$logger->addMsg(Pommo::_T('Failed login attempt. Try again.'));
}
} elseif (!empty($_POST['resetPassword'])) {
// TODO -- visit this function later
// Check if a reset password request has been received
// check that captcha matched
if (!isset($_POST['captcha'])) {
// generate captcha
$captcha = substr(md5(rand()), 0, 4);
$smarty->assign('captcha', $captcha);
} elseif ($_POST['captcha'] == $_POST['realdeal']) {
// user inputted captcha matched. Reset password
Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/pending.php');
Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/messages.php');
// see if there is already a pending request for the administrator [subscriber id == 0]
if (PommoPending::isPending(0)) {
$input = urlencode(serialize(array('adminID' => TRUE, 'Email' => $pommo->_config['admin_email'])));
Pommo::redirect($pommo->_http . $pommo->_baseUrl . 'user/pending.php?input=' . $input);
}
// create a password change request, send confirmation mail
$subscriber = array('id' => 0);
$code = PommoPending::add($subscriber, 'password');
PommoHelperMessages::sendMessage(array('to' => $pommo->_config['admin_email'], 'code' => $code, 'type' => 'password'));
$smarty->assign('captcha', FALSE);
} else {
// captcha did not match
$logger->addMsg(Pommo::_T('Captcha did not match. Try again.'));
}
}
// referer (used to return user to requested page upon login success)
$smarty->assign('referer', isset($_REQUEST['referer']) ? $_REQUEST['referer'] : $pommo->_baseUrl . 'admin/admin.php');
function add(&$subscriber, $type = null)
{
global $pommo;
$dbo =& $pommo->_dbo;
$logger =& $pommo->_logger;
switch ($type) {
case 'add':
case 'del':
case 'change':
case 'password':
break;
default:
$logger->addErr('Unknown type passed to PommoPending::add');
return false;
}
$p = array('subscriber_id' => $subscriber['id'], 'type' => $type, 'code' => PommoHelper::makeCode(), 'array' => $type == 'change' ? $subscriber : array());
$pending = PommoPending::make($p);
if (!PommoPending::validate($pending)) {
$logger->addErr('PommoPending::add() failed validation');
return false;
}
if (!empty($pending['array'])) {
$pending['array'] = serialize($pending['array']);
}
// check for pre-existing pending request
if (PommoPending::isPending($pending['subscriber_id'])) {
return false;
}
$query = "\n\t\t\tINSERT INTO " . $dbo->table['subscriber_pending'] . "\n\t\t\tSET\n\t\t\t\t[pending_array='%S',]\n\t\t\t\tsubscriber_id=%i,\n\t\t\t\tpending_type='%s',\n\t\t\t\tpending_code='%s'";
$query = $dbo->prepare($query, array($pending['array'], $pending['subscriber_id'], $pending['type'], $pending['code']));
if (!$dbo->query($query)) {
return false;
}
return $pending['code'];
}
SETUP TEMPLATE, PAGE
*********************************/
Pommo::requireOnce($pommo->_baseDir . 'inc/classes/template.php');
$smarty = new PommoTemplate();
// Prepare for subscriber form -- load in fields + POST/Saved Subscribe Form
$smarty->prepareForSubscribeForm();
// fetch the subscriber, validate code
$subscriber = current(PommoSubscriber::get(array('email' => empty($_REQUEST['email']) ? '0' : $_REQUEST['email'], 'status' => 1)));
if (empty($subscriber)) {
Pommo::redirect('login.php');
}
if ($_REQUEST['code'] != PommoSubscriber::getActCode($subscriber)) {
Pommo::kill(Pommo::_T('Invalid activation code.'));
}
// check if we have pending request
if (PommoPending::isPending($subscriber['id'])) {
$input = urlencode(serialize(array('Email' => $_POST['Email'])));
Pommo::redirect('pending.php?input=' . $input);
}
$config = PommoAPI::configGet(array('notices'));
$notices = unserialize($config['notices']);
if (!isset($_POST['d'])) {
$smarty->assign('d', $subscriber['data']);
}
// check for an update + validate new subscriber info (also converts dates to ints)
if (!empty($_POST['update']) && PommoValidate::subscriberData($_POST['d'])) {
$newsub = array('id' => $subscriber['id'], 'email' => $subscriber['email'], 'data' => $_POST['d']);
if (!empty($_POST['newemail'])) {
// if change in email, validate and send confirmation of update
if ($_POST['newemail'] != $_POST['newemail2']) {
$logger->addErr(Pommo::_T('Emails must match.'));
