function useredit($lang, $user_id)
{
global $system_languages, $supported_roles;
$is_admin = user_has_role('administrator');
$is_owner = $user_id == user_profile('id');
$with_name = true;
$with_status = ($user_id != 1 and $is_admin);
$with_delete = ($user_id != 1 and $is_admin and !$is_owner);
$with_newpassword = false;
// ($user_id != 1 and $is_owner);
$with_locale = count($system_languages) > 1 ? true : false;
$with_role = ($user_id != 1 and $is_admin);
$with_timezone = ($user_id != 1 and $is_admin);
$with_website = true;
$with_info = false;
$confirmed = false;
$action = 'init';
if (isset($_POST['useredit_modify'])) {
$action = 'modify';
}
if ($with_newpassword) {
if (isset($_POST['useredit_change'])) {
$action = 'change';
}
}
if ($with_delete) {
if (isset($_POST['useredit_delete'])) {
$action = 'delete';
} else {
if (isset($_POST['useredit_confirmdelete'])) {
$action = 'delete';
$confirmed = true;
} else {
if (isset($_POST['useredit_cancel'])) {
$action = 'cancel';
}
}
}
}
$user_name = $user_mail = $user_locale = $user_timezone = false;
$user_website = false;
$user_active = $user_banned = false;
$user_accessed = false;
$user_role = false;
$user_newpassword = false;
$user_lastname = $user_firstname = false;
$token = false;
switch ($action) {
case 'init':
case 'reset':
$r = user_get($user_id);
if ($r) {
extract($r);
/* user_name user_password user_newpassword user_seed user_mail user_timezone user_website user_created user_modified user_accessed user_locale user_active user_banned */
}
$user_newpassword = false;
if ($with_info) {
$r = user_get_info($user_id);
if ($r) {
extract($r);
/* user_lastname, user_firstname */
}
}
if ($with_role) {
$user_role = user_get_role($user_id);
}
break;
case 'modify':
case 'change':
case 'delete':
case 'cancel':
if ($with_info) {
if (isset($_POST['useredit_lastname'])) {
$user_lastname = readarg($_POST['useredit_lastname']);
}
if (isset($_POST['useredit_firstname'])) {
$user_firstname = readarg($_POST['useredit_firstname']);
}
}
if (isset($_POST['useredit_name'])) {
$user_name = strtolower(strflat(readarg($_POST['useredit_name'])));
}
if (isset($_POST['useredit_mail'])) {
$user_mail = strtolower(strflat(readarg($_POST['useredit_mail'])));
}
if (isset($_POST['useredit_website'])) {
$user_website = strtolower(strflat(readarg($_POST['useredit_website'])));
}
if (isset($_POST['useredit_timezone'])) {
$user_timezone = readarg($_POST['useredit_timezone']);
}
if (isset($_POST['useredit_locale'])) {
$user_locale = readarg($_POST['useredit_locale']);
}
if ($with_role) {
if (isset($_POST['useredit_role'])) {
$user_role = readarg($_POST['useredit_role']);
}
}
if ($with_status) {
if (isset($_POST['useredit_active'])) {
$user_active = readarg($_POST['useredit_active']) == 'on';
}
if (isset($_POST['useredit_banned'])) {
$user_banned = readarg($_POST['useredit_banned']) == 'on';
}
if (isset($_POST['useredit_accessed'])) {
$user_accessed = (int) readarg($_POST['useredit_accessed']);
}
}
if ($with_newpassword) {
if (isset($_POST['useredit_newpassword'])) {
$user_newpassword = readarg($_POST['useredit_newpassword']);
}
}
if (isset($_POST['useredit_token'])) {
$token = readarg($_POST['useredit_token']);
}
break;
default:
break;
}
$bad_token = false;
$missing_lastname = false;
$missing_firstname = false;
$missing_name = false;
$bad_name = false;
$duplicated_name = false;
$missing_mail = false;
$bad_mail = false;
$duplicated_mail = false;
$bad_role = false;
$bad_website = false;
$missing_locale = false;
$bad_locale = false;
$bad_timezone = false;
$missing_newpassword = false;
$bad_newpassword = false;
$account_modified = false;
$password_changed = false;
$internal_error = false;
$contact_page = false;
switch ($action) {
case 'modify':
if (!isset($_SESSION['useredit_token']) or $token != $_SESSION['useredit_token']) {
$bad_token = true;
}
if ($with_info) {
if (!$user_lastname) {
$missing_lastname = true;
}
if (!$user_firstname) {
$missing_firstname = true;
}
}
