$msg = Pommo::_T('subscription request'); $pending['type'] = 'confirm'; // normalize for PommoHelperMessages::sendMessage break; case "change": $msg = Pommo::_T('record update request'); $pending['type'] = 'update'; // normalize for PommoHelperMessages::sendMessage break; case "password": $msg = Pommo::_T('password change request'); break; default: Pommo::redirect('login.php?badPendingType=TRUE'); } // check if user wants to reconfirm or cancel their request if (!empty($_POST)) { if (isset($_POST['reconfirm'])) { Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/messages.php'); PommoHelperMessages::sendMessage(array('to' => $input['Email'], 'code' => $pending['code'], 'type' => $pending['type'])); } elseif (isset($_POST['cancel'])) { if (PommoPending::cancel($pending)) { $logger->addMsg(sprintf(Pommo::_T('Your %s has been cancelled.'), $msg)); } } $smarty->assign('nodisplay', TRUE); } else { $logger->addMsg(sprintf(Pommo::_T('Your %s is still pending. To complete this request, please review the confirmation email sent to %s.'), $msg, $input['Email'])); } $smarty->display('user/pending.tpl'); Pommo::kill();
$formError = array(); $formError['email'] = Pommo::_T('Invalid email address'); $smarty->assign('formError', $formError); // Assign email to form if pre-provided if (isset($_REQUEST['Email'])) { $smarty->assign('Email', $_REQUEST['Email']); } elseif (isset($_REQUEST['email'])) { $smarty->assign('Email', $_REQUEST['email']); } } else { // ___ USER HAS SENT FORM ___ SmartyValidate::connect($smarty); if (SmartyValidate::is_valid($_POST)) { // __ FORM IS VALID __ if (PommoHelper::isDupe($_POST['Email'])) { if (PommoPending::isEmailPending($_POST['Email'])) { $input = urlencode(serialize(array('Email' => $_POST['Email']))); SmartyValidate::disconnect(); Pommo::redirect('pending.php?input=' . $input); } else { // __ EMAIL IN SUBSCRIBERS TABLE, REDIRECT SmartyValidate::disconnect(); Pommo::redirect('activate.php?email=' . $_POST['Email']); } } else { // __ REPORT STATUS $logger->addMsg(Pommo::_T('Email address not found! Please try again.')); $logger->addMsg(sprintf(Pommo::_T('To subscribe, %sclick here%s'), '<a href="' . $pommo->_baseUrl . 'user/subscribe.php?Email=' . $_POST['Email'] . '">', '</a>')); } } $smarty->assign($_POST);
function add(&$subscriber, $type = null) { global $pommo; $dbo =& $pommo->_dbo; $logger =& $pommo->_logger; switch ($type) { case 'add': case 'del': case 'change': case 'password': break; default: $logger->addErr('Unknown type passed to PommoPending::add'); return false; } $p = array('subscriber_id' => $subscriber['id'], 'type' => $type, 'code' => PommoHelper::makeCode(), 'array' => $type == 'change' ? $subscriber : array()); $pending = PommoPending::make($p); if (!PommoPending::validate($pending)) { $logger->addErr('PommoPending::add() failed validation'); return false; } if (!empty($pending['array'])) { $pending['array'] = serialize($pending['array']); } // check for pre-existing pending request if (PommoPending::isPending($pending['subscriber_id'])) { return false; } $query = "\n\t\t\tINSERT INTO " . $dbo->table['subscriber_pending'] . "\n\t\t\tSET\n\t\t\t\t[pending_array='%S',]\n\t\t\t\tsubscriber_id=%i,\n\t\t\t\tpending_type='%s',\n\t\t\t\tpending_code='%s'"; $query = $dbo->prepare($query, array($pending['array'], $pending['subscriber_id'], $pending['type'], $pending['code'])); if (!$dbo->query($query)) { return false; } return $pending['code']; }
