account.php 19.8 KB
Newer Older
Dries's avatar
Dries committed
1
<?
Dries's avatar
 
Dries committed
2

Dries's avatar
Dries committed
3
include "includes/theme.inc";
Dries's avatar
Dries committed
4

Dries's avatar
Dries committed
5
function account_get_user($uname) {
Dries's avatar
 
Dries committed
6 7 8 9
  $result = db_query("SELECT * FROM users WHERE userid = '$uname'");
  return db_fetch_object($result);
}

Dries's avatar
 
Dries committed
10
function account_login() {
Dries's avatar
Dries committed
11 12
  $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
  $output .= " <TABLE BORDER=\"0\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
Dries's avatar
 
Dries committed
13 14 15
  $output .= "  <TR><TH ALIGN=\"right\">Username:</TH><TD><INPUT NAME=\"userid\"></TD></TR>\n";
  $output .= "  <TR><TH ALIGN=\"right\">Password:</TH><TD><INPUT NAME=\"passwd\" TYPE=\"password\"></TD></TR>\n";
  $output .= "  <TR><TD ALIGN=\"right\" COLSPAN=\"2\"><INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"Login\"></TD></TR>\n";
Dries's avatar
 
Dries committed
16 17
  $output .= " </TABLE>\n";
  $output .= "</FORM>\n";
Dries's avatar
 
Dries committed
18 19
  $output .= "You don't have an account yet?  <A HREF=\"account.php?op=register\">Register</A> as new user.\n";

Dries's avatar
 
Dries committed
20
  return $output;
21
}
Dries's avatar
 
Dries committed
22

Dries's avatar
Dries committed
23 24
function account_session_start($userid, $passwd) {
  global $user;
