profile/change_email.php

   1 <?php
   2 /************************************************************************/
   3 /* AContent                                                             */
   4 /************************************************************************/
   5 /* Copyright (c) 2010                                                   */
   6 /* Inclusive Design Institute                                           */
   7 /*                                                                      */
   8 /* This program is free software. You can redistribute it and/or        */
   9 /* modify it under the terms of the GNU General Public License          */
  10 /* as published by the Free Software Foundation.                        */
  11 /************************************************************************/
  12
  13 define('TR_INCLUDE_PATH', '../include/');
  14 require(TR_INCLUDE_PATH.'vitals.inc.php');
  15 require_once(TR_INCLUDE_PATH.'classes/DAO/UsersDAO.class.php');
  16
  17 global $_current_user;
  18
  19 if (!isset($_current_user))
  20 {
  21         require(TR_INCLUDE_PATH.'header.inc.php');
  22         $msg->printInfos('INVALID_USER');
  23         require(TR_INCLUDE_PATH.'footer.inc.php');
  24         exit;
  25 }
  26
  27 if (isset($_POST['cancel']))
  28 {
  29         $msg->addFeedback('CANCELLED');
  30         Header('Location: ../index.php');
  31         exit;
  32 }
  33
  34 if (isset($_POST['submit']))
  35 {
  36         $this_password = $_POST['form_password_hidden'];
  37
  38         // password check
  39         if (!empty($this_password))
  40         {
  41                 //check if old password entered is correct
  42                 if ($row = $_current_user->getInfo())
  43                 {
  44                         if ($row['password'] != $this_password)
  45                         {
  46                                 $msg->addError('WRONG_PASSWORD');
  47                                 Header('Location: change_email.php');
  48                                 exit;
  49                         }
  50                 }
  51         }
  52         else
  53         {
  54                 $msg->addError(array('EMPTY_FIELDS', _AT('password')));
  55                 header('Location: change_email.php');
  56                 exit;
  57         }
  58
  59         // email check
  60         if ($_POST['email'] == '')
  61         {
  62                 $msg->addError(array('EMPTY_FIELDS', _AT('email')));
  63         }
  64         else
  65         {
  66                 if(!preg_match("/^[a-z0-9\._-]+@+[a-z0-9\._-]+\.+[a-z]{2,6}$/i", $_POST['email']))
  67                 {
  68                         $msg->addError('EMAIL_INVALID');
  69                 }
  70
  71                 $usersDAO = new UsersDAO();
  72                 $row = $usersDAO->getUserByEmail($_POST['email']);
  73                 if ($row['user_id'] > 0 && $row['user_id'] <> $_SESSION['user_id'])
  74                 {
  75                         $msg->addError('EMAIL_EXISTS');
  76                 }
  77         }
  78
  79         if (!$msg->containsErrors())
  80         {
  81                 if (defined('TR_EMAIL_CONFIRMATION') && TR_EMAIL_CONFIRMATION)
  82                 {
  83                         //send confirmation email
  84                         $row    = $_current_user->getInfo();
  85
  86                         if ($row['email'] != $_POST['email']) {
  87                                 $code = substr(md5($_POST['email'] . $row['creation_date'] . $_SESSION['user_id']), 0, 10);
  88                                 $confirmation_link = TR_BASE_HREF . 'confirm.php?id='.$_SESSION['user_id'].SEP .'e='.urlencode($_POST['email']).SEP.'m='.$code;
  89
  90                                 /* send the email confirmation message: */
  91                                 require(TR_INCLUDE_PATH . 'classes/phpmailer/transformablemailer.class.php');
  92                                 $mail = new TransformableMailer();
  93
  94                                 $mail->From     = $_config['contact_email'];
  95                                 $mail->AddAddress($_POST['email']);
  96                                 $mail->Subject = SITE_NAME . ' - ' . _AT('email_confirmation_subject');
  97                                 $mail->Body    = _AT('email_confirmation_message2', $_config['site_name'], $confirmation_link);
  98
  99                                 $mail->Send();
 100
 101                                 $msg->addFeedback('CONFIRM_EMAIL');
 102                         } else {
 103                                 $msg->addFeedback('CHANGE_TO_SAME_EMAIL');
 104                         }
 105                 } else {
 106
 107                 //insert into database
 108                 $_current_user->setEmail($addslashes($_POST[email]));
 109
 110                 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
 111                 }
 112         }
 113 }
 114
 115 $row = $_current_user->getInfo();
 116
 117 if (!isset($_POST['submit'])) {
 118         $_POST = $row;
 119 }
 120
 121 /* template starts here */
 122 $savant->assign('row', $row);
 123 $savant->display('profile/change_email.tmpl.php');
 124
 125 ?>