function useredit($lang, $user_id) { global $system_languages, $supported_roles; $is_admin = user_has_role('administrator'); $is_owner = $user_id == user_profile('id'); $with_name = true; $with_status = ($user_id != 1 and $is_admin); $with_delete = ($user_id != 1 and $is_admin and !$is_owner); $with_newpassword = false; // ($user_id != 1 and $is_owner); $with_locale = count($system_languages) > 1 ? true : false; $with_role = ($user_id != 1 and $is_admin); $with_timezone = ($user_id != 1 and $is_admin); $with_website = true; $with_info = false; $confirmed = false; $action = 'init'; if (isset($_POST['useredit_modify'])) { $action = 'modify'; } if ($with_newpassword) { if (isset($_POST['useredit_change'])) { $action = 'change'; } } if ($with_delete) { if (isset($_POST['useredit_delete'])) { $action = 'delete'; } else { if (isset($_POST['useredit_confirmdelete'])) { $action = 'delete'; $confirmed = true; } else { if (isset($_POST['useredit_cancel'])) { $action = 'cancel'; } } } } $user_name = $user_mail = $user_locale = $user_timezone = false; $user_website = false; $user_active = $user_banned = false; $user_accessed = false; $user_role = false; $user_newpassword = false; $user_lastname = $user_firstname = false; $token = false; switch ($action) { case 'init': case 'reset': $r = user_get($user_id); if ($r) { extract($r); /* user_name user_password user_newpassword user_seed user_mail user_timezone user_website user_created user_modified user_accessed user_locale user_active user_banned */ } $user_newpassword = false; if ($with_info) { $r = user_get_info($user_id); if ($r) { extract($r); /* user_lastname, user_firstname */ } } if ($with_role) { $user_role = user_get_role($user_id); } break; case 'modify': case 'change': case 'delete': case 'cancel': if ($with_info) { if (isset($_POST['useredit_lastname'])) { $user_lastname = readarg($_POST['useredit_lastname']); } if (isset($_POST['useredit_firstname'])) { $user_firstname = readarg($_POST['useredit_firstname']); } } if (isset($_POST['useredit_name'])) { $user_name = strtolower(strflat(readarg($_POST['useredit_name']))); } if (isset($_POST['useredit_mail'])) { $user_mail = strtolower(strflat(readarg($_POST['useredit_mail']))); } if (isset($_POST['useredit_website'])) { $user_website = strtolower(strflat(readarg($_POST['useredit_website']))); } if (isset($_POST['useredit_timezone'])) { $user_timezone = readarg($_POST['useredit_timezone']); } if (isset($_POST['useredit_locale'])) { $user_locale = readarg($_POST['useredit_locale']); } if ($with_role) { if (isset($_POST['useredit_role'])) { $user_role = readarg($_POST['useredit_role']); } } if ($with_status) { if (isset($_POST['useredit_active'])) { $user_active = readarg($_POST['useredit_active']) == 'on'; } if (isset($_POST['useredit_banned'])) { $user_banned = readarg($_POST['useredit_banned']) == 'on'; } if (isset($_POST['useredit_accessed'])) { $user_accessed = (int) readarg($_POST['useredit_accessed']); } } if ($with_newpassword) { if (isset($_POST['useredit_newpassword'])) { $user_newpassword = readarg($_POST['useredit_newpassword']); } } if (isset($_POST['useredit_token'])) { $token = readarg($_POST['useredit_token']); } break; default: break; } $bad_token = false; $missing_lastname = false; $missing_firstname = false; $missing_name = false; $bad_name = false; $duplicated_name = false; $missing_mail = false; $bad_mail = false; $duplicated_mail = false; $bad_role = false; $bad_website = false; $missing_locale = false; $bad_locale = false; $bad_timezone = false; $missing_newpassword = false; $bad_newpassword = false; $account_modified = false; $password_changed = false; $internal_error = false; $contact_page = false; switch ($action) { case 'modify': if (!isset($_SESSION['useredit_token']) or $token != $_SESSION['useredit_token']) { $bad_token = true; } if ($with_info) { if (!$user_lastname) { $missing_lastname = true; } if (!$user_firstname) { $missing_firstname = true; } } if ($with_name and !