function douserset($data, $user)
{
$err = '';
$chg = getparam('Change', false);
$api = false;
switch ($chg) {
case 'API Key':
$ans = getAtts($user, 'KAPIKey.str,KAPIKey.dateexp');
if ($ans['STATUS'] != 'ok') {
dbdown();
}
// Should be no other reason?
if (isset($ans['KAPIKey.dateexp']) && $ans['KAPIKey.dateexp'] == 'N') {
$err = 'You can only change it once a day';
if (isset($ans['KAPIKey.str'])) {
$api = $ans['KAPIKey.str'];
}
} else {
$ran = $ans['STAMP'] . $user . rand(100000000, 999999999);
$api = hash('md4', $ran);
$day = 60 * 60 * 24;
$ans = setAtts($user, array('ua_KAPIKey.str' => $api, 'ua_KAPIKey.date' => "now+{$day}"));
if ($ans['STATUS'] != 'ok') {
syserror();
}
}
break;
}
if ($api === false) {
$ans = getAtts($user, 'KAPIKey.str');
if ($ans['STATUS'] != 'ok') {
dbdown();
}
// Should be no other reason?
if (isset($ans['KAPIKey.str'])) {
$api = $ans['KAPIKey.str'];
}
}
$pg = uset($data, $user, $api, $err);
return $pg;
}
function getOpts($user, $optlist)
{
if ($user == false) {
showIndex();
}
$flds = array('username' => $user, 'optlist' => $optlist);
$msg = msgEncode('getopts', 'getopts', $flds, $user);
$rep = sendsockreply('getOpts', $msg);
if (!$rep) {
dbdown();
}
return repDecode($rep);
}
function emailcheck($user)
{
$ans = userSettings($user);
if ($ans['STATUS'] != 'ok') {
dbdown();
}
// Should be no other reason?
if (!isset($ans['email'])) {
return 'You need to setup an email address first';
} else {
return bademail($ans['email'], true);
}
}
function dosettings($data, $user)
{
$err = '';
$chg = getparam('Change', false);
$check = false;
switch ($chg) {
case 'EMail':
$email = getparam('email', false);
if (stripos($email, 'hotmail') !== false) {
$err = 'hotmail not allowed';
} else {
$pass = getparam('pass', false);
$twofa = getparam('2fa', false);
$ans = userSettings($user, $email, null, $pass, $twofa);
$err = 'EMail changed';
$check = true;
}
break;
case 'Address':
if (!isset($data['info']['u_multiaddr'])) {
$addr = getparam('baddr', false);
$addrarr = array(array('addr' => $addr));
$pass = getparam('pass', false);
$twofa = getparam('2fa', false);
$ans = userSettings($user, null, $addrarr, $pass, $twofa);
$err = 'Payout address changed';
$check = true;
}
break;
case 'Password':
$oldpass = getparam('oldpass', false);
$pass1 = getparam('pass1', false);
$pass2 = getparam('pass2', false);
$twofa = getparam('2fa', false);
if (!safepass($pass1)) {
$err = 'Unsafe password. ' . passrequires();
} elseif ($pass1 != $pass2) {
$err = "Passwords don't match";
} else {
$ans = setPass($user, $oldpass, $pass1, $twofa);
$err = 'Password changed';
$check = true;
}
break;
}
$doemail = false;
if ($check === true) {
if ($ans['STATUS'] != 'ok') {
$err = $ans['STATUS'];
if ($ans['ERROR'] != '') {
$err .= ': ' . $ans['ERROR'];
}
} else {
$doemail = true;
}
}
$ans = userSettings($user);
if ($ans['STATUS'] != 'ok') {
dbdown();
}
// Should be no other reason?
