plugins/SpecialUserFuncs.php
changeset 133 af0f6ec48de3
parent 126 cfa4ae0830cf
child 181 9237767a23ae
equal deleted inserted replaced
132:0ae1b281a884 133:af0f6ec48de3
   331 }
   331 }
   332 
   332 
   333 function page_Special_Register()
   333 function page_Special_Register()
   334 {
   334 {
   335   global $db, $session, $paths, $template, $plugins; // Common objects
   335   global $db, $session, $paths, $template, $plugins; // Common objects
       
   336   
       
   337   // form field trackers
       
   338   $username = '';
       
   339   $email = '';
       
   340   $realname = '';
       
   341   
   336   if(getConfig('account_activation') == 'disable' && ( ( $session->user_level >= USER_LEVEL_ADMIN && !isset($_GET['IWannaPlayToo']) ) || $session->user_level < USER_LEVEL_ADMIN || !$session->user_logged_in ))
   342   if(getConfig('account_activation') == 'disable' && ( ( $session->user_level >= USER_LEVEL_ADMIN && !isset($_GET['IWannaPlayToo']) ) || $session->user_level < USER_LEVEL_ADMIN || !$session->user_logged_in ))
   337   {
   343   {
   338     $s = ($session->user_level >= USER_LEVEL_ADMIN) ? '<p>Oops...it seems that you <em>are</em> the administrator...hehe...you can also <a href="'.makeUrl($paths->page, 'IWannaPlayToo', true).'">force account registration to work</a>.</p>' : '';
   344     $s = ($session->user_level >= USER_LEVEL_ADMIN) ? '<p>Oops...it seems that you <em>are</em> the administrator...hehe...you can also <a href="'.makeUrl($paths->page, 'IWannaPlayToo', true).'">force account registration to work</a>.</p>' : '';
   339     die_friendly('Registration disabled', '<p>The administrator has disabled new user registration on this site.</p>' . $s);
   345     die_friendly('Registration disabled', '<p>The administrator has disabled new user registration on this site.</p>' . $s);
   340   }
   346   }
   358         $s = 'Invalid COPPA input';
   364         $s = 'Invalid COPPA input';
   359       }
   365       }
   360       else
   366       else
   361       {
   367       {
   362         $coppa = ( isset($_POST['coppa']) && $_POST['coppa'] == 'yes' );
   368         $coppa = ( isset($_POST['coppa']) && $_POST['coppa'] == 'yes' );
       
   369         $s = false;
       
   370         
       
   371         // decrypt password
       
   372         // as with the change pass form, we aren't going to bother checking the confirmation code because if the passwords didn't match
       
   373         // and yet the password got encrypted, that means the user screwed with the code, and if the user screwed with the code and thus
       
   374         // forgot his password, that's his problem.
       
   375         
       
   376         if ( $_POST['use_crypt'] == 'yes' )
       
   377         {
       
   378           $aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
       
   379           $crypt_key = $session->fetch_public_key($_POST['crypt_key']);
       
   380           if ( !$crypt_key )
       
   381           {
       
   382             $s = 'Couldn\'t look up public encryption key';
       
   383           }
       
   384           else
       
   385           {
       
   386             $data = $_POST['crypt_data'];
       
   387             $bin_key = hexdecode($crypt_key);
       
   388             //die("Decrypting with params: key $crypt_key, data $data");
       
   389             $password = $aes->decrypt($data, $bin_key, ENC_HEX);
       
   390           }
       
   391         }
       
   392         else
       
   393         {
       
   394           $password = $_POST['password'];
       
   395         }
   363         
   396         
   364         // CAPTCHA code was correct, create the account
   397         // CAPTCHA code was correct, create the account
   365         $s = $session->create_user($_POST['username'], $_POST['password'], $_POST['email'], $_POST['real_name'], $coppa);
   398         // ... and check for errors returned from the crypto API
       
   399         if ( !$s )
       
