Enano CMS (1.1.x): plugins/SpecialUserPrefs.php@902822492a68 (annotated)

0 902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	1	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	2	/*
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	3	Plugin Name: User control panel
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	4	Plugin URI: http://www.enanocms.org/
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	5	Description: Provides the page Special:Preferences.
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	6	Author: Dan Fuhry
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	7	Version: 1.0
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	8	Author URI: http://www.enanocms.org/
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	9	*/
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	10
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	11	/*
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	12	* Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	13	* Version 1.0 release candidate 2
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	14	* Copyright (C) 2006-2007 Dan Fuhry
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	15	*
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	16	* This program is Free Software; you can redistribute it and/or modify it under the terms of the GNU General Public License
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	17	* as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	18	*
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	19	* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	20	* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	21	*/
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	22
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	23	$userprefs_menu = Array();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	24	$userprefs_menu_links = Array();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	25	function userprefs_menu_add($section, $text, $link)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	26	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	27	global $userprefs_menu;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	28	if ( is_array($userprefs_menu[$section]) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	29	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	30	$userprefs_menu[$section][] = Array(
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	31	'text' => $text,
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	32	'link' => $link
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	33	);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	34	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	35	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	36	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	37	$userprefs_menu[$section] = Array(Array(
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	38	'text' => $text,
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	39	'link' => $link
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	40	));
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	41	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	42	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	43
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	44	function userprefs_menu_html()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	45	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	46	global $userprefs_menu;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	47	global $userprefs_menu_links;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	48
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	49	$html = '';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	50	$quot = '"';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	51
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	52	foreach ( $userprefs_menu as $section => $buttons )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	53	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	54	$html .= ( isset($userprefs_menu_links[$section]) ) ? "<a href={$quot}{$userprefs_menu_links[$section]}{$quot}>{$section}</a>\n " : "<a>{$section}</a>\n ";
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	55	$html .= "<ul>\n ";
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	56	foreach ( $buttons as $button )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	57	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	58	$html .= " <li><a href={$quot}{$button['link']}{$quot}>{$button['text']}</a></li>\n ";
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	59	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	60	$html .= "</ul>\n ";
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	61	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	62
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	63	return $html;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	64	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	65
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	66	function userprefs_show_menu()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	67	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	68	echo '<div class="menu_nojs">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	69	' . userprefs_menu_html() . '
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	70	<span class="menuclear"></span>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	71	</div>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	72	<br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	73	';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	74	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	75
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	76	function userprefs_menu_init()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	77	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	78	global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	79	global $userprefs_menu_links;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	80
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	81	userprefs_menu_add('Profile/membership', 'Edit e-mail address and password', makeUrlNS('Special', 'Preferences/EmailPassword'));
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	82	userprefs_menu_add('Profile/membership', 'Edit signature', makeUrlNS('Special', 'Preferences/Signature'));
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	83	userprefs_menu_add('Profile/membership', 'Edit public profile', makeUrlNS('Special', 'Preferences/Profile'));
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	84	userprefs_menu_add('Private messages', 'Inbox', makeUrlNS('Special', 'PrivateMessages/Folder/Inbox'));
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	85	userprefs_menu_add('Private messages', 'Outbox', makeUrlNS('Special', 'PrivateMessages/Folder/Outbox'));
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	86	userprefs_menu_add('Private messages', 'Sent items', makeUrlNS('Special', 'PrivateMessages/Folder/Sent'));
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	87	userprefs_menu_add('Private messages', 'Drafts', makeUrlNS('Special', 'PrivateMessages/Folder/Drafts'));
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	88	userprefs_menu_add('Private messages', 'Archive', makeUrlNS('Special', 'PrivateMessages/Folder/Archive'));
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	89
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	90	$userprefs_menu_links['Profile/membership'] = makeUrlNS('Special', 'Preferences');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	91	$userprefs_menu_links['Private messages'] = makeUrlNS('Special', 'PrivateMessages');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	92
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	93	$code = $plugins->setHook('userprefs_jbox');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	94	foreach ( $code as $cmd )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	95	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	96	eval($cmd);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	97	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	98	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	99