$user_name) { $missing_name = true; } if ($user_name) { if (!validate_user_name($user_name)) { $bad_name = true; } else { if (!user_check_name($user_name, $user_id)) { $duplicated_name = true; } } } if (!$user_mail) { $missing_mail = true; } else { if (!validate_mail($user_mail)) { $bad_mail = true; } else { if (!user_check_mail($user_mail, $user_id)) { $duplicated_mail = true; } } } if ($user_role) { foreach ($user_role as $role) { if (!validate_role($role)) { $bad_role = true; break; } } } if ($user_website) { if (!validate_website($user_website)) { $bad_website = true; } else { $user_website = normalize_website($user_website); } } if ($user_timezone) { if (!validate_timezone($user_timezone)) { $bad_timezone = true; } } if ($with_locale and !$user_locale) { $missing_locale = true; } if ($user_locale) { if (!validate_locale($user_locale)) { $bad_locale = true; } } break; case 'change': if (!$user_newpassword) { $missing_newpassword = true; } else { if (!validate_password($user_newpassword)) { $bad_newpassword = true; } } break; default: break; } $confirm_delete = false; switch ($action) { case 'modify': if ($bad_token or $missing_name or $bad_name or $duplicated_name or $missing_mail or $bad_mail or $duplicated_mail or $bad_role or $bad_website or $bad_timezone or $missing_locale or $bad_locale or $missing_lastname or $missing_firstname) { break; } $r = user_set($user_id, $user_name, $user_mail, $user_website, $user_locale, $user_timezone); if (!$r) { $internal_error = true; break; } if ($is_owner) { $_SESSION['user']['name'] = $user_name; $_SESSION['user']['mail'] = $user_mail; $_SESSION['user']['website'] = $user_website; $_SESSION['user']['locale'] = $user_locale; $_SESSION['user']['timezone'] = $user_timezone; } if ($with_info) { $r = user_set_info($user_id, $user_lastname, $user_firstname); if (!$r) { $internal_error = true; break; } if ($is_owner) { $_SESSION['user']['lastname'] = $user_lastname; $_SESSION['user']['firstname'] = $user_firstname; } } if ($with_role) { $r = user_set_role($user_id, $user_role); if (!$r) { $internal_error = true; break; } } if ($with_status) { $r = user_set_status($user_id, $user_active, $user_banned); if (!$r) { $internal_error = true; break; } } $account_modified = true; break; case 'change': if ($missing_newpassword or $bad_newpassword) { break; } $r = user_set_newpassword($user_id, $user_newpassword); if (!$r) { $internal_error = true; break; } $password_changed = true; break; case 'delete': if (!$confirmed) { $confirm_delete = true; break; } $r = user_delete($user_id); if (!$r) { $internal_error = true; break; } return false; default: break; } $user_newpassword = false; if ($internal_error) { $contact_page = url('contact', $lang); } $_SESSION['useredit_token'] = $token = token_id(); $errors = compact('missing_name', 'bad_name', 'duplicated_name', 'missing_mail', 'bad_mail', 'duplicated_mail', 'bad_timezone', 'bad_website', 'missing_locale', 'bad_locale', 'missing_newpassword', 'bad_newpassword', 'missing_lastname', 'missing_firstname', 'internal_error', 'contact_page'); $infos = compact('account_modified', 'password_changed'); $output = view('useredit', $lang, compact('token', 'errors', 'infos', 'with_name', 'user_name', 'user_mail', 'with_timezone', 'user_timezone', 'with_website', 'user_website', 'with_role', 'user_role', 'supported_roles', 'with_locale', 'user_locale', 'with_status', 'user_banned', 'user_active', 'user_accessed', 'with_newpassword', 'user_newpassword', 'with_info', 'user_lastname', 'user_firstname', 'with_delete', 'confirm_delete')); return $output; }
