/**
* Überprüft, ob das angegebene Passwort korrekt ist. Wenn dem so ist,
* wird je nachdem, welche Daten vorhanden sind, das Passwort und/oder
* die E-Mail-Adresse modifiziert.
*/
function executeModification()
{
// Passwort überpruefen
if (!isset($_POST['currentPassword'])) {
throw new Exception('Bitte geben Sie Ihr Passwort an.');
}
$verified = verifyPassword();
if (!$verified) {
throw new Exception('Bitte geben Sie ihr korrektes Passwort an.');
}
$success = true;
$userid = $_SESSION['userid'];
// überpruefen, was geändert werden soll
$changePassword = isset($_POST['newPassword']) && $_POST['newPassword'] != '' && (isset($_POST['newPasswordRepeat']) && $_POST['newPasswordRepeat'] != '');
$changeEmail = isset($_POST['newEmail']) && $_POST['newEmail'] != '' && (isset($_POST['newEmailRepeat']) && $_POST['newEmailRepeat'] != '');
if ($changePassword) {
$success &= changePassword();
}
if ($changeEmail) {
$success &= changeEmail();
}
if ($success) {
if ($changeEmail && $changePassword) {
echo "Ihre E-Mail-Adresse und Ihr Passwort wurden erfolgreich geändert.";
} else {
if ($changeEmail && !$changePassword) {
echo "Ihre E-Mail-Adresse wurde erfolgreich geändert.";
} else {
if (!$changeEmail && $changePassword) {
echo "Ihr Passwort wurde erfolgreich geändert.";
}
}
}
} else {
throw new Exception();
}
}
if ($_POST["newpassword1"] != $_POST["newpassword2"]) {
$error = $treng->_("New passwords don't match", "dashboard");
} else {
$res = changePassword($_POST["oldpassword"], $_POST["newpassword1"]);
$success = $res[0];
if (!$success) {
$error = $res[1];
}
}
}
}
if (@$_GET['obj2'] == "change_email" && isset($_POST["oldpassword"])) {
if (@empty($_POST["oldpassword"]) || @empty($_POST["newemail"])) {
$error = $treng->_("Inputs missing", "dashboard");
} else {
$res = changeEmail($_POST["oldpassword"], $_POST["newemail"]);
$success = $res[0];
if (!$success) {
$error = $res[1];
}
}
}
if ($success) {
$html = "<span style=\"color:green;\">" . $treng->_("Email and/or Password changed successfully!", "dashboard") . "</span>";
} elseif (!empty($error)) {
$html = "<span style=\"color:red;\">{$error}</span>";
}
$pg->setLayout($pg->FullColumn);
if (!isset($forfacebook) || $forfacebook != 2) {
$html .= "<form method=\"POST\" action=\"{$service_host}{$group_name}/dashboard/password/change_password\">";
} else {
function process_post()
{
/* We switch according to the $_POST[action] variable, which is a hidden
* submit formfield in each <form>. see html/add*.txt for more information.
*/
switch ("{$_POST['action']}") {
/*
* Add new user. We wont touch that here. Let auth() handle that.
*/
case "newuser":
addNewUser();
break;
/*
* Update to the about box in profiles.
*/
/*
* Update to the about box in profiles.
*/
case "modprofile":
modProfile();
break;
/*
* Change password. We wont touch that here. Let auth() handle that.
*/
/*
* Change password. We wont touch that here. Let auth() handle that.
*/
case "changepw":
changePassword();
break;
/*
* Change email.
*/
/*
* Change email.
*/
case "changeemail":
changeEmail();
break;
/*
* Change can view preferences.
*/
/*
* Change can view preferences.
*/
case "changecanpage":
changeCanPrefs();
break;
/*
* Update API Key
*/
/*
* Update API Key
*/
case "update_api":
global $MySelf;
$api = new api($MySelf->getID());
if ($_POST[deleteKey]) {
// Delete api Key
$api->deleteApiKey();
makeNotice("Your API key has been delete from the database.", "notice", "API Key wipe success", "index.php?action=preferences");
} else {
// Update api key
$api->setApiKey($_POST[apiID], $_POST[apiKey]);
makeNotice("Your new API key has been stored.", "notice", "API Key update success", "index.php?action=preferences");
}
break;
/*
* Add a Rank
*/
/*
* Add a Rank
*/
case "addnewrank":
addRank();
break;
/*
* Edit the ranks
*/
/*
* Edit the ranks
*/
case "editranks":
editRanks();
break;
/*
* Change opt-in status.
