1, have_session => 1, have_user => 1 ) ) or die("Nobody loves me. I don't even have space for a name."); if (! $namespace->user->check_login()) { redirect($namespace, 'login.php?form_id=login&goto=account-edit.php'); $namespace->stop(); exit; }; $rules = Array(); $rules['commit']['name'] = array(type => 'string', optional => 1); $rules['commit']['password1'] = array(type => 'string', optional => 1); $rules['commit']['password2'] = array(type => 'string', optional => 1); $rules['addr_enable']['address_ref'] = array(type => 'integer'); $rules['addr_enable']['enable'] = array(type => 'string', length=>200, discard=>1); $rules['addr_disable']['address_ref'] = array(type => 'integer'); $rules['addr_disable']['disable'] = array(type => 'string', length=>200, discard=>1); $rules['addr_verify']['address_ref'] = array(type => 'integer'); $rules['addr_verify']['code'] = array(type => 'string', length=>200); $rules['addr_verify']['verify'] = array(type => 'string', length=>200, discard=>1); $rules['addr_delete']['address_ref'] = array(type => 'integer'); $rules['addr_delete']['delete'] = array(type => 'string', length=>200, discard=>1); $rules['addr_new']['address'] = array(type => 'string', length=>512); $rules['addr_new']['addr_new'] = array(type => 'string', length=>200, discard=>1); $arguments = param_check($GLOBALS, $rules, array(params_required=>false)); $message = ''; $created = 0; unset($selected_address); if (isset($arguments['address_ref'])) { $selected_address = $namespace->database->query_row('SELECT address.ref, address.address FROM address WHERE address.account_ref=? AND address.ref=?', array($namespace->session->data['user']['ref'], $arguments['address_ref'])); if (! $selected_address) error('Insufficient priviliges'); }; switch($arguments['form_id']) { case 'commit': $namespace->session->set_id(); $name = $arguments['name']; $password1 = $arguments['password1']; $password2 = $arguments['password2']; if ($password1 != $password2) { $message .= 'Pasword mismatch.'; } else { $account = array(); $account['name'] = $name; if ($password1 != '') { $account['password'] = $password1; }; $result = $namespace->database->update('account', $namespace->session->data['user']['ref'], $account); if ($result) $message = 'Update successfull.'; else $message = 'Error (do not ask me what happened. I would be the last to know.)'; } break; case 'addr_enable': $result = $namespace->database->update('address', $arguments['address_ref'], array(enabled => 'T')); if ($result) $message = 'Update successfull.'; else $message = 'Error (do not ask me what happened. I would be the last to know.)'; break; case 'addr_disable': $result = $namespace->database->update('address', $arguments['address_ref'], array(enabled => 'F')); if ($result) $message = 'Update successfull.'; else $message = 'Error (do not ask me what happened. I would be the last to know.)'; break; case 'addr_verify': assert(isset($selected_address)); assert(isset($selected_address['address'])); $address = $selected_address['address']; $code = md5($address . $namespace->config->secret); $code = substr($code, 0, 8); if ($code == $arguments['code']) { $update = array(); $update['verified'] = 'T'; $result = $namespace->database->update('address', $arguments['address_ref'], $update); if ($result) $message = 'Update successfull.'; else $message = 'Error (do not ask me what happened. I would be the last to know.)'; } else $message = 'Mismatch - Address not enabled'; break; case 'addr_delete': $result = $namespace->database->delete_row('address', $arguments['address_ref']); if ($result) $message = 'Update successfull.'; else $message = 'Error (do not ask me what happened. I would be the last to know.)'; break; case 'addr_new': $address = $arguments['address']; if (! preg_match('/^[a-zA-Z0-9+=_.-]+@[a-zA-Z0-9+=_.-]+$/', $address) ) error("Address '$address' does not match ^[a-zA-Z0-9+=_.-]+@[a-zA-Z0-9+=_.-]+$"); $code = md5($address.$namespace->config->secret); $code = substr($code, 0, 8); $addr = array(); $addr['address'] = $address; $addr['account_ref'] = $namespace->session->data['user']['ref']; $addr['verified'] = 'F'; $addr['enabled'] = 'T'; $username = $namespace->session->data['user']['username']; $result = $namespace->database->insert('address', $addr); if ($result) { $message = "Someone, probably you, has requested the following address be added to the $username\r\n". "account on www.noreply.org:\r\n". "\r\n". "Address: $address\r\n". "\r\n". "Your Code to activate that address is »".$code."«\r\n". "\r\n". "You can log in at\r\n". "http://www.noreply.org/login.php?form_id=login&username=$username\n\r\n". "\r\n". "Should you have problems please contact ".$namespace->config->mail_operator.".\r\n"; mail($address, "Your Noreply Account", $message, "From: ".$namespace->config->mail_from."\r\n". "Sender: ".$namespace->config->mail_sender."\r\n". "Reply-To: ".$namespace->config->mail_replyto ); $message = 'Update successfull. An email with the authorization code has been sent.'; } else $message = 'Error (perhaps the username already exists).'; break; case '': break; default: error('unknown form '.$form_id.' in switch statement'); } $row = $namespace->database->query_row('SELECT ref, username, name FROM account WHERE ref=?', array($namespace->session->data['user']['ref'])); $data = array(); $data['message'] = $message; $data['user'] = $namespace->session->data['user']['username']; $data['username_field'] = $row['username']; $data['name_field'] = $row['name']; $data['addresses'] = $namespace->database->query_all('SELECT address.*, true as t, false as f FROM address WHERE account_ref=?', array($row['ref'])); $data['PHP_SELF'] = $PHP_SELF; $template = new Template('account-edit.html', $namespace->config->template_path); $template->parse($data); print $template->output(); $namespace->stop(); # vim:set ts=4: # vim:set shiftwidth=4: ?>