Untitled

/***************************************
* 	 ACCOUNT MANAGEMENT FUNCTIONS
***************************************/

function create_account($user,$pass,$email)//gotta be logged in for this, returns
{
	global $db_translation,$db,$a_user;
	$pass = preg_replace( "/[^A-Za-z0-9]/", "", $pass ); //only letters and numbers
	$user = preg_replace( "/[^A-Za-z0-9]/", "", $user ); //only letters and numbers

	$pass_enc=sha1(strtoupper($user).':'.strtoupper($pass));
	$query = strtr('INSERT INTO accounts(login, encrypted_password, email) VALUES("user", "pass_enc", "email_usr")', array_merge($db_translation, array('user' => $user, 'pass_enc' => $pass_enc, 'email_usr' => $email)));
        $db->query($query) or ($report = 'Error: '.mysql_error());

	if (!$report)
		return false;
	else
		return $report;
}

function passchange($newpass,$userid=false)//gotta be logged in for this, returns
{
	global $db_translation,$db,$a_user;
	$newpass = preg_replace( "/[^A-Za-z0-9]/", "", $newpass ); //only letters and numbers

	if ($userid==false)
	{
		$userid=$a_user[$db_translation['acct']];
	}
	//get user info
	$sql1=$db->query("SELECT * FROM  ".$db_translation['accounts']." WHERE ".$db_translation['acct']." = '".$userid."' LIMIT 1")or die($report = 'Error: '.mysql_error());
	$sql2=$db->fetch_assoc($sql1);


	$newpass_enc=sha1(strtoupper($sql2[$db_translation['login']]).':'.strtoupper($newpass));
	$db->query("UPDATE ".$db_translation['accounts']." SET ".$db_translation['encrypted_password']." = '".$newpass_enc."',v='' WHERE ".$db_translation['acct']."='".$sql2[$db_translation['acct']]."' LIMIT 1") or ($report = 'Error: '.mysql_error());

	if (!$report)
		return false;
	else
		return $report;
}
//
//execute this when user wants to login and user/pass variables are $_post-ed thru
//
function special_core_exec_onlogin($username)
{
	return false;
}