function execute($request)
{
$user_info = api_account_lookup_user_by_name($request['path_parts'][1]);
if ($user_info == null) {
return build_response_not_found("Not account by that name exists.");
}
$user_id = $user_info['user_id'];
$output = array('<h1>' . htmlspecialchars($user_info['name']) . '</h1>');
$profile = sql_query_item("SELECT * FROM `user_profiles` WHERE `user_id` = {$user_id} LIMIT 1");
if ($profile == null) {
$profile = array();
}
if (strlen($user_info['image_id']) > 0) {
array_push($output, '<div>', '<img src="/uploads/avatars/' . $user_info['image_id'] . '" />', '</div>');
}
$blurb = trim($profile['blurb']);
if (strlen($blurb) > 0) {
array_push($output, '<div>', nl2br(htmlspecialchars($blurb)), '</div>');
}
array_push($output, '<div style="padding-top:100px; font-style:italic; color:#888;">', "More interesting stuff will be put here, I promise.", '</div>');
return build_response_ok($user_info['name'], implode("\n", $output));
}
function api_account_change_password($name, $old_password, $new_password1, $new_password2)
{
// TODO: send an email
$user_info = api_account_lookup_user_by_name($name);
if (strlen($new_password1) == 0) {
return api_error("INVALID");
}
if (api_account_hash_password($old_password) != $user_info['pass_hash']) {
return api_error('WRONG_OLD_PASSWORD');
}
$pw_check = api_account_validate_password($name, $new_password1, $new_password2);
if ($pw_check['status'] == 'ERROR') {
return $pw_check;
}
$password = $pw_check['password'];
$pass_hash = api_account_hash_password($password);
sql_query("UPDATE `users` SET `pass_hash` = '{$pass_hash}' WHERE `user_id` = " . $user_info['user_id'] . " LIMIT 1");
return api_success();
}