*/
/*
* Change opt-in status.
*/
case "optIn":
toggleOptIn();
break;
/*
* Change See Inoffical Runs Setting (sir)
*/
/*
* Change See Inoffical Runs Setting (sir)
*/
case "sirchange":
sirchange();
break;
/*
* Submiting a template change form
*/
/*
* Submiting a template change form
*/
case "editTemplate":
editTemplate();
break;
/*
* Change ore value.
*/
/*
* Change ore value.
*/
case "changeore":
changeOreValue();
break;
/*
* Change ship value.
*/
/*
* Change ship value.
*/
case "changeship":
changeShipValue();
break;
/*
* Delete pending payout request
*/
/*
* Delete pending payout request
*/
case "deleteRequest":
deletePayoutRequest();
break;
/*
* Modify online time.
*/
/*
* Modify online time.
*/
case "modonlinetime":
modOnlineTime();
break;
/*
* Modify site settings.
*/
/*
* Modify site settings.
*/
case "configuration":
modConfiguration();
break;
/*
* Add an event to the DB
*/
/*
* Add an event to the DB
*/
case "addevent":
addEventToDB();
break;
/*
* Request payout.
*/
/*
* Request payout.
*/
case "requestPayout":
requestPayout();
break;
/*
* Transfer Money
*/
/*
* Transfer Money
*/
case "transferMoney":
transferMoney();
break;
/*
* Do the payouts
*/
/*
* Do the payouts
*/
case "payout":
doPayout();
break;
/*
* Create a new can in the Database.
*/
/*
* Create a new can in the Database.
*/
case "addcan":
addCanToDatabase();
break;
/*
* Admin request to change a user.
*/
/*
* Admin request to change a user.
*/
case "edituser":
editUser();
break;
/*
* AddRun
* This adds a new run to the database.
*/
/*
* AddRun
* This adds a new run to the database.
*/
case "addrun":
addRun();
break;
/*
* Analog to AddRun, just for Hauls.
*/
/*
* Analog to AddRun, just for Hauls.
*/
case "addhaul":
addHaul();
break;
/*
* Create a new transaction.
*/
/*
* Create a new transaction.
*/
case "transaction":
createTransaction();
break;
/*
* Lotto stuff
*/
/*
* Lotto stuff
*/
case "editLottoTickets":
lotto_editCreditsInDB();
break;
case "createDrawing":
lotto_createDrawing();
break;
case "lottoBuyCredits":
lotto_buyTickets();
break;
}
}
function disp_body()
{
if (!isset($_GET['p'])) {
disp_cats();
} elseif (isset($_GET['id'])) {
if ($_GET['p'] == 'f') {
if (isset($_POST['topicname']) && isset($_POST['message']) && connected()) {
if (newTopic($_POST['topicname'], $_GET['id'], $_SESSION['id'], $_POST['message'])) {
disp_error(ERR_404);
} elseif (disp_forum($_GET['id'])) {
disp_error(ERR_404);
}
} elseif (disp_forum($_GET['id'])) {
disp_error(ERR_404);
}
} else {
if ($_GET['p'] == 't') {
if (isset($_POST['message']) && connected()) {
if (newPost($_POST['message'], $_GET['id'], $_SESSION['id'])) {
disp_error(ERR_404);
} elseif (disp_topic($_GET['id'])) {
disp_error(ERR_404);
}
} elseif (disp_topic($_GET['id'])) {
disp_error(ERR_404);
}
} else {
if ($_GET['p'] == 'm') {
if (disp_member($_GET['id'])) {
disp_error(ERR_404);
}
} elseif ($_GET['p'] == 'newt' || $_GET['p'] == 'newp') {
if (connected()) {
?>
<div id="forum"><h2><?php
if ($_GET['p'] == 'newt') {
?>
Créer un nouveau topic :<?php
} else {
?>
Poster un nouveau message : <?php
}
?>
</h2>
<form method="post" action="index.php?p=<?php
if ($_GET['p'] == 'newt') {
echo 'f';
} else {
echo 't';
}
?>
&id=<?php
echo $_GET['id'];
?>
">
<p>
<?php
if ($_GET['p'] == 'newt') {
?>
