|
|
@ -175,7 +175,7 @@
|
|
|
|
$_SESSION['_config']['errmsg'] = "";
|
|
|
|
$_SESSION['_config']['errmsg'] = "";
|
|
|
|
|
|
|
|
|
|
|
|
$email = mysql_escape_string(stripslashes(strip_tags(trim($_REQUEST['email']))));
|
|
|
|
$email = mysql_escape_string(stripslashes(strip_tags(trim($_REQUEST['email']))));
|
|
|
|
$pword = mysql_escape_string(stripslashes(strip_tags(trim($_REQUEST['pword']))));
|
|
|
|
$pword = mysql_escape_string(stripslashes(trim($_REQUEST['pword'])));
|
|
|
|
$query = "select * from `users` where `email`='$email' and (`password`=old_password('$pword') or `password`=sha1('$pword') or
|
|
|
|
$query = "select * from `users` where `email`='$email' and (`password`=old_password('$pword') or `password`=sha1('$pword') or
|
|
|
|
`password`=password('$pword')) and `verified`=1 and `deleted`=0";
|
|
|
|
`password`=password('$pword')) and `verified`=1 and `deleted`=0";
|
|
|
|
$res = mysql_query($query);
|
|
|
|
$res = mysql_query($query);
|
|
|
@ -239,8 +239,8 @@
|
|
|
|
$_SESSION['signup']['day'] = intval($day);
|
|
|
|
$_SESSION['signup']['day'] = intval($day);
|
|
|
|
$_SESSION['signup']['month'] = intval($month);
|
|
|
|
$_SESSION['signup']['month'] = intval($month);
|
|
|
|
$_SESSION['signup']['year'] = intval($year);
|
|
|
|
$_SESSION['signup']['year'] = intval($year);
|
|
|
|
$_SESSION['signup']['pword1'] = trim(mysql_escape_string(stripslashes(strip_tags($pword1))));
|
|
|
|
$_SESSION['signup']['pword1'] = trim(mysql_escape_string(stripslashes($pword1)));
|
|
|
|
$_SESSION['signup']['pword2'] = trim(mysql_escape_string(stripslashes(strip_tags($pword2))));
|
|
|
|
$_SESSION['signup']['pword2'] = trim(mysql_escape_string(stripslashes($pword2)));
|
|
|
|
$_SESSION['signup']['Q1'] = trim(mysql_escape_string(stripslashes(strip_tags($Q1))));
|
|
|
|
$_SESSION['signup']['Q1'] = trim(mysql_escape_string(stripslashes(strip_tags($Q1))));
|
|
|
|
$_SESSION['signup']['Q2'] = trim(mysql_escape_string(stripslashes(strip_tags($Q2))));
|
|
|
|
$_SESSION['signup']['Q2'] = trim(mysql_escape_string(stripslashes(strip_tags($Q2))));
|
|
|
|
$_SESSION['signup']['Q3'] = trim(mysql_escape_string(stripslashes(strip_tags($Q3))));
|
|
|
|
$_SESSION['signup']['Q3'] = trim(mysql_escape_string(stripslashes(strip_tags($Q3))));
|
|
|
|