function create_session($email, $regen_id = true)
{
$data = account_data($email);
$_SESSION['logged_in'] = true;
$_SESSION['username'] = $data['username'];
$_SESSION['email'] = $data['email'];
$_SESSION['group'] = $data['group'];
if ($regen_id) {
session_regenerate_id(true);
}
}
$users = account_list();
uasort($users, 'account_group_cmp');
render('user_list', array('head_title' => 'Users', 'users' => $users));
});
// The url router wasn't matching "/users/:email" probably something to do with the @ and the dots in emails
if (startsWith(request_uri(), '/users/') && strlen(trim(request_uri(), '/')) > 5) {
$email = remove_first(request_uri(), '/users/');
if (!account_exists($email)) {
render('err404', null, false);
die;
}
if ($email !== user_email() && !is_reviewer()) {
render('err403', null, false);
die;
}
$data = account_data($email);
$email = $data['email'];
if (request_method() == 'GET') {
render('user', array('head_title' => $data['email'], 'user' => $data, 'user_apps' => app_get_user($data['email'], valid_bool(from($_REQUEST, 'show-deleted'))), 'is_self' => user_email() == $email));
} else {
if (request_method() == 'POST') {
$action = from($_REQUEST, 'action');
switch (strtolower($action)) {
case 'desc':
account_change_desc($email, from($_REQUEST, 'desc'));
redirect('/users/' . $email);
break;
case 'username':
account_change_username($email, from($_REQUEST, 'username'));
redirect('/users/' . $email);
break;
function account_auth($email, $password)
{
$data = account_data($email);
if (hash_password($password, $data['salt'])[0] === $data['password']) {
return true;
} else {
return false;
}
}