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	100	$plugins->attachHook('session_started', 'userprefs_menu_init();');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	101
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	102	function page_Special_Preferences()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	103	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	104	global $db, $session, $paths, $template, $plugins; // Common objects
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	105
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	106	// We need a login to continue
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	107	if ( !$session->user_logged_in )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	108	redirect(makeUrlNS('Special', 'Login/' . $paths->page), 'Login required', 'You need to be logged in to access this page. Please wait while you are redirected to the login page.');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	109
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	110	// User ID - later this will be specified on the URL, but hardcoded for now
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	111	$uid = intval($session->user_id);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	112
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	113	// Instanciate the AES encryptor
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	114	$aes = new AESCrypt(AES_BITS, AES_BLOCKSIZE);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	115
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	116	// Basic user info
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	117	$q = $db->sql_query('SELECT username, password, email, real_name, signature, theme, style FROM '.table_prefix.'users WHERE user_id='.$uid.';');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	118	if ( !$q )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	119	$db->_die();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	120
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	121	$row = $db->fetchrow();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	122	$db->free_result();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	123
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	124	$section = $paths->getParam(0);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	125	if ( !$section )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	126	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	127	$section = 'Home';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	128	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	129
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	130	$errors = '';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	131
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	132	switch ( $section )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	133	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	134	case 'EmailPassword':
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	135	// Require elevated privileges (well sortof)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	136	if ( $session->auth_level < USER_LEVEL_CHPREF )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	137	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	138	redirect(makeUrlNS('Special', 'Login/' . $paths->fullpage, 'level=' . USER_LEVEL_CHPREF, true), 'Authentication required', 'You need to re-authenticate to access this page.', 0);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	139	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	140
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	141	if ( isset($_POST['submit']) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	142	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	143	$email_changed = false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	144	// First do the e-mail address
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	145	if ( strlen($_POST['newemail']) > 0 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	146	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	147	switch('foo') // Same reason as in the password code...
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	148	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	149	case 'foo':
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	150	if ( $_POST['newemail'] != $_POST['newemail_conf'] )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	151	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	152	$errors .= '<div class="error-box">The e-mail addresses you entered did not match.</div>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	153	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	154	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	155	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	156	$q = $db->sql_query('SELECT password FROM '.table_prefix.'users WHERE user_id='.$session->user_id.';');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	157	if ( !$q )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	158	$db->_die();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	159	$row = $db->fetchrow();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	160	$db->free_result();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	161	$old_pass = $aes->decrypt($row['password'], $session->private_key, ENC_HEX);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	162
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	163	$new_email = $_POST['newemail'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	164
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	165	$result = $session->update_user($session->user_id, false, $old_pass, false, $new_email);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	166	if ( $result != 'success' )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	167	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	168	die_friendly('Error updating e-mail address', '<p>Session API returned error: ' . $result . '</p>');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	169	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	170	$email_changed = true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	171	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	172	// Obtain password
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	173	if ( $_POST['use_crypt'] == 'yes' && !empty($_POST['crypt_data']) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	174	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	175	$key = $session->fetch_public_key($_POST['crypt_key']);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	176	if ( !$key )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	177	die('Can\'t lookup key');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	178	$key = hexdecode($key);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	179	$newpass = $aes->decrypt($_POST['crypt_data'], $key, ENC_HEX);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	180	// At this point we know if we _want_ to change the password...
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	181
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	182	// We can't check the password to see if it matches the confirmation
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	183	// because the confirmation was destroyed during the encryption. I figured
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	184	// this wasn't a big deal because if the encryption worked, then either
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	185	// the Javascript validated it or the user hacked the form. In the latter
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	186	// case, if he's smart enough to hack the encryption code, he's probably
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	187	// smart enough to remember his password.