   400           $s = $session->create_user($_POST['username'], $password, $_POST['email'], $_POST['real_name'], $coppa);
   366       }
   401       }
   367     }
   402     }
   368     if($s == 'success' && !$coppa)
   403     if($s == 'success' && !$coppa)
   369     {
   404     {
   370       switch(getConfig('account_activation'))
   405       switch(getConfig('account_activation'))
   385     else if ( $s == 'success' && $coppa )
   420     else if ( $s == 'success' && $coppa )
   386     {
   421     {
   387       $str = 'However, in compliance with the Childrens\' Online Privacy Protection Act, you must have your parent or legal guardian activate your account. Please ask them to check their e-mail for further information.';
   422       $str = 'However, in compliance with the Childrens\' Online Privacy Protection Act, you must have your parent or legal guardian activate your account. Please ask them to check their e-mail for further information.';
   388       die_friendly('Registration successful', '<p>Thank you for registering, your user account has been created. '.$str.'</p>');
   423       die_friendly('Registration successful', '<p>Thank you for registering, your user account has been created. '.$str.'</p>');
   389     }
   424     }
       
   425     $username = htmlspecialchars($_POST['username']);
       
   426     $email    = htmlspecialchars($_POST['email']);
       
   427     $realname = htmlspecialchars($_POST['real_name']);
   390   }
   428   }
   391   $template->header();
   429   $template->header();
   392   echo 'A user account enables you to have greater control over your browsing experience.';
   430   echo 'A user account enables you to have greater control over your browsing experience.';
   393   
   431   
   394   if ( getConfig('enable_coppa') != '1' || ( isset($_GET['coppa']) && in_array($_GET['coppa'], array('yes', 'no')) ) )
   432   if ( getConfig('enable_coppa') != '1' || ( isset($_GET['coppa']) && in_array($_GET['coppa'], array('yes', 'no')) ) )
   395   {
   433   {
   396     $coppa = ( isset($_GET['coppa']) && $_GET['coppa'] == 'yes' );
   434     $coppa = ( isset($_GET['coppa']) && $_GET['coppa'] == 'yes' );
   397     $session->kill_captcha();
   435     $session->kill_captcha();
   398     $captchacode = $session->make_captcha();
   436     $captchacode = $session->make_captcha();
       
   437     
       
   438     $pubkey = $session->rijndael_genkey();
       
   439     $challenge = $session->dss_rand();
       
   440     
   399     ?>
   441     ?>
   400       <h3>Create a user account</h3>
   442       <h3>Create a user account</h3>
   401       <form name="regform" action="<?php echo makeUrl($paths->page); ?>" method="post">
   443       <form name="regform" action="<?php echo makeUrl($paths->page); ?>" method="post" onsubmit="runEncryption();">
   402         <div class="tblholder">
   444         <div class="tblholder">
   403           <table border="0" width="100%" cellspacing="1" cellpadding="4">
   445           <table border="0" width="100%" cellspacing="1" cellpadding="4">
   404             <tr><th class="subhead" colspan="3">Please tell us a little bit about yourself.</th></tr>
   446             <tr><th class="subhead" colspan="3">Please tell us a little bit about yourself.</th></tr>
   405             
   447             
   406             <?php if(isset($_POST['submit'])) echo '<tr><td colspan="3" class="row2" style="color: red;">'.$s.'</td></tr>'; ?>
   448             <?php if(isset($_POST['submit'])) echo '<tr><td colspan="3" class="row2" style="color: red;">'.$s.'</td></tr>'; ?>
   410               <td class="row1" style="width: 50%;">
   452               <td class="row1" style="width: 50%;">
   411                 Preferred username:
   453                 Preferred username:
   412                 <span id="e_username"></span>
   454                 <span id="e_username"></span>
   413               </td>
   455               </td>
   414               <td class="row1" style="width: 50%;">
   456               <td class="row1" style="width: 50%;">
   415                 <input type="text" name="username" size="30" onkeyup="namegood = false; validateForm();" onblur="checkUsername();" />
   457                 <input tabindex="1" type="text" name="username" size="30" value="<?php echo $username; ?>" onkeyup="namegood = false; validateForm();" onblur="checkUsername();" />
   416               </td>
   458               </td>
   417               <td class="row1" style="max-width: 24px;">
   459               <td class="row1" style="max-width: 24px;">
   418                 <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/bad.gif" id="s_username" />
   460                 <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/bad.gif" id="s_username" />
   419               </td>
   461               </td>
   420             </tr>
   462             </tr>
   421             
   463             
   422             <!-- FIELD: Password -->
   464             <!-- FIELD: Password -->
   423             <tr>
   465             <tr>
   424               <td class="row3" style="width: 50%;" rowspan="2">
   466               <td class="row3" style="width: 50%;" rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>">
   425                 Password:
   467                 Password:
   426                 <span id="e_password"></span>
   468                 <span id="e_password"></span>
       
