$mode = $_GET['mode'];
} else {
$mode = '';
}
$display = '';
$pageBody = '';
if (isset($_POST['cancel'])) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
}
switch ($mode) {
case 'logout':
$pageBody = userLogout();
break;
case 'profile':
case 'user':
$pageBody .= userprofile();
break;
case 'create':
$pageBody .= createuser();
break;
case 'getpassword':
$pageBody .= _userGetpassword();
break;
case 'newpwd':
$pageBody .= _userNewpwd();
break;
case 'setnewpwd':
$pageBody .= _userSetnewpwd();
break;
case 'emailpasswd':
$pageBody .= _userEmailpassword();
/**
* Shows the user's current settings
*
*/
function edituser()
{
global $_CONF, $_SYSTEM, $_TABLES, $_USER, $LANG_MYACCOUNT, $LANG04, $LANG_ADMIN;
$result = DB_query("SELECT fullname,cookietimeout,email,homepage,sig,emailstories,about,location,pgpkey,photo,remoteservice,account_type FROM {$_TABLES['users']},{$_TABLES['userprefs']},{$_TABLES['userinfo']} WHERE {$_TABLES['users']}.uid = {$_USER['uid']} AND {$_TABLES['userprefs']}.uid = {$_USER['uid']} AND {$_TABLES['userinfo']}.uid=" . (int) $_USER['uid']);
$A = DB_fetchArray($result);
$preferences = new Template($_CONF['path_layout'] . 'preferences');
$preferences->set_file(array('profile' => 'profile.thtml', 'photo' => 'userphoto.thtml', 'username' => 'username.thtml', 'current_password' => 'current_password.thtml', 'password' => 'password.thtml', 'resynch' => 'resynch.thtml', 'deleteaccount' => 'deleteaccount.thtml'));
include $_CONF['path_system'] . 'classes/navbar.class.php';
$navbar = new navbar();
$cnt = 0;
if (is_array($LANG_MYACCOUNT)) {
foreach ($LANG_MYACCOUNT as $id => $label) {
if ($id == 'pe_content' && $_CONF['hide_exclude_content'] == 1 && $_CONF['emailstories'] == 0) {
continue;
} else {
$navbar->add_menuitem($label, 'showhideProfileEditorDiv("' . $id . '",' . $cnt . ');return false;', true);
$cnt++;
}
}
$navbar->set_selected($LANG_MYACCOUNT['pe_namepass']);
}
$preferences->set_var('navbar', $navbar->generate());
$preferences->set_var('no_javascript_warning', $LANG04[150]);
$preferences->set_var('cssid1', 1);
$preferences->set_var('cssid2', 2);
$preferences->set_var('preview', userprofile($_USER['uid']));
$preferences->set_var('prefs', editpreferences());
// some trickery to ensure alternating colors with the available options ...
if ($_CONF['allow_username_change'] == 1) {
$first = 1;
$second = 2;
} else {
$first = 2;
$second = 1;
}
$preferences->set_var('cssid1u', $first);
$preferences->set_var('cssid2u', $second);
if ($_CONF['allow_user_photo'] == 1) {
$tmp = $first;
$first = $second;
$second = $tmp;
}
$preferences->set_var('cssid1p', $first);
$preferences->set_var('cssid2p', $second);
$preferences->set_var('lang_fullname', $LANG04[3]);
$preferences->set_var('lang_fullname_text', $LANG04[34]);
$preferences->set_var('lang_username', $LANG04[2]);
$preferences->set_var('lang_username_text', $LANG04[87]);
$preferences->set_var('lang_password_help_title', $LANG04[146]);
$preferences->set_var('lang_password_help', $LANG04[147]);
$preferences->set_var('lang_password', $LANG04[4]);
$preferences->set_var('lang_password_text', $LANG04[35]);
$preferences->set_var('lang_password_conf', $LANG04[108]);
$preferences->set_var('lang_password_text_conf', $LANG04[109]);
$preferences->set_var('lang_old_password', $LANG04[110]);
$preferences->set_var('lang_old_password_text', $LANG04[111]);
$preferences->set_var('lang_cooktime', $LANG04[68]);
$preferences->set_var('lang_cooktime_text', $LANG04[69]);
$preferences->set_var('lang_email', $LANG04[5]);
$preferences->set_var('lang_email_text', $LANG04[33]);
$preferences->set_var('lang_email_conf', $LANG04[124]);
$preferences->set_var('lang_email_conf_text', $LANG04[126]);
$preferences->set_var('lang_userinfo_help_title', $LANG04[148]);
$preferences->set_var('lang_userinfo_help', $LANG04[149]);
$preferences->set_var('lang_homepage', $LANG04[6]);
