/** * Get the current user ID. If nobody is logged in, redirect to the login page. */ function user_id() { require_login(); $user = User::getInstance(db()); return $user->getId(); }
/** * Allows users to delete OpenID locations from their account. */ require_login(); $messages = array(); $errors = array(); $identity = require_post("identity"); // make sure we aren't deleting our last identity $q = db()->prepare("SELECT COUNT(*) AS c FROM user_openid_identities WHERE user_id=?"); $q->execute(array(user_id())); $count = $q->fetch(); // or we have an OAuth2 identity $q = db()->prepare("SELECT * FROM user_oauth2_identities WHERE user_id=? LIMIT 1"); $q->execute(array(user_id())); $oauth2 = $q->fetch(); // or we have a password hash $q = db()->prepare("SELECT * FROM user_passwords WHERE user_id=?"); $q->execute(array(user_id())); $password_hash = $q->fetch(); if ($count['c'] <= 1 && !$password_hash && !$oauth2) { $errors[] = t("Cannot remove that OpenID identity; at least one identity must be defined."); set_temporary_messages($messages); set_temporary_errors($errors); redirect(url_for('user#user_openid')); } $user = \Users\User::getInstance(db()); \Users\UserOpenID::removeIdentity(db(), $user, $identity); $messages[] = t("Removed OpenID identity ':identity'.", array(':identity' => $identity)); set_temporary_messages($messages); set_temporary_errors($errors); redirect(url_for('user#user_openid'));
$messages = array(); $errors = array(); $password = require_post("password", false); $password2 = require_post("password2", false); if ($password && (strlen($password) < 6 || strlen($password) > 255)) { $errors[] = t("Please select a password between :min-:max characters long.", array(':min' => 6, ':max' => 255)); } if ($password && $password != $password2) { $errors[] = t("Those passwords do not match."); } if (!$user['email']) { $errors[] = t("You need to have added an e-mail address to your account before you can enable password login."); } // check there are no other accounts using a password hash on this e-mail address $q = db()->prepare("SELECT * FROM users WHERE email=? AND id <> ?"); $q->execute(array($user['email'], user_id())); if ($q->fetch()) { $errors[] = t("This e-mail address is already being used by another account for password login."); } if (!$errors) { // change password $user_instance = \Users\User::getInstance(db()); \Users\UserPassword::changePassword(db(), $user_instance, $password); $messages[] = t("Updated password."); $name = $user['name'] ? $user['name'] : $user['email']; $email = $user['email']; send_user_email($user, $user['password_hash'] ? "password_changed" : "password_added", array("email" => $email, "name" => $name)); } set_temporary_messages($messages); set_temporary_errors($errors); redirect(url_for('user#user_password'));