|
please check all the code :
<?php
// Script made by zapto for Jcow
// Lets members change username live in site while sending message to user about change
class usernamechange {
function index() {
global $client;
$er=$_Get['e'];
section_content('<div align="center">
<p>For security reasons we will send a copy of this request to your E-Mail accounts</p>
<p><b><BR><font color="#FF0000">'.$er.'</font></b></p>
<script language = "Javascript">
function echeck(str) {
var at="@"
var dot="."
var lat=str.indexOf(at)
var lstr=str.length
var ldot=str.indexOf(dot)
if (str.indexOf(at)==-1){
alert("Please Enter username")
return false
}
if (str.indexOf(at)==-1 || str.indexOf(at)==0 || str.indexOf(at)==lstr){
alert("Please Enter username")
return false
}
if (str.indexOf(dot)==-1 || str.indexOf(dot)==0 || str.indexOf(dot)==lstr){
alert("Please Enter username")
return false
}
if (str.indexOf(at,(lat+1))!=-1){
alert("Please Enter username")
return false
}
if (str.substring(lat-1,lat)==dot || str.substring(lat+1,lat+2)==dot){
alert("Please Enter username")
return false
}
if (str.indexOf(dot,(lat+2))==-1){
alert("Please Enter username")
return false
}
if (str.indexOf(" ")!=-1){
alert("Please Enter username")
return false
}
return true
}
function ValidateForm(){
var emailID=document.frmSample.email
if ((emailID.value==null)||(emailID.value=="")){
alert("Please Enter username!")
emailID.focus()
return false
}
if (echeck(emailID.value)==false){
emailID.value=""
emailID.focus()
return false
}
return true
}
</script>
<form method="post" name="frmSample" action="usernamechange/change" onSubmit="return ValidateForm()">
<table width="398" border="0">
<tr>
<td>
<table width="100%" border="0">
<tr>
<td width="36%">New username <br>
</td>
<td width="64%">
<input type="text" name="username" size="30">
</td>
</tr>
<tr>
</tr>
</table>
<p align="center">
<input type="submit" name="Submit" value="Send Request">
</p>
</td>
</tr>
</table>
</form>');
section_close('Change username');
}
function change() {
global $client;
// check user is loged in if not will refuse acccess it not needed but handy extra security
session_start();
if (!array_key_exists('uid', $_SESSION)) {
header('Location: usernamechange&e=Request Refused Please Login!');
//If not member send back to your domain
}
else {
//end check
}
//now check username validation
$ema=$_POST["username"];
$ser=$_SERVER["SERVER_NAME"];
$uip=$_SERVER['REMOTE_ADDR'];
$usr="{$client['username']}";
$query="select username from ".tb()."accounts "." WHERE username='$ema'";
$result=mysql_query($query);
//check username not used in database
if($row = mysql_fetch_array($result)) {//if we did return a record
section_content('<B>ERROR!<BR><BR>The Email '.$ema.' is restricted on our server (In USE)!</b><BR><BR><BR>Your IP ('.$_SERVER['REMOTE_ADDR'].') WAS LOGED!');
return 1;
}else{
}
//Now post username of change
$to="{$client['username']}";
$subject="Email Change Request for {$client['username']}";
$header="from: Account Support no_reply@$ser";
$messages= "Hello {$client['username']}, \r\n";
$messages.="We got Request to change username You can see the change info below. \r\n";
$messages.=" \r\n";
$messages.="Change form: {$client['username']} \r\n";
$messages.="Change To: $ema \r\n";
$messages.=" \r\n";
$messages.=" \r\n";
$messages.=" \r\n";
$messages.="Request sent from IP-$uip \r\n";
$messages.="Report from IP to http://$ser Support if you did not do this Request. \r\n";
$sentmail = mail($to,$subject,$messages,$header);
section_content('You have changed your username to '.$ema.' <BR>Copy of this change was sent to '.$client['username'].'<BR><BR> Your '.$uip.' was loged');
//now we update username on account after message send
sql_query("update ".tb()."accounts set username='$ema' where id='{$client['id']}' ");
section_close('username Change Complete!');
}
}
?> |