if (isset($ans['email'])) {
$email = $ans['email'];
} else {
$email = '';
}
// Use the first one - updating will expire all others
if (isset($ans['rows']) and $ans['rows'] > 0) {
$addr = $ans['addr:0'];
} else {
$addr = '';
}
if ($doemail) {
if ($email == '') {
if ($err != '') {
$err .= '<br>';
}
$err .= 'An error occurred, check your details below';
goto iroiroattanoyo;
}
$emailinfo = getOpts($user, emailOptList());
if ($emailinfo['STATUS'] != 'ok') {
if ($err != '') {
$err .= '<br>';
}
$err .= 'An error occurred, check your details below';
goto iroiroattanoyo;
}
switch ($chg) {
case 'EMail':
if (isset($_SESSION['old_set_email'])) {
$old = $_SESSION['old_set_email'];
} else {
$old = null;
}
emailAddressChanged($email, zeip(), $emailinfo, $old);
break;
case 'Address':
payoutAddressChanged($email, zeip(), $emailinfo);
break;
case 'Password':
passChanged($email, zeip(), $emailinfo);
break;
}
}
iroiroattanoyo:
$pg = settings($data, $user, $email, $addr, $err);
return $pg;
}
function do2fa($data, $user)
{
$mailmode = '';
$err = '';
$msg = '';
$setup = getparam('Setup', false);
if ($setup === 'Setup') {
// rand() included as part of the entropy
$ans = get2fa($user, 'setup', rand(1073741824, 2147483647), 0);
$mailmode = 'Setup';
} else {
$can = getparam('Cancel', false);
if ($can === 'Cancel') {
$ans = get2fa($user, 'untest', 0, 0);
$mailmode = 'Cancel';
} else {
$value = getparam('Value', false);
$test = getparam('Test', false);
if ($test === 'Test' and $value !== null) {
$ans = get2fa($user, 'test', 0, $value);
$mailmode = 'Test';
} else {
$nw = getparam('New', false);
if ($nw === 'New' and $value !== null) {
$ans = get2fa($user, 'new', rand(1073741824, 2147483647), $value);
$mailmode = 'New';
} else {
$rem = getparam('Remove', false);
if ($rem === 'Remove' and $value !== null) {
$ans = get2fa($user, 'remove', 0, $value);
$mailmode = 'Remove';
} else {
$ans = get2fa($user, '', 0, 0);
}
}
}
}
}
if ($ans['STATUS'] != 'ok') {
$err = 'DBERR';
} else {
if (isset($ans['2fa_error'])) {
$err = $ans['2fa_error'];
}
if ($mailmode != '' and $err == '') {
$ans2 = userSettings($user);
if ($ans2['STATUS'] != 'ok') {
dbdown();
}
// Should be no other reason?
if (!isset($ans2['email'])) {
$err = 'An error occurred, check your details below';
} else {
$email = $ans2['email'];
$emailinfo = getOpts($user, emailOptList());
if ($emailinfo['STATUS'] != 'ok') {
$err = 'An error occurred, check your details below';
} else {
if ($mailmode === 'Setup') {
twofaSetup($email, zeip(), $emailinfo);
} else {
if ($mailmode === 'Test') {
twofaEnabled($email, zeip(), $emailinfo);
} else {
if ($mailmode === 'New') {
twofaSetup($email, zeip(), $emailinfo);
} else {
if ($mailmode === 'Cancel') {
twofaCancel($email, zeip(), $emailinfo);
} else {
if ($mailmode === 'Remove') {
twofaRemove($email, zeip(), $emailinfo);
}
}
}
}
}
}
}
}
}
if (!isset($ans['2fa_status'])) {
$tfa = null;
} else {
$tfa = $ans['2fa_status'];
}
if (isset($ans['2fa_msg'])) {
$msg = $ans['2fa_msg'];
}
$pg = set_2fa($data, $user, $tfa, $ans, $err, $msg);
return $pg;
}
function eventCmd($user, $flds)
{
if ($user == false) {
showIndex();
}
$msg = msgEncode('events', 'events', $flds, $user);
$rep = sendsockreply('eventCmd', $msg);
if (!$rep) {
dbdown();
}
return repDecode($rep);
}
