$tpl->set_block("forgotpassword", "success");
$tpl->set_block("forgotpassword", "unknown");
$page = $_REQUEST['page'];
if (!isset($page)) {
$page = "/";
}
/* FIXME: Dumb workaround */
unset($tpl->varkeys["PAGE"]);
unset($tpl->varvals["PAGE"]);
$tpl->set_var("PAGE", $page);
/* forgotpassword might get a POST with submit/email, or
a simple GET with email */
if (isset($_REQUEST['email'])) {
$email = $_REQUEST['email'];
$tpl->set_var("EMAIL", $email);
$user = new AccountUser();
$user->find_by_email($email);
if (!$user->valid()) {
$tpl->set_var("success", "");
} else {
$user->forgotpassword();
$user->update();
$tpl->set_var("unknown", "");
$tpl->set_var("form", "");
}
} else {
$tpl->set_var("EMAIL", "");
$tpl->set_var("unknown", "");
$tpl->set_var("success", "");
}
print generate_page('Forgot Password', $tpl->parse("content", "forgotpassword"));
if ($password1 != $password2) {
$error .= "Passwords do not match, please check and try again\n";
} else {
$user->password($password1);
}
}
}
} else {
$tpl->set_var(array("error" => "", "name" => "", "email" => "", "password" => ""));
}
if (empty($error)) {
if (($user->status == 'Suspended' || $user->status == 'Deleted') && (isset($user->update['name']) || isset($update_email))) {
echo "You are suspended or deleted and not allowed to change your screen name or email address\n";
exit;
}
if (!$user->update()) {
if (!$user->name) {
$error .= "The name '{$name}' is taken\n";
} else {
if (!$user->shortname) {
$error .= "The name '{$name}' is too similar to a name already taken\n";
}
}
} else {
$tpl->set_var("NAME", $name);
}
}
if (isset($update_email) && empty($error)) {
$email_tid = $user->verify_email($update_email);
if (!$email_tid) {
$error .= "The email address '{$update_email}' is already used by another account\n";
$tpl->set_var("COOKIE", $cookie);
} else {
err_not_found('No cookie');
}
} else {
$user = new AccountUser();
$user->find_by_aid((int) $pending['aid']);
if (!$user->valid()) {
$error = "invalid_aid";
} else {
db_exec("update u_pending set status = 'Done' where tid = ?", array($pending['tid']));
switch ($pending['type']) {
case "NewAccount":
if ($user->status == 'Create') {
$user->status("Active");
if (!$user->update()) {
$error = "activate_failed";
} else {
$success = "create";
}
} else {
$success = "create";
}
/* HACK: Workaround lame template engine */
$_domain = $tpl->get_var("DOMAIN");
unset($tpl->varkeys["DOMAIN"]);
unset($tpl->varvals["DOMAIN"]);
$tpl->set_var("DOMAIN", $_domain);
$user->setcookie();
break;
case "ChangeEmail":
$user->req("ForumAdmin");
if (!is_valid_integer($_GET['aid'])) {
Header("Location: /admin/?message=" . urlencode("No AID!"));
exit;
}
if (!$user->is_valid_token($_REQUEST['token'])) {
err_not_found('Invalid token');
}
$aid = $_GET['aid'];
$uuser = new AccountUser();
$uuser->find_by_aid((int) $aid);
if (!$uuser->valid()) {
Header("Location: /admin/?message=" . urlencode("Invalid AID {$aid}"));
exit;
}
if (isset($_GET['undo'])) {
if ($uuser->status == "Suspended") {
$uuser->status("Active");
$uuser->update();
}
} else {
if ($uuser->status == "Active") {
$uuser->status("Suspended");
$uuser->update();
}
}
if (!isset($_GET['page'])) {
Header("Location: /account/{$aid}.phtml");
} else {
Header("Location: " . $_GET['page']);
}
