05/14/05 09:45pm  
Status: offline

Blaine

Forum User
Moderator
Registered: 07/16/02
Posts: 1232
A few weeks ago, I assisted a member with the custom membership to add two additional fields. As part of his School reunion site, new members signing up would be required to enter their "Full Name" and "Graduation Year".

Adding more then one new field is not much more work since it requires all the custom functions to be created and a new database table to store the additional field(s). So this should be a good example even if you want to add 10 fields.

I have uploaded this complete example and the archive is available here includes the complete functions, SQL and detailed instructions.
Geeklog components by PortalParts -- www.portalparts.com
 05/20/05 02:17pm  
Status: offline

tesn

Forum User
Chatty
Registered: 10/23/02
Posts: 41
I took your example and modified the Graduation_Year to my information that is in this format: "STEAM_0"01234567" However, If I enter it in this manor it reverts to a "0" when I view it from the users profile. I can go into phpmyadmin and edit this information and it will be displayed correctly.

If I use the following format it will be entered as I type it "01234567" but I really need everthing after the "STEAM_ " to show up.

I am also wanting to know how I can have this information displayed in the users "Account Information" page so that they can edit this when they need to.

Thanks
John
 05/21/05 10:43am  

SmackDaddy

Anonymous
How do I edit the text located on the registration page: http://mysite.url/users.php?mode=new ???

It says nothing about "Do NOT use spaces" in a username, although in the admin section, it clearly states it....and I have had problems with people logging in after using spaces despite not knowing they shouldn't....

Thanks
 05/22/05 12:47am  
Status: offline

tesn

Forum User
Chatty
Registered: 10/23/02
Posts: 41
Around line 102 of your lib-custom.php file

Text Formatted Code
$message = "<br><font color=black><b>Please complete the application below. Once you have completed the application, click the Submit button and the application will be processed immediately.</b></font>";
   
 
John
 05/23/05 12:00pm  

thud

Anonymous
Hi guys,
This is similar to what I want to do - but I want to add extra text field (eg: graduation year) into the story posting page - so you'd have title, topic, EXTRA FIELD 1, EXTRA FIELD 2, intro text, body text etc.

Is there a way to do this? I'd love it if there was
 05/23/05 03:03pm  
Status: offline

tesn

Forum User
Chatty
Registered: 10/23/02
Posts: 41
This code will not work , atleast on my site it is not. When I try and edit my account which is already on the site it will not input the information into the database. I am using the sample listed here with NO changes.


Any ideas on where to look??


Maybe this is why it would not work with my modifications.

Anyone else using this code ??
John
 05/23/05 04:00pm  
Status: offline

Blaine

Forum User
Moderator
Registered: 07/16/02
Posts: 1232
This example worked fine and was installed by my client without modification. I provided this as yet another documented example of how to use the customized registration function. As noted, this requires PHP and mysql knowledge as you are writting or editing code.

If you have a specific question then I or others can assist. If you need a set of custom functions written - then you can contact me as I have offered for a quote.
Geeklog components by PortalParts -- www.portalparts.com
 05/25/05 11:27am  
Status: offline

tesn

Forum User
Chatty
Registered: 10/23/02
Posts: 41
Well it is not working when I as a existing member of my site try and enter my grad year, it comes back as a 0.

It does work for "New" members who enter this information during registration, but Existing members can not.

I am using your example with no changes.
John
 10/25/05 11:37am  
Status: offline

Vapour71

Forum User
Chatty
Registered: 02/10/05
Posts: 55
I am going to try this example on my site. However I do not want to use the example "graduation year". I would like to have something different. Is it correct that I only have to edit the line "`grad_year` varchar(4) NOT NULL default ''," by changing the 'graduation_year' to whatever I would like it to be?
Are there any other files within the other directories supplied that also need to be edited?
Finally, one last question, with regards to the "Full Name" being not being not prompted for at registration time, how can I make it prompt for the Full Name and have it be a required field that must be completed before registration can be submitted?
Thanks in advance for the help
I've Gone To Find Myself. If I Show Up Before I Return, Make Me Wait Here Until I Get Back.
 10/25/05 01:37pm  
Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Quote by Vapour71: Finally, one last question, with regards to the "Full Name" being not being not prompted for at registration time, how can I make it prompt for the Full Name and have it be a required field that must be completed before registration can be submitted?

The sample code in lib-custom.php implements just that. Please refer to the instructions there.

bye, Dirk
 10/25/05 01:41pm  
Status: offline

Vapour71

Forum User
Chatty
Registered: 02/10/05
Posts: 55
I read it originally, but just needed to make sure I understood it correctly. Thanks again Dirk!
I've Gone To Find Myself. If I Show Up Before I Return, Make Me Wait Here Until I Get Back.
 10/25/05 01:54pm  
Status: offline

jetshack

Forum User
Full Member
Registered: 06/29/04
Posts: 122
As an aside... blaine originally wrote the above example for me, and it's working flawlessly. The site in question is up to 210 members and sees about 3 new members a week. (considering how small and rural the town is that's a pretty astounding number)

Once again, Thanks Blaine for a great piece of work.
 11/03/05 10:14pm  

Dave

Anonymous
I'm having problems with it. And its a specific problem I'm changing it to "referred by". ANyway, when people go to sign up as new user, it doesn't process it.

go to www.theultimatecasinoguide.com and try and sign up as a new user. it will not process. i think something simple but i cannot see what, and know one of you pros probably can get it lol
 11/03/05 10:39pm  

Dave

Anonymous
got it nm THANKS
 11/03/05 10:45pm  

Dave

Anonymous
Darn not working,its progcessing new user, but in referred by it lists it as a 0
 11/03/05 10:49pm  

Dave

Anonymous
Okay I know a bit more. Heres what happens:

- User can register fine.
- If they input "Steve" in referral line, it does not work.
- If they input "1982" in referral line, it does.

So obviously, its liking the numbers but not the text! I will keep working on this but if someone can point in right direction that would be great.

PS: Blaine I'm the guy that sent you that award 2 or 3 christmas ago Still got it?
 11/15/05 04:11pm  
Status: offline

the Modfather

Forum User
Newbie
Registered: 03/09/03
Posts: 6
Being that I am new to PHP and MySQL, I'm wondering if someone wouldn't mind explaining to me how to "require" first and last names for new registrations. I looked thru the lib-custom.php, but really dont' know what I'm looking for.

Any help is appreciated.
 12/16/05 05:42pm  
Status: offline

jordydme

Forum User
Full Member
Registered: 11/03/05
Posts: 135
Hi Blaine,

I am currently strugglling with this modification you made. I have been working with it on and off for the last couple of weeks and can't seem to get it going.

Here is a link to the site: here

It all looks as though it's good to go but nothing happens once the info is filled in and submitted:

I have enabled the custom reg option to "true" in the GL config file.
Looks like the new table (gl_localuserinfo) was created successfully.
Most of the directions seemed pretty strraight forward.
I added the edited theme files as described for users and preferences. I aslo created the "custom" directory as described.

The only thing that I felt was a little ambigous was how to edit the System/lib-custom file. I am pasting my edited lib-custom bellow:

Text Formatted Code


<?php

/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
// | Geeklog 1.3                                                               |
// +---------------------------------------------------------------------------+
// | lib-custom.php                                                            |
// | Your very own custom Geeklog library.                                     |
// |                                                                           |
// | This is the file where you should put all of your custom code.  When      |
// | possible you should not alter lib-common.php but, instead, put code here. |
// | This will make upgrading to future versions of Geeklog easier for you     |
// | because you will always be gauranteed that the Geeklog developers will    |
// | NOT add code to this file. NOTE: we have already gone through the trouble |
// | of making sure that we always include this file when lib-common.php is    |
// | included some place so you will have access to lib-common.php.  It        |
// | follows then that you should not include lib-common.php in this file      |
// |                                                                           |
// +---------------------------------------------------------------------------+
// | Copyright (C) 2000-2005 by the following authors:                         |
// |                                                                           |
// | Authors: Tony Bibbs       - tony AT tonybibbs DOT com                     |
// |          Blaine Lang      - blaine AT portalparts DOT com                 |
// |          Dirk Haun        - dirk AT haun-online DOT de                    |
// +---------------------------------------------------------------------------+
// |                                                                           |
// | This program is free software; you can redistribute it and/or             |
// | modify it under the terms of the GNU General Public License               |
// | as published by the Free Software Foundation; either version 2            |
// | of the License, or (at your option) any later version.                    |
// |                                                                           |
// | This program is distributed in the hope that it will be useful,           |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of            |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the             |
// | GNU General Public License for more details.                              |
// |                                                                           |
// | You should have received a copy of the GNU General Public License         |
// | along with this program; if not, write to the Free Software Foundation,   |
// | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.           |
// |                                                                           |
// +---------------------------------------------------------------------------+
//
// $Id: lib-custom.php,v 1.11.2.1 2005/10/03 09:24:36 dhaun Exp $

// You can use this global variable to print useful messages to the errorlog
// using COM_errorLog().  To see an example of how to do this, look in
// lib-common.php and see how $_COM_VERBOSE was used throughout the code
$_CST_VERBOSE = false;

/**
* Sample PHP Block function
*
* this is a sample function used by a PHP block.  This will show the rights that
* a user has in the "What you have access to" block.
*
*/
function phpblock_showrights()
{
    global $_RIGHTS, $_CST_VERBOSE;

    if ($_CST_VERBOSE) {
        COM_errorLog('**** Inside phpblock_showrights in lib-custom.php ****', 1);
    }

