API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 26th, 2017
186
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.24 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*
  3.  * DEPRECATED
  4.  * This api creates users for a Wordpress + phpBB integrated site.
  5.  */
  6.  
  7.  
  8. // Check that we have the required url parameters
  9. if (!array_key_exists ('username',$_GET) || !array_key_exists ('email',$_GET) || !array_key_exists ('api_key',$_GET)) {
  10.     header("HTTP/1.0 400 Bad Request");
  11.     echo "Required URL parameter is missing";
  12.     exit;
  13. }
  14.  
  15. // Validate API key
  16. if ($_GET['api_key'] != "durktyde") {
  17.     header("HTTP/1.0 401 Unauthorized");
  18.     echo "Bad API key";
  19.     exit;
  20. }
  21.  
  22. // Sanitize inputs
  23. $_GET['email'] = strtolower($_GET['email']);
  24.  
  25. // Set up phpBB stuff
  26. define('IN_PHPBB', true);
  27. $phpbb_root_path = '/home/128108/domains/thedarktide.net/html/forum/';
  28. $phpEx = substr(strrchr(__FILE__, '.'), 1);
  29. require($phpbb_root_path . 'common.' . $phpEx);
  30. require($phpbb_root_path . 'includes/functions_user.' . $phpEx);
  31. require($phpbb_root_path . 'includes/functions_module.' . $phpEx);
  32.  
  33. // If this isn't an update, create a new user
  34. if (!array_key_exists('update',$_GET)) {
  35.  
  36.     // Make sure the username isn't already registered
  37.     if (validate_username($_GET['username']) !== false) {
  38.         header("HTTP/1.0 500 Internal Server Error");
  39.         echo "Username is already registered.";
  40.         exit;
  41.     }
  42.    
  43.     // Create user
  44.     $user = array(
  45.         'username'          => $_GET['username'],
  46.         'user_email'        => $_GET['email'],
  47.         'group_id'          => 2, // Registered Users group
  48.         'user_type'         => 0,
  49.     );
  50.     $id = user_add($user);
  51.    
  52.     // Check that the ID was created successfully
  53.     if ($id === false) {
  54.         header("HTTP/1.0 503 Service Unavailable");
  55.         echo "user_add returned false";
  56.         exit;
  57.     }
  58. } else {
  59.     // Update the user's email
  60.     $sql = 'SELECT user_id
  61.            FROM ' . USERS_TABLE . "
  62.            WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($_GET['username'])) . "'";
  63.     $result = $db->sql_query($sql);
  64.     $user_row = $db->sql_fetchrow($result);
  65.     if (empty($user_row)) {
  66.         header("HTTP/1.0 404 File Not Found");
  67.         echo "User not found";
  68.         exit;
  69.     }  
  70.     $sql = 'UPDATE ' . USERS_TABLE . "
  71.            SET user_email = '" . $_GET['email'] . "', user_email_hash = '" . $db->sql_escape(phpbb_email_hash($_GET['email'])) . "'
  72.            WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($_GET['username'])) . "'";
  73.     $result = $db->sql_query($sql);
  74. }
  75.  
  76. // Set temporary password
  77. // Source: /forum/includes/ucp/ucp_resend.php
  78. $server_url = generate_board_url();
  79. $user_password = gen_rand_string_friendly(max(8, mt_rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars'])));
  80. $user_actkey = gen_rand_string(mt_rand(6, 10));
  81. $sql = 'SELECT user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason
  82.        FROM ' . USERS_TABLE . "
  83.        WHERE user_email_hash = '" . $db->sql_escape(phpbb_email_hash($_GET['email'])) . "'
  84.            AND username_clean = '" . $db->sql_escape(utf8_clean_string($_GET['username'])) . "'";
  85. $result = $db->sql_query($sql);
  86. $user_row = $db->sql_fetchrow($result);
  87. $sql = 'UPDATE ' . USERS_TABLE . "
  88.        SET user_newpasswd = '" . $db->sql_escape(phpbb_hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "'
  89.        WHERE user_id = " . $user_row['user_id'];
  90. $db->sql_query($sql);
  91.  
  92. // Send email
  93. // Source: /forum/includes/ucp/ucp_resend.php
  94. include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
  95. $messenger = new messenger(false);
  96. $messenger->template('user_activate_passwd', $user_row['user_lang']);
  97. $messenger->to($user_row['user_email'], $user_row['username']);
  98. $messenger->im($user_row['user_jabber'], $user_row['username']);
  99. $messenger->assign_vars(array(
  100.     'USERNAME'      => htmlspecialchars_decode($user_row['username']),
  101.     'PASSWORD'      => htmlspecialchars_decode($user_password),
  102.     'U_ACTIVATE'    => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
  103. );
  104. $messenger->send($user_row['user_notify_type']);
  105.  
  106. // All done
  107. echo array_key_exists('update',$_GET) ? "Email address updated! Please check your email for your temporary password." : "Username created! Please check your email for your temporary password.";
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!