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	188
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	189	if ( strlen($newpass) > 0 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	190	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	191	// Perform checks
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	192	if ( strlen($newpass) < 6 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	193	$errors .= '<div class="error-box">Password must be at least 6 characters. You hacked my script, darn you!</div>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	194	// Encrypt new password
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	195	$newpass_enc = $aes->encrypt($newpass, $session->private_key, ENC_HEX);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	196	// Perform the swap
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	197	$q = $db->sql_query('UPDATE '.table_prefix.'users SET password=\'' . $newpass_enc . '\' WHERE user_id=' . $session->user_id . ';');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	198	if ( !$q )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	199	$db->_die();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	200	// Log out and back in
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	201	$username = $session->username;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	202	$session->logout();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	203	if ( $email_changed )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	204	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	205	if ( getConfig('account_activation') == 'user' )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	206	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	207	redirect(makeUrl(getConfig('main_page')), 'Profile changed', 'Your password and e-mail address have been changed. Since e-mail activation is required on this site, you will need to re-activate your account to continue. An e-mail has been sent to the new e-mail address with an activation link. You must click that link in order to log in again.', 19);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	208	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	209	else if ( getConfig('account_activation') == 'admin' )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	210	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	211	redirect(makeUrl(getConfig('main_page')), 'Profile changed', 'Your password and e-mail address have been changed. Since administrative activation is requires on this site, a request has been sent to the administrators to activate your account for you. You will not be able to use your account until it is activated by an administrator.', 19);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	212	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	213	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	214	$session->login_without_crypto($session->username, $newpass);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	215	redirect(makeUrlNS('Special', 'Preferences'), 'Password changed', 'Your password has been changed, and you will now be redirected back to the user control panel.', 4);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	216	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	217	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	218	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	219	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	220	switch('foo') // allow breaking out of our section...i can't wait until PHP6 (goto support!)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	221	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	222	case 'foo':
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	223	$pass = $_POST['newpass'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	224	if ( $pass != $_POST['newpass_conf'] )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	225	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	226	$errors .= '<div class="error-box">The passwords you entered did not match</div>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	227	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	228	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	229
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	230	if ( $email_changed )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	231	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	232	if ( getConfig('account_activation') == 'user' )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	233	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	234	redirect(makeUrl(getConfig('main_page')), 'Profile changed', 'Your e-mail address has been changed. Since e-mail activation is required on this site, you will need to re-activate your account to continue. An e-mail has been sent to the new e-mail address with an activation link. You must click that link in order to log in again.', 19);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	235	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	236	else if ( getConfig('account_activation') == 'admin' )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	237	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	238	redirect(makeUrl(getConfig('main_page')), 'Profile changed', 'Your e-mail address has been changed. Since administrative activation is requires on this site, a request has been sent to the administrators to activate your account for you. You will not be able to use your account until it is activated by an administrator.', 19);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	239	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	240	else
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	241	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	242	redirect(makeUrlNS('Special', 'Preferences'), 'Password changed', 'Your e-mail address has been changed, and you will now be redirected back to the user control panel.', 4);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	243	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	244	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	245
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	246	return;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	247	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	248	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	249	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	250	$template->tpl_strings['PAGE_NAME'] = 'Change E-mail Address or Password';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	251	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	252	case 'Signature':
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	253	$template->tpl_strings['PAGE_NAME'] = 'Editing signature';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	254	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	255	case 'Profile':
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	256	$template->tpl_strings['PAGE_NAME'] = 'Editing public profile';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	257	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	258	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	259
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	260	$template->header();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	261
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	262	// Output the menu
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	263	// This is not templatized because it conforms to the jBox menu standard.