    $retval .= ' ';

    for ($i = 0; $i < count($_RIGHTS); $i++) {
        $retval .=  '<li>' . $_RIGHTS[$i] . '</li>' . LB;
    }

    if ($_CST_VERBOSE) {
        COM_errorLog('**** Leaving phpblock_showrights in lib-custom.php ****', 1);
    }

    return $retval;
}


/***
*
* Get Bent()
*
* Php function to tell you how if your site is grossly insecure
*
**/
function phpblock_getBent()
{
    global $_CONF, $_TABLES;

    $secure = true;

    $retval = '';

    $secure_msg = 'Could not find any gross insecurities in your site.  Do not take this ';
    $secure_msg .= 'as meaning your site is 100% secure, as no site ever is.  I can only ';
    $secure_msg .= 'check things that should be blatantly obvious.';

    $insecure_msg = '';

    // we don't have the path to the admin directory, so try to figure it out
    // from $_CONF['site_admin_url']
    $adminurl = $_CONF['site_admin_url'];
    if (strrpos ($adminurl, '/') == strlen ($adminurl)) {
        $adminurl = substr ($adminurl, 0, -1);
    }
    $pos = strrpos ($adminurl, '/');
    if ($pos === false) {
        // only guessing ...
        $installdir = $_CONF['path_html'] . 'admin/install';
    } else {
        $installdir = $_CONF['path_html'] . substr ($adminurl, $pos + 1)
                    . '/install';
    }

    if (is_dir ($installdir)) {
        $insecure_msg .= '<p>You should really remove the install directory <b>' . $installdir .'</b> once you have your site up and running without any errors.';
        $insecure_msg .= ' Keeping it around would allow malicious users the ability to destroy your current install, take over your site, or retrieve sensitive information.';

        $secure = false;
    }

    // check to see if any account still has 'password' as its password.
    $count = DB_query("select count(*) as count from {$_TABLES['users']} where passwd='" . md5('password') . "'");
    $A = DB_fetchArray($count);
    if ( $A['count'] > 0 ) {
        $secure = false;
        $insecure_msg .= '<p>You still have not changed the default password from "password" on ' . $A['count'] . ' account(s). ';
        $insecure_msg .= 'This will allow people to do serious harm to your site!';
    }

    if ($secure) {
        $retval = $secure_msg;
    } else {
        $retval = $insecure_msg;
    }
    $retval = wordwrap($retval,20,' ',1);

    return $retval;
}


/*  Sample Custom Member Functions to create and update Custom Membership registration and profile

    Note1: Enable CustomRegistration Feature in config.php
    $_CONF['custom_registration'] = true;  // Set to true if you have custom code

    Note2: This example requries a template file called memberdetail.thtml to be
    located under the theme_dir/custom directory.
    Sample is provided under /system with the distribution.

    Functions have been provided that are called from the Core Geeklog user and admin functions
    - This works with User Moderation as well
    - Admin will see the new registration info when checking a members profile only
    - All other users will see the standard User profile with the optional extended custom information
    - Customization requires changes to a few of the core template files to add {customfields} variable
    - See notes below in the custom function about the template changes
*/

/* Create any new records in additional tables you may have added  */
/* Update any fields in the core GL tables for this user as needed */
/* Called when user is first created */
function custom_usercreate($uid) {
    global $_TABLES;

    $grad_year = COM_applyFilter($_POST['cust_gradyear'],true);
    $fullname  = COM_applyFilter($_POST['cust_fullname']);

    // Ensure all data is prepared correctly before inserts, quotes may need to be escaped with addslashes()
    DB_query("INSERT INTO {$_TABLES['localuserinfo']} (uid,grad_year) VALUES ('$uid', '$grad_year')");
    DB_query("UPDATE {$_TABLES['users']} SET fullname = '$fullname' WHERE uid='$uid'");
    return true;

}

// Delete user record from custom user info table
function custom_userdelete($uid) {
    global $_TABLES;

    DB_query("DELETE FROM {$_TABLES['localuserinfo']} WHERE uid='$uid'");
    return true;

}

/* Called from users.php - when user is displaying a member profile  */
/* This function can now return any extra fields that need to be shown */
/* Output is then replaced in {customfields) -- This variable needs to be added to your templates */
/* Template: path_layout/users/profile/profile.thtml */

function custom_userdisplay($uid) {
    global $_CONF,$_TABLES;
    $grad_year = DB_getItem($_TABLES['localuserinfo'], "grad_year", "uid='$uid'");
    $fullname = DB_getItem($_TABLES['users'], "fullname", "uid='$uid'");
    $retval .= '<tr>
                    <td align="right"><b>Full Name:</b></td>
                    <td>' . $fullname .'</td>
                 </tr>';
    $retval .= '<tr>
                    <td align="right"><b>Graduation Year:</b></td>
                    <td>' . $grad_year .'</td>
                 </tr>';
    return $retval;

}



/* Function called when editing user profile. */
/* Called from usersettings.php - when user is eding their own profile  */
/* and from admin/user.php when admin is editing a member profile  */
/* This function can now return any extra fields that need to be shown for editing */
/* Output is then replaced in {customfields} -- This variable needs to be added to your templates */
/* User: path_layout/preferences/profile.thtml and Admin: path_layout/admin/user/edituser.thtml */

/* This example shows adding the Cookie Timeout setting and extra text field */
/* As noted: You need to add the {customfields} template variable. */
/* For the edituser.thtml - maybe it would be added about the {group_edit} variable. */

function custom_useredit($uid) {
    global $_TABLES,$_CONF;

    $grad_year = DB_getItem($_TABLES['localuserinfo'], "grad_year", "uid='$uid'");
    $fullname = DB_getItem($_TABLES['users'], "fullname", "uid='$uid'");

    $retval .= '<tr>
        <td align="right"><b>Full Name:</b></td>
        <td><input type="text" name="cust_fullname" size="50" value="' . $fullname .'"></td>
     </tr>';
    $retval .= '<tr>
        <td align="right"><b>Graduation Year:</b></td>
        <td><input type="text" name="cust_gradyear" size="5" maxlength="4" value="' . $grad_year .'"></td>
     </tr>';
    $retval .= '<tr><td colspan="2"><hr></td></tr>';
   return $retval;
}


/* Function called when saving the user profile. */
/* This function can now update any extra fields  */
function custom_usersave($uid) {
    global $_TABLES;

    $grad_year = COM_applyFilter($_POST['cust_gradyear'],true);
    $fullname  = COM_applyFilter($_POST['fullname']);

    DB_query("UPDATE {$_TABLES['users']} SET fullname='$fullname' WHERE uid='$uid'");
    if ($grad_year > 0) {
        DB_query("UPDATE {$_TABLES['localuserinfo']} SET grad_year='$grad_year' WHERE uid='$uid'");
    }

}


/**
* Main Form used for Custom membership when member is registering
*
* Note: Requires a file custom/memberdetail.thtml in every theme that is
*       installed on the site!
*
* @param    string  $msg    an error message to display or the word 'new'
* @return   string          HTML for the registration form
*
*/
function custom_userform($uid="",$msg="") {
    global $_CONF,$_TABLES, $LANG04;

    if (!empty($msg)) {
        $retval .= COM_startBlock($LANG04[21]) . $msg . COM_endBlock();
    }

    $post_url = $_CONF['site_url']."/users.php";
    $postmode = "create";
    $submitbutton = '<input type="submit" value="Register Now!">';
    $passwd_input = "";
    $message = "<br><font color=black><b>Please complete the application below. Once you have completed the application, click the Submit button and the application will be processed immediately.</b></font>";
    $A=array();

    $user_templates = new Template ($_CONF['path_layout'] . 'custom');
    $user_templates->set_file('memberdetail', 'memberdetail.thtml');
    $user_templates->set_var('layout_url', $_CONF['layout_url']);
    $user_templates->set_var('post_url', $post_url);
    $user_templates->set_var('startblock', COM_startBlock("Custom Registration Example"));
    $user_templates->set_var('message', $message);    
    $user_templates->set_var('USERNAME', "Username");
    $user_templates->set_var('USERNAME_HELP', "Name to be used when accessing this site");
    $user_templates->set_var('username', $A['username']);
    $user_templates->set_var('passwd_input', $passwd_input);
    $user_templates->set_var('EMAIL', "Email Address");
    $user_templates->set_var('EMAIL_HELP', "Valid email address");
    $user_templates->set_var('email', $A['email']);
    $user_templates->set_var('FULLNAME', "Full Name");
    $user_templates->set_var('FULLNAME_HELP', "First and Last Name");
    $user_templates->set_var('fullname', $A['fullname']);
    $user_templates->set_var('GRADYEAR', "Graduation Year");
    $user_templates->set_var('GRADYEAR_HELP', "That big year!");
    $user_templates->set_var('grad_year', "");
    $user_templates->set_var('user_id', $user);
    $user_templates->set_var('postmode', $postmode);
    $user_templates->set_var('submitbutton', $submitbutton);
    $user_templates->set_var('endblock', COM_endBlock());
    $user_templates->parse('output', 'memberdetail');
    $retval .= $user_templates->finish($user_templates->get_var('output'));

    return $retval;
}

/**
* Check if it's okay to create a new user.
*
* Geeklog is about to create a new user with the given username and email
* address. This is the custom code's last chance to prevent that,
* e.g. to check if all required data has been entered.
*
* @param    string  $username   username that Geeklog would use for the new user* @param    string  $email      email address of that user
* @return   string              an error message or an empty string for "OK"
*
*/
function custom_usercheck ($username, $email)
{
    $msg = '';

