-
Notifications
You must be signed in to change notification settings - Fork 35
/
Copy pathchange_email.php
125 lines (105 loc) · 3.42 KB
/
change_email.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<?php
/************************************************************************/
/* AContent */
/************************************************************************/
/* Copyright (c) 2010 */
/* Inclusive Design Institute */
/* */
/* This program is free software. You can redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation. */
/************************************************************************/
define('TR_INCLUDE_PATH', '../include/');
require(TR_INCLUDE_PATH.'vitals.inc.php');
require_once(TR_INCLUDE_PATH.'classes/DAO/UsersDAO.class.php');
global $_current_user;
if (!isset($_current_user))
{
require(TR_INCLUDE_PATH.'header.inc.php');
$msg->printInfos('INVALID_USER');
require(TR_INCLUDE_PATH.'footer.inc.php');
exit;
}
if (isset($_POST['cancel']))
{
$msg->addFeedback('CANCELLED');
Header('Location: ../index.php');
exit;
}
if (isset($_POST['submit']))
{
$this_password = $_POST['form_password_hidden'];
// password check
if (!empty($this_password))
{
//check if old password entered is correct
if ($row = $_current_user->getInfo())
{
if ($row['password'] != $this_password)
{
$msg->addError('WRONG_PASSWORD');
Header('Location: change_email.php');
exit;
}
}
}
else
{
$msg->addError(array('EMPTY_FIELDS', _AT('password')));
header('Location: change_email.php');
exit;
}
// email check
if ($_POST['email'] == '')
{
$msg->addError(array('EMPTY_FIELDS', _AT('email')));
}
else
{
if(!preg_match("/^[a-z0-9\._-]+@+[a-z0-9\._-]+\.+[a-z]{2,6}$/i", $_POST['email']))
{
$msg->addError('EMAIL_INVALID');
}
$usersDAO = new UsersDAO();
$row = $usersDAO->getUserByEmail($_POST['email']);
if ($row['user_id'] > 0 && $row['user_id'] <> $_SESSION['user_id'])
{
$msg->addError('EMAIL_EXISTS');
}
}
if (!$msg->containsErrors())
{
if (defined('TR_EMAIL_CONFIRMATION') && TR_EMAIL_CONFIRMATION)
{
//send confirmation email
$row = $_current_user->getInfo();
if ($row['email'] != $_POST['email']) {
$code = substr(md5($_POST['email'] . $row['creation_date'] . $_SESSION['user_id']), 0, 10);
$confirmation_link = TR_BASE_HREF . 'confirm.php?id='.$_SESSION['user_id'].SEP .'e='.urlencode($_POST['email']).SEP.'m='.$code;
/* send the email confirmation message: */
require(TR_INCLUDE_PATH . 'classes/phpmailer/transformablemailer.class.php');
$mail = new TransformableMailer();
$mail->From = $_config['contact_email'];
$mail->AddAddress($_POST['email']);
$mail->Subject = SITE_NAME . ' - ' . _AT('email_confirmation_subject');
$mail->Body = _AT('email_confirmation_message2', $_config['site_name'], $confirmation_link);
$mail->Send();
$msg->addFeedback('CONFIRM_EMAIL');
} else {
$msg->addFeedback('CHANGE_TO_SAME_EMAIL');
}
} else {
//insert into database
$_current_user->setEmail($_POST[email]);
$msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
}
}
}
$row = $_current_user->getInfo();
if (!isset($_POST['submit'])) {
$_POST = $row;
}
/* template starts here */
$savant->assign('row', $row);
$savant->display('profile/change_email.tmpl.php');
?>