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	264
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	265	userprefs_show_menu();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	266
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	267	switch ( $section )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	268	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	269	case 'Home':
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	270	global $email;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	271	$user_page = '<a href="' . makeUrlNS('User', str_replace(' ', '_', $session->username)) . '">user page</a> <sup>(<a href="' . makeUrlNS('User', str_replace(' ', '_', $session->username)) . '#do:comments">comments</a>)</sup>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	272	$site_admin = $email->encryptEmail(getConfig('contact_email'), '', '', 'administrator');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	273	echo "<h3 style='margin-top: 0;'>$session->username, welcome to your control panel</h3>";
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	274	echo "<p>Here you can make changes to your profile, view statistics on yourself on this site, and set your preferences.</p>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	275	<p>If you have not already done so, you are encouraged to make a $user_page and tell the other members of this site a little about yourself.</p>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	276	<p>Use the menu at the top to navigate around. If you have any questions, you may contact the $site_admin.";
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	277	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	278	case 'EmailPassword':
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	279
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	280	echo '<form action="' . makeUrlNS('Special', 'Preferences/EmailPassword') . '" method="post" onsubmit="return runEncryption();" name="empwform" >';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	281
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	282	// Password change form
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	283	$pubkey = $session->rijndael_genkey();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	284
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	285	echo '<fieldset>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	286	<legend>Change password</legend>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	287	Type a new password:<br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	288	<input type="password" name="newpass" size="30" tabindex="1" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	289	<br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	290	<br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	291	Type the password again to confirm:<br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	292	<input type="password" name="newpass_conf" size="30" tabindex="2" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	293	</fieldset><br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	294	<fieldset>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	295	<legend>Change e-mail address</legend>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	296	New e-mail address:<br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	297	<input type="text" name="newemail" size="30" tabindex="3" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	298	<br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	299	<br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	300	Confirm e-mail address:<br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	301	<input type="text" name="newemail_conf" size="30" tabindex="4" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	302	</fieldset>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	303	<input type="hidden" name="use_crypt" value="no" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	304	<input type="hidden" name="crypt_key" value="' . $pubkey . '" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	305	<input type="hidden" name="crypt_data" value="" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	306	<br />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	307	<div style="text-align: right;"><input type="submit" name="submit" value="Save Changes" tabindex="5" /></div>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	308
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	309	echo '</form>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	310
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	311	// ENCRYPTION CODE
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	312	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	313	<script type="text/javascript">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	314	disableJSONExts();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	315	str = '';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	316	for(i=0;i<keySizeInBits/4;i++) str+='0';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	317	var key = hexToByteArray(str);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	318	var pt = hexToByteArray(str);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	319	var ct = rijndaelEncrypt(pt, key, "ECB");
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	320	var ct = byteArrayToHex(ct);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	321	switch(keySizeInBits)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	322	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	323	case 128:
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	324	v = '66e94bd4ef8a2c3b884cfa59ca342b2e';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	325	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	326	case 192:
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	327	v = 'aae06992acbf52a3e8f4a96ec9300bd7aae06992acbf52a3e8f4a96ec9300bd7';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	328	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	329	case 256:
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	330	v = 'dc95c078a2408989ad48a21492842087dc95c078a2408989ad48a21492842087';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	331	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	332	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	333	var aes_testpassed = ( ct == v && md5_vm_test() );
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	334	function runEncryption()
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	335	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	336	var frm = document.forms.empwform;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	337	if ( frm.newpass.value.length < 1 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	338	return true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	339	if(aes_testpassed)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	340	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	341	frm.use_crypt.value = 'yes';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	342	var cryptkey = frm.crypt_key.value;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	343	frm.crypt_key.value = hex_md5(cryptkey);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	344	cryptkey = hexToByteArray(cryptkey);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	345	if(!cryptkey \|\| ( ( typeof cryptkey == 'string' \|\| typeof cryptkey == 'object' ) ) && cryptkey.length != keySizeInBits / 8 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	346	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	347	frm.submit.disabled = true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	348	len = ( typeof cryptkey == 'string' \|\| typeof cryptkey == 'object' ) ? '\nLen: '+cryptkey.length : '';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	349	alert('The key is messed up\nType: '+typeof(cryptkey)+len);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	350	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	351	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	352	pass1 = frm.newpass.value;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	353	pass2 = frm.newpass_conf.value;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	354	if ( pass1 != pass2 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	355	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	356	alert('The passwords you entered do not match.');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	357	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	358	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	359	if ( pass1.length < 6 && pass1.length > 0 )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	360	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	361	alert('The new password must be 6 characters or greater in length.');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	362	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	363	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	364	if(aes_testpassed)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	365	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	366	pass = frm.newpass.value;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	367	pass = stringToByteArray(pass);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	368	cryptstring = rijndaelEncrypt(pass, cryptkey, 'ECB');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	369	if(!cryptstring)
