function tlxShConfirm() { global $C, $DB, $L, $t; // Delete old confirmations $DB->Update('DELETE FROM `tlx_account_confirms` WHERE `date_sent` < DATE_ADD(?, INTERVAL -1 DAY)', array(MYSQL_NOW)); $confirmation = $DB->Row('SELECT * FROM `tlx_account_confirms` WHERE `confirm_id`=?', array($_REQUEST['id'])); if ($confirmation) { $account = $DB->Row('SELECT * FROM `tlx_accounts` WHERE `username`=?', array($confirmation['username'])); if ($account) { $account = array_merge($account, $DB->Row('SELECT * FROM `tlx_account_fields` WHERE `username`=?', array($account['username']))); $account['status'] = STATUS_ACTIVE; $email_template = 'email-account-added.tpl'; if ($C['review_new_accounts']) { $account['status'] = STATUS_PENDING; $email_template = 'email-account-pending.tpl'; } $DB->Update('DELETE FROM `tlx_account_confirms` WHERE `confirm_id`=?', array($_REQUEST['id'])); $DB->Update('UPDATE `tlx_accounts` SET `status`=?,`date_activated`=? WHERE `username`=?', array($account['status'], $account['status'] == STATUS_ACTIVE ? MYSQL_NOW : null, $account['username'])); $fields =& GetUserAccountFields($account); $account['password'] = $L['ENCRYPTED_PASSWORD']; $t->assign_by_ref('account', $account); $t->assign_by_ref('user_fields', $fields); $t->assign('tracking_url', $C['tracking_mode'] == 'unique_link' ? "{$C['in_url']}?id={$account['username']}" : $C['in_url']); // Display confirmation page $t->display('accounts-added.tpl'); if ($C['email_new_accounts']) { SendMail($account['email'], $email_template, $t); } } else { $t->assign('error', $L['BAD_ACCOUNT']); $t->display('error-nice.tpl'); } } else { $t->assign('error', $L['INVALID_CONFIRMATION']); $t->display('error-nice.tpl'); } }
function lxEditAccount() { global $DB, $C, $t, $L; $account = ValidUserLogin(); if ($account === FALSE) { lxShLogin($L['INVALID_LOGIN']); return; } else { if ($account['status'] != 'active') { lxShLogin($account['status'] == 'suspended' ? $L['SUSPENDED_ACCOUNT'] : $L['PENDING_ACCOUNT']); return; } else { $password = $account['password']; $v = new Validator(); $v->Register($_REQUEST['email'], V_EMAIL, $L['INVALID_EMAIL']); $v->Register($_REQUEST['name'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['NAME']}"); if (!empty($_REQUEST['password'])) { $v->Register($_REQUEST['password'], V_EQUALS, $L['NO_PASSWORD_MATCH'], $_REQUEST['confirm_password']); $v->Register($_REQUEST['password'], V_LENGTH, $L['PASSWORD_LENGTH'], '4,9999'); $password = sha1($_REQUEST['password']); } // Validation of user defined fields $fields =& GetUserAccountFields(); foreach ($fields as $field) { if ($field['on_edit']) { if ($field['required']) { $v->Register($_REQUEST[$field['name']], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$field['label']}"); } if ($field['validation']) { $v->Register($_REQUEST[$field['name']], $field['validation'], $field['validation_message'], $field['validation_extras']); } } } // E-mail exists? if ($DB->Count('SELECT COUNT(*) FROM lx_users WHERE username!=? AND email=?', array($account['username'], $_REQUEST['email']))) { $v->SetError($L['DUPLICATE_EMAIL']); } // Check blacklist $blacklisted = CheckBlacklistAccount($_REQUEST); if ($blacklisted !== FALSE) { $v->SetError(sprintf($L['BLACKLIST_MATCHED'], $blacklisted[0]['match'], $blacklisted[0]['reason'])); } if (!$v->Validate()) { $errors = join('<br />', $v->GetErrors()); lxShEdit($errors); return; } // Update pre-defined data $DB->Update('UPDATE lx_users SET ' . 'password=?, ' . 'name=?, ' . 'email=? ' . 'WHERE username=?', array($password, $_REQUEST['name'], $_REQUEST['email'], $account['username'])); // Update user defined fields UserDefinedUpdate('lx_user_fields', 'lx_user_field_defs', 'username', $account['username'], $_REQUEST, FALSE); // Back to the account overview lxLogin(null, 'accountupdate'); } } }