qa_fatal_error('User login is handled by external code');
}
// Check if we've been asked to send a new link or have a successful email confirmation
$incode = trim(qa_get('c'));
// trim to prevent passing in blank values to match uninitiated DB rows
$inhandle = qa_get('u');
$loginuserid = qa_get_logged_in_userid();
$useremailed = false;
$userconfirmed = false;
if (isset($loginuserid) && qa_clicked('dosendconfirm')) {
// button clicked to send a link
require_once QA_INCLUDE_DIR . 'qa-app-users-edit.php';
if (!qa_check_form_security_code('confirm', qa_post_text('code'))) {
$pageerror = qa_lang_html('misc/form_security_again');
} else {
qa_send_new_confirm($loginuserid);
$useremailed = true;
}
} elseif (strlen($incode)) {
// non-empty code detected from the URL
require_once QA_INCLUDE_DIR . 'qa-db-selects.php';
require_once QA_INCLUDE_DIR . 'qa-app-users-edit.php';
if (!empty($inhandle)) {
// match based on code and handle provided on URL
$userinfo = qa_db_select_with_pending(qa_db_user_account_selectspec($inhandle, false));
if (strtolower(trim(@$userinfo['emailcode'])) == strtolower($incode)) {
qa_complete_confirm($userinfo['userid'], $userinfo['email'], $userinfo['handle']);
$userconfirmed = true;
}
}
if (!$userconfirmed && isset($loginuserid)) {
$inprofile[$userfield['fieldid']] = qa_post_text('field_' . $userfield['fieldid']);
}
if (!qa_check_form_security_code('account', qa_post_text('code'))) {
$errors['page'] = qa_lang_html('misc/form_security_again');
} else {
$errors = qa_handle_email_filter($inhandle, $inemail, $useraccount);
if (!isset($errors['handle'])) {
qa_db_user_set($userid, 'handle', $inhandle);
}
if (!isset($errors['email'])) {
if ($inemail != $useraccount['email']) {
qa_db_user_set($userid, 'email', $inemail);
qa_db_user_set_flag($userid, QA_USER_FLAGS_EMAIL_CONFIRMED, false);
$isconfirmed = false;
if ($doconfirms) {
qa_send_new_confirm($userid);
}
}
}
if (qa_opt('allow_private_messages')) {
qa_db_user_set_flag($userid, QA_USER_FLAGS_NO_MESSAGES, !$inmessages);
}
if (qa_opt('allow_user_walls')) {
qa_db_user_set_flag($userid, QA_USER_FLAGS_NO_WALL_POSTS, !$inwallposts);
}
if (qa_opt('mailing_enabled')) {
qa_db_user_set_flag($userid, QA_USER_FLAGS_NO_MAILINGS, !$inmailings);
}
qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_AVATAR, $inavatar == 'uploaded');
qa_db_user_set_flag($userid, QA_USER_FLAGS_SHOW_GRAVATAR, $inavatar == 'gravatar');
if (is_array(@$_FILES['file']) && $_FILES['file']['size']) {
$inmessages = qa_post_text('messages');
$inavatar = qa_post_text('avatar');
$innotifyan = qa_post_text('notify_an');
$innotifyq = qa_post_text('notify_q');
$innotifya = qa_post_text('notify_a');
$errors = qa_handle_email_validate($inhandle, $inemail, $qa_login_userid);
if (!isset($errors['handle'])) {
qa_db_user_set($qa_login_userid, 'handle', $inhandle);
}
if (!isset($errors['email'])) {
if ($inemail != $useraccount['email']) {
qa_db_user_set($qa_login_userid, 'email', $inemail);
qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_EMAIL_CONFIRMED, false);
$isconfirmed = false;
if ($doconfirms) {
qa_send_new_confirm($qa_login_userid);
}
}
}
qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_NO_MESSAGES, !$inmessages);
qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_SHOW_AVATAR, $inavatar == 'uploaded');
qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_SHOW_GRAVATAR, $inavatar == 'gravatar');
qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_NOTIFY_ANNOUNCEMENTS, !$innotifyan);
qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_NOTIFY_QUESTIONS, !$innotifyq);
qa_db_user_set_flag($qa_login_userid, QA_USER_FLAGS_NOTIFY_ANSWERS, !$innotifya);
if (is_array(@$_FILES['file']) && $_FILES['file']['size']) {
require_once QA_INCLUDE_DIR . 'qa-app-limits.php';
switch (qa_user_permit_error(null, 'U')) {
case 'limit':
$errors['avatar'] = qa_lang('main/upload_limit');
break;
