// insert into the db. $password = $addslashes($_POST['form_password_hidden']); $usersDAO = new UsersDAO(); if (!$usersDAO->setPassword($_GET['id'], $password)) { require TR_INCLUDE_PATH . 'header.inc.php'; $msg->printErrors('DB_NOT_UPDATED'); require TR_INCLUDE_PATH . 'footer.inc.php'; exit; } // send email to user $user_row = $usersDAO->getUserByID($_GET['id']); $tmp_message = _AT('password_change_msg') . "\n\n"; $tmp_message .= _AT('web_site') . ' : ' . TR_BASE_HREF . "\n"; $tmp_message .= _AT('login_name') . ' : ' . $user_row['login'] . "\n"; require TR_INCLUDE_PATH . 'classes/phpmailer/transformablemailer.class.php'; $mail = new TransformableMailer(); $mail->From = $_config['contact_email']; $mail->AddAddress($user_row['email']); $mail->Subject = $_config['site_name'] . ': ' . _AT('password_changed'); $mail->Body = $tmp_message; if (!$mail->Send()) { $msg->addError('SENDING_ERROR'); } else { $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY'); } header('Location: index.php'); exit; } } /* template starts here */ $savant->display('user/user_password.tmpl.php');
} if (!$msg->containsErrors()) { if (defined('TR_EMAIL_CONFIRMATION') && TR_EMAIL_CONFIRMATION) { //send confirmation email $row = $_current_user->getInfo(); if ($row['email'] != $_POST['email']) { $code = substr(md5($_POST['email'] . $row['creation_date'] . $_SESSION['user_id']), 0, 10); $confirmation_link = TR_BASE_HREF . 'confirm.php?id=' . $_SESSION['user_id'] . SEP . 'e=' . urlencode($_POST['email']) . SEP . 'm=' . $code; /* send the email confirmation message: */ require TR_INCLUDE_PATH . 'classes/phpmailer/transformablemailer.class.php'; $mail = new TransformableMailer(); $mail->From = $_config['contact_email']; $mail->AddAddress($_POST['email']); $mail->Subject = SITE_NAME . ' - ' . _AT('email_confirmation_subject'); $mail->Body = _AT('email_confirmation_message2', $_config['site_name'], $confirmation_link); $mail->Send(); $msg->addFeedback('CONFIRM_EMAIL'); } else { $msg->addFeedback('CHANGE_TO_SAME_EMAIL'); } } else { //insert into database $_current_user->setEmail($addslashes($_POST[email])); $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY'); } } } $row = $_current_user->getInfo(); if (!isset($_POST['submit'])) { $_POST = $row; }