}
}
} else {
$msg->addError(array('EMPTY_FIELDS', _AC('password')));
header('Location: change_email.php');
exit;
}
// email check
if ($_POST['email'] == '') {
$msg->addError(array('EMPTY_FIELDS', _AC('email')));
} else {
if (!preg_match("/^[a-z0-9\\._-]+@+[a-z0-9\\._-]+\\.+[a-z]{2,6}\$/i", $_POST['email'])) {
$msg->addError('EMAIL_INVALID');
}
$usersDAO = new UsersDAO();
$row = $usersDAO->getUserByEmail($_POST['email']);
if ($row['user_id'] > 0 && $row['user_id'] != $_SESSION['user_id']) {
$msg->addError('EMAIL_EXISTS');
}
}
if (!$msg->containsErrors()) {
if (defined('AC_EMAIL_CONFIRMATION') && AC_EMAIL_CONFIRMATION) {
//send confirmation email
$row = $_current_user->getInfo();
if ($row['email'] != $_POST['email']) {
$code = substr(md5($_POST['email'] . $row['creation_date'] . $_SESSION['user_id']), 0, 10);
$confirmation_link = AC_BASE_HREF . 'confirm.php?id=' . $_SESSION['user_id'] . SEP . 'e=' . urlencode($_POST['email']) . SEP . 'm=' . $code;
/* send the email confirmation message: */
require AC_INCLUDE_PATH . 'classes/phpmailer/acheckermailer.class.php';
$mail = new ACheckerMailer();
$mail->From = $_config['contact_email'];
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation. */
/************************************************************************/
define('TR_INCLUDE_PATH', 'include/');
require TR_INCLUDE_PATH . 'vitals.inc.php';
require_once TR_INCLUDE_PATH . 'classes/DAO/UsersDAO.class.php';
$usersDAO = new UsersDAO();
if (isset($_POST['cancel'])) {
$msg->addFeedback('CANCELLED');
header('Location: login.php');
exit;
} else {
if (isset($_POST['form_password_reminder'])) {
//get database info to create & email change-password-link
$_POST['form_email'] = $addslashes($_POST['form_email']);
if ($row = $usersDAO->getUserByEmail($_POST[form_email])) {
//date link was generated (# days since epoch)
$gen = intval(time() / 60 / 60 / 24);
$hash = sha1($row['user_id'] + $gen + $row['password']);
$hash_bit = substr($hash, 5, 15);
$change_link = $_base_href . 'password_reminder.php?id=' . $row['user_id'] . '&g=' . $gen . '&h=' . $hash_bit;
if ($row['first_name'] != '') {
$reply_name = $row['first_name'];
} else {
$reply_name = $row['login'];
}
$tmp_message = _AT(array('password_request2', $reply_name, $row['login'], TR_PASSWORD_REMINDER_EXPIRY, $change_link));
//send email
require TR_INCLUDE_PATH . 'classes/phpmailer/transformablemailer.class.php';
$mail = new TransformableMailer();
$mail->From = $_config['contact_email'];