    // Example, check that the full name has been entered
    // and complain if it's missing
    if (empty ($_POST['fullname'])) {
        $msg = 'Please enter your full name!';
    }

    return $msg;
}


/**
* Custom function to retrieve and return a formatted list of blocks
* Can be used when calling COM_siteHeader or COM_SiteFooter

* Example:
* 1: Setup an array of blocks to display
* 2: Call COM_siteHeader or COM_siteFooter
*
*  $myblocks = array ('site_menu','site_news','poll_block');

* COM_siteHeader( array('COM_showCustomBlocks',$myblocks) ) ;
* COM_siteFooter( true, array('COM_showCustomBlocks',$myblocks));

* @param   array   $showblocks    An array of block names to retrieve and format
* @return  string                 Formated HTML containing site footer and optionally right blocks
*/
function custom_showBlocks($showblocks)
{
    global $_CONF, $_TABLES;

    $retval = '';
    foreach($showblocks as $block) {
        $sql = "SELECT bid, name,type,title,content,rdfurl,phpblockfn,help FROM {$_TABLES['blocks']} WHERE name='$block'";
        $result = DB_query($sql);
        if (DB_numRows($result) == 1) {
            $A = DB_fetchArray($result);
            $retval .= COM_formatBlock($A);
        }
    }

    return $retval;
}


/**
* This is an example of a custom email function. When this function is NOT
* commented out, Geeklog would send all emails through this function
* instead of sending them through COM_mail in lib-common.php.
*
* This is basically a re-implementation of the way emails were sent
* prior to Geeklog 1.3.9 (Geeklog uses PEAR::Mail as of version 1.3.9).
*
*/
/*
function CUSTOM_mail($to, $subject, $message, $from = '', $html = false, $priority = 0)
{
    global $_CONF, $LANG_CHARSET;

    if (empty ($LANG_CHARSET)) {
        $charset = $_CONF['default_charset'];
        if (empty ($charset)) {
            $charset = 'iso-8859-1';
        }
    } else {
        $charset = $LANG_CHARSET;
    }

    if (empty ($from)) {
        $from = $_CONF['site_name'] . ' <' . $_CONF['site_mail'] . '>';
    }

    $headers  = 'From: ' . $from . "rn"
              . 'X-Mailer: Geeklog ' . VERSION . "rn";

    if ($priority > 0) {
        $headers .= 'X-Priority: ' . $priority . "rn";
    }

    if ($html) {
        $headers .= "Content-Type: text/html; charset={$charset}rn"
                 .  'Content-Transfer-Encoding: 8bit';
    } else {
        $headers .= "Content-Type: text/plain; charset={$charset}";
    }

    return mail ($to, $subject, $message, $headers);
}
*/

/**
* This is an example of a function that returns menu entries to be used for
* the 'custom' entry in $_CONF['menu_elements'] (see config.php).
*
*/
/*
function CUSTOM_menuEntries ()
{
    global $_CONF, $_USER;

    $myentries = array ();

    // Sample link #1: Link to Gallery
    $myentries[] = array ('url'   => $_CONF['site_url'] . '/gallery/',
                          'label' => 'Gallery');

    // Sample link #2: Link to the Personal Calendar - only visible for
    // logged-in users
    if (!empty ($_USER['uid']) && ($_USER['uid'] > 1)) {
        $myentries[] = array ('url'   => $_CONF['site_url']
                                         . '/calendar.php?mode=personal',
                              'label' => 'My Calendar');
    }

    return $myentries;
}
*/

?>



 



Let me say that I do not know PHP or MYsql but I am learning it at snails pace:

THis is my Lib-database.php file:

Text Formatted Code

<?php

/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
// | Geeklog 1.3                                                               |
// +---------------------------------------------------------------------------+
// | lib-database.php                                                          |
// |                                                                           |
// | Geeklog database library.                                                 |
// +---------------------------------------------------------------------------+
// | Copyright (C) 2000-2004 by the following authors:                         |
// |                                                                           |
// | Authors: Tony Bibbs, tony@tonybibbs.com                                   |
// +---------------------------------------------------------------------------+
// |                                                                           |
// | This program is free software; you can redistribute it and/or             |
// | modify it under the terms of the GNU General Public License               |
// | as published by the Free Software Foundation; either version 2            |
// | of the License, or (at your option) any later version.                    |
// |                                                                           |
// | This program is distributed in the hope that it will be useful,           |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of            |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the             |
// | GNU General Public License for more details.                              |
// |                                                                           |
// | You should have received a copy of the GNU General Public License         |
// | along with this program; if not, write to the Free Software Foundation,   |
// | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.           |
// |                                                                           |
// +---------------------------------------------------------------------------+
//
// $Id: lib-database.php,v 1.33 2004/11/20 17:55:07 dhaun Exp $

/**
* This is the high-level database layer for Geeklog (for the low-level stuff,
* see the system/databases directory).
*
* NOTE: As of Geeklog 1.3.5 you should not have to edit this file any more.
*/

// +---------------------------------------------------------------------------+
// | Table definitions, these are used by the install program to create the    |
// | database schema.  If you don't like the tables names, change them PRIOR   |
// | to running the install after running the install program DO NOT TOUCH     |
// | these. You have been warned!  Also, these variables are used in the core  |
// | Geeklog code                                                              |
// +---------------------------------------------------------------------------+

$_TABLES['access']              = $_DB_table_prefix . 'access';
$_TABLES['article_images']      = $_DB_table_prefix . 'article_images';
$_TABLES['blocks']              = $_DB_table_prefix . 'blocks';
$_TABLES['commentcodes']        = $_DB_table_prefix . 'commentcodes';
$_TABLES['commentmodes']        = $_DB_table_prefix . 'commentmodes';
$_TABLES['comments']            = $_DB_table_prefix . 'comments';
$_TABLES['cookiecodes']         = $_DB_table_prefix . 'cookiecodes';
$_TABLES['dateformats']         = $_DB_table_prefix . 'dateformats';
$_TABLES['events']              = $_DB_table_prefix . 'events';
$_TABLES['eventsubmission']     = $_DB_table_prefix . 'eventsubmission';
$_TABLES['featurecodes']        = $_DB_table_prefix . 'featurecodes';
$_TABLES['features']            = $_DB_table_prefix . 'features';
$_TABLES['frontpagecodes']      = $_DB_table_prefix . 'frontpagecodes';
$_TABLES['group_assignments']   = $_DB_table_prefix . 'group_assignments';
$_TABLES['groups']              = $_DB_table_prefix . 'groups';
$_TABLES['links']               = $_DB_table_prefix . 'links';
$_TABLES['linksubmission']      = $_DB_table_prefix . 'linksubmission';
$_TABLES['maillist']            = $_DB_table_prefix . 'maillist';
$_TABLES['personal_events']     = $_DB_table_prefix . 'personal_events';
$_TABLES['plugins']             = $_DB_table_prefix . 'plugins';
$_TABLES['pollanswers']         = $_DB_table_prefix . 'pollanswers';
$_TABLES['pollquestions']       = $_DB_table_prefix . 'pollquestions';
$_TABLES['pollvoters']          = $_DB_table_prefix . 'pollvoters';
$_TABLES['postmodes']           = $_DB_table_prefix . 'postmodes';
$_TABLES['sessions']            = $_DB_table_prefix . 'sessions';
$_TABLES['sortcodes']           = $_DB_table_prefix . 'sortcodes';
$_TABLES['speedlimit']          = $_DB_table_prefix . 'speedlimit';
$_TABLES['statuscodes']         = $_DB_table_prefix . 'statuscodes';
$_TABLES['stories']             = $_DB_table_prefix . 'stories';
$_TABLES['storysubmission']     = $_DB_table_prefix . 'storysubmission';
$_TABLES['syndication']         = $_DB_table_prefix . 'syndication';
$_TABLES['topics']              = $_DB_table_prefix . 'topics';
$_TABLES['tzcodes']             = $_DB_table_prefix . 'tzcodes';
$_TABLES['usercomment']         = $_DB_table_prefix . 'usercomment';
$_TABLES['userindex']           = $_DB_table_prefix . 'userindex';
$_TABLES['userinfo']            = $_DB_table_prefix . 'userinfo';
$_TABLES['userprefs']           = $_DB_table_prefix . 'userprefs';
$_TABLES['users']               = $_DB_table_prefix . 'users';
$_TABLES['vars']                = $_DB_table_prefix . 'vars';
$_TABLES['localuserinfo']       = $_DB_table_prefix . 'localuserinfo';

// the static pages plugin has become an integral part of Geeklog anyway ...
$_TABLES['staticpage']          = $_DB_table_prefix . 'staticpage';

// ditto for spamx
$_TABLES['spamx']                              = $_DB_table_prefix . 'spamx';

// these tables aren't used by Geeklog any more, but the table names are needed
// when upgrading from old versions
$_TABLES['commentspeedlimit']   = $_DB_table_prefix . 'commentspeedlimit';
$_TABLES['submitspeedlimit']    = $_DB_table_prefix . 'submitspeedlimit';
$_TABLES['userevent']           = $_DB_table_prefix . 'userevent';


// +---------------------------------------------------------------------------+
// | DO NOT TOUCH ANYTHING BELOW HERE                                          |
// +---------------------------------------------------------------------------+

if (eregi ('lib-database.php', $HTTP_SERVER_VARS['PHP_SELF'])) {
    die ('This file can not be used on its own.');
}