<label for="topicname">Nom du topic :</label><input id="topicname" type="text" name="topicname" maxlength="64"/><br/><?php
}
?>
<label for="message">Message :</label><textarea id="message" name="message"></textarea><br/>
<input type="submit" value="Valider"/>
</p>
</form>
</div>
<?php
} else {
disp_error(ERR_GDC_DC);
}
} else {
disp_error(ERR_404);
}
}
}
} elseif ($_GET['p'] == 'inscr') {
disp_inscriptionForm();
} elseif ($_GET['p'] == 'dc') {
?>
<p>Vous êtes maintenant déconnecté.</p><?php
} elseif ($_GET['p'] == 'co_ok') {
?>
<p>Vous êtes maintenant connecté.</p><?php
} elseif ($_GET['p'] == 'inscr_ok') {
?>
<p>Vous êtes maintenant incrit sur ce forum.</p><?php
} elseif ($_GET['p'] == 'gdc') {
if (connected()) {
if (isset($_POST['gdc_mdp']) && isset($_POST['gdc_cmdp'])) {
if ($_POST['gdc_mdp'] == $_POST['gdc_cmdp']) {
if (changeMDP($_SESSION['id'], $_POST['gdc_mdp'])) {
disp_error(ERR_INSCR_MDP);
} else {
echo '<div id="green"><p>' . GDC_MDP_CHANGED . '</p></div>';
}
} else {
disp_error(ERR_INSCR_CONF);
}
} elseif (isset($_POST['gdc_email'])) {
if (changeEmail($_SESSION['id'], $_POST['gdc_email'])) {
disp_error(ERR_INSCR_EMAIL);
} else {
echo '<div id="green"><p>' . GDC_EMAIL_CHANGED . '</p></div>';
}
} else {
disp_gdc();
}
} else {
disp_error(ERR_GDC_DC);
}
} else {
disp_error(ERR_404);
}
}
if ($deleteAccount == 2) {
SESSION::set('delete_attempts', 1);
$error = 'Deleting of account failed, please email ' . SUPPORT_EMAIL;
} else {
$confirm_delete = true;
}
}
} else {
if ($change_email) {
if ($change_email == 2) {
$verify = is_authentic($username, $passW);
if ($verify) {
if ($in_newEmail === $in_confirmEmail) {
if (!email_is_duplicate($in_newEmail)) {
if (email_fits_pattern($in_newEmail)) {
changeEmail($user_id, $in_newEmail);
$change_email = 0;
$successMessage = 'Your email has been updated.';
} else {
$error = 'Your email must be a valid email address containing a domain name and no spaces.';
}
} else {
$error = 'The email you provided is already in use.';
}
} else {
$error = 'Your new emails did not match.';
}
} else {
$error = 'You did not provide the correct current password.';
}
}
function changeDetails()
{
global $DB, $lang, $user, $Account;
$success = 0;
// If password isnt emtpy
if (!empty($_POST['new_pass'])) {
$change = changePass();
if ($change == TRUE) {
$success++;
}
} else {
$success++;
}
$setemail = changeEmail();
if ($setemail == TRUE) {
$success++;
}
$setexp = $Account->setExpansion($user['id'], $_POST['exp']);
if ($setexp == TRUE) {
$success++;
}
if ($success == 3) {
output_message('success', $lang['account_update_success'] . '<meta http-equiv=refresh content="4;url=?p=account&sub=manage">');
}
}
register();
} else {
if ($_GET["function"] == "feed-name") {
feedName();
} else {
if ($_GET["function"] == "check-email") {
checkEmail();
} else {
if ($_GET["function"] == "sign-out") {
signOut();
} else {
if ($_GET["function"] == "unsubscribe") {
unsubscribe();
} else {
if ($_GET["function"] == "change-email") {
changeEmail();
} else {
if ($_GET["function"] == "set-folder") {
setFolder();
} else {
if ($_GET["function"] == "like") {
like();
} else {
if ($_GET["function"] == "mark-as-read") {
markAsRead();
} else {
if ($_GET["function"] == "delete-account") {
deleteAccount();
} else {
if ($_GET["function"] == "count-unread") {
countUnread();