   469                 <?php if ( getConfig('pw_strength_enable') == '1' && getConfig('pw_strength_minimum') > -10 ): ?>
       
   470                 <small>It needs to score at least <b><?php echo getConfig('pw_strength_minimum'); ?></b> for your registration to be accepted.</small>
       
   471                 <?php endif; ?>
   427               </td>
   472               </td>
   428               <td class="row3" style="width: 50%;">
   473               <td class="row3" style="width: 50%;">
   429                 <input type="password" name="password" size="30" onkeyup="validateForm();" />
   474                 <input tabindex="2" type="password" name="password" size="15" onkeyup="<?php if ( getConfig('pw_strength_enable') == '1' ): ?>password_score_field(this); <?php endif; ?>validateForm();" /><?php if ( getConfig('pw_strength_enable') == '1' ): ?><span class="password-checker" style="font-weight: bold; color: #aaaaaa;"> Loading...</span><?php endif; ?>
   430               </td>
   475               </td>
   431               <td rowspan="2" class="row3" style="max-width: 24px;">
   476               <td rowspan="<?php echo ( getConfig('pw_strength_enable') == '1' ) ? '3' : '2'; ?>" class="row3" style="max-width: 24px;">
   432                 <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/bad.gif" id="s_password" />
   477                 <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/bad.gif" id="s_password" />
   433               </td>
   478               </td>
   434             </tr>
   479             </tr>
   435             
   480             
   436             <!-- FIELD: Password confirmation -->
   481             <!-- FIELD: Password confirmation -->
   437             <tr>
   482             <tr>
   438               <td class="row3" style="width: 50%;">
   483               <td class="row3" style="width: 50%;">
   439                 <input type="password" name="password_confirm" size="30" onkeyup="validateForm();" /> <small>Enter your password again to confirm.</small>
   484                 <input tabindex="3" type="password" name="password_confirm" size="15" onkeyup="validateForm();" /> <small>Enter your password again to confirm.</small>
   440               </td>
   485               </td>
   441             </tr>
   486             </tr>
       
