summaryrefslogtreecommitdiff
path: root/web/account-edit.php
diff options
context:
space:
mode:
Diffstat (limited to 'web/account-edit.php')
-rw-r--r--web/account-edit.php174
1 files changed, 174 insertions, 0 deletions
diff --git a/web/account-edit.php b/web/account-edit.php
new file mode 100644
index 0000000..5702a23
--- /dev/null
+++ b/web/account-edit.php
@@ -0,0 +1,174 @@
+<?
+require_once("../include/Namespace.inc");
+require_once("../include/Tools.inc");
+require_once("../include/Template.inc");
+
+$namespace = new Namespace(
+ array( have_database => 1,
+ have_session => 1,
+ have_user => 1 )
+) or
+ die("Nobody loves me. I don't even have space for a name.");
+
+if (! $namespace->user->check_login()) {
+ redirect($namespace, 'login.php?form_id=login&goto=account-edit.php');
+ $namespace->stop();
+ exit;
+};
+
+$rules = Array();
+$rules['commit']['name'] = array(type => 'string', optional => 1);
+$rules['commit']['password1'] = array(type => 'string', optional => 1);
+$rules['commit']['password2'] = array(type => 'string', optional => 1);
+
+$rules['addr_enable']['address_ref'] = array(type => 'integer');
+$rules['addr_enable']['enable'] = array(type => 'string', length=>200, discard=>1);
+
+$rules['addr_disable']['address_ref'] = array(type => 'integer');
+$rules['addr_disable']['disable'] = array(type => 'string', length=>200, discard=>1);
+
+$rules['addr_verify']['address_ref'] = array(type => 'integer');
+$rules['addr_verify']['code'] = array(type => 'string', length=>200);
+$rules['addr_verify']['verify'] = array(type => 'string', length=>200, discard=>1);
+
+$rules['addr_delete']['address_ref'] = array(type => 'integer');
+$rules['addr_delete']['delete'] = array(type => 'string', length=>200, discard=>1);
+
+$rules['addr_new']['address'] = array(type => 'string', length=>512);
+$rules['addr_new']['addr_new'] = array(type => 'string', length=>200, discard=>1);
+
+$arguments = param_check($GLOBALS, $rules, array(params_required=>false));
+
+$message = '';
+$created = 0;
+
+unset($selected_address);
+if (isset($arguments['address_ref'])) {
+ $selected_address = $namespace->database->query_row('SELECT address.ref, address.address FROM address WHERE address.account_ref=? AND address.ref=?', array($namespace->session->data['user']['ref'], $arguments['address_ref']));
+ if (! $selected_address)
+ error('Insufficient priviliges');
+};
+
+switch($arguments['form_id']) {
+ case 'commit':
+ $namespace->session->set_id();
+ $name = $arguments['name'];
+ $password1 = $arguments['password1'];
+ $password2 = $arguments['password2'];
+
+ if ($password1 != $password2) {
+ $message .= 'Pasword mismatch.';
+ } else {
+ $account = array();
+ $account['name'] = $name;
+ if ($password1 != '') {
+ $account['password'] = $password1;
+ };
+
+ $result = $namespace->database->update('account', $namespace->session->data['user']['ref'], $account);
+ if ($result)
+ $message = 'Update successfull.';
+ else
+ $message = 'Error (do not ask me what happened. I would be the last to know.)';
+ }
+ break;
+
+ case 'addr_enable':
+ $result = $namespace->database->update('address', $arguments['address_ref'], array(enabled => 'T'));
+ if ($result) $message = 'Update successfull.';
+ else $message = 'Error (do not ask me what happened. I would be the last to know.)';
+ break;
+
+ case 'addr_disable':
+ $result = $namespace->database->update('address', $arguments['address_ref'], array(enabled => 'F'));
+ if ($result) $message = 'Update successfull.';
+ else $message = 'Error (do not ask me what happened. I would be the last to know.)';
+ break;
+
+ case 'addr_verify':
+ assert(isset($selected_address));
+ assert(isset($selected_address['address']));
+ $address = $selected_address['address'];
+ $code = md5($address . $namespace->config->secret);
+ $code = substr($code, 0, 8);
+ if ($code == $arguments['code']) {
+ $update = array();
+ $update['verified'] = 'T';
+ $result = $namespace->database->update('address', $arguments['address_ref'], $update);
+ if ($result) $message = 'Update successfull.';
+ else $message = 'Error (do not ask me what happened. I would be the last to know.)';
+ } else
+ $message = 'Mismatch - Address not enabled';
+ break;
+
+ case 'addr_delete':
+ $result = $namespace->database->delete_row('address', $arguments['address_ref']);
+ if ($result) $message = 'Update successfull.';
+ else $message = 'Error (do not ask me what happened. I would be the last to know.)';
+ break;
+
+ case 'addr_new':
+ $address = $arguments['address'];
+ if (! preg_match('/^[a-zA-Z0-9+=_.-]+@[a-zA-Z0-9+=_.-]+$/', $address) )
+ error("Address '$address' does not match ^[a-zA-Z0-9+=_.-]+@[a-zA-Z0-9+=_.-]+$");
+
+ $code = md5($address.$namespace->config->secret);
+ $code = substr($code, 0, 8);
+
+ $addr = array();
+ $addr['address'] = $address;
+ $addr['account_ref'] = $namespace->session->data['user']['ref'];
+ $addr['verified'] = 'F';
+ $addr['enabled'] = 'T';
+
+ $username = $namespace->session->data['user']['username'];
+ $result = $namespace->database->insert('address', $addr);
+ if ($result) {
+ $message = "Someone, probably you, has requested the following address be added to the $username\r\n".
+ "account on www.noreply.org:\r\n".
+ "\r\n".
+ "Address: $address\r\n".
+ "\r\n".
+ "Your Code to activate that address is »".$code."«\r\n".
+ "\r\n".
+ "You can log in at\r\n".
+ "http://www.noreply.org/login.php?form_id=login&username=$username\n\r\n".
+ "\r\n".
+ "Should you have problems please contact ".$namespace->config->mail_operator.".\r\n";
+ mail($address, "Your Noreply Account", $message,
+ "From: ".$namespace->config->mail_from."\r\n".
+ "Sender: ".$namespace->config->mail_sender."\r\n".
+ "Reply-To: ".$namespace->config->mail_replyto
+ );
+ $message = 'Update successfull. An email with the authorization code has been sent.';
+ } else
+ $message = 'Error (perhaps the username already exists).';
+ break;
+
+ case '':
+ break;
+
+ default:
+ error('unknown form '.$form_id.' in switch statement');
+}
+
+$row = $namespace->database->query_row('SELECT ref, username, name FROM account WHERE ref=?', array($namespace->session->data['user']['ref']));
+
+$data = array();
+$data['message'] = $message;
+$data['user'] = $namespace->session->data['user']['username'];
+$data['username_field'] = $row['username'];
+$data['name_field'] = $row['name'];
+$data['addresses'] = $namespace->database->query_all('SELECT address.*, true as t, false as f FROM address WHERE account_ref=?', array($row['ref']));
+$data['PHP_SELF'] = $PHP_SELF;
+
+$template = new Template('account-edit.html', $namespace->config->template_path);
+$template->parse($data);
+print $template->output();
+
+$namespace->stop();
+
+
+# vim:set ts=4:
+# vim:set shiftwidth=4:
+?>
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-11 23:51:09 +0000