phpBB.de

Code: Alles auswählen

<?php 
define('IN_PHPBB', true); 
$phpbb_root_path = './'; 
include($phpbb_root_path . 'extension.inc'); 
include($phpbb_root_path . 'common.'.$phpEx); 

$userdata = session_pagestart($user_ip, PAGE_INDEX); 
init_userprefs($userdata); 

$page_title = 'Mod für DB vorschlagen'; 
include($phpbb_root_path . 'includes/page_header.'.$phpEx); 

if (!isset($_POST['confirm_id']))
{
$code = dss_rand();
$code = substr(str_replace('0', 'Z', strtoupper(base_convert($code, 16, 35))), 2, 6);
$confirm_id = md5(uniqid($user_ip));
$sql = 'INSERT INTO ' . CONFIRM_TABLE . " (confirm_id, session_id, code) 
VALUES ('$confirm_id', '". $userdata['session_id'] . "', '$code')";
if (!$db->sql_query($sql))
{
message_die(GENERAL_ERROR, 'Could not insert new confirm code information', '', __LINE__, __FILE__, $sql);
}
unset($code);
$confirm_image = '<img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id") . '" alt="" title="" />';
echo $confirm_image;
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<input type="hidden" name="confirm_id" value="<?php echo $confirm_id;?>">
<input type="text" size="50" maxlength="40" name="user_confirm">
<input type="submit" value="Abschicken">
<?php
}
if (isset($_POST['confirm_id']))
{
if ($_POST['confirm_id'] == $_POST['user_confirm'])
{
echo "richtige eingabe";
}
else
{
echo "falsche eingabe";
}
}


include($phpbb_root_path . 'includes/page_tail.'.$phpEx); 
?>

Code: Alles auswählen

<?php 
define('IN_PHPBB', true); 
$phpbb_root_path = './'; 
include($phpbb_root_path . 'extension.inc'); 
include($phpbb_root_path . 'common.'.$phpEx); 
$userdata = session_pagestart($user_ip, PAGE_INDEX); 
init_userprefs($userdata); 
$page_title = 'Mod für DB vorschlagen'; 
include($phpbb_root_path . 'includes/page_header.'.$phpEx); 



if (!isset($_POST['confirm_id']))
{
$code = dss_rand();
$code = substr(str_replace('0', 'Z', strtoupper(base_convert($code, 16, 35))), 2, 6);
$confirm_id = md5(uniqid($user_ip));
$sql = 'INSERT INTO ' . CONFIRM_TABLE . " (confirm_id, session_id, code) 
        VALUES ('$confirm_id', '". $userdata['session_id'] . "', '$code')";
if (!$db->sql_query($sql))
{
message_die(GENERAL_ERROR, 'Could not insert new confirm code information', '', __LINE__, __FILE__, $sql);
}
unset($code);
$confirm_image = '<img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id") . '" alt="" title="" />';
echo $confirm_image;
}
?>
<br>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<input type="text" name="confirm_code" size="50" maxlength="40">
<input type="hidden" name="confirm_id" value="<?php echo $confirm_id; ?>">
<input type="submit" value="Absenden">
<?php
$confirm_code = $_POST['confirm_code'];
$confirm_id = htmlspecialchars($HTTP_POST_VARS['confirm_id']);
if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id))
{
        $confirm_id = '';
}

$sql = 'SELECT code 
        FROM ' . CONFIRM_TABLE . " 
        WHERE confirm_id = '$confirm_id' 
                AND session_id = '" . $userdata['session_id'] . "'";
if (!($result = $db->sql_query($sql)))
{
        message_die(GENERAL_ERROR, 'Could not obtain confirmation code', __LINE__, __FILE__, $sql);
}

if ($row = $db->sql_fetchrow($result))
{
        if ($row['code'] != $confirm_code)
        {
                $error = TRUE;
                $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong'];
        }
        else
        {
                $sql = 'DELETE FROM ' . CONFIRM_TABLE . " 
                        WHERE confirm_id = '$confirm_id' 
                                AND session_id = '" . $userdata['session_id'] . "'";
                if (!$db->sql_query($sql))
                {
                        message_die(GENERAL_ERROR, 'Could not delete confirmation code', __LINE__, __FILE__, $sql);
                }
        }
}

if ( $error )
{
echo "falsche eingabe";
}
else
{
echo "richtige eingabe";
} 
include($phpbb_root_path . 'includes/page_tail.'.$phpEx); 
?>