$preferences->set_var('lang_homepage_text', $LANG04[36]);
$preferences->set_var('lang_location', $LANG04[106]);
$preferences->set_var('lang_location_text', $LANG04[107]);
$preferences->set_var('lang_signature', $LANG04[32]);
$preferences->set_var('lang_signature_text', $LANG04[37]);
$preferences->set_var('lang_userphoto', $LANG04[77]);
$preferences->set_var('lang_userphoto_text', $LANG04[78]);
$preferences->set_var('lang_about', $LANG04[7]);
$preferences->set_var('lang_about_text', $LANG04[38]);
$preferences->set_var('lang_pgpkey', $LANG04[8]);
$preferences->set_var('lang_pgpkey_text', $LANG04[39]);
$preferences->set_var('lang_submit', $LANG04[9]);
$preferences->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$preferences->set_var('lang_preview_title', $LANG04[145]);
$preferences->set_var('lang_enter_current_password', $LANG04[127]);
$preferences->set_var('lang_name_legend', $LANG04[128]);
$preferences->set_var('lang_password_email_legend', $LANG04[129]);
$preferences->set_var('lang_personal_info_legend', $LANG04[130]);
$preferences->set_var('lang_resynch', $LANG04[178]);
$display_name = COM_getDisplayName($_USER['uid']);
$preferences->set_var('profile_headline', $LANG04[1] . ' ' . $display_name);
if ($_CONF['allow_user_photo'] == 1) {
$preferences->set_var('enctype', 'enctype="multipart/form-data"');
} else {
$preferences->set_var('enctype', '');
}
$preferences->set_var('fullname_value', htmlspecialchars($A['fullname']));
$preferences->set_var('new_username_value', htmlspecialchars($_USER['username']));
if ($A['account_type'] & LOCAL_USER) {
// if ($A['remoteservice'] == '') {
$preferences->set_var('password_value', '');
$preferences->parse('current_password_option', 'current_password', true);
$preferences->parse('password_option', 'password', true);
$preferences->set_var('resynch_option', '');
} else {
$preferences->set_var('current_password_option', '');
$preferences->set_var('password_option', '');
}
if ($A['account_type'] & REMOTE_USER) {
if ($_CONF['user_login_method']['oauth'] && strpos($_USER['remoteservice'], 'oauth.') === 0) {
// OAuth only supports re-synch at the moment
$preferences->set_var('resynch_checked', '');
$sql = "SELECT * FROM {$_TABLES['users']} WHERE email='" . DB_escapeString($A['email']) . "' AND account_type = " . LOCAL_USER;
$mergeResult = DB_query($sql);
if (DB_numRows($mergeResult) == 1) {
$localAccountData = DB_fetchArray($mergeResult);
$preferences->set_var('merge_account', true);
$preferences->set_var('localuid', $localAccountData['uid']);
$preferences->set_var('local_username', $localAccountData['username']);
$preferences->set_var('remoteuid', $_USER['uid']);
}
$preferences->parse('resynch_option', 'resynch', true);
} else {
$preferences->set_var('resynch_option', '');
}
}
$preferences->set_var('plugin_namepass_name', PLG_profileEdit($_USER['uid'], 'namepass', 'name'));
if ($_CONF['allow_username_change'] == 1) {
$preferences->parse('username_option', 'username', true);
} else {
$preferences->set_var('username_option', '');
}
$selection = '<select id="cooktime" name="cooktime">' . LB;
$selection .= COM_optionList($_TABLES['cookiecodes'], 'cc_value,cc_descr', $A['cookietimeout'], 0);
$selection .= '</select>';
$preferences->set_var('cooktime_selector', $selection);
$preferences->set_var('email_value', htmlspecialchars($A['email']));
$preferences->set_var('homepage_value', htmlspecialchars(COM_killJS($A['homepage'])));
$preferences->set_var('location_value', htmlspecialchars(strip_tags($A['location'])));
$preferences->set_var('signature_value', htmlspecialchars($A['sig']));
if ($_CONF['allow_user_photo'] == 1) {
$photo = USER_getPhoto($_USER['uid'], $A['photo'], $A['email'], -1);
if (empty($photo)) {
$preferences->set_var('display_photo', '');
} else {
if (empty($A['photo'])) {
// external avatar
$photo = '<br />' . $photo;
} else {
// uploaded photo - add delete option