} elseif (!empty($_POST['resetPassword'])) { // TODO -- visit this function later // Check if a reset password request has been received // check that captcha matched if (!isset($_POST['captcha'])) { // generate captcha $captcha = substr(md5(rand()), 0, 4); $smarty->assign('captcha', $captcha); } elseif ($_POST['captcha'] == $_POST['realdeal']) { // user inputted captcha matched. Reset password Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/pending.php'); Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/messages.php'); // see if there is already a pending request for the administrator [subscriber id == 0] if (PommoPending::isPending(0)) { $input = urlencode(serialize(array('adminID' => TRUE, 'Email' => $pommo->_config['admin_email']))); Pommo::redirect($pommo->_http . $pommo->_baseUrl . 'user/pending.php?input=' . $input); } // create a password change request, send confirmation mail $subscriber = array('id' => 0); $code = PommoPending::add($subscriber, 'password'); PommoHelperMessages::sendMessage(array('to' => $pommo->_config['admin_email'], 'code' => $code, 'type' => 'password')); $smarty->assign('captcha', FALSE); } else { // captcha did not match $logger->addMsg(Pommo::_T('Captcha did not match. Try again.')); } } // referer (used to return user to requested page upon login success) $smarty->assign('referer', isset($_REQUEST['referer']) ? $_REQUEST['referer'] : $pommo->_baseUrl . 'admin/admin.php'); $smarty->display('index.tpl'); die;
$logger->addMsg(Pommo::_T('No code given.')); $smarty->display('user/confirm.tpl'); Pommo::kill(); } // lookup code $pending = PommoPending::get($_GET['code']); if (!$pending) { $logger->addMsg(Pommo::_T('Invalid code! Make sure you copied it correctly from the email.')); $smarty->display('user/confirm.tpl'); Pommo::kill(); } // Load success messages and redirection URL from config $config = PommoAPI::configGet(array('site_success', 'messages', 'notices')); $messages = unserialize($config['messages']); $notices = unserialize($config['notices']); if (PommoPending::perform($pending)) { Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/messages.php'); // get subscriber info Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/subscribers.php'); $subscriber = current(PommoSubscriber::get(array('id' => $pending['subscriber_id']))); switch ($pending['type']) { case "add": // send/print welcome message PommoHelperMessages::sendMessage(array('to' => $subscriber['email'], 'type' => 'subscribe')); if (isset($notices['subscribe']) && $notices['subscribe'] == 'on') { PommoHelperMessages::notify($notices, $subscriber, 'subscribe'); } if (!empty($config['site_success'])) { Pommo::redirect($config['site_success']); } break;
$smarty->assign('d', $subscriber['data']); } // check for an update + validate new subscriber info (also converts dates to ints) if (!empty($_POST['update']) && PommoValidate::subscriberData($_POST['d'])) { $newsub = array('id' => $subscriber['id'], 'email' => $subscriber['email'], 'data' => $_POST['d']); if (!empty($_POST['newemail'])) { // if change in email, validate and send confirmation of update if ($_POST['newemail'] != $_POST['newemail2']) { $logger->addErr(Pommo::_T('Emails must match.')); } elseif (!PommoHelper::isEmail($_POST['newemail'])) { $logger->addErr(Pommo::_T('Invalid Email Address')); } elseif (PommoHelper::isDupe($_POST['newemail'])) { $logger->addMsg(Pommo::_T('Email address already exists. Duplicates are not allowed.')); } else { $newsub['email'] = $_POST['newemail']; $code = PommoPending::add($newsub, 'change'); if (!$code) { die('Failed to Generate Pending Subscriber Code'); } Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/messages.php'); PommoHelperMessages::sendMessage(array('to' => $newsub['email'], 'code' => $code, 'type' => 'update')); if (isset($notices['update']) && $notices['update'] == 'on') { PommoHelperMessages::notify($notices, $newsub, 'update'); } } } elseif (!PommoSubscriber::update($newsub, 'REPLACE_ACTIVE')) { $logger->addErr('Error updating subscriber.'); } else { // update successful $logger->addMsg(Pommo::_T('Your records have been updated.')); Pommo::requireOnce($pommo->_baseDir . 'inc/helpers/messages.php');