if ($with_name and !$user_name) {
$missing_name = true;
}
if ($user_name) {
if (!validate_user_name($user_name)) {
$bad_name = true;
} else {
if (!user_check_name($user_name, $user_id)) {
$duplicated_name = true;
}
}
}
if (!$user_mail) {
$missing_mail = true;
} else {
if (!validate_mail($user_mail)) {
$bad_mail = true;
} else {
if (!user_check_mail($user_mail, $user_id)) {
$duplicated_mail = true;
}
}
}
if ($user_role) {
foreach ($user_role as $role) {
if (!validate_role($role)) {
$bad_role = true;
break;
}
}
}
if ($user_website) {
if (!validate_website($user_website)) {
$bad_website = true;
} else {
$user_website = normalize_website($user_website);
}
}
if ($user_timezone) {
if (!validate_timezone($user_timezone)) {
$bad_timezone = true;
}
}
if ($with_locale and !$user_locale) {
$missing_locale = true;
}
if ($user_locale) {
if (!validate_locale($user_locale)) {
$bad_locale = true;
}
}
break;
case 'change':
if (!$user_newpassword) {
$missing_newpassword = true;
} else {
if (!validate_password($user_newpassword)) {
$bad_newpassword = true;
}
}
break;
default:
break;
}
$confirm_delete = false;
switch ($action) {
case 'modify':
if ($bad_token or $missing_name or $bad_name or $duplicated_name or $missing_mail or $bad_mail or $duplicated_mail or $bad_role or $bad_website or $bad_timezone or $missing_locale or $bad_locale or $missing_lastname or $missing_firstname) {
break;
}
$r = user_set($user_id, $user_name, $user_mail, $user_website, $user_locale, $user_timezone);
if (!$r) {
$internal_error = true;
break;
}
if ($is_owner) {
$_SESSION['user']['name'] = $user_name;
$_SESSION['user']['mail'] = $user_mail;
$_SESSION['user']['website'] = $user_website;
$_SESSION['user']['locale'] = $user_locale;
$_SESSION['user']['timezone'] = $user_timezone;
}
if ($with_info) {
$r = user_set_info($user_id, $user_lastname, $user_firstname);
if (!$r) {
$internal_error = true;
break;
}
if ($is_owner) {
$_SESSION['user']['lastname'] = $user_lastname;
$_SESSION['user']['firstname'] = $user_firstname;
}
}
if ($with_role) {
$r = user_set_role($user_id, $user_role);
if (!$r) {
$internal_error = true;
break;
}
}
if ($with_status) {
$r = user_set_status($user_id, $user_active, $user_banned);
if (!$r) {
$internal_error = true;
break;
}
}
$account_modified = true;
break;
case 'change':
if ($missing_newpassword or $bad_newpassword) {
break;
}
$r = user_set_newpassword($user_id, $user_newpassword);
if (!$r) {
$internal_error = true;
break;
}
$password_changed = true;
break;
case 'delete':
if (!$confirmed) {
$confirm_delete = true;
break;
}
$r = user_delete($user_id);
if (!$r) {
$internal_error = true;
break;
}
return false;
default:
break;
}
$user_newpassword = false;
if ($internal_error) {
$contact_page = url('contact', $lang);
}
$_SESSION['useredit_token'] = $token = token_id();
$errors = compact('missing_name', 'bad_name', 'duplicated_name', 'missing_mail', 'bad_mail', 'duplicated_mail', 'bad_timezone', 'bad_website', 'missing_locale', 'bad_locale', 'missing_newpassword', 'bad_newpassword', 'missing_lastname', 'missing_firstname', 'internal_error', 'contact_page');
$infos = compact('account_modified', 'password_changed');
$output = view('useredit', $lang, compact('token', 'errors', 'infos', 'with_name', 'user_name', 'user_mail', 'with_timezone', 'user_timezone', 'with_website', 'user_website', 'with_role', 'user_role', 'supported_roles', 'with_locale', 'user_locale', 'with_status', 'user_banned', 'user_active', 'user_accessed', 'with_newpassword', 'user_newpassword', 'with_info', 'user_lastname', 'user_firstname', 'with_delete', 'confirm_delete'));
return $output;
}
function subscribe($lang)
{
global $sitekey, $system_languages;
$with_locale = count($system_languages) > 1;
// true, false
$with_captcha = true;
$action = 'init';
if (isset($_POST['subscribe_send'])) {
$action = 'subscribe';
}
$confirmed = $code = $token = false;
$user_mail = user_profile('mail');
$user_locale = user_profile('locale');
if (!$user_locale) {