$photo = '<br />' . $photo . '<br />' . $LANG04[79] . ' <input type="checkbox" name="delete_photo" />' . LB;
}
$preferences->set_var('display_photo', $photo);
}
$preferences->parse('userphoto_option', 'photo', true);
} else {
$preferences->set_var('userphoto_option', '');
}
$preferences->set_var('plugin_namepass_pwdemail', PLG_profileEdit($_USER['uid'], 'namepass', 'pwdemail'));
$preferences->set_var('plugin_namepass', PLG_profileEdit($_USER['uid'], 'namepass'));
$result = DB_query("SELECT about,pgpkey FROM {$_TABLES['userinfo']} WHERE uid=" . (int) $_USER['uid']);
$A = DB_fetchArray($result);
$reqid = substr(md5(uniqid(rand(), 1)), 1, 16);
DB_change($_TABLES['users'], 'pwrequestid', DB_escapeString($reqid), 'uid', (int) $_USER['uid']);
$preferences->set_var('about_value', htmlspecialchars($A['about']));
$preferences->set_var('pgpkey_value', htmlspecialchars($A['pgpkey']));
$preferences->set_var('uid_value', $reqid);
$preferences->set_var('username_value', htmlspecialchars($_USER['username']));
if ($_CONF['allow_account_delete'] == 1) {
$preferences->set_var('lang_deleteaccount', $LANG04[156]);
$preferences->set_var('delete_text', $LANG04[95]);
$preferences->set_var('lang_button_delete', $LANG04[96]);
$preferences->set_var('delete_mode', 'confirmdelete');
$preferences->set_var('account_id', $reqid);
if (isset($LANG04[157])) {
$preferences->set_var('lang_deleteoption', $LANG04[157]);
} else {
$preferences->set_var('lang_deleteoption', $LANG04[156]);
}
$preferences->parse('delete_account_option', 'deleteaccount', false);
} else {
$preferences->set_var('delete_account_option', '');
}
// Call custom account form and edit function if enabled and exists
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userEdit')) {
$preferences->set_var('customfields', CUSTOM_userEdit($_USER['uid']));
}
$preferences->set_var('plugin_userinfo_personalinfo', PLG_profileEdit($_USER['uid'], 'userinfo', 'personalinfo'));
$preferences->set_var('plugin_userinfo', PLG_profileEdit($_USER['uid'], 'userinfo'));
$preferences->set_var('plugin_panel', PLG_profileEdit($_USER['uid']));
PLG_profileVariablesEdit($_USER['uid'], $preferences);
$retval = $preferences->finish($preferences->parse('output', 'profile'));
$retval .= PLG_profileBlocksEdit($_USER['uid']);
return $retval;
}
/**
* Shows the user's current settings
*
*/
function edituser()
{
global $_CONF, $_TABLES, $_USER, $LANG_MYACCOUNT, $LANG04, $LANG_ADMIN;
$result = DB_query("SELECT fullname,cookietimeout,email,homepage,sig,emailstories,about,location,pgpkey,photo FROM {$_TABLES['users']},{$_TABLES['userprefs']},{$_TABLES['userinfo']} WHERE {$_TABLES['users']}.uid = {$_USER['uid']} AND {$_TABLES['userprefs']}.uid = {$_USER['uid']} AND {$_TABLES['userinfo']}.uid = {$_USER['uid']}");
$A = DB_fetchArray($result);
$preferences = new Template($_CONF['path_layout'] . 'preferences');
$preferences->set_file(array('profile' => 'profile.thtml', 'photo' => 'userphoto.thtml', 'username' => 'username.thtml', 'deleteaccount' => 'deleteaccount.thtml'));
include $_CONF['path_system'] . 'classes/navbar.class.php';
$navbar = new navbar();
$cnt = 0;
foreach ($LANG_MYACCOUNT as $id => $label) {
$navbar->add_menuitem($label, 'showhideProfileEditorDiv("' . $id . '",' . $cnt . ');return false;', true);
$cnt++;
}
$navbar->set_selected($LANG_MYACCOUNT['pe_namepass']);
$preferences->set_var('xhtml', XHTML);
$preferences->set_var('navbar', $navbar->generate());
$preferences->set_var('site_url', $_CONF['site_url']);
$preferences->set_var('layout_url', $_CONF['layout_url']);
$preferences->set_var('no_javascript_warning', $LANG04[150]);
$preferences->set_var('cssid1', 1);
$preferences->set_var('cssid2', 2);
$preferences->set_var('preview', userprofile($_USER['uid']));
$preferences->set_var('prefs', editpreferences());
// some trickery to ensure alternating colors with the available options ...