/**
* Include appropriate DBMS object
*
*/
require_once($_CONF['path_system'] . 'databases/'. $_DB_dbms . '.class.php');

// Instantiate the database object
$_DB = new database($_DB_host,$_DB_name,$_DB_user,$_DB_pass,'COM_errorLog');

// +---------------------------------------------------------------------------+
// | These are the library functions.  In all cases they turn around and make  |
// | calls to the DBMS specific functions.  These ARE to be used directly in   |
// | the code...do NOT use the $_DB methods directly
// +---------------------------------------------------------------------------+

/**
* Turns debug mode on for the database library
*
* Setting this to true will cause the database code to print out
* various debug messages.  Setting it to false will supress the
* messages (is false by default). NOTE: Gl developers have put many
* useful debug messages into the mysql implementation of this.  If
* you are using something other than MySQL and if the GL team did
* not write it then you may or may not get something useful by turning
* this on.
*
* @param        boolean     $flag       true or false
*
*/
function DB_setdebug($flag)
{
    global $_DB;

    $_DB->setVerbose($flag);
}

/**
* Executes a query on the db server
*
* This executes the passed SQL and returns the recordset or errors out
*
* @param        string  $sql                SQL to be executed
* @param        int     $ignore_errors      If 1 this function supresses any error messages
* @return       object  Returns results from query
*
*/
function DB_query($sql, $ignore_errors=0)
{
    global $_DB;
   
    return $_DB->dbQuery($sql,$ignore_errors);
}

/**
* Saves information to the database
*
* This will use a REPLACE INTO to save a record into the
* database. NOTE: this function is going to change in the near future
* to remove dependency of REPLACE INTO. Please use DB_query if you can
*
* @param        string      $table          The table to save to
* @param        string      $fields         Comma demlimited list of fields to save
* @param        string      $values         Values to save to the database table
* @param        string      $return_page    URL to send user to when done
*
*/
function DB_save($table,$fields,$values,$return_page='')
{
    global $_DB,$_TABLES,$_CONF;

    $_DB->dbSave($table,$fields,$values);

    if (!empty($return_page)) {
       print COM_refresh("$return_page");
    }

}

/**
* Deletes data from the database
*
* This will delete some data from the given table where id = value
*
* @param        string              $table          Table to delete data from
* @param        array|string        $id             field name(s) to use in where clause
* @param        array|string        $value          value(s) to use in where clause
* @param        string              $return_page    page to send user to when done
*
*/
function DB_delete($table,$id,$value,$return_page='')
{
    global $_DB,$_TABLES,$_CONF;

    $_DB->dbDelete($table,$id,$value);

    if (!empty($return_page)) {
        print COM_refresh("$return_page");
    }

}

/**
* Gets a single item from the database
*
* @param        string      $table      Table to get item from
* @param        string      $what       field name to get
* @param        string      $selection  Where clause to use in SQL
* @return       mixed       Returns value sought
*
*/
function DB_getItem($table,$what,$selection='')
{
    if (!empty($selection)) {
        $result = DB_query("SELECT $what FROM $table WHERE $selection");
    } else {
        $result = DB_query("SELECT $what FROM $table");
    }
    $ITEM = DB_fetchArray($result, true);
    return $ITEM[0];
}

/**
* Changes records in a table
*
* This will change the data in the given table that meet the given criteria and will
* redirect user to another page if told to do so
*
* @param        string          $table              Table to perform change on
* @param        string          $item_to_set        field name to set
* @param        string          $value_to_set       Value to set abovle field to
* @param        array|string    $id                 field name(s) to use in where clause
* @param        array|string    $value              Value(s) to use in where clause
* @param            string          $return_page        page to send user to when done with change
* @param        boolean         $supress_quotes     whether or not to use single quotes in where clause
*
*/
function DB_change($table,$item_to_set,$value_to_set,$id='',$value='',$return_page='',$supress_quotes=false)
{
    global $_DB,$_TABLES,$_CONF;

    $_DB->dbChange($table,$item_to_set,$value_to_set,$id,$value,$supress_quotes);

    if (!empty($return_page)) {
        print COM_refresh("$return_page");
    }
}

/**
* Count records in a table
*
* This will return the number of records which meet the given criteria in the
* given table.
*
* @param        string              $table      Table to perform count on
* @param        array|string        $id         field name(s) to use in where clause
* @param        array|string        $value      Value(s) to use in where clause
* @return       int     Returns row count from generated SQL
*
*/
function DB_count($table,$id='',$value='')
{
    global $_DB;

    return $_DB->dbCount($table,$id,$value);
}

/**
* Copies a record from one table to another (can be the same table)
*
* This will use a REPLACE INTO...SELECT FROM to copy a record from one table
* to another table.  They can be the same table.
*
* @param        string          $table          Table to insert record into
* @param        string          $fields         Comma delmited list of fields to copy over
* @param        string          $values         Values to store in database field
* @param        string          $tablefrom      Table to get record from
* @param        array|string    $id             Field name(s) to use in where clause
* @param        array|string    $value          Value(s) to use in where clause
* @param        string          $return_page    Page to send user to when done
*
*/
function DB_copy($table,$fields,$values,$tablefrom,$id,$value,$return_page='')
{
    global $_DB,$_TABLES,$_CONF;

    $_DB->dbCopy($table,$fields,$values,$tablefrom,$id,$value);

    if (!empty($return_page)) {
        print COM_refresh("$return_page");
    }
}

/**
* Retrieves the number of rows in a recordset
*
* This returns the number of rows in a recordset
*
* @param        object     $recordset      The recordset to operate one
* @return       int         Returns number of rows returned by a previously executed query
*
*/
function DB_numRows($recordset)
{
    global $_DB;

    return $_DB->dbNumRows($recordset);
}

/**
* Retrieves the contents of a field
*
* This returns the contents of a field from a result set
*
* @param        object      $recordset      The recordset to operate on
* @param        int         $row            row to get data from
* @param        string      $field          field to return
* @return       (depends on the contents of the field)
*
*/
function DB_result($recordset,$row,$field)
{
    global $_DB;

    return $_DB->dbResult($recordset,$row,$field);
}

/**
* Retrieves the number of fields in a recordset
*
* This returns the number of fields in a recordset
*
* @param        object     $recordset       The recordset to operate on
* @return       int         Returns the number fields in a result set
*
*/
function DB_numFields($recordset)
{
    global $_DB;

    return $_DB->dbNumFields($recordset);
}

/**
* Retrieves returns the field name for a field
*
* Returns the field name for a given field number
*
* @param        object      $recordset      The recordset to operate on
* @param        int         $fnumber        field number to return the name of
* @return       string      Returns name of specified field
*
*/
function DB_fieldName($recordset,$fnumber)
{
    global $_DB;

    return $_DB->dbFieldName($recordset,$fnumber);
}

/**
* Retrieves returns the number of effected rows for last query
*
* Retrieves returns the number of effected rows for last query
*
* @param        object      $recordset      The recordset to operate on
* @return       int         returns numbe of rows affected by previously executed query
*
*/
function DB_affectedRows($recordset)
{
    global $_DB;

    return $_DB->dbAffectedRows($recordset);
}

/**
* Retrieves record from a recordset
*
* Gets the next record in a recordset and returns in array
*
* @param        object      $recordset      The recordset to operate on
* @param        boolean     $both           get both assoc and numeric indices
* @return       Array      Returns data for a record in an array
*
*/
function DB_fetchArray($recordset, $both = true)
{
    global $_DB;

    return $_DB->dbFetchArray($recordset, $both);
}

/**
* Returns the last ID inserted
*
* Returns the last auto_increment ID generated
*
* @param    resources   $link_identifier    identifier for opened link
* @return   int                             Returns the last ID auto-generated
*
*/
function DB_insertId($link_identifier = '')
{
    global $_DB;

    return $_DB->dbInsertId($link_identifier);
}

/**
* returns a database error string
*
* Returns an database error message
*
* @return   string  Returns database error message
*
*/
function DB_error()
{
    global $_DB;

    return $_DB->dbError();
}

/**
* Creates database structures for fresh installation
*
* This may not be used by Geeklog currently
*
* @return   boolean     returns true on success otherwise false
*
*/
function DB_createDatabaseStructures()
{
    global $_DB;

    return $_DB->dbCreateStructures();
}

/**
* Executes the sql upgrade script(s)
*
* @param        string      $current_gl_version     version of geeklog to upgrade from
* @return       boolean     returns true on success otherwise false
*
*/
function DB_doDatabaseUpgrade($current_gl_version)
{
    global $_DB;

    return $_DB->dbDoDatabaseUpgrade($current_gl_version);
}

?>


 


Not really sure what I messed up with
 12/16/05 10:17pm  
Status: offline

Blaine

Forum User
Moderator
Registered: 07/16/02
Posts: 1232
It does not appear your site is picking up the fact custom_registration is being enabled. Is this a upgraded site or a new GL 1.3.11 intallation?

On a new 1.3.11 site - if I enable the option and make no changes in lib-custom or add the required custom template - then I will see a theme related error "missing template" when I try to register a new user. So that will show and prove the setting is being detected.

Compare public_html/users.php - there are several places in the code in that file where it checks for the setting of $_CONF['custom_registration']
Geeklog components by PortalParts -- www.portalparts.com
 12/17/05 02:36pm  
Status: offline

jordydme

Forum User
Full Member
Registered: 11/03/05
Posts: 135
Blaine,

Thanks for getting back to me. This site of mine is a fresh install, not an upgrade. It is the latest 1.3 version, not the beta 1.4.

