function content()
{
if (!user_logged_in()) {
return must_log_in();
}
$user = fetch_one_or_none('users', 'id', user_logged_in());
if (!array_key_exists('token', $_GET) || !$_GET['token'] || $_GET['token'] != sha1($user->new_email_address)) {
$errors[] = 'Invalid reset token';
}
# This can happen if two accounts try to change address at similar times.
if (count($errors) == 0 && count(fetch_all('users', 'email_address', $user->new_email_address))) {
$errors[] = "A user with this email address already exists";
}
if (count($errors) == 0) {
update_all('users', array('email_address' => $user->new_email_address, 'new_email_address' => null), 'id', user_logged_in());
?>
<h2>Address changed</h2>
<p>Your email address has been changed to
<tt><?php
esc($user->new_email_address);
?>
</tt>.</p>
<?php
return;
}
page_header('Address verification failed');
show_error_list($errors);
}
function content()
{
if (!user_logged_in()) {
return must_log_in();
}
$user = fetch_one_or_none('users', 'id', user_logged_in());
$errors = array();
if (array_key_exists('change', $_POST)) {
if (!isset($_POST['email']) || !$_POST['email']) {
$errors[] = "Please enter an email address";
} else {
$email = $_POST['email'];
if ($email && !validate_email_address($email)) {
$errors[] = "Invalid email address";
}
if (count($errors) == 0 && count(fetch_all('users', 'email_address', $email))) {
$errors[] = "A user with this email address already exists";
}
if (count($errors) == 0) {
update_all('users', array('new_email_address' => $email), 'id', user_logged_in());
send_email_change_email($email, $user->name);
?>
<p>We have sent an email to your new address requesting that you
confirm that change of address.</p>
<?php
return;
}
}
}
$fields = array();
page_header('Change email address');
show_error_list($errors);
?>
<form method="post" action="" accept-charset="UTF-8">
<div class="fieldrow">
<div class="field">
<label>Current address:</label>
<div><tt><?php
esc($user->email_address);
?>
</tt></div>
</div>
</div>
<div class="fieldrow">
<?php
text_field($fields, 'email', 'New address');
?>
</div>
<div class="fieldrow">
<input type="submit" name="change" value="Change"/>
</div>
</form>
<?php
}
function content()
{
global $config;
if (!user_logged_in()) {
return must_log_in();
}
$errors = array();
if (!array_key_exists('id', $_GET)) {
$errors[] = 'No user ID';
}
if (count($errors) == 0) {
$user = fetch_one_or_none('users', 'id', $_GET['id']);
if (!$user) {
$errors[] = 'No such user';
}
if (!$user->date_verified) {
$errors[] = 'User has not yet been verified';
}
if ($user->date_approved) {
$errors[] = 'User has already been approved';
}
}
if (count($errors)) {
page_header("Error approving account");
show_error_list($errors);
return;
}
if (!$user->date_approved) {
update_all('users', array('date_approved' => date('Y-m-d H:i:s'), 'approved_by' => user_logged_in()), 'id', $user->id);
}
$root = 'http://' . $config['domain'] . $config['http_path'];
$msg = "Your " . $config['title'] . " account has been approved. " . "To log in, please follow \n" . "the following link:\n" . "\n" . " {$root}account/login\n" . "\n";
mail(sprintf('"%s" <%s>', $user->name, $user->email_address), $config['title'] . " account approved", $msg) or die('Unable to send email');
register_user_rdf($user);
page_header("Account approved");
?>
<p>Thank you for approving <?php
esc($user->name);
?>
's account.</p>
<?php
}
function content()
{
if (!user_logged_in()) {
return must_log_in();
}
$errors = array();
if (array_key_exists('upload', $_POST)) {
if (!array_key_exists('file', $_FILES) || filesize($_FILES['file']['tmp_name']) == 0) {
$errors[] = 'Please supply a file';
}
if (count($errors) == 0) {
preg_match('/\\.([^\\/.]+)$/', $_FILES['file']['name'], $matches);
$file_id = do_upload($_FILES['file']['tmp_name'], $_FILES['file']['type'], $matches[1], $_FILES['file']['size']);
page_header('File uploaded');
?>
<?php
return;
}
}
page_header('Upload file');
show_error_list($errors);
?>
<form enctype="multipart/form-data" action="" method="post">
<div class="fieldrow">
<div>
<label for="file">Select an image
<span class="label-extra">(size limit: 8MB)</span></label>
<input id="file" name="file" type="file" />
</div>
</div>
<div class="fieldrow">
<input type="submit" name="upload" value="Upload" />
</div>
</form>
<?php
}
function content()
{
if (!user_logged_in()) {
return must_log_in();
}
$files = fetch_wol('*', 'files', sprintf("user_id=%d", user_logged_in()));
if (count($files) == 0) {
?>
<p>You have not <a href="upload">uploaded</a> any files.</p>
<?php
return;
}
?>
<table class="data">
<?php
foreach ($files as $f) {
?>
<tr><td class="file-id"><a href="<?php
esc($f->id . '.' . $f->extension);
?>
"><?php
esc(sprintf("%06d", $f->id));
?>
</a></td>
<td><?php
esc(date_format('Y-m-d H:i:s', $f->date_uploaded));
?>
</td>
<td><?php
esc(format_size($f->length));
?>
</td>
</tr>
<?php
}
?>
</table>
<?php
}
function content()
{
if (!user_logged_in()) {
return must_log_in();
}
$user = fetch_one_or_none('users', 'id', user_logged_in());
page_header('Account');
$errors = array();
if (array_key_exists('apply', $_POST)) {
if (!isset($_POST['name']) || !$_POST['name']) {
$errors[] = "Please provide a name";
}
if (count($errors) == 0) {
$sets = array('name' => $_POST['name']);
update_all('users', $sets, 'id', $user->id);
update_local_object($user, $sets);
?>
<p>Your changes have been applied.
Return to <a href=".">account</a> page.</p>
<?php
return;
}
show_error_list($errors);
}
$fields = array('name' => $user->name, 'email' => $user->email_address);
?>
<form method="post" action="" accept-charset="UTF-8">
<fieldset>
<legend>Details</legend>
<div class="fieldrow">
<?php
text_field($fields, 'name', 'Name', 'publicly visible');
?>
</div>
<div class="fieldrow">
<div class="field">
<label>Email address</label>
<div><tt><?php
esc($fields['email']);
?>
</tt>
<a class="control small" style="padding-left: 1em"
href="change-email">Change</a></div>
</div>
</div>
<div class="fieldrow">
<div class="field">
<label>Password</label>
<div><tt>********</tt>
<a class="control small" style="padding-left: 1em"
href="reset-password">Change</a></div>
</div>
</div>
<div class="fieldrow">
<input type="submit" name="apply" value="Update"/>
</div>
</fieldset>
<fieldset>
<legend>Contact details</legend>
<p>Any details entered here will be made publicly available.</p>
<?php
/*NAME, ADDR, PHON, EMAIL, FAX, WWW, OBJE, LANG, RFN, RIN, NOTE, CHAN*/
?>
</fieldset>
</form>
<?php
}