$user_locale = $lang;
}
$unsubscribe_page = false;
switch ($action) {
case 'init':
if ($sitekey) {
$unsubscribe_page = url('newsletterunsubscribe', $lang);
}
break;
case 'subscribe':
if (isset($_POST['subscribe_mail'])) {
$user_mail = strtolower(strflat(readarg($_POST['subscribe_mail'])));
}
if ($with_locale) {
if (isset($_POST['subscribe_locale'])) {
$user_locale = readarg($_POST['subscribe_locale']);
}
}
if (isset($_POST['subscribe_confirmed'])) {
$confirmed = readarg($_POST['subscribe_confirmed']) == 'on' ? true : false;
}
if (isset($_POST['subscribe_code'])) {
$code = readarg($_POST['subscribe_code']);
}
if (isset($_POST['subscribe_token'])) {
$token = readarg($_POST['subscribe_token']);
}
break;
default:
break;
}
$missing_code = false;
$bad_code = false;
$bad_token = false;
$missing_mail = false;
$bad_mail = false;
$duplicated_mail = false;
$missing_locale = false;
$bad_locale = false;
$missing_confirmation = false;
$email_registered = false;
$internal_error = false;
$contact_page = false;
switch ($action) {
case 'subscribe':
if (!isset($_SESSION['subscribe_token']) or $token != $_SESSION['subscribe_token']) {
$bad_token = true;
}
if ($with_captcha) {
if (!$code) {
$missing_code = true;
break;
}
$captcha = isset($_SESSION['captcha']['subscribe']) ? $_SESSION['captcha']['subscribe'] : false;
if (!$captcha or $captcha != strtoupper($code)) {
$bad_code = true;
break;
}
}
if (!$user_mail) {
$missing_mail = true;
} else {
if (!validate_mail($user_mail) or !is_mail_allowed($user_mail)) {
$bad_mail = true;
} else {
if (newsletter_get_user($user_mail)) {
$duplicated_mail = true;
}
}
}
if ($with_locale) {
if (!$user_locale) {
$missing_locale = true;
} else {
if (!validate_locale($user_locale)) {
$bad_locale = true;
}
}
}
if (!$confirmed) {
$missing_confirmation = true;
}
break;
default:
break;
}
switch ($action) {
case 'subscribe':
if ($bad_token or $missing_code or $bad_code or $missing_mail or $bad_mail or $duplicated_mail or $missing_locale or $bad_locale or $missing_confirmation) {
break;
}
$r = newsletter_create_user($user_mail, $user_locale);
if (!$r) {
$internal_error = true;
break;
}
require_once 'serveripaddress.php';
require_once 'emailme.php';
global $sitename;
$ip = server_ip_address();
$timestamp = strftime('%Y-%m-%d %H:%M:%S', time());
$subject = 'subscribe' . '@' . $sitename;
$msg = $ip . ' ' . $timestamp . ' ' . $lang . ' ' . $user_mail;
@emailme($subject, $msg);
$email_registered = true;
$confirmed = false;
break;
default:
break;
}
if ($internal_error) {
$contact_page = url('contact', $lang);
}
$_SESSION['subscribe_token'] = $token = token_id();
$errors = compact('missing_mail', 'bad_mail', 'missing_locale', 'bad_locale', 'duplicated_mail', 'missing_confirmation', 'missing_code', 'bad_code', 'internal_error', 'contact_page');
$infos = compact('email_registered');
$output = view('subscribe', $lang, compact('token', 'with_captcha', 'user_mail', 'with_locale', 'user_locale', 'confirmed', 'unsubscribe_page', 'errors', 'infos'));
return $output;
}
}
echo "<p><a href='{$translate_url}'>" . _("Back to the Translation Center") . "</a></p>";
} else {
if ($func == "upload") {
$locale = validate_locale($_REQUEST['locale']);
do_upload($locale);
echo "<p><a href='{$translate_url}?func=manage&locale={$locale}'>" . sprintf(_("Back to manage locale %s"), $locale) . "</a></p>";
} else {
if ($func == "merge") {
$locale = validate_locale($_REQUEST['locale']);
$fuzzy = @$_REQUEST['fuzzy'];
do_merge($locale, $fuzzy);
echo "<p><a href='{$translate_url}?func=manage&locale={$locale}'>" . sprintf(_("Back to manage locale %s"), $locale) . "</a></p>";
} else {
if ($func == "manage") {
$locale = validate_locale($_REQUEST['locale']);
manage_form($locale);
}
}
}
}
}
}
}
}
}
function main_form()
{
// display the list of languages with links to the downloadable PO files
global $dyn_locales_dir, $translate_url, $may_manage, $allowed_functions;
$pot_filename = "{$dyn_locales_dir}/messages.pot";
