$logger->addMsg(Pommo::_T('No code given.'));
$view->display('user/confirm');
Pommo::kill();
}
// lookup code
$pending = Pommo_Pending::get($_GET['code']);
if (!$pending) {
$logger->addMsg(Pommo::_T('Invalid code! Make sure you copied it correctly from the email.'));
$view->display('user/confirm');
Pommo::kill();
}
// Load success messages and redirection URL from config
$config = Pommo_Api::configGet(array('site_success', 'messages', 'notices'));
$messages = unserialize($config['messages']);
$notices = unserialize($config['notices']);
if (Pommo_Pending::perform($pending)) {
require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php';
// get subscriber info
require_once Pommo::$_baseDir . 'classes/Pommo_Subscribers.php';
$subscriber = current(Pommo_Subscribers::get(array('id' => $pending['subscriber_id'])));
switch ($pending['type']) {
case "add":
// send/print welcome message
Pommo_Helper_Messages::sendMessage(array('to' => $subscriber['email'], 'type' => 'subscribe'));
if (isset($notices['subscribe']) && $notices['subscribe'] == 'on') {
Pommo_Helper_Messages::notify($notices, $subscriber, 'subscribe');
}
if (!empty($config['site_success'])) {
Pommo::redirect($config['site_success']);
}
break;
$msg = Pommo::_T('subscription request');
$pending['type'] = 'confirm';
// normalize for Pommo_Helper_Messages::sendMessage
break;
case "change":
$msg = Pommo::_T('record update request');
$pending['type'] = 'update';
// normalize for Pommo_Helper_Messages::sendMessage
break;
case "password":
$msg = Pommo::_T('password change request');
break;
default:
Pommo::redirect('login.php?badPendingType=TRUE');
}
// check if user wants to reconfirm or cancel their request
if (!empty($_POST)) {
if (isset($_POST['reconfirm'])) {
require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php';
Pommo_Helper_Messages::sendMessage(array('to' => $input['Email'], 'code' => $pending['code'], 'type' => $pending['type']));
} elseif (isset($_POST['cancel'])) {
if (Pommo_Pending::cancel($pending)) {
$logger->addMsg(sprintf(Pommo::_T('Your %s has been cancelled.'), $msg));
}
}
$smarty->assign('nodisplay', TRUE);
} else {
$logger->addMsg(sprintf(Pommo::_T('Your %s is still pending. To complete this request, please review the confirmation email sent to %s.'), $msg, $input['Email']));
}
$smarty->display('user/pending.tpl');
Pommo::kill();
// generate captcha
$captcha = substr(md5(rand()), 0, 4);
$view->assign('captcha', $captcha);
} elseif ($_POST['captcha'] == $_POST['realdeal']) {
// user inputted captcha matched. Reset password
require_once Pommo::$_baseDir . 'classes/Pommo_Pending.php';
require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php';
// see if there is already a pending request for the administrator
// [subscriber id == 0]
if (Pommo_Pending::isPending(0)) {
$input = urlencode(serialize(array('adminID' => TRUE, 'Email' => Pommo::$_config['admin_email'])));
Pommo::redirect(Pommo::$_http . Pommo::$_baseUrl . 'pending.php?input=' . $input);
}
// create a password change request, send confirmation mail
$subscriber = array('id' => 0);
$code = Pommo_Pending::add($subscriber, 'password');
Pommo_Helper_Messages::sendMessage(array('to' => Pommo::$_config['admin_email'], 'code' => $code, 'type' => 'password'));
$view->assign('captcha', FALSE);
} else {
// captcha did not match
$logger->addMsg(Pommo::_T('Captcha did not match. Try again.'));
}
} elseif (!Pommo::$_hasConfigFile && $_POST['configure']) {
// Try to connect to database with data entered from the user.