if ($_CONF['allow_username_change'] == 1) {
$first = 1;
$second = 2;
} else {
$first = 2;
$second = 1;
}
$preferences->set_var('cssid1u', $first);
$preferences->set_var('cssid2u', $second);
if ($_CONF['allow_user_photo'] == 1) {
$tmp = $first;
$first = $second;
$second = $tmp;
}
$preferences->set_var('cssid1p', $first);
$preferences->set_var('cssid2p', $second);
$preferences->set_var('lang_fullname', $LANG04[3]);
$preferences->set_var('lang_fullname_text', $LANG04[34]);
$preferences->set_var('lang_username', $LANG04[2]);
$preferences->set_var('lang_username_text', $LANG04[87]);
$preferences->set_var('lang_password_help_title', $LANG04[146]);
$preferences->set_var('lang_password_help', $LANG04[147]);
$preferences->set_var('lang_password', $LANG04[4]);
$preferences->set_var('lang_password_text', $LANG04[35]);
$preferences->set_var('lang_password_conf', $LANG04[108]);
$preferences->set_var('lang_password_text_conf', $LANG04[109]);
$preferences->set_var('lang_old_password', $LANG04[110]);
$preferences->set_var('lang_old_password_text', $LANG04[111]);
$preferences->set_var('lang_cooktime', $LANG04[68]);
$preferences->set_var('lang_cooktime_text', $LANG04[69]);
$preferences->set_var('lang_email', $LANG04[5]);
$preferences->set_var('lang_email_text', $LANG04[33]);
$preferences->set_var('lang_email_conf', $LANG04[124]);
$preferences->set_var('lang_email_conf_text', $LANG04[126]);
$preferences->set_var('lang_userinfo_help_title', $LANG04[148]);
$preferences->set_var('lang_userinfo_help', $LANG04[149]);
$preferences->set_var('lang_homepage', $LANG04[6]);
$preferences->set_var('lang_homepage_text', $LANG04[36]);
$preferences->set_var('lang_location', $LANG04[106]);
$preferences->set_var('lang_location_text', $LANG04[107]);
$preferences->set_var('lang_signature', $LANG04[32]);
$preferences->set_var('lang_signature_text', $LANG04[37]);
$preferences->set_var('lang_userphoto', $LANG04[77]);
$preferences->set_var('lang_userphoto_text', $LANG04[78]);
$preferences->set_var('lang_about', $LANG04[7]);
$preferences->set_var('lang_about_text', $LANG04[38]);
$preferences->set_var('lang_pgpkey', $LANG04[8]);
$preferences->set_var('lang_pgpkey_text', $LANG04[39]);
$preferences->set_var('lang_submit', $LANG04[9]);
$preferences->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$preferences->set_var('lang_preview_title', $LANG04[145]);
$preferences->set_var('lang_enter_current_password', $LANG04[127]);
$preferences->set_var('lang_name_legend', $LANG04[128]);
$preferences->set_var('lang_password_email_legend', $LANG04[129]);
$preferences->set_var('lang_personal_info_legend', $LANG04[130]);
$display_name = COM_getDisplayName($_USER['uid']);
//$preferences->set_var ('start_block_profile',
// COM_startBlock ($LANG04[1] . ' ' . $display_name));
//$preferences->set_var ('end_block', COM_endBlock ());
$preferences->set_var('profile_headline', $LANG04[1] . ' ' . $display_name);
if ($_CONF['allow_user_photo'] == 1) {
$preferences->set_var('enctype', 'enctype="multipart/form-data"');
} else {
$preferences->set_var('enctype', '');
}
$preferences->set_var('fullname_value', htmlspecialchars($A['fullname']));
$preferences->set_var('new_username_value', htmlspecialchars($_USER['username']));
$preferences->set_var('password_value', '');
if ($_CONF['allow_username_change'] == 1) {
$preferences->parse('username_option', 'username', true);
} else {
$preferences->set_var('username_option', '');
}
$selection = '<select id="cooktime" name="cooktime">' . LB;
$selection .= COM_optionList($_TABLES['cookiecodes'], 'cc_value,cc_descr', $A['cookietimeout'], 0);
$selection .= '</select>';
$preferences->set_var('cooktime_selector', $selection);