I am not knowledgable on PHP so some things you speak of seem a little vague to me.

This is waht I did. I replace the edited lib-custom.php with an original copy from the install files. I then temporarily changed the name of the "custom" directory that i created to something other than "custom" for the sake of this test. I left all other files that were edited for the custom registration in place. When I went to the site and clicked new user registration, I got this error:

Template Error: set_root: /home/jordydme/public_html/geeklog/layout/professional/custom is not a directory.
Halted.

Did I do what you described correctly? Does this varify thata the system is recognizing the custom reg setting in the config?




Wen you say:
Compare public_html/users.php


What am I comparing it to?

Here is the users.php code:
Text Formatted Code
<?php

/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
// | Geeklog 1.3                                                               |
// +---------------------------------------------------------------------------+
// | users.php                                                                 |
// |                                                                           |
// | User authentication module.                                               |
// +---------------------------------------------------------------------------+
// | Copyright (C) 2000-2004 by the following authors:                         |
// |                                                                           |
// | Authors: Tony Bibbs        - tony@tonybibbs.com                           |
// |          Mark Limburg      - mlimburg@users.sourceforge.net               |
// |          Jason Whittenburg - jwhitten@securitygeeks.com                   |
// |          Dirk Haun         - dirk@haun-online.de                          |
// +---------------------------------------------------------------------------+
// |                                                                           |
// | This program is free software; you can redistribute it and/or             |
// | modify it under the terms of the GNU General Public License               |
// | as published by the Free Software Foundation; either version 2            |
// | of the License, or (at your option) any later version.                    |
// |                                                                           |
// | This program is distributed in the hope that it will be useful,           |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of            |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the             |
// | GNU General Public License for more details.                              |
// |                                                                           |
// | You should have received a copy of the GNU General Public License         |
// | along with this program; if not, write to the Free Software Foundation,   |
// | Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.           |
// |                                                                           |
// +---------------------------------------------------------------------------+
//
// $Id: users.php,v 1.93.2.4 2005/10/03 09:24:36 dhaun Exp $

/**
* This file handles user authentication
*
* @author   Tony Bibbs <tony@tonybibbs.com>
* @author   Mark Limburg <mlimburg@users.sourceforge.net>
* @author   Jason Whittenburg
*
*/

/**
* Geeklog common function library
*/
require_once ('lib-common.php');
require_once ($_CONF['path_system'] . 'lib-user.php');

$VERBOSE = false;

// Uncomment the line below if you need to debug the HTTP variables being passed
// to the script.  This will sometimes cause errors but it will allow you to see
// the data being passed in a POST operation

// echo COM_debug($HTTP_POST_VARS);

/**
* Shows a profile for a user
*
* This grabs the user profile for a given user and displays it
*
* @param    int     $user   User ID of profile to get
* @param    int     $msg    Message to display (if != 0)
* @return   string          HTML for user profile page
*
*/
function userprofile ($user, $msg = 0)
{
    global $_CONF, $_TABLES, $_USER, $LANG01, $LANG04, $LANG_LOGIN;

    $retval = '';
    if (empty ($_USER['username']) &&
        (($_CONF['loginrequired'] == 1) || ($_CONF['profileloginrequired'] == 1))) {
        $retval .= COM_siteHeader ('menu');
        $retval .= COM_startBlock ($LANG_LOGIN[1], '',
                           COM_getBlockTemplate ('_msg_block', 'header'));
        $login = new Template($_CONF['path_layout'] . 'submit');
        $login->set_file (array ('login'=>'submitloginrequired.thtml'));
        $login->set_var ('login_message', $LANG_LOGIN[2]);
        $login->set_var ('site_url', $_CONF['site_url']);
        $login->set_var ('lang_login', $LANG_LOGIN[3]);
        $login->set_var ('lang_newuser', $LANG_LOGIN[4]);
        $login->parse ('output', 'login');
        $retval .= $login->finish ($login->get_var('output'));
        $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
        $retval .= COM_siteFooter ();
 
        return $retval;
    }

    $result = DB_query("SELECT username,fullname,regdate,homepage,about,location,pgpkey,photo FROM {$_TABLES['userinfo']},{$_TABLES["users"]} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = $user");
    $nrows = DB_numRows($result);
    if ($nrows == 0) { // no such user
        return COM_refresh ($_CONF['site_url'] . '/index.php');
    }
    $A = DB_fetchArray($result);

    $retval .= COM_siteHeader ('menu', $LANG04[1] . ' ' . $A['username']);
    if ($msg > 0) {
        $retval .= COM_showMessage ($msg);
    }

    // format date/time to user preference
    $curtime = COM_getUserDateTimeFormat($A["regdate"]);
    $A['regdate'] = $curtime[0];

    $user_templates = new Template($_CONF['path_layout'] . 'users');
    $user_templates->set_file(array('profile'=>'profile.thtml','row'=>'commentrow.thtml','strow'=>'storyrow.thtml'));
    $user_templates->set_var('site_url', $_CONF['site_url']);
    $user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $A['username']));
    $user_templates->set_var('end_block', COM_endBlock());
    $user_templates->set_var('lang_username', $LANG04[2]);
    $user_templates->set_var('username', $A['username']);
    if (!empty($A['photo']) AND $_CONF['allow_user_photo'] == 1) {
        if (strstr ($_CONF['path_images'], $_CONF['path_html'])) {
            $imgpath = substr ($_CONF['path_images'],
                               strlen ($_CONF['path_html']));
            $user_templates->set_var ('user_photo', '<img src="'
                . $_CONF['site_url'] . '/' . $imgpath . 'userphotos/'
                . $A['photo'] . '" alt="">');
        } else {
            $user_templates->set_var ('user_photo', '<img src="' . $_CONF['site_url'] . '/getimage.php?mode=userphotos&image=' . $A['photo'] . '" alt="">');
        }
    } else {
        $user_templates->set_var('user_photo','');
    }
    $user_templates->set_var('user_fullname', $A['fullname']);
    $user_templates->set_var('lang_membersince', $LANG04[67]);
    $user_templates->set_var('user_regdate', $A['regdate']);
    $user_templates->set_var('lang_email', $LANG04[5]);
    $user_templates->set_var('user_id', $user);
    $user_templates->set_var('lang_sendemail', $LANG04[81]);
    $user_templates->set_var('lang_homepage', $LANG04[6]);
    $user_templates->set_var('user_homepage', COM_killJS ($A['homepage']));
    $user_templates->set_var('lang_location', $LANG04[106]);
    $user_templates->set_var('user_location', $A['location']);
    $user_templates->set_var('lang_bio', $LANG04[7]);
    $user_templates->set_var('user_bio', nl2br(stripslashes($A['about'])));
    $user_templates->set_var('lang_pgpkey', $LANG04[8]);
    $user_templates->set_var('user_pgp', nl2br($A['pgpkey']));
    $user_templates->set_var('start_block_last10stories',
            COM_startBlock($LANG04[82] . ' ' . $A['username']));
    $user_templates->set_var('start_block_last10comments',
            COM_startBlock($LANG04[10] . ' ' . $A['username']));
    $user_templates->set_var('start_block_postingstats',
            COM_startBlock($LANG04[83] . ' ' . $A['username']));
    // for alternative layouts: use these as headlines instead of block titles
    $user_templates->set_var('headline_last10stories', $LANG04[82]);
    $user_templates->set_var('headline_last10comments', $LANG04[10]);
    $user_templates->set_var('headline_postingstats', $LANG04[83]);

    $result = DB_query ("SELECT tid FROM {$_TABLES['topics']}"
            . COM_getPermSQL ());
    $nrows = DB_numRows ($result);
    $tids = array ();
    for ($i = 0; $i < $nrows; $i++) {
        $T = DB_fetchArray ($result);
        $tids[] = $T['tid'];
    }
    $topics = "'" . implode ("','", $tids) . "'";

    // list of last 10 stories by this user
    if (sizeof ($tids) > 0) {
        $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['stories']} WHERE (uid = $user) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ($topics))" . COM_getPermSQL ('AND');
        $sql .= " ORDER BY unixdate DESC LIMIT 10";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
    } else {
        $nrows = 0;
    }
    if ($nrows > 0) {
        for ($i = 1; $i <= $nrows; $i++) {
            $C = DB_fetchArray($result);
            $user_templates->set_var('row_number', $i . '.');
            $articleUrl = COM_buildUrl ($_CONF['site_url']
                                        . '/article.php?story=' . $C['sid']);
            $user_templates->set_var ('article_url', $articleUrl);
            $user_templates->set_var ('story_begin_href',
                                      '<a href="' . $articleUrl . '">');
            $C['title'] = str_replace ('$', '$', $C['title']);
            $user_templates->set_var('story_title', stripslashes($C['title']));
            $user_templates->set_var('story_end_href', '</a>');
            $storytime = COM_getUserDateTimeFormat($C['unixdate']);
            $user_templates->set_var('story_date', $storytime[0]);
            $user_templates->parse('story_row','strow',true);
        }
    } else {
        $user_templates->set_var('story_row','<tr><td>' . $LANG01[37] . '</td></tr>');
    }