   487             
       
   488             <!-- FIELD: Password strength meter -->
       
   489             
       
   490             <?php if ( getConfig('pw_strength_enable') == '1' ): ?>
       
   491             <tr>
       
   492               <td class="row3" style="width: 50%;">
       
   493                 <div id="pwmeter"></div>
       
   494               </td>
       
   495             </tr>
       
   496             <?php endif; ?>
   442             
   497             
   443             <!-- FIELD: E-mail address -->
   498             <!-- FIELD: E-mail address -->
   444             <tr>
   499             <tr>
   445               <td class="row1" style="width: 50%;">
   500               <td class="row1" style="width: 50%;">
   446                 <?php
   501                 <?php
   453                     echo '<br /><small>An e-mail with an account activation key will be sent to this address, so please ensure that it is correct.</small>';
   508                     echo '<br /><small>An e-mail with an account activation key will be sent to this address, so please ensure that it is correct.</small>';
   454                   }
   509                   }
   455                 ?>
   510                 ?>
   456               </td>
   511               </td>
   457               <td class="row1" style="width: 50%;">
   512               <td class="row1" style="width: 50%;">
   458                 <input type="text" name="email" size="30" onkeyup="validateForm();" />
   513                 <input tabindex="4" type="text" name="email" size="30" value="<?php echo $email; ?>" onkeyup="validateForm();" />
   459               </td>
   514               </td>
   460               <td class="row1" style="max-width: 24px;">
   515               <td class="row1" style="max-width: 24px;">
   461                 <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/bad.gif" id="s_email" />
   516                 <img alt="Good/bad icon" src="<?php echo scriptPath; ?>/images/bad.gif" id="s_email" />
   462               </td>
   517               </td>
   463             </tr>
   518             </tr>
   467               <td class="row3" style="width: 50%;">
   522               <td class="row3" style="width: 50%;">
   468                 Real name:<br />
   523                 Real name:<br />
   469                 <small>Giving your real name is totally optional. If you choose to provide your real name, it will be used to provide attribution for any edits or contributions you may make to this site.</small>
   524                 <small>Giving your real name is totally optional. If you choose to provide your real name, it will be used to provide attribution for any edits or contributions you may make to this site.</small>
   470               </td>
   525               </td>
   471               <td class="row3" style="width: 50%;">
   526               <td class="row3" style="width: 50%;">
   472                 <input type="text" name="real_name" size="30" /></td><td class="row3" style="max-width: 24px;">
   527                 <input tabindex="5" type="text" name="real_name" size="30" value="<?php echo $realname; ?>" /></td><td class="row3" style="max-width: 24px;">
   473               </td>
   528               </td>
   474             </tr>
   529             </tr>
   475             
   530             
   476             <!-- FIELD: CAPTCHA image -->
   531             <!-- FIELD: CAPTCHA image -->
   477             <tr>
   532             <tr>
   491             
   546             
   492             <!-- FIELD: CAPTCHA input field -->
   547             <!-- FIELD: CAPTCHA input field -->
   493             <tr>
   548             <tr>
   494               <td class="row1" colspan="2">
   549               <td class="row1" colspan="2">
   495                 Code:
   550                 Code:
   496                 <input name="captchacode" type="text" size="10" />
   551                 <input tabindex="6" name="captchacode" type="text" size="10" />
   497                 <input type="hidden" name="captchahash" value="<?php echo $captchacode; ?>" />
   552                 <input type="hidden" name="captchahash" value="<?php echo $captchacode; ?>" />
   498               </td>
   553               </td>
   499             </tr>
   554             </tr>
   500             
   555             
   501             <!-- FIELD: submit button -->
   556             <!-- FIELD: submit button -->
   502             <tr>
   557             <tr>
   503               <th class="subhead" colspan="3" style="text-align: center;">
   558               <th class="subhead" colspan="3" style="text-align: center;">
   504                 <input type="submit" name="submit" value="Create my account" />
   559                 <input tabindex="7" type="submit" name="submit" value="Create my account" />
   505               </td>
   560               </td>
   506             </tr>
   561             </tr>
   507             
   562             
   508           </table>
   563           </table>
   509         </div>
   564         </div>
   510         <?php
   565         <?php
   511           $val = ( $coppa ) ? 'yes' : 'no';
   566           $val = ( $coppa ) ? 'yes' : 'no';
   512           echo '<input type="hidden" name="coppa" value="' . $val . '" />';
   567           echo '<input type="hidden" name="coppa" value="' . $val . '" />';
   513         ?>
   568         ?>
       
   569         <input type="hidden" name="challenge_data" value="<?php echo $challenge; ?>" />
       
   570         <input type="hidden" name="use_crypt" value="no" />
       
   571         <input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
       
   572         <input type="hidden" name="crypt_data" value="" />
       
   573       <script type="text/javascript">
       
   574         // ENCRYPTION CODE
       
   575         disableJSONExts();
       
   576         str = '';
       
   577         for(i=0;i<keySizeInBits/4;i++) str+='0';
       
   578         var key = hexToByteArray(str);
       
   579         var pt = hexToByteArray(str);
       
   580         var ct = rijndaelEncrypt(pt, key, "ECB");
       
   581         var ct = byteArrayToHex(ct);
       
   582         switch(keySizeInBits)
       
   583         {
       
   584           case 128:
       
   585             v = '66e94bd4ef8a2c3b884cfa59ca342b2e';
       
   586             break;
       
   587           case 192:
       
   588             v = 'aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7';
       
   589             break;
       
   590           case 256:
       
   591             v = 'dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087';
       
   592             break;
       
   593         }
       
   594         var aes_testpassed = ( ct == v && md5_vm_test() );
       
   595         function runEncryption()
       
   596         {
       
   597           var frm = document.forms.regform;
       
   598           if ( frm.password.value.length < 1 )
       
   599             return true;
       
   600           if(aes_testpassed)
       
   601           {
       
   602             frm.use_crypt.value = 'yes';
       
   603             var cryptkey = frm.crypt_key.value;
       
   604             frm.crypt_key.value = hex_md5(cryptkey);
       
   605             cryptkey = hexToByteArray(cryptkey);
       
   606             if(!cryptkey || ( ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
       
   607             {
       
   608               frm.submit.disabled = true;
       
   609               len = ( typeof cryptkey == 'string' || typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
       
   610               alert('The key is messed up\nType: '+typeof(cryptkey)+len);
       
   611             }
       
   612           }
       
   613           pass1 = frm.password.value;
       
   614           pass2 = frm.password_confirm.value;
       
   615           if ( pass1 != pass2 )
       
