Copyright (C) 2005 James Grant Copyright (C) 2007 David Grant This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, version 2. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; see the file COPYING. If not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ ?> $x)); exit; case 'save': $a = account_load($accounts_id); /* Since we're using input validation we dont' have to report errors back to the user, the validator * should catch them all, so we'll just go ahead and save (or error out) */ debug_(print_r($_POST), true); $email = trim($_POST['email']); $username_link = ($_POST['username_link'] == 'yes') ? true : false; $username = $username_link ? $email : trim($_POST['username']); if(array_key_exists('email', $_POST)) { /* If this key doesn't exist, don't even try to update the email or the usename, the * user is in a "must date their password" mode */ if($a['email'] != $email && $email != '') { $save = true; /* Change email */ if(!account_valid_email($email)) { error_('Invalid email address'); $save = false; } if($save) { // action_create_set_email($accounts_id, $email); happy_("An email has been sent to %1 to confirm the new email address", array($email)); } } /* Update link */ $x = ($a['link_username_to_email'] == 'yes') ? true : false; if($x != $username_link) { $l = $username_link ? 'yes' : 'no'; mysql_query("UPDATE accounts SET link_username_to_email='$l' WHERE id=$accounts_id"); } /* Update username */ if($a['username'] != $username) { if(user_account_check_username($accounts_id, $username)) { /* Update it */ $u = mysql_real_escape_string($username); mysql_query("UPDATE accounts SET username='$u' WHERE id=$accounts_id"); happy_("Username updated"); } } } $pass1 = $_POST['pass1']; $pass2 = $_POST['pass2']; if($pass1!='' || $pass2!='') { $pass = mysql_escape_string($pass1); //first, lets see if they choose the same password again (bad bad bad) $q=mysql_query("SELECT password FROM accounts WHERE id='$accounts_id' AND password='$pass'"); $save = false; /* All of this, except matching the previous password, is checked * by the form validator */ if(mysql_num_rows($q)) error_("You cannot choose the same password again. Please choose a different password"); else if($pass1 == '') error_("New Password is required"); else if($pass1 != $pass2) error_("Passwords do not match"); else if(account_valid_password($pass1) == false) error_("The password contains invalid characters or is not long enough"); else { account_set_password($_SESSION['accounts_id'], $pass); unset($_SESSION['password_expired']); happy_('Password has been successfully updated'); } } /* Forward to the request_uri if it's set */ if(isset($_SESSION['request_uri'])) { $link = $_SESSION['request_uri']; unset($_SESSION['request_uri']); ?> "user_main.php") ,"change_password" ); $a = account_load($accounts_id); $d = ''; $email = $a['email']; $username_link = ($a['link_username_to_email'] == 'yes') ? 'checked="checked"' : ''; $username = $email; if($_SESSION['password_expired'] == true) { echo error(i18n('Your password has expired. You must choose a new password now.')); $d = 'disabled="disabled"'; $validator_passreq = 'required: true,'; echo "drect to: {$_SESSION['request_uri']}";; } ?>
name="email" type="text" size="20" value="">


: id="username" name=username type="text" size="20" value="">
type="checkbox" name="username_link" value="yes" />




" />