    // list of last 10 comments by this user
    $sidArray = array();
    if (sizeof ($tids) > 0) {
        // first, get a list of all stories the current visitor has access to
        $sql = "SELECT sid FROM {$_TABLES['stories']} WHERE (draft_flag = 0) AND (date <= NOW()) AND (tid IN ($topics))" . COM_getPermSQL ('AND');
        $result = DB_query($sql);
        $numsids = DB_numRows($result);
        for ($i = 1; $i <= $numsids; $i++) {
            $S = DB_fetchArray ($result);
            $sidArray[] = $S['sid'];
        }
    }

    // add all polls the current visitor has access to
    $sql = "SELECT qid FROM {$_TABLES['pollquestions']}" . COM_getPermSQL ();
    $result = DB_query($sql);
    $numqids = DB_numRows($result);

    for ($i = 1; $i <= $numqids; $i++) {
        $Q = DB_fetchArray ($result);
        $sidArray[] = $Q['qid'];
    }

    $sidList = implode("', '",$sidArray);
    $sidList = "'$sidList'";

    // then, find all comments by the user in those stories and polls
    $sql = "SELECT sid,title,cid,UNIX_TIMESTAMP(date) AS unixdate FROM {$_TABLES['comments']} WHERE (uid = $user)";

    // SQL NOTE:  Using a HAVING clause is usually faster than a where if the
    // field is part of the select
    // if (!empty ($sidList)) {
    //     $sql .= " AND (sid in ($sidList))";
    // }
    if (!empty ($sidList)) {
        $sql .= " HAVING sid in ($sidList)";
    }
    $sql .= " ORDER BY unixdate DESC LIMIT 10";

    $result = DB_query($sql);
    $nrows = DB_numRows($result);
    if ($nrows > 0) {
        for ($i = 1; $i <= $nrows; $i++) {
            $C = DB_fetchArray($result);
            $user_templates->set_var('row_number', $i . '.');
            $user_templates->set_var ('comment_begin_href',
                    '<a href="' . $_CONF['site_url'] .
                    '/comment.php?mode=view&cid=' . $C['cid']. '">');
            $C['title'] = str_replace('$','$',$C['title']);
            $user_templates->set_var('comment_title', stripslashes($C['title']));
            $user_templates->set_var('comment_end_href', '</a>');
            $commenttime = COM_getUserDateTimeFormat($C['unixdate']);
            $user_templates->set_var('comment_date', $commenttime[0]);
            $user_templates->parse('comment_row','row',true);
        }
    } else {
        $user_templates->set_var('comment_row','<tr><td>' . $LANG01[29] . '</td></tr>');
    }

    // posting stats for this user
    $user_templates->set_var ('lang_number_stories', $LANG04[84]);
    $sql = "SELECT count(*) AS count FROM {$_TABLES['stories']} WHERE (uid = $user) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL ('AND');
    $result = DB_query($sql);
    $N = DB_fetchArray ($result);
    $user_templates->set_var('number_stories', $N['count']);
    $user_templates->set_var ('lang_number_comments', $LANG04[85]);
    $sql = "SELECT count(*) AS count FROM {$_TABLES['comments']} WHERE (uid = $user)";
    if (!empty ($sidList)) {
        $sql .= " AND (sid in ($sidList))";
    }
    $result = DB_query($sql);
    $N = DB_fetchArray ($result);
    $user_templates->set_var('number_comments', $N['count']);
    $user_templates->set_var ('lang_all_postings_by', $LANG04[86] . ' ' . $A['username']);

    // Call custom registration function if enabled and exists
    if ($_CONF['custom_registration'] AND (function_exists(custom_userdisplay)) ) {
        $user_templates->set_var ('customfields', custom_userdisplay($user) );
    }
    PLG_profileVariablesDisplay ($user, $user_templates);

    $user_templates->parse('output', 'profile');
    $retval .= $user_templates->finish($user_templates->get_var('output'));    

    $retval .= PLG_profileBlocksDisplay ($user);
    $retval .= COM_siteFooter ();

    return $retval;
}

/**
* Emails password to a user
*
* This will email the given user their password.
*
* @param    string      $username       Username for which to get and email password
* @param    int         $msg            Message number of message to show when done
* @return   string      Optionally returns the HTML for the default form if the user info can't be found
*
*/
function emailpassword ($username, $msg = 0)
{
    global $_CONF, $_TABLES, $LANG04;

    $retval = '';

    $username = addslashes ($username);
    $result = DB_query ("SELECT uid,email FROM {$_TABLES['users']} WHERE username = '$username'");
    $nrows = DB_numRows ($result);
    if ($nrows == 1) {
        $A = DB_fetchArray ($result);
        if (($_CONF['usersubmission'] == 1) && USER_isQueued ($A['uid'])) {
            return COM_refresh ($_CONF['site_url'] . '/index.php?msg=48');
        }

        USER_createAndSendPassword ($username, $A['email']);

        if ($msg) {
            $retval = COM_refresh ("{$_CONF['site_url']}/index.php?msg=$msg");
        } else {
            $retval = COM_refresh ("{$_CONF['site_url']}/index.php");
        }
    } else {
        $retval = COM_siteHeader ('menu', $LANG04[17])
                . defaultform ($LANG04[17])
                . COM_siteFooter ();
    }

    return $retval;
}

/**
* User request for a new password - send email with a link and request id
*
* @param username string   name of user who requested the new password
* @param msg      int      index of message to display (if any)
* @return         string   form or meta redirect
*
*/
function requestpassword ($username, $msg = 0)
{
    global $_CONF, $_TABLES, $LANG04;

    $result = DB_query ("SELECT uid,email,passwd FROM {$_TABLES['users']} WHERE username = '$username'");
    $nrows = DB_numRows ($result);
    if ($nrows == 1) {
        $A = DB_fetchArray ($result);
        if (($_CONF['usersubmission'] == 1) && ($A['passwd'] == md5 (''))) {
            return COM_refresh ($_CONF['site_url'] . '/index.php?msg=48');
        }
        $reqid = substr (md5 (uniqid (rand (), 1)), 1, 16);
        DB_change ($_TABLES['users'], 'pwrequestid', "$reqid",
                   'username', $username);

        $mailtext = sprintf ($LANG04[88], $username);
        $mailtext .= $_CONF['site_url'] . '/users.php?mode=newpwd&uid=' . $A['uid'] . '&rid=' . $reqid . "nn";
        $mailtext .= $LANG04[89];
        $mailtext .= "{$_CONF["site_name"]}n";
        $mailtext .= "{$_CONF['site_url']}n";

        $subject = $_CONF['site_name'] . ': ' . $LANG04[16];
        COM_mail ($A['email'], $subject, $mailtext);

        if ($msg) {
            $retval .= COM_refresh ($_CONF['site_url'] . "/index.php?msg=$msg");
        } else {
            $retval .= COM_refresh ($_CONF['site_url'] . '/index.php');
        }
        COM_updateSpeedlimit ('password');
    } else {
        $retval .= COM_siteHeader ('menu')
                . defaultform ($LANG04[17]) . COM_siteFooter ();
    }

    return $retval;
}

/**
* Display a form where the user can enter a new password.
*
* @param uid       int      user id
* @param requestid string   request id for password change
* @return          string   new password form
*
*/
function newpasswordform ($uid, $requestid)
{
    global $_CONF, $_TABLES, $LANG04;

    $pwform = new Template ($_CONF['path_layout'] . 'users');
    $pwform->set_file (array ('newpw' => 'newpassword.thtml'));
    $pwform->set_var ('site_url', $_CONF['site_url']);
    $pwform->set_var ('layout_url', $_CONF['layout_url']);

    $pwform->set_var ('user_id', $uid);
    $pwform->set_var ('user_name', DB_getItem ($_TABLES['users'], 'username',
                                               "uid = '{$uid}'"));
    $pwform->set_var ('request_id', $requestid);

    $pwform->set_var ('lang_explain', $LANG04[90]);
    $pwform->set_var ('lang_username', $LANG04[2]);
    $pwform->set_var ('lang_newpassword', $LANG04[4]);
    $pwform->set_var ('lang_setnewpwd', $LANG04[91]);

    $retval = COM_startBlock ($LANG04[92]);
    $retval .= $pwform->finish ($pwform->parse ('output', 'newpw'));
    $retval .= COM_endBlock ();

    return $retval;
}

/**
* Send an email notification when a new user registers with the site.
*
* @param username string      User name of the new user
* @param email    string      Email address of the new user
* @param uid      int         User id of the new user
* @param queued   bool        true = user was added to user submission queue
*
*/
function sendNotification ($username, $email, $uid, $queued = false)
{
    global $_CONF, $_TABLES, $LANG01, $LANG04, $LANG08, $LANG28, $LANG29;

    $mailbody = "$LANG04[2]: $usernamen"
              . "$LANG04[5]: $emailn"
              . "$LANG28[14]: " . strftime ($_CONF['date']) . "nn";
    if ($queued) {
        $mailbody .= "$LANG01[10] <{$_CONF['site_admin_url']}/moderation.php>nn";
    } else {
        $mailbody .= "$LANG29[4] <{$_CONF['site_url']}/users.php?mode=profile&uid={$uid}>nn";
    }
    $mailbody .= "n------------------------------n";
    $mailbody .= "n$LANG08[34]n";
    $mailbody .= "n------------------------------n";

    $mailsubject = $_CONF['site_name'] . ' ' . $LANG29[40];
    COM_mail ($_CONF['site_mail'], $mailsubject, $mailbody);
}

/**
* Creates a user
*
* Creates a user with the give username and email address
*
* @param    string      $username       username to create user for
* @param    string      $email          email address to assign to user
* @return   string      HTML for the form again if error occurs, otherwise nothing.
*
*/
function createuser($username,$email)
{
    global $_CONF, $_TABLES, $LANG01, $LANG04;

