X-Git-Url: http://git.harvie.cz/?a=blobdiff_plain;f=wwwroot%2Fbackend%2Fmysql%2Fbackend.inc;h=d0a38e77f6c8ff1d7e5c5d4d101768244c473574;hb=HEAD;hp=971bb104bd3a7aba4f2f97bbfcd87c67b6789d00;hpb=9506a2cb819d240a403a0a10d9acd28428805e91;p=mirrors%2FKyberia-bloodline.git

diff --git a/wwwroot/backend/mysql/backend.inc b/wwwroot/backend/mysql/backend.inc
index 971bb10..d0a38e7 100644
--- a/wwwroot/backend/mysql/backend.inc
+++ b/wwwroot/backend/mysql/backend.inc
@@ -76,7 +76,7 @@ public static function addNode($params) {
 
         $parent_permissions=permissions::checkPerms($parent_id);
 
-        if (!$parent_permissions['w']) {
+        if ((!$parent_permissions['w']) && ($params['flag']!='registration' )) {
                 $error=$error_messages['WRITE_PERMISSION_ERROR'];
                 logger::log('add','error','WRITE_PERMISSION_ERROR');
                 return false;
@@ -698,7 +698,60 @@ public static function getPoll($user_id,$poll_id) {
 	return $array;
 }
 
+// XXX
+
+public static function resetPassword($login_id,$login,$vercode,$password) {
+	global $db;
+
+	// Security checks
+	$login = db_escape_string($login);
+	if (!is_numeric($login_id)) {
+		$error="Not numeric id is not numeric. Here, take this stone.";
+		return $error; 
+	} 
+
+	if ($login == '') {
+		$error="Please enter name or id";
+		return $error;
+	}
+
+	if ($login_id == 0) {
+		$set=$db->query("select * from users where login='$login'");
+	} else {
+		$set=$db->query("select * from users where user_id='$login_id'");
+	}
+
+	$set->next();
+	$user_name=$set->getString('login');
+	$user_id=$set->getString('user_id');
+	$hash=$set->getString('hash');	
+
+	if ($hash != $vercode) {
+		$error="Bad verification code!";
+		return $error;
+	}
 
+	$password = sha1($password);
+	$q="update users set password='$password',hash='' where user_id='$user_id'";
+	$db->query($q);
+	
+	$error="OK, password was RE-set";
+	return $error;
+}
+
+// levenshteinLog
+
+// Log user action for later analysis
+// Secure.
+
+public static function levenshteinLog($userid,$nodeid) {
+	global $db;
+
+	$q="insert delayed into levenshtein set user_id='".$userid."',node_id='".$node_id."'";
+	$db->update($q);
+	
 }
 
+
+}
 ?>