function subscribe($lang) { global $sitekey, $system_languages; $with_locale = count($system_languages) > 1; // true, false $with_captcha = true; $action = 'init'; if (isset($_POST['subscribe_send'])) { $action = 'subscribe'; } $confirmed = $code = $token = false; $user_mail = user_profile('mail'); $user_locale = user_profile('locale'); if (!$user_locale) { $user_locale = $lang; } $unsubscribe_page = false; switch ($action) { case 'init': if ($sitekey) { $unsubscribe_page = url('newsletterunsubscribe', $lang); } break; case 'subscribe': if (isset($_POST['subscribe_mail'])) { $user_mail = strtolower(strflat(readarg($_POST['subscribe_mail']))); } if ($with_locale) { if (isset($_POST['subscribe_locale'])) { $user_locale = readarg($_POST['subscribe_locale']); } } if (isset($_POST['subscribe_confirmed'])) { $confirmed = readarg($_POST['subscribe_confirmed']) == 'on' ? true : false; } if (isset($_POST['subscribe_code'])) { $code = readarg($_POST['subscribe_code']); } if (isset($_POST['subscribe_token'])) { $token = readarg($_POST['subscribe_token']); } break; default: break; } $missing_code = false; $bad_code = false; $bad_token = false; $missing_mail = false; $bad_mail = false; $duplicated_mail = false; $missing_locale = false; $bad_locale = false; $missing_confirmation = false; $email_registered = false; $internal_error = false; $contact_page = false; switch ($action) { case 'subscribe': if (!isset($_SESSION['subscribe_token']) or $token != $_SESSION['subscribe_token']) { $bad_token = true; } if ($with_captcha) { if (!$code) { $missing_code = true; break; } $captcha = isset($_SESSION['captcha']['subscribe']) ? $_SESSION['captcha']['subscribe'] : false; if (!$captcha or $captcha != strtoupper($code)) { $bad_code = true; break; } } if (!$user_mail) { $missing_mail = true; } else { if (!validate_mail($user_mail) or !is_mail_allowed($user_mail)) { $bad_mail = true; } else { if (newsletter_get_user($user_mail)) { $duplicated_mail = true; } } } if ($with_locale) { if (!$user_locale) { $missing_locale = true; } else { if (!validate_locale($user_locale)) { $bad_locale = true; } } } if (!$confirmed) { $missing_confirmation = true; } break; default: break; } switch ($action) { case 'subscribe': if ($bad_token or $missing_code or $bad_code or $missing_mail or $bad_mail or $duplicated_mail or $missing_locale or $bad_locale or $missing_confirmation) { break; } $r = newsletter_create_user($user_mail, $user_locale); if (!$r) { $internal_error = true; break; } require_once 'serveripaddress.php'; require_once 'emailme.php'; global $sitename; $ip = server_ip_address(); $timestamp = strftime('%Y-%m-%d %H:%M:%S', time()); $subject = 'subscribe' . '@' . $sitename; $msg = $ip . ' ' . $timestamp . ' ' . $lang . ' ' . $user_mail; @emailme($subject, $msg); $email_registered = true; $confirmed = false; break; default: break; } if ($internal_error) { $contact_page = url('contact', $lang); } $_SESSION['subscribe_token'] = $token = token_id(); $errors = compact('missing_mail', 'bad_mail', 'missing_locale', 'bad_locale', 'duplicated_mail', 'missing_confirmation', 'missing_code', 'bad_code', 'internal_error', 'contact_page'); $infos = compact('email_registered'); $output = view('subscribe', $lang, compact('token', 'with_captcha', 'user_mail', 'with_locale', 'user_locale', 'confirmed', 'unsubscribe_page', 'errors', 'infos')); return $output; }
} echo "<p><a href='{$translate_url}'>" . _("Back to the Translation Center") . "</a></p>"; } else { if ($func == "upload") { $locale = validate_locale($_REQUEST['locale']); do_upload($locale); echo "<p><a href='{$translate_url}?func=manage&locale={$locale}'>" . sprintf(_("Back to manage locale %s"), $locale) . "</a></p>"; } else { if ($func == "merge") { $locale = validate_locale($_REQUEST['locale']); $fuzzy = @$_REQUEST['fuzzy']; do_merge($locale, $fuzzy); echo "<p><a href='{$translate_url}?func=manage&locale={$locale}'>" . sprintf(_("Back to manage locale %s"), $locale) . "</a></p>"; } else { if ($func == "manage") { $locale = validate_locale($_REQUEST['locale']); manage_form($locale); } } } } } } } } } function main_form() { // display the list of languages with links to the downloadable PO files global $dyn_locales_dir, $translate_url, $may_manage, $allowed_functions; $pot_filename = "{$dyn_locales_dir}/messages.pot";