    $username = trim ($username);
    $email = trim ($email);

    if (COM_isEmail ($email) && !empty ($username)) {

        $ucount = DB_count ($_TABLES['users'], 'username',
                            addslashes ($username));
        $ecount = DB_count ($_TABLES['users'], 'email', addslashes ($email));

        if ($ucount == 0 AND $ecount == 0) {

            // For Geeklog, it would be okay to create this user now. But check
            // with a custom userform first, if one exists.
            if ($_CONF['custom_registration'] &&
                    function_exists ('custom_usercheck')) {
                $msg = custom_usercheck ($username, $email);
                if (!empty ($msg)) {
                    // no, it's not okay with the custom userform
                    $retval = COM_siteHeader ('menu')
                            . custom_userform ($msg)
                            . COM_siteFooter ();

                    return $retval;
                }
            }

            $uid = USER_createAccount ($username, $email);

            $queueUser = USER_isQueued ($uid);
            if ($queueUser) {
                $msg = 48;
            } else {
                emailpassword ($username, 1);
                $msg = 1;
            }
            if (isset ($_CONF['notification']) &&
                    in_array ('user', $_CONF['notification'])) {
                sendNotification ($username, $email, $uid, $queueUser);
            }

            return COM_refresh($_CONF['site_url'] . '/index.php?msg=' . $msg);
        } else {
            $retval .= COM_siteHeader ('Menu');
            if ($_CONF['custom_registration'] &&
                    function_exists ('custom_userform')) {
                $retval .= custom_userform ($LANG04[19]);
            } else {
                $retval .= newuserform ($LANG04[19]);
            }
            $retval .= COM_siteFooter ();
        }
    } else {
        if (empty ($username)) {
            $msg = $LANG01[32]; // invalid username
        } else {
            $msg = $LANG04[18]; // invalid email address
        }
        $retval .= COM_siteHeader ('menu');
        if ($_CONF['custom_registration'] && function_exists(custom_userform)) {
            $retval .= custom_userform ($msg);
        } else {
            $retval .= newuserform ($msg);
        }
        $retval .= COM_siteFooter();
    }

    return $retval;
}

/**
* Shows the user login form after failed attempts to either login or access a page
* requiring login.
*
* @return   string      HTML for login form
*
*/
function loginform ($hide_forgotpw_link = false)
{
    global $_CONF, $LANG04;

    $retval = '';

    $user_templates = new Template ($_CONF['path_layout'] . 'users');
    $user_templates->set_file('login', 'loginform.thtml');
    $user_templates->set_var('site_url', $_CONF['site_url']);
    $user_templates->set_var('start_block_loginagain', COM_startBlock($LANG04[65]));
    $user_templates->set_var('lang_message', $LANG04[66]);
    $user_templates->set_var('lang_username', $LANG04[2]);
    $user_templates->set_var('lang_password', $LANG04[4]);
    if ($hide_forgotpw_link) {
        $user_templates->set_var('lang_forgetpassword', '');
    } else {
        $user_templates->set_var('lang_forgetpassword', $LANG04[25]);
    }
    $user_templates->set_var('lang_login', $LANG04[80]);
    $user_templates->set_var('end_block', COM_endBlock());
    $user_templates->parse('output', 'login');
    $retval .= $user_templates->finish($user_templates->get_var('output'));

    return $retval;
}

/**
* Shows the user registration form
*
* @param    int     $msg        message number to show
* @param    string  $referrer   page to send user to after registration
* @return   string  HTML for user registration page
*/
function newuserform($msg = '')
{
    global $LANG04, $_CONF;

    $retval = '';
   
    if (!empty ($msg)) {
        $retval .= COM_startBlock ($LANG04[21], '',
                           COM_getBlockTemplate ('_msg_block', 'header'))
                . $msg
                . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
    }
    $user_templates = new Template($_CONF['path_layout'] . 'users');
    $user_templates->set_file('regform','registrationform.thtml');
    $user_templates->set_var('site_url', $_CONF['site_url']);
    $user_templates->set_var('start_block', COM_startBlock($LANG04[22]));
    $user_templates->set_var('lang_instructions', $LANG04[23]);
    $user_templates->set_var('lang_username', $LANG04[2]);
    $user_templates->set_var('lang_email', $LANG04[5]);
    $user_templates->set_var('lang_warning', $LANG04[24]);
    $user_templates->set_var('lang_register', $LANG04[27]);
    $user_templates->set_var('end_block', COM_endBlock());
    $user_templates->parse('output', 'regform');
    $retval .= $user_templates->finish($user_templates->get_var('output'));

    return $retval;
}

/**
* Shows the password retrieval form
*
* @return   string  HTML for form used to retrieve user's password
*
*/
function getpasswordform()
{
    global $_CONF, $LANG04;

    $retval = '';

    $user_templates = new Template($_CONF['path_layout'] . 'users');
    $user_templates->set_file('form', 'getpasswordform.thtml');
    $user_templates->set_var('site_url', $_CONF['site_url']);
    $user_templates->set_var('start_block_forgetpassword', COM_startBlock($LANG04[25]));
    $user_templates->set_var('lang_instructions', $LANG04[26]);
    $user_templates->set_var('lang_username', $LANG04[2]);
    $user_templates->set_var('lang_email', $LANG04[5]);
    $user_templates->set_var('lang_emailpassword', $LANG04[28]);
    $user_templates->set_var('end_block', COM_endBlock());
    $user_templates->parse('output', 'form');

    $retval .= $user_templates->finish($user_templates->get_var('output'));

    return $retval;
}

/**
* Shows user their account info form
*
* @param    string  $msg        message to display if one is needed
* @return   string  HTML for form
*
*/
function defaultform ($msg)
{
    global $LANG04;

    $retval = '';

    if (!empty ($msg)) {
        $retval .= COM_startBlock ($LANG04[21], '',
                           COM_getBlockTemplate ('_msg_block', 'header'))
                . $msg
                . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
    }

    $retval .= loginform (true);

    $retval .= newuserform ();

    $retval .= getpasswordform ();

    return $retval;
}


// MAIN
if (isset ($HTTP_POST_VARS['mode'])) {
    $mode = $HTTP_POST_VARS['mode'];
}
elseif (isset ($HTTP_GET_VARS['mode'])) {
    $mode = $HTTP_GET_VARS['mode'];
}
else {
    $mode = "";
}

$display = '';

switch ($mode) {
case 'logout':
    if (!empty ($_USER['uid']) AND $_USER['uid'] > 1) {
        SESS_endUserSession ($_USER['uid']);
        PLG_logoutUser ($_USER['uid']);
    }
    setcookie ($_CONF['cookie_session'], '', time() - 10000,
               $_CONF['cookie_path'], $_CONF['cookiedomain'],
               $_CONF['cookiesecure']);
    setcookie ($_CONF['cookie_name'], '', time() - 10000, $_CONF['cookie_path'],
               $_CONF['cookiedomain'], $_CONF['cookiesecure']);
    $display = COM_refresh($_CONF['site_url'] . '/index.php?msg=8');
    break;

case 'profile':
    $uid = COM_applyFilter ($HTTP_GET_VARS['uid'], true);
    if (is_numeric ($uid) && ($uid > 0)) {
        $msg = COM_applyFilter ($HTTP_GET_VARS['msg'], true);
        $display .= userprofile ($uid, $msg);
    } else {
        $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
    }
    break;

case 'user':
    $username = COM_applyFilter ($HTTP_GET_VARS['username']);
    if (!empty ($username)) {
        $username = addslashes ($username);
        $uid = DB_getItem ($_TABLES['users'], 'uid', "username = '$username'");
        if ($uid > 1) {
            $display .= userprofile ($uid);
        } else {
            $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
        }
    } else {
        $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
    }
    break;

case 'create':
    $display .= createuser (COM_applyFilter ($HTTP_POST_VARS['username']),
                            COM_applyFilter ($HTTP_POST_VARS['email']));
    break;

case 'getpassword':
    $display .= COM_siteHeader ('menu');
    if ($_CONF['passwordspeedlimit'] == 0) {
        $_CONF['passwordspeedlimit'] = 300; // 5 minutes
    }
    COM_clearSpeedlimit ($_CONF['passwordspeedlimit'], 'password');
    $last = COM_checkSpeedlimit ('password');
    if ($last > 0) {
        $display .= COM_startBlock ($LANG12[26], '',
                            COM_getBlockTemplate ('_msg_block', 'header'))
                 . sprintf ($LANG04[93], $last, $_CONF['passwordspeedlimit'])
                 . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
    } else {
        $display .= getpasswordform ();
    }
    $display .= COM_siteFooter ();
    break;

case 'newpwd':
    $uid = COM_applyFilter ($HTTP_GET_VARS['uid'], true);
    $reqid = COM_applyFilter ($HTTP_GET_VARS['rid']);
    if (!empty ($uid) && is_numeric ($uid) && ($uid > 0) &&
            !empty ($reqid) && (strlen ($reqid) == 16)) {
        $valid = DB_count ($_TABLES['users'], array ('uid', 'pwrequestid'),
                           array ($uid, $reqid));
        if ($valid == 1) {
            $display .= COM_siteHeader ('menu');
            $display .= newpasswordform ($uid, $reqid);
            $display .= COM_siteFooter ();
        } else { // request invalid or expired
            $display .= COM_siteHeader ('menu');
            $display .= COM_showMessage (54);
            $display .= getpasswordform ();
            $display .= COM_siteFooter ();
        }
    } else {
        // this request doesn't make sense - ignore it
        $display = COM_refresh ($_CONF['site_url']);
    }
    break;