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	370	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	371	return false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	372	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	373	cryptstring = byteArrayToHex(cryptstring);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	374	frm.crypt_data.value = cryptstring;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	375	frm.newpass.value = "";
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	376	frm.newpass_conf.value = "";
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	377	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	378	return true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	379	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	380	</script>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	381	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	382
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	383	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	384	case 'Signature':
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	385	if ( isset($_POST['new_sig']) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	386	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	387	$sig = $_POST['new_sig'];
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	388	$sig = RenderMan::preprocess_text($sig, true, false);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	389	$sql_sig = $db->escape($sig);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	390	$q = $db->sql_query('UPDATE '.table_prefix.'users SET signature=\'' . $sql_sig . '\' WHERE user_id=' . $session->user_id . ';');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	391	if ( !$q )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	392	$db->_die();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	393	$session->signature = $sig;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	394	echo '<div class="info-box" style="margin: 0 0 10px 0;">Your signature has been saved.</div>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	395	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	396	echo '<form action="'.makeUrl($paths->fullpage).'" method="post">';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	397	echo $template->tinymce_textarea('new_sig', $session->signature);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	398	echo '<input type="submit" value="Save signature" />';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	399	echo '</form>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	400	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	401	case "Profile":
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	402	if ( isset($_POST['submit']) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	403	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	404	$real_name = htmlspecialchars($_POST['real_name']);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	405	$real_name = $db->escape($real_name);
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	406	$q = $db->sql_query('UPDATE '.table_prefix."users SET real_name='$real_name' WHERE user_id=$session->user_id;");
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	407	if ( !$q )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	408	$db->_die();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	409
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	410	echo '<div class="info-box" style="margin: 0 0 10px 0;">Your profile has been updated.</div>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	411	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	412	echo '<form action="'.makeUrl($paths->fullpage).'" method="post">';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	413	?>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	414	<div class="tblholder">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	415	<table border="0" cellspacing="1" cellpadding="4">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	416	<tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	417	<th colspan="2">Your public profile</th>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	418	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	419	<tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	420	<td colspan="2" class="row3">Please note that all of the information you enter here will be <b>publicly viewable.</b> All of the fields on this page are optional and may be left blank if you so desire.</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	421	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	422	<tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	423	<td class="row2" style="width: 50%;">Real name:</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	424	<td class="row1" style="width: 50%;"><input type="text" name="real_name" value="<?php echo $session->real_name; ?>" size="30" /></td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	425	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	426	<tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	427	<td class="row2">Change theme:</td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	428	<td class="row1">If you don't like the look of the site, need a visual break, or are just curious, we might have some different themes for you to try out! <a href="<?php echo makeUrlNS('Special', 'ChangeStyle/' . $paths->page); ?>" onclick="ajaxChangeStyle(); return false;">Change my theme...</a></td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	429	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	430	<tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	431	<td colspan="2" class="row3"><small>More is coming soon - planned fields include AOL, WLM, Yahoo, and XMPP messenger fields, allow public display of e-mail address, allow private messages from users not on your buddy list, homepage, occupation, and location.</small></td>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	432	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	433	<tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	434	<th class="subhead" colspan="2">
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	435	<input type="submit" name="submit" value="Save profile" />
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	436	</th>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	437	</tr>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	438	</table>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	439	</div>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	440	<?php
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	441	echo '</form>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	442	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	443	default:
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	444	$good = false;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	445	$code = $plugins->setHook('userprefs_body');
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	446	foreach ( $code as $cmd )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	447	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	448	if ( eval($code) )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	449	$good = true;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	450	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	451	if ( !$good )
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	452	{
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	453	echo '<h3>Invalid module</h3>
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	454	<p>Userprefs module "'.$section.'" not found.</p>';
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	455	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	456	break;
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	457	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	458
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	459	$template->footer();
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	460	}
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	461
902822492a68 Initial population dan@scribus.fuhry.local.fuhry.local parents: diff changeset	462	?>

author	dan@scribus.fuhry.local.fuhry.local
	Wed, 13 Jun 2007 16:03:00 -0400
changeset 0	902822492a68
child 31	dc8741857bde
permissions	-rw-r--r--