);
if($config['recovery_key']['send_to_mail']) {
$mailer = new Mail($config['mailserver']);
$title = "You have created recovery key for $_SERVER[HTTP_HOST].";
$body = "<h1>Please save it in safe place:</h1>";
$body .= "<p>$randomString</p>";
$body .= "<p>Thank you for stay safe and enjoy at".$config['mailserver']['fromName']."</p>";
$body .= "<hr><p>I am an automatic no-reply e-mail. Any emails sent back to me will be ignored.</p>";
$mailer->sendMail($user_data['email'], $title, $body, $user_data['name']);
}
echo "<p>Your new recovery key is: ".$randomString;
if($config['recovery_key']['send_to_mail'])
echo '<br>Duplicate has been send to your e-mail address: '.$user_data['email'];
echo '</p>';
} elseif (isset($_GET['success']) === true && empty($_GET['success']) === true) {
echo 'Your settings have been updated.'; echo 'Your settings have been updated.';
} else { } else {
if (empty($_POST) === false && empty($errors) === true) { if (empty($_POST) === false && empty($errors) === true) {
$update_data = array( $update_data = array(
'email' => $_POST['new_email'], 'email' => $_POST['new_email'],
); );
$update_znote_data = array( $update_znote_data = array(
'flag' => getValue($_POST['new_flag']), 'flag' => getValue($_POST['new_flag']),
); );
user_update_account($update_data); user_update_account($update_data);
user_update_znote_account($update_znote_data); user_update_znote_account($update_znote_data);
header('Location: settings.php?success'); header('Location: settings.php?success');
exit(); exit();
} else if (empty($errors) === false) { } else if (empty($errors) === false) {
echo output_errors($errors); echo output_errors($errors);
} }
?> ?>
<form action="" method="post"> <form action="" method="post">
<ul> <ul>
<li> <li>
@ -82,6 +109,22 @@ if (isset($_GET['success']) === true && empty($_GET['success']) === true) {
</li> </li>
</ul> </ul>
</form> </form>
<?php
if($config['recovery_key']['enabled']){
$query = mysql_select_single("SELECT `reckey_created` FROM `accounts` WHERE `id` = '$session_user_id'");
echo '<h2>Recovery Key</h2>';
if($query['reckey_created'] !=0){
echo '<input type="text" name="rkey" value="'.gmdate('Y-m-d', $query['reckey_created']).'" disabled>';
echo '<button disabled>Create</button>';
}
else{
?>
<form action="" method="post">
<input type="text" name="rkey" value="" disabled>
<?php Token::create(); ?>
<button name="create_rkey" type="submit">Create</button>
</form>
<?php }} ?>
<script> <script>
function selectCurrentFlag(flag) { function selectCurrentFlag(flag) {
document.getElementById("flag_select").value = flag != null ? flag : ""; document.getElementById("flag_select").value = flag != null ? flag : "";
@ -91,4 +134,4 @@ if (isset($_GET['success']) === true && empty($_GET['success']) === true) {
<?php <?php
} }
include 'layout/overall/footer.php'; include 'layout/overall/footer.php';
?> ?>