} else {
$error_count++;
}
}
}
// Add groups
if (!empty($add_groups)) {
// Convert string of comma-separated group_id's into array
$group_ids_arr = explode(',', $add_groups);
foreach ($group_ids_arr as $group_id) {
if (addUserToGroup($user_id, $group_id)) {
$success_count++;
} else {
$error_count++;
}
}
}
// Set primary group (must be done after group membership is set)
if ($primary_group_id && $userdetails['primary_group_id'] != $primary_group_id) {
if (updateUserPrimaryGroup($user_id, $primary_group_id)) {
$success_count++;
} else {
$error_count++;
}
}
restore_error_handler();
if ($error_count > 0) {
apiReturnError($ajax, getReferralPage());
} else {
apiReturnSuccess($ajax, getReferralPage());
}
}
}
$deny = $validate->optionalGetVar('deny');
// Code below should work on this page without any input and redirect the user back to login.php
// User has denied this request
if (!empty($deny)) {
$token = trim($deny);
if ($token == "" || !validateLostPasswordToken($token)) {
$errors[] = lang("FORGOTPASS_INVALID_TOKEN");
} else {
$userdetails = fetchUserAuthByActivationToken($token);
if (!flagLostPasswordRequest($userdetails["user_name"], 0)) {
$errors[] = lang("SQL_ERROR");
} else {
$successes[] = lang("FORGOTPASS_REQUEST_CANNED");
}
}
}
restore_error_handler();
foreach ($errors as $error) {
addAlert("danger", $error);
}
foreach ($successes as $success) {
addAlert("success", $success);
}
// Send to login page if failure
if (count($errors) > 0) {
apiReturnError($ajax, SITE_ROOT . "login.php");
} else {
apiReturnSuccess($ajax, SITE_ROOT . "forgot_password.php");
}
}
// Set primary group
if (!empty($primary_group_id)) {
if (updateUserPrimaryGroup($new_user_id, $primary_group_id)) {
// Account creation was successful!
addAlert("success", lang("ACCOUNT_PRIMARY_GROUP_SET"));
addAlert("success", lang("ACCOUNT_CREATION_COMPLETE", array($user_name)));
} else {
$error_count++;
}
}
// Otherwise, add default groups and set primary group for new users
} else {
if (dbAddUserToDefaultGroups($new_user_id)) {
if ($require_activation) {
// Activation required
addAlert("success", lang("ACCOUNT_REGISTRATION_COMPLETE_TYPE2"));
} else {
// No activation required
addAlert("success", lang("ACCOUNT_REGISTRATION_COMPLETE_TYPE1"));
}
} else {
apiReturnError($ajax, $admin == "true" ? ACCOUNT_ROOT : SITE_ROOT);
}
}
} else {
apiReturnError($ajax, $admin == "true" ? ACCOUNT_ROOT : SITE_ROOT);
}
restore_error_handler();
apiReturnSuccess($ajax, $admin == "true" ? ACCOUNT_ROOT : SITE_ROOT);
$password_hash = passwordHashUF($password);
if ($password_hash === null) {
error_log("Notice: outdated password hash could not be updated because new hashing algorithm is not supported. Are you running PHP >= 5.3.7?");
} else {
$loggedInUser->hash_pw = $password_hash;
updateUserField($loggedInUser->user_id, 'password', $password_hash);
error_log("Notice: outdated password hash has been automatically updated to modern hashing.");
}
}
// Create the user's CSRF token
$loggedInUser->csrf_token(true);
$_SESSION["userCakeUser"] = $loggedInUser;
$successes = array();
$successes[] = "Welcome back, " . $loggedInUser->displayname;
}
}
}
}
}
restore_error_handler();
foreach ($errors as $error) {
addAlert("danger", $error);
}
foreach ($successes as $success) {
addAlert("success", $success);
}
if (count($errors) > 0) {
apiReturnError($ajax, SITE_ROOT . "login.php");
} else {
apiReturnSuccess($ajax, ACCOUNT_ROOT);
}
if (!$mail->newTemplateMsg("resend-activation.txt", $hooks)) {
$errors[] = lang("MAIL_TEMPLATE_BUILD_ERROR");
} else {
if (!$mail->sendMail($userdetails["email"], "Activate your " . $websiteName . " Account")) {
$errors[] = lang("MAIL_ERROR");
} else {
//Success, user details have been updated in the db now mail this information out.
$successes[] = lang("ACCOUNT_NEW_ACTIVATION_SENT");
}
}
}
}
}
}
}
} else {
$errors[] = lang("NO_DATA");
}
restore_error_handler();
foreach ($errors as $error) {
addAlert("danger", $error);
}
foreach ($successes as $success) {
addAlert("success", $success);
}
// Send to home page if failure
if (count($errors) > 0) {
apiReturnError($ajax, SITE_ROOT . "index.php");
} else {
apiReturnSuccess($ajax, SITE_ROOT . "resend_activation.php");
}