   616           {
       
   617             alert('The passwords you entered do not match.');
       
   618             return false;
       
   619           }
       
   620           if ( pass1.length < 6 && pass1.length > 0 )
       
   621           {
       
   622             alert('The new password must be 6 characters or greater in length.');
       
   623             return false;
       
   624           }
       
   625           if(aes_testpassed)
       
   626           {
       
   627             pass = frm.password.value;
       
   628             pass = stringToByteArray(pass);
       
   629             cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
       
   630             if(!cryptstring)
       
   631             {
       
   632               return false;
       
   633             }
       
   634             cryptstring = byteArrayToHex(cryptstring);
       
   635             frm.crypt_data.value = cryptstring;
       
   636             frm.password.value = "";
       
   637             frm.password_confirm.value = "";
       
   638           }
       
   639           return true;
       
   640         }
       
   641         </script>
   514       </form>
   642       </form>
   515       <!-- Don't optimize this script, it fails when compressed -->
   643       <!-- Don't optimize this script, it fails when compressed -->
   516       <enano:no-opt>
   644       <enano:no-opt>
   517         <script type="text/javascript">
   645         <script type="text/javascript">
   518           // <![CDATA[
   646           // <![CDATA[
   523             failed = false;
   651             failed = false;
   524             
   652             
   525             // Username
   653             // Username
   526             if(!namegood)
   654             if(!namegood)
   527             {
   655             {
   528               if(frm.username.value.match(/^([A-z0-9 \!@\-\(\)]+){2,}$/ig))
   656               //if(frm.username.value.match(/^([A-z0-9 \!@\-\(\)]+){2,}$/ig))
       
   657               var regex = new RegExp('^([^<>_&\?]+){2,}$', 'ig');
       
   658               if ( frm.username.value.match(regex) )
   529               {
   659               {
   530                 document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/unknown.gif';
   660                 document.getElementById('s_username').src='<?php echo scriptPath; ?>/images/unknown.gif';
   531                 document.getElementById('e_username').innerHTML = ''; // '<br /><small><b>Checking availability...</b></small>';
   661                 document.getElementById('e_username').innerHTML = ''; // '<br /><small><b>Checking availability...</b></small>';
   532               } else {
   662               } else {
   533                 failed = true;
   663                 failed = true;
   614                 }
   744                 }
   615             });
   745             });
   616           }
   746           }
   617           function regenCaptcha()
   747           function regenCaptcha()
   618           {
   748           {
   619             var frm = document.forms.regform;
       
   620             document.getElementById('captchaimg').src = '<?php echo makeUrlNS("Special", "Captcha/"); ?>'+frm.captchahash.value+'/'+Math.floor(Math.random() * 100000);
   749             document.getElementById('captchaimg').src = '<?php echo makeUrlNS("Special", "Captcha/"); ?>'+frm.captchahash.value+'/'+Math.floor(Math.random() * 100000);
   621             return false;
   750             return false;
   622           }
   751           }
       
   752           <?php if ( getConfig('pw_strength_enable') == '1' ): ?>
       
   753           var frm = document.forms.regform;
       
   754           password_score_field(frm.password);
       
   755           <?php endif; ?>
   623           validateForm();
   756           validateForm();
   624           setTimeout('checkUsername();', 1000);
   757           setTimeout('checkUsername();', 1000);
   625           // ]]>
   758           // ]]>
   626         </script>
   759         </script>
   627       </enano:no-opt>
   760       </enano:no-opt>
   896       return false;
  1029       return false;
   897     }
  1030     }
   898     $row = $db->fetchrow();
  1031     $row = $db->fetchrow();
   899     $db->free_result();
  1032     $db->free_result();
   900     
  1033     
   901     if ( ( intval($row['temp_password_time']) + 3600 * 24 ) < time() )
  1034     if ( ( intval($row['temp_password_time']) + ( 3600 * 24 ) ) < time() )
   902     {
  1035     {
   903       echo '<p>Password has expired</p>';
  1036       echo '<p>Your temporary password has expired. Please <a href="' . makeUrlNS('Special', 'PasswordReset') . '">request another one</a>.</p>';
   904       $template->footer();
  1037       $template->footer();
   905       return false;
  1038       return false;
   906     }
  1039     }
   907     
  1040     
   908     if ( isset($_POST['do_stage2']) )
  1041     if ( isset($_POST['do_stage2']) )
   947       {
  1080       {
   948         echo 'ERROR: Sanity check failed!';
  1081         echo 'ERROR: Sanity check failed!';
   949         $template->footer();
  1082         $template->footer();
   950         return false;
  1083         return false;
   951       }
  1084       }
       
