$usersDAO = new UsersDAO();
$row = $usersDAO->getUserByEmail($_POST['email']);
if ($row['user_id'] > 0 && $row['user_id'] != $_SESSION['user_id']) {
$msg->addError('EMAIL_EXISTS');
}
}
if (!$msg->containsErrors()) {
if (defined('TR_EMAIL_CONFIRMATION') && TR_EMAIL_CONFIRMATION) {
//send confirmation email
$row = $_current_user->getInfo();
if ($row['email'] != $_POST['email']) {
$code = substr(md5($_POST['email'] . $row['creation_date'] . $_SESSION['user_id']), 0, 10);
$confirmation_link = TR_BASE_HREF . 'confirm.php?id=' . $_SESSION['user_id'] . SEP . 'e=' . urlencode($_POST['email']) . SEP . 'm=' . $code;
/* send the email confirmation message: */
require TR_INCLUDE_PATH . 'classes/phpmailer/transformablemailer.class.php';
$mail = new TransformableMailer();
$mail->From = $_config['contact_email'];
$mail->AddAddress($_POST['email']);
$mail->Subject = SITE_NAME . ' - ' . _AT('email_confirmation_subject');
$mail->Body = _AT('email_confirmation_message2', $_config['site_name'], $confirmation_link);
$mail->Send();
$msg->addFeedback('CONFIRM_EMAIL');
} else {
$msg->addFeedback('CHANGE_TO_SAME_EMAIL');
}
} else {
//insert into database
$_current_user->setEmail($addslashes($_POST[email]));
$msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
}
}
// insert into the db.
$password = $addslashes($_POST['form_password_hidden']);
$usersDAO = new UsersDAO();
if (!$usersDAO->setPassword($_GET['id'], $password)) {
require TR_INCLUDE_PATH . 'header.inc.php';
$msg->printErrors('DB_NOT_UPDATED');
require TR_INCLUDE_PATH . 'footer.inc.php';
exit;
}
// send email to user
$user_row = $usersDAO->getUserByID($_GET['id']);
$tmp_message = _AT('password_change_msg') . "\n\n";
$tmp_message .= _AT('web_site') . ' : ' . TR_BASE_HREF . "\n";
$tmp_message .= _AT('login_name') . ' : ' . $user_row['login'] . "\n";
require TR_INCLUDE_PATH . 'classes/phpmailer/transformablemailer.class.php';
$mail = new TransformableMailer();
$mail->From = $_config['contact_email'];
$mail->AddAddress($user_row['email']);
$mail->Subject = $_config['site_name'] . ': ' . _AT('password_changed');
$mail->Body = $tmp_message;
if (!$mail->Send()) {
$msg->addError('SENDING_ERROR');
} else {
$msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
}
header('Location: index.php');
exit;
}
}
/* template starts here */
$savant->display('user/user_password.tmpl.php');
foreach ($pwd_errors as $pwd_error) {
if ($pwd_error == "missing_password") {
$missing_fields[] = _AT('password');
} else {
$msg->addError($pwd_error);
}
}
}
if (!$msg->containsErrors()) {
//save data
$password = $addslashes($_POST['form_password_hidden']);
$usersDAO->UpdateField(intval($_REQUEST['id']), 'password', $password);
//send confirmation email
require TR_INCLUDE_PATH . 'classes/phpmailer/transformablemailer.class.php';
$tmp_message = _AT(array('password_change_confirm', $_config['site_name'], $_base_href)) . "\n\n";
$mail = new TransformableMailer();
$mail->From = $_config['contact_email'];
$mail->AddAddress($email);
$mail->Subject = $_config['site_name'] . ': ' . _AT('password_forgot');
$mail->Body = $tmp_message;
if (!$mail->Send()) {
$msg->printErrors('SENDING_ERROR');
exit;
}
$msg->addFeedback('PASSWORD_CHANGED');
unset($mail);
header('Location:index.php');
} else {
$savant->assign('id', $_REQUEST['id']);
$savant->assign('g', $_REQUEST['g']);
$savant->assign('h', $_REQUEST['h']);