// I am not using /inc/classes/db.php because it kills the proccess when
// connection is not possible
// TODO: db.php shouldnt kill the process
$link = @mysql_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass']);
if (!$link) {
// Could not connect
$configErrors[] = 'Could not connect to host. Check your settings
function add(&$subscriber, $type = null)
{
global $pommo;
$dbo =& Pommo::$_dbo;
$logger =& Pommo::$_logger;
switch ($type) {
case 'add':
case 'del':
case 'change':
case 'password':
break;
default:
$logger->addErr('Unknown type passed to Pommo_Pending::add');
return false;
}
$p = array('subscriber_id' => $subscriber['id'], 'type' => $type, 'code' => Pommo_Helper::makeCode(), 'array' => $type == 'change' ? $subscriber : array());
$pending = Pommo_Pending::make($p);
if (!Pommo_Pending::validate($pending)) {
$logger->addErr('Pommo_Pending::add() failed validation');
return false;
}
if (!empty($pending['array'])) {
$pending['array'] = serialize($pending['array']);
}
// check for pre-existing pending request
if (Pommo_Pending::isPending($pending['subscriber_id'])) {
return false;
}
$query = "\n\t\t\tINSERT INTO " . $dbo->table['subscriber_pending'] . "\n\t\t\tSET\n\t\t\t\t[pending_array='%S',]\n\t\t\t\tsubscriber_id=%i,\n\t\t\t\tpending_type='%s',\n\t\t\t\tpending_code='%s'";
$query = $dbo->prepare($query, array($pending['array'], $pending['subscriber_id'], $pending['type'], $pending['code']));
if (!$dbo->query($query)) {
return false;
}
return $pending['code'];
}
$formError = array();
$formError['email'] = Pommo::_T('Invalid email address');
$smarty->assign('formError', $formError);
// Assign email to form if pre-provided
if (isset($_REQUEST['Email'])) {
$smarty->assign('Email', $_REQUEST['Email']);
} elseif (isset($_REQUEST['email'])) {
$smarty->assign('Email', $_REQUEST['email']);
}
} else {
// ___ USER HAS SENT FORM ___
SmartyValidate::connect($smarty);
if (SmartyValidate::is_valid($_POST)) {
// __ FORM IS VALID __
if (Pommo_Helper::isDupe($_POST['Email'])) {
if (Pommo_Pending::isEmailPending($_POST['Email'])) {
$input = urlencode(serialize(array('Email' => $_POST['Email'])));
SmartyValidate::disconnect();
Pommo::redirect('pending.php?input=' . $input);
} else {
// __ EMAIL IN SUBSCRIBERS TABLE, REDIRECT
SmartyValidate::disconnect();
Pommo::redirect('activate.php?email=' . $_POST['Email']);
}
} else {
// __ REPORT STATUS
$logger->addMsg(Pommo::_T('Email address not found! Please try again.'));
$logger->addMsg(sprintf(Pommo::_T('To subscribe, %sclick here%s'), '<a href="' . Pommo::$_baseUrl . 'subscribe.php?Email=' . $_POST['Email'] . '">', '</a>'));
}
}
$smarty->assign($_POST);
$view->assign('d', $subscriber['data']);
}
// check for an update + validate new subscriber info (also converts dates to ints)
if (!empty($_POST['update']) && Pommo_Validate::subscriberData($_POST['d'])) {
$newsub = array('id' => $subscriber['id'], 'email' => $subscriber['email'], 'data' => $_POST['d']);
if (!empty($_POST['newemail'])) {
// if change in email, validate and send confirmation of update
if ($_POST['newemail'] != $_POST['newemail2']) {
$logger->addErr(Pommo::_T('Emails must match.'));
} elseif (!Pommo_Helper::isEmail($_POST['newemail'])) {
$logger->addErr(Pommo::_T('Invalid Email Address'));
} elseif (Pommo_Helper::isDupe($_POST['newemail'])) {
$logger->addMsg(Pommo::_T('Email address already exists. Duplicates are not allowed.'));
} else {
$newsub['email'] = $_POST['newemail'];
$code = Pommo_Pending::add($newsub, 'change');
if (!$code) {
die('Failed to Generate Pending Subscriber Code');
}
require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php';
Pommo_Helper_Messages::sendMessage(array('to' => $newsub['email'], 'code' => $code, 'type' => 'update'));
if (isset($notices['update']) && $notices['update'] == 'on') {
Pommo_Helper_Messages::notify($notices, $newsub, 'update');
}
}
} elseif (!Pommo_Subscribers::update($newsub, 'REPLACE_ACTIVE')) {
$logger->addErr('Error updating subscriber.');
} else {
// update successful
$logger->addMsg(Pommo::_T('Your records have been updated.'));
require_once Pommo::$_baseDir . 'classes/Pommo_Helper_Messages.php';