  1085       if ( getConfig('pw_strength_enable') == '1' )
       
  1086       {
       
  1087         $min_score = intval(getConfig('pw_strength_minimum'));
       
  1088         $inp_score = password_score($data);
       
  1089         if ( $inp_score < $min_score )
       
  1090         {
       
  1091           $url = makeUrl($paths->fullpage);
       
  1092           echo "<p>ERROR: Your password did not pass the complexity score requirement. You need $min_score points to pass; your password received a score of $inp_score. <a href=\"$url\">Go back</a></p>";
       
  1093           $template->footer();
       
  1094           return false;
       
  1095         }
       
  1096       }
   952       $encpass = $aes->encrypt($data, $session->private_key, ENC_HEX);
  1097       $encpass = $aes->encrypt($data, $session->private_key, ENC_HEX);
   953       $q = $db->sql_query('UPDATE '.table_prefix.'users SET password=\'' . $encpass . '\',temp_password=\'\',temp_password_time=0 WHERE user_id='.$user_id.';');
  1098       $q = $db->sql_query('UPDATE '.table_prefix.'users SET password=\'' . $encpass . '\',temp_password=\'\',temp_password_time=0 WHERE user_id='.$user_id.';');
   954       
  1099       
   955       if($q)
  1100       if($q)
   956       {
  1101       {
   967     }
  1112     }
   968     
  1113     
   969     // Password reset form
  1114     // Password reset form
   970     $pubkey = $session->rijndael_genkey();
  1115     $pubkey = $session->rijndael_genkey();
   971     
  1116     
       
  1117     $evt_get_score = ( getConfig('pw_strength_enable') == '1' ) ? 'onkeyup="password_score_field(this);" ' : '';
       
  1118     $pw_meter =      ( getConfig('pw_strength_enable') == '1' ) ? '<tr><td class="row1">Password strength rating:</td><td class="row1"><div id="pwmeter"></div><script type="text/javascript">password_score_field(document.forms.resetform.pass);</script></td></tr>' : '';
       
  1119     $pw_blurb =      ( getConfig('pw_strength_enable') == '1' && intval(getConfig('pw_strength_minimum')) > -10 ) ? '<br /><small>Your password needs to have a score of at least <b>'.getConfig('pw_strength_minimum').'</b>.</small>' : '';
       
  1120     
   972     ?>
  1121     ?>
   973     <form action="<?php echo makeUrl($paths->fullpage); ?>" method="post" name="resetform" onsubmit="return runEncryption();">
  1122     <form action="<?php echo makeUrl($paths->fullpage); ?>" method="post" name="resetform" onsubmit="return runEncryption();">
   974       <br />
  1123       <br />
   975       <div class="tblholder">
  1124       <div class="tblholder">
   976         <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
  1125         <table border="0" style="width: 100%;" cellspacing="1" cellpadding="4">
   977           <tr><th colspan="2">Reset password</th></tr>
  1126           <tr><th colspan="2">Reset password</th></tr>
   978           <tr><td class="row1">Password:</td><td class="row1"><input name="pass" type="password" /></td></tr>
  1127           <tr><td class="row1">Password:<?php echo $pw_blurb; ?></td><td class="row1"><input name="pass" type="password" <?php echo $evt_get_score; ?>/></td></tr>
   979           <tr><td class="row2">Confirm: </td><td class="row2"><input name="pass_confirm" type="password" /></td></tr>
  1128           <tr><td class="row2">Confirm: </td><td class="row2"><input name="pass_confirm" type="password" /></td></tr>
       
  1129           <?php echo $pw_meter; ?>
   980           <tr>
  1130           <tr>
   981             <td colspan="2" class="row1" style="text-align: center;">
  1131             <td colspan="2" class="row1" style="text-align: center;">
   982               <input type="hidden" name="use_crypt" value="no" />
  1132               <input type="hidden" name="use_crypt" value="no" />
   983               <input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
  1133               <input type="hidden" name="crypt_key" value="<?php echo $pubkey; ?>" />
   984               <input type="hidden" name="crypt_data" value="" />
  1134               <input type="hidden" name="crypt_data" value="" />