diff options
Diffstat (limited to '')
-rw-r--r-- | profile.php | 86 |
1 files changed, 44 insertions, 42 deletions
diff --git a/profile.php b/profile.php index f7a22b293..71a964d80 100644 --- a/profile.php +++ b/profile.php @@ -67,11 +67,30 @@ if ( isset( $_POST['submit'] ) ) { array_push( $errors, $lang['periods_error'] ); } - $mail_error = validate_mail_address( $_POST['mail_address'] ); - if ( $mail_error != '' ) array_push( $errors, $mail_error ); + + if ( $_POST['mail_address']!= $user['mail_address']) + { + if (!empty($_POST['password'])) + array_push( $errors, $lang['reg_err_pass'] ); + else + { + // retrieving the encrypted password of the login submitted + $query = 'SELECT password FROM '.USERS_TABLE.' + WHERE username = \''.$user['username'].'\';'; + $row = mysql_fetch_array(pwg_query($query)); + if ($row['password'] == md5($_POST['password'])) + { + $mail_error = validate_mail_address( $_POST['mail_address'] ); + if ( !empty($mail_error)) array_push( $errors, $mail_error ); + } + else + array_push( $errors, $lang['reg_err_pass'] ); + } + } + // password must be the same as its confirmation if ( isset( $_POST['use_new_pwd'] ) - and $_POST['password'] != $_POST['passwordConf'] ) + and $_POST['use_new_pwd'] != $_POST['passwordConf'] ) array_push( $errors, $lang['reg_err_pass'] ); if ( count( $errors ) == 0 ) @@ -92,26 +111,14 @@ if ( isset( $_POST['submit'] ) ) if ( isset( $_POST['use_new_pwd'] ) ) { $query = 'UPDATE '.USERS_TABLE; - $query.= " SET password = '".md5( $_POST['password'] )."'"; + $query.= " SET password = '".md5( $_POST['use_new_pwd'] )."'"; $query.= ' WHERE id = '.$user['id']; $query.= ';'; pwg_query( $query ); } - if ( isset( $_POST['create_cookie'] ) ) - { - setcookie( 'id',$page['session_id'],$_POST['cookie_expiration'], - cookie_path() ); - // update the expiration date of the session - $query = 'UPDATE '.SESSIONS_TABLE; - $query.= ' SET expiration = '.$_POST['cookie_expiration']; - $query.= " WHERE id = '".$page['session_id']."'"; - $query.= ';'; - pwg_query( $query ); - } + // redirection - $url = 'category.php'; - if ( !isset($_POST['create_cookie']) ) $url = add_session_id( $url,true ); - redirect( $url ); + redirect(add_session_id(PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'])); } } //----------------------------------------------------- template initialization @@ -124,20 +131,30 @@ include(PHPWG_ROOT_PATH.'include/page_header.php'); $template->set_filenames(array('profile'=>'profile.tpl')); $template->assign_vars(array( + 'USERNAME'=>$user['username'], + 'EMAIL'=>$user['mail_address'], 'LANG_SELECT'=>language_select($user['language'], 'language'), 'NB_IMAGE_LINE'=>$user['nb_image_line'], 'NB_ROW_PAGE'=>$user['nb_line_page'], 'STYLE_SELECT'=>style_select($user['template'], 'template'), 'RECENT_PERIOD'=>$user['recent_period'], + 'MAXWIDTH'=>$user['maxwidth'], + 'MAXHEIGHT'=>$user['maxheight'], $expand=>'checked="checked"', $nb_comments=>'checked="checked"', 'L_TITLE' => $lang['customize_title'], - 'L_PASSWORD' => $lang['password'], - 'L_NEW' => $lang['new'], - 'L_CONFIRM' => $lang['reg_confirm'], - 'L_COOKIE' => $lang['create_cookie'], + 'L_REGISTRATION_INFO' => $lang['register_title'], + 'L_PREFERENCES' => $lang['preferences'], + 'L_USERNAME' => $lang['login'], + 'L_EMAIL' => $lang['mail_address'], + 'L_CURRENT_PASSWORD' => $lang['password'], + 'L_CURRENT_PASSWORD_HINT' => $lang['password_hint'], + 'L_NEW_PASSWORD' => $lang['new_password'], + 'L_NEW_PASSWORD_HINT' => $lang['new_password_hint'], + 'L_CONFIRM_PASSWORD' => $lang['reg_confirm'], + 'L_CONFIRM_PASSWORD_HINT' => $lang['confirm_password_hint'], 'L_LANG_SELECT'=>$lang['language'], 'L_NB_IMAGE_LINE'=>$lang['nb_image_per_row'], 'L_NB_ROW_PAGE'=>$lang['nb_row_per_page'], @@ -145,15 +162,19 @@ $template->assign_vars(array( 'L_RECENT_PERIOD'=>$lang['recent_period'], 'L_EXPAND_TREE'=>$lang['auto_expand'], 'L_NB_COMMENTS'=>$lang['show_nb_comments'], + 'L_MAXWIDTH'=>$lang['maxwidth'], + 'L_MAXHEIGHT'=>$lang['maxheight'], 'L_YES'=>$lang['yes'], 'L_NO'=>$lang['no'], 'L_SUBMIT'=>$lang['submit'], + 'L_RETURN' => $lang['home'], + 'L_RETURN_HINT' => $lang['home_hint'], 'F_ACTION'=>add_session_id(PHPWG_ROOT_PATH.'profile.php'), 'U_RETURN' => add_session_id(PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING']) )); - + //-------------------------------------------------------------- errors display if ( sizeof( $errors ) != 0 ) { @@ -163,25 +184,6 @@ if ( sizeof( $errors ) != 0 ) $template->assign_block_vars('errors.error',array('ERROR'=>$errors[$i])); } } - -$template->assign_block_vars('text',array( - 'F_LABEL'=>$lang['maxwidth'], - 'F_NAME'=>'maxwidth', - 'F_VALUE'=>$user['maxwidth'] - )); - -$template->assign_block_vars('text',array( - 'F_LABEL'=>$lang['maxheight'], - 'F_NAME'=>'maxheight', - 'F_VALUE'=>$user['maxheight'] - )); - -$template->assign_block_vars('text',array( - 'F_LABEL'=>$lang['mail_address'], - 'F_NAME'=>'mail_address', - 'F_VALUE'=>$user['mail_address'] - )); - //----------------------------------------------------------- html code display $template->pparse('profile'); include(PHPWG_ROOT_PATH.'include/page_tail.php'); |