", "'", '"'), "", $referer); $referer = preg_replace('|https?://[^/]+|i', '', $referer ); return $referer; } return false; } /* this function checks if the current user is logged in. */ function reset_password($email_address = ''){ global $conn_id; if( empty($conn_id) ) { $conn_id = db_connect(); } if(empty($email_address) || $email_address == '') return 0; $new_pass = generate_unique_id(); $activation_key = generate_activation_key(); $new_md5 = md5($new_pass); $sql = "UPDATE pm_users SET new_password = '".$new_md5."', activation_key = '".$activation_key."' WHERE email= '".$email_address."'"; $result = @mysql_query($sql, $conn_id); if( !$result ) return 0; return array("pass" => $new_pass, "key" => $activation_key); } /* this function returns an array with the user's information FROM pm_users Table */ function fetch_user_info($username){ global $conn_id; $buffer = str_replace(" ", "", $username); if( !ctype_alnum($buffer) ) return 0; if( empty($conn_id) ) { $conn_id = db_connect(); // this function, db_connect() is defined in 'include/functions.php'; } $user = array(); $sql = "SELECT * FROM pm_users WHERE username= '".$username."'"; $result = @mysql_query($sql, $conn_id); if( !$result ) return false; $count = @mysql_num_rows($result); if( !$count ) return false; $row = @mysql_fetch_assoc($result); @mysql_free_result($result); foreach($row as $k => $v){ $user[$k] = stripslashes($v); } @mysql_query("UPDATE pm_users SET last_signin = '".time()."' WHERE username = '".$username."'"); return $user; } function fetch_user_advanced($unique_id = '') { global $conn_id; if( empty($conn_id) ) { $conn_id = db_connect(); // this function, db_connect() is defined in 'include/functions.php'; } $user = array(); if(empty($unique_id)) return false; $sql = "SELECT * FROM pm_users WHERE id= '".$unique_id."'"; $result = @mysql_query($sql, $conn_id); if( !$result ) return false; $count = @mysql_num_rows($result); if( !$count ) return false; $row = @mysql_fetch_assoc($result); @mysql_free_result($result); foreach($row as $k => $v){ $user[$k] = stripslashes($v); } return $user; } function generate_unique_id(){ return substr(md5(uniqid(time(), true)), 0, 7); } function username_to_id($username) { if(!$username) return false; $username = trim($username); $username = secure_sql($username); $sql = "SELECT id FROM pm_users where username LIKE '".$username."'"; $result = mysql_query($sql); if(!$result) return 0; $total = mysql_num_rows($result); if($total > 0) { $r = mysql_fetch_assoc($result); mysql_free_result($result); return $r['id']; } return 0; } function banlist($user_id) { $sql = "SELECT * FROM pm_banlist WHERE user_id = '".$user_id."'"; $result = mysql_query($sql) or die(mysql_error()); if(!$result) return false; $ban = array(); if(mysql_num_rows($result) > 0) $ban = mysql_fetch_assoc($result); return $ban; } ?>