$preferences->set_var('email_value', htmlspecialchars($A['email']));
$preferences->set_var('homepage_value', htmlspecialchars(COM_killJS($A['homepage'])));
$preferences->set_var('location_value', htmlspecialchars(strip_tags($A['location'])));
$preferences->set_var('signature_value', htmlspecialchars($A['sig']));
if ($_CONF['allow_user_photo'] == 1) {
$photo = USER_getPhoto($_USER['uid'], $A['photo'], $A['email'], -1);
if (empty($photo)) {
$preferences->set_var('display_photo', '');
} else {
if (empty($A['photo'])) {
// external avatar
$photo = '<br' . XHTML . '>' . $photo;
} else {
// uploaded photo - add delete option
$photo = '<br' . XHTML . '>' . $photo . '<br' . XHTML . '>' . $LANG04[79] . ' <input type="checkbox" name="delete_photo"' . XHTML . '>' . LB;
}
$preferences->set_var('display_photo', $photo);
}
if (empty($_CONF['image_lib'])) {
$scaling = $LANG04[162];
} else {
$scaling = $LANG04[161];
}
$preferences->set_var('photo_max_dimensions', sprintf($LANG04[160], $_CONF['max_photo_width'], $_CONF['max_photo_height'], $_CONF['max_photo_size'], $scaling));
$preferences->parse('userphoto_option', 'photo', true);
} else {
$preferences->set_var('userphoto_option', '');
}
$result = DB_query("SELECT about,pgpkey FROM {$_TABLES['userinfo']} WHERE uid = {$_USER['uid']}");
$A = DB_fetchArray($result);
$reqid = substr(md5(uniqid(rand(), 1)), 1, 16);
DB_change($_TABLES['users'], 'pwrequestid', $reqid, 'uid', $_USER['uid']);
$preferences->set_var('about_value', htmlspecialchars($A['about']));
$preferences->set_var('pgpkey_value', htmlspecialchars($A['pgpkey']));
$preferences->set_var('uid_value', $reqid);
$preferences->set_var('username_value', htmlspecialchars($_USER['username']));
if ($_CONF['allow_account_delete'] == 1) {
$preferences->set_var('lang_deleteaccount', $LANG04[156]);
$preferences->set_var('delete_text', $LANG04[95]);
$preferences->set_var('lang_button_delete', $LANG04[96]);
$preferences->set_var('delete_mode', 'confirmdelete');
$preferences->set_var('account_id', $reqid);
if (isset($LANG04[157])) {
$preferences->set_var('lang_deleteoption', $LANG04[157]);
} else {
$preferences->set_var('lang_deleteoption', $LANG04[156]);
}
$preferences->parse('delete_account_option', 'deleteaccount', false);
} else {
$preferences->set_var('delete_account_option', '');
}
// Call custom account form and edit function if enabled and exists
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userEdit')) {
$preferences->set_var('customfields', CUSTOM_userEdit($_USER['uid']));
}
PLG_profileVariablesEdit($_USER['uid'], $preferences);
$retval = $preferences->finish($preferences->parse('output', 'profile'));
$retval .= PLG_profileBlocksEdit($_USER['uid']);
return $retval;
}
$plugin = '';
if ($msg > 0 && isset($_GET['plugin'])) {
$plugin = COM_applyFilter($_GET['plugin']);
}
$display .= userprofile($uid, $msg, $plugin);
} else {
$display .= COM_refresh($_CONF['site_url'] . '/index.php');
}
break;
case 'user':
$username = COM_applyFilter($_GET['username']);
if (!empty($username)) {
$username = addslashes($username);
$uid = DB_getItem($_TABLES['users'], 'uid', "username = '******'");
if ($uid > 1) {
$display .= userprofile($uid);
} else {
$display .= COM_refresh($_CONF['site_url'] . '/index.php');
}
} else {
$display .= COM_refresh($_CONF['site_url'] . '/index.php');
}
break;
case 'create':
if ($_CONF['disable_new_user_registration']) {
$display .= COM_siteHeader('menu', $LANG04[22]);
$display .= COM_startBlock($LANG04[22], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG04[122] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display .= COM_siteFooter();
} else {
$email = COM_applyFilter($_POST['email']);
$email_conf = COM_applyFilter($_POST['email_conf']);
