function loadRows()
{
global $prow, $rrows, $Conf, $Me;
$Conf->paper = $prow = PaperTable::paperRow($whyNot);
if (!$prow) {
errorMsgExit(whyNotText($whyNot, "view"));
}
if ($whyNot = $Me->perm_request_review($prow, false)) {
$wnt = whyNotText($whyNot, "request reviews for");
error_go(hoturl("paper", array("p" => $prow->paperId, "ls" => @$_REQUEST["ls"])), $wnt);
}
$rrows = $Conf->reviewRow(array('paperId' => $prow->paperId, 'array' => 1), $whyNot);
}
function change_email_by_capability()
{
global $Conf, $Me;
$capmgr = $Conf->capability_manager();
$capdata = $capmgr->check($_REQUEST["changeemail"]);
if (!$capdata || $capdata->capabilityType != CAPTYPE_CHANGEEMAIL || !($capdata->data = json_decode($capdata->data)) || !@$capdata->data->uemail) {
error_go(false, "That email change code has expired, or you didn’t enter it correctly.");
}
$Acct = Contact::find_by_id($capdata->contactId);
if (!$Acct) {
error_go(false, "No such account.");
}
$email = $capdata->data->uemail;
if (Contact::id_by_email($email)) {
error_go(false, "Email address “" . htmlspecialchars($email) . "” is already in use. You may want to <a href=\"" . hoturl("mergeaccounts") . "\">merge these accounts</a>.");
}
$Acct->change_email($email);
$capmgr->delete($capdata);
$Conf->confirmMsg("Your email address has been changed.");
if (!$Me->has_database_account() || $Me->contactId == $Acct->contactId) {
$Me = $Acct->activate();
}
}
if (!$resetcap) {
error_go(false, "You didn’t enter the full password reset link into your browser. Make sure you include the reset code (the string of letters, numbers, and other characters at the end).");
}
$iscdb = substr($resetcap, 0, 1) === "U";
$capmgr = $Conf->capability_manager($resetcap);
$capdata = $capmgr->check($resetcap);
if (!$capdata || $capdata->capabilityType != CAPTYPE_RESETPASSWORD) {
error_go(false, "That password reset code has expired, or you didn’t enter it correctly.");
}
if ($iscdb) {
$Acct = Contact::contactdb_find_by_id($capdata->contactId);
} else {
$Acct = Contact::find_by_id($capdata->contactId);
}
if (!$Acct) {
error_go(false, "That password reset code refers to a user who no longer exists. Either create a new account or contact the conference administrator.");
}
// don't show information about the current user, if there is one
$Me = new Contact();
$password_class = "";
if (isset($_POST["go"]) && check_post()) {
$_POST["password"] = trim(get_s($_POST, "password"));
$_POST["password2"] = trim(get_s($_POST, "password2"));
if ($_POST["password"] == "") {
Conf::msg_error("You must enter a password.");
} else {
if ($_POST["password"] !== $_POST["password2"]) {
Conf::msg_error("The two passwords you entered did not match.");
} else {
if (!Contact::valid_password($_POST["password"])) {
Conf::msg_error("Invalid password.");
function escape()
{
global $Conf;
if (get($_REQUEST, "ajax")) {
if ($this->is_empty()) {
$Conf->ajaxExit(array("ok" => 0, "loggedout" => 1));
} else {
$Conf->ajaxExit(array("ok" => 0, "error" => "You don’t have permission to access that page."));
}
}
if ($this->is_empty()) {
// Preserve post values across session expiration.
$x = array();
if (Navigation::path()) {
$x["__PATH__"] = preg_replace(",^/+,", "", Navigation::path());
}
if (get($_REQUEST, "anchor")) {
$x["anchor"] = $_REQUEST["anchor"];
}
$url = selfHref($x, array("raw" => true, "site_relative" => true));
$_SESSION["login_bounce"] = array($Conf->dsn, $url, Navigation::page(), $_POST);
if (check_post()) {
error_go(false, "You’ve been logged out due to inactivity, so your changes have not been saved. After logging in, you may submit them again.");
} else {
error_go(false, "You must sign in to access that page.");
}
} else {
error_go(false, "You don’t have permission to access that page.");
}
}
$iscdb = substr($_REQUEST["resetcap"], 0, 1) === "U";
$capmgr = $Conf->capability_manager($_REQUEST["resetcap"]);
$capdata = $capmgr->check($_REQUEST["resetcap"]);
if (!$capdata || $capdata->capabilityType != CAPTYPE_RESETPASSWORD) {
error_go(false, "That password reset code has expired, or you didn’t enter it correctly.");
}
if ($iscdb) {
$Acct = Contact::contactdb_find_by_id($capdata->contactId);
} else {
$Acct = Contact::find_by_id($capdata->contactId);
}
if (!$Acct) {
error_go(false, "That password reset code refers to a user who no longer exists. Either create a new account or contact the conference administrator.");
}
if (isset($Opt["ldapLogin"]) || isset($Opt["httpAuthLogin"])) {
error_go(false, "Password reset links aren’t used for this conference. Contact your system administrator if you’ve forgotten your password.");
}
// don't show information about the current user, if there is one
$Me = new Contact();
$password_class = "";
if (isset($_POST["go"]) && check_post()) {
$_POST["password"] = trim((string) @$_POST["password"]);
$_POST["password2"] = trim((string) @$_POST["password2"]);
if ($_POST["password"] == "") {
Conf::msg_error("You must enter a password.");
} else {
if ($_POST["password"] !== $_POST["password2"]) {
Conf::msg_error("The two passwords you entered did not match.");
} else {
if (!Contact::valid_password($_POST["password"])) {
Conf::msg_error("Invalid password.");
