function language_controler_switch()
{
global $user;
$same = $user['language'];
if (isset($_GET['lang'])) {
include_once PHPWG_ROOT_PATH . 'admin/include/languages.class.php';
$languages = new languages();
if (!in_array($_GET['lang'], array_keys($languages->fs_languages))) {
$_GET['lang'] = PHPWG_DEFAULT_LANGUAGE;
}
if (!empty($_GET['lang']) and file_exists(PHPWG_ROOT_PATH . 'language/' . $_GET['lang'] . '/common.lang.php')) {
if (is_a_guest() or is_generic()) {
pwg_set_session_var('lang_switch', $_GET['lang']);
} else {
$query = '
UPDATE ' . USER_INFOS_TABLE . '
SET language = \'' . $_GET['lang'] . '\'
WHERE user_id = ' . $user['id'] . '
;';
pwg_query($query);
}
$user['language'] = $_GET['lang'];
}
} elseif (is_a_guest() or is_generic()) {
$user['language'] = pwg_get_session_var('lang_switch', $user['language']);
}
// Reload language only if it isn't the same one
if ($same !== $user['language']) {
load_language('common.lang', '', array('language' => $user['language']));
load_language('lang', PHPWG_ROOT_PATH . PWG_LOCAL_DIR, array('language' => $user['language'], 'no_fallback' => true, 'local' => true));
if (defined('IN_ADMIN') and IN_ADMIN) {
// Never currently
load_language('admin.lang', '', array('language' => $user['language']));
}
}
}
$user['id'] = $_SESSION['pwg_uid'];
}
}
// Now check the auto-login
if ($user['id'] == $conf['guest_id']) {
auto_login();
}
// using Apache authentication override the above user search
if ($conf['apache_authentication']) {
$remote_user = null;
foreach (array('REMOTE_USER', 'REDIRECT_REMOTE_USER') as $server_key) {
if (isset($_SERVER[$server_key])) {
$remote_user = $_SERVER[$server_key];
break;
}
}
if (isset($remote_user)) {
if (!($user['id'] = get_userid($remote_user))) {
$user['id'] = register_user($remote_user, '', '', false);
}
}
}
// automatic login by authentication key
if (isset($_GET['auth'])) {
auth_key_login($_GET['auth']);
}
$user = build_user($user['id'], (defined('IN_ADMIN') and IN_ADMIN) ? false : true);
if ($conf['browser_language'] and (is_a_guest() or is_generic()) and $language = get_browser_language()) {
$user['language'] = $language;
}
trigger_notify('user_init', $user);
/**
* checks the activation key: does it match the expected pattern? is it
* linked to a user? is this user allowed to reset his password?
*
* @return mixed (user_id if OK, false otherwise)
*/
function check_password_reset_key($reset_key)
{
global $page, $conf;
list($key, $email) = explode('-', $reset_key, 2);
if (!preg_match('/^[a-z0-9]{20}$/i', $key)) {
$page['errors'][] = l10n('Invalid key');
return false;
}
$user_ids = array();
$query = '
SELECT
' . $conf['user_fields']['id'] . ' AS id
FROM ' . USERS_TABLE . '
WHERE ' . $conf['user_fields']['email'] . ' = \'' . pwg_db_real_escape_string($email) . '\'
;';
$user_ids = query2array($query, null, 'id');
if (count($user_ids) == 0) {
$page['errors'][] = l10n('Invalid username or email');
return false;
}
$user_id = null;
$query = '
SELECT
user_id,
status,
activation_key,
activation_key_expire,
NOW() AS dbnow
FROM ' . USER_INFOS_TABLE . '
WHERE user_id IN (' . implode(',', $user_ids) . ')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
if (pwg_password_verify($key, $row['activation_key'])) {
if (strtotime($row['dbnow']) > strtotime($row['activation_key_expire'])) {
// key has expired
$page['errors'][] = l10n('Invalid key');
return false;
}
if (is_a_guest($row['status']) or is_generic($row['status'])) {
$page['errors'][] = l10n('Password reset is not allowed for this user');
return false;
}
$user_id = $row['user_id'];
}
}
if (empty($user_id)) {
$page['errors'][] = l10n('Invalid key');
return false;
}
return $user_id;
}
// logout
logout_user();
redirect(get_gallery_home_url());
} elseif (!empty($_SESSION['pwg_uid'])) {
$user['id'] = $_SESSION['pwg_uid'];
}
}
// Now check the auto-login
if ($user['id'] == $conf['guest_id']) {
auto_login();
}
// using Apache authentication override the above user search
if ($conf['apache_authentication']) {
$remote_user = null;
foreach (array('REMOTE_USER', 'REDIRECT_REMOTE_USER') as $server_key) {
if (isset($_SERVER[$server_key])) {
$remote_user = $_SERVER[$server_key];
break;
}
}
if (isset($remote_user)) {
if (!($user['id'] = get_userid($remote_user))) {
$user['id'] = register_user($remote_user, '', '', false);
}
}
}
$user = build_user($user['id'], (defined('IN_ADMIN') and IN_ADMIN) ? false : true);
if ($conf['browser_language'] and (is_a_guest() or is_generic())) {
get_browser_language($user['language']);
}
trigger_notify('user_init', $user);
