}
if (http_post()) {
if ($verify != "") {
$password_1 = http_post_string("password_1", array("len" => 64, "valid" => "[KEYBOARD]"));
$password_2 = http_post_string("password_2", array("len" => 64, "valid" => "[KEYBOARD]"));
if (strlen($password_1) < 6) {
die("password too short");
}
if ($password_1 != $password_2) {
die("passwords do not match");
}
$salt = crypt_sha256(rand());
$password = crypt_sha256("{$password_1}{$salt}");
$user_conf["password"] = $password;
$user_conf["salt"] = $salt;
db_set_conf("user_conf", $user_conf, $zid);
db_del_rec("email_challenge", $verify);
print_header("Password Reset");
writeln('<h1>Password Reset</h1>');
writeln('<p>Don\'t forget it this time!</p>');
print_footer();
die;
}
$username = http_post_string("username", array("len" => 20, "valid" => "[a-z][A-Z][0-9]"));
$zid = strtolower($username) . "@{$site_name}";
if (!is_local_user($zid)) {
die("no such user [{$zid}]");
}
$user_conf = db_get_conf("user_conf", $zid);
$hash = crypt_sha256(rand());
if (db_has_rec("email_challenge", array("username" => $username))) {
$javascript_enabled = http_post_bool("javascript_enabled", array("numeric" => true));
$time_zone = http_post_string("time_zone", array("len" => 50, "valid" => "[a-z][A-Z]-_/"));
$hide_threshold = http_post_string("hide_threshold", array("valid" => "[0-9]-"));
$expand_threshold = http_post_string("expand_threshold", array("valid" => "[0-9]-"));
$list_enabled = http_post_bool("list_enabled", array("numeric" => true));
$real_name = http_post_string("real_name", array("len" => 50, "required" => false, "valid" => "[a-z][A-Z]- "));
if (!in_array($time_zone, $zones)) {
die("invalid time zone [{$time_zone}]");
}
$user_conf["javascript_enabled"] = $javascript_enabled;
$user_conf["time_zone"] = $time_zone;
$user_conf["hide_threshold"] = $hide_threshold;
$user_conf["expand_threshold"] = $expand_threshold;
$user_conf["list_enabled"] = $list_enabled;
$user_conf["real_name"] = $real_name;
db_set_conf("user_conf", $user_conf, $auth_zid);
//var_dump($user_conf);
//die();
header("Location: /menu/");
die;
}
print_header("Settings");
writeln('<table class="fill">');
writeln('<tr>');
writeln('<td class="left_col">');
print_left_bar("account", "settings");
writeln('</td>');
writeln('<td class="fill">');
writeln('<h1>Settings</h1>');
writeln('<form method="post">');
beg_tab("JavaScript");