case 'setnewpwd':
    if (empty ($HTTP_POST_VARS['passwd'])) {
        $display = COM_refresh ($_CONF['site_url']
                 . '/users.php?mode=newpwd&uid=' . $HTTP_POST_VARS['uid']
                 . '&rid=' . $HTTP_POST_VARS['rid']);
    } else {
        $uid = COM_applyFilter ($HTTP_POST_VARS['uid'], true);
        $reqid = COM_applyFilter ($HTTP_POST_VARS['rid']);
        if (!empty ($uid) && is_numeric ($uid) && ($uid > 0) &&
                !empty ($reqid) && (strlen ($reqid) == 16)) {
            $valid = DB_count ($_TABLES['users'], array ('uid', 'pwrequestid'),
                               array ($uid, $reqid));
            if ($valid == 1) {
                $passwd = md5 ($HTTP_POST_VARS['passwd']);
                DB_change ($_TABLES['users'], 'passwd', "$passwd",
                           "uid", $uid);
                DB_delete ($_TABLES['sessions'], 'uid', $uid);
                DB_change ($_TABLES['users'], 'pwrequestid', "NULL",
                           'username', $username);
                $display = COM_refresh ($_CONF['site_url'] . '/users.php?msg=53');
            } else { // request invalid or expired
                $display .= COM_siteHeader ('menu');
                $display .= COM_showMessage (54);
                $display .= getpasswordform ();
                $display .= COM_siteFooter ();
            }
        } else {
            // this request doesn't make sense - ignore it
            $display = COM_refresh ($_CONF['site_url']);
        }
    }
    break;

case 'emailpasswd':
    if ($_CONF['passwordspeedlimit'] == 0) {
        $_CONF['passwordspeedlimit'] = 300; // 5 minutes
    }
    COM_clearSpeedlimit ($_CONF['passwordspeedlimit'], 'password');
    $last = COM_checkSpeedlimit ('password');
    if ($last > 0) {
        $display .= COM_siteHeader ('menu')
                 . COM_startBlock ($LANG12[26], '',
                           COM_getBlockTemplate ('_msg_block', 'header'))
                 . sprintf ($LANG04[93], $last, $_CONF['passwordspeedlimit'])
                 . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'))
                 . COM_siteFooter ();
    } else {
        $username = COM_applyFilter ($HTTP_POST_VARS['username']);
        $email = COM_applyFilter ($HTTP_POST_VARS['email']);
        if (empty ($username) && !empty ($email)) {
            $username = DB_getItem ($_TABLES['users'], 'username',
                                    "email = '$email'");
        }
        if (!empty ($username)) {
            $display .= requestpassword ($username, 55);
        } else {
            $display = COM_refresh ($_CONF['site_url']
                                    . '/users.php?mode=getpassword');
        }
    }
    break;

case 'new':
    $display .= COM_siteHeader ('menu', $LANG04[22]);
    // Call custom registration and account record create function
    // if enabled and exists
    if ($_CONF['custom_registration'] AND (function_exists('custom_userform'))) {
        $display .= custom_userform('new');
    } else {
        $display .= newuserform();
    }  
    $display .= COM_siteFooter();
    break;

default:
    // prevent dictionary attacks on passwords
    if (!isset ($_CONF['login_speedlimit'])) {
        $_CONF['login_speedlimit'] = 300;
    }
    if (!isset ($_CONF['login_attempts'])) {
        $_CONF['login_attempts'] = 3;
    }
    COM_clearSpeedlimit ($_CONF['login_speedlimit'], 'login');
    if (COM_checkSpeedlimit ('login', $_CONF['login_attempts']) > 0) {
        if (empty ($LANG04[112])) {
            $LANG04[112] = 'You have exceeded the number of allowed login attempts. Please try again later.';
        }
        $retval .= COM_siteHeader ()
                . COM_startBlock ($LANG12[26], '',
                                  COM_getBlockTemplate ('_msg_block', 'header'))
                . $LANG04[112]
                . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'))
                . COM_siteFooter ();
        echo $retval;
        exit();
    }

    if (isset ($HTTP_POST_VARS['loginname'])) {
        $loginname = COM_applyFilter ($HTTP_POST_VARS['loginname']);
    } else {
        $loginname = COM_applyFilter ($HTTP_GET_VARS['loginname']);
    }
    if (isset ($HTTP_POST_VARS['passwd'])) {
        $passwd = COM_applyFilter ($HTTP_POST_VARS['passwd']);
    }
    if (!empty($loginname) && !empty($passwd)) {
        $mypasswd = COM_getPassword($loginname);
    } else {
        srand((double)microtime()*1000000);
        $mypasswd = rand();
    }
    if (!empty ($passwd) && !empty ($mypasswd) && ($mypasswd == md5($passwd))) {
        DB_change($_TABLES['users'],'pwrequestid',"NULL",'username',$loginname);
        $userdata = SESS_getUserData($loginname);
        $_USER=$userdata;
        $sessid = SESS_newSession($_USER['uid'], $HTTP_SERVER_VARS['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
        SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
        PLG_loginUser ($_USER['uid']);

        // Now that we handled session cookies, handle longterm cookie
        if (!isset($HTTP_COOKIE_VARS[$_CONF['cookie_name']]) || !isset($HTTP_COOKIE_VARS['password'])) {
            // Either their cookie expired or they are new
            $cooktime = COM_getUserCookieTimeout();
            if ($VERBOSE) {
                COM_errorLog("Trying to set permanent cookie with time of $cooktime",1);
            }
            if ($cooktime > 0) {
                // They want their cookie to persist for some amount of time so set it now
                if ($VERBOSE) {
                    COM_errorLog('Trying to set permanent cookie',1);
                }
                setcookie ($_CONF['cookie_name'], $_USER['uid'],
                           time() + $cooktime, $_CONF['cookie_path'],
                           $_CONF['cookiedomain'], $_CONF['cookiesecure']);
                setcookie ($_CONF['cookie_password'], md5 ($passwd),
                           time() + $cooktime, $_CONF['cookie_path'],
                           $_CONF['cookiedomain'], $_CONF['cookiesecure']);
            }
        } else {
            $userid = $HTTP_COOKIE_VARS[$_CONF['cookie_name']];
            if (empty ($userid) || ($userid == 'deleted')) {
                unset ($userid);
            } else {
                if ($VERBOSE) {
                    COM_errorLog('NOW trying to set permanent cookie',1);
                    COM_errorLog('Got '.$userid.' from perm cookie in users.php',1);
                }
                if ($userid) {
                    $user_logged_in = 1;
                    // Create new session
                    $userdata = SESS_getUserDataFromId($userid);
                    $_USER = $userdata;
                    if ($VERBOSE) {
                        COM_errorLog('Got '.$_USER['username'].' for the username in user.php',1);
                    }
                }
            }
        }

        // Now that we have users data see if their theme cookie is set.
        // If not set it
        setcookie ($_CONF['cookie_theme'], $_USER['theme'], time() + 31536000,
                   $_CONF['cookie_path'], $_CONF['cookiedomain'],
                   $_CONF['cookiesecure']);

        if (!empty ($HTTP_SERVER_VARS['HTTP_REFERER']) && (strstr ($HTTP_SERVER_VARS['HTTP_REFERER'], '/users.php') === false)) {
            $indexMsg = $_CONF['site_url'] . '/index.php?msg=';
            if (substr ($HTTP_SERVER_VARS['HTTP_REFERER'], 0, strlen ($indexMsg)) == $indexMsg) {
                $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
            } else {
                $display .= COM_refresh ($HTTP_SERVER_VARS['HTTP_REFERER']);
            }
        } else {
            $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
        }
    } else {
        // On failed login attempt, update speed limit
        COM_updateSpeedlimit ('login');

        $display .= COM_siteHeader('menu');

        if (isset ($HTTP_POST_VARS['msg'])) {
            $msg = $HTTP_POST_VARS['msg'];
        } else if (isset ($HTTP_GET_VARS['msg'])) {
            $msg = $HTTP_GET_VARS['msg'];
        } else {
            $msg = 0;
        }
        if ($msg > 0) {
            $display .= COM_showMessage($msg);
        }

        switch ($mode) {
        case 'create':
            // Got bad account info from registration process, show error
            // message and display form again
            if ($_CONF['custom_registration'] AND (function_exists(custom_userform))) {
                $display .= custom_userform ('new');
            } else {
                $display .= newuserform ();
            }
            break;
        default:
            // check to see if this was the last allowed attempt
            if (!isset ($_CONF['login_attempts'])) {
                $_CONF['login_attempts'] = 3;
            }
            if (COM_checkSpeedlimit ('login', $_CONF['login_attempts']) > 0) {
                if (empty ($LANG04[112])) {
                    $LANG04[112] = 'You have exceeded the number of allowed login attempts. Please try again later.';
                }
                $retval .= COM_siteHeader ()
                        . COM_startBlock ($LANG12[26], '',
                                COM_getBlockTemplate ('_msg_block', 'header'))
                        . $LANG04[112]
                        . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'))
                        . COM_siteFooter ();
                echo $retval;
                exit ();
            } else { // Show login form
                $display .= loginform();
            }
            break;
        }

        $display .= COM_siteFooter();
    }
    break;
}

echo $display;

?>

 


Thnaks for helping,
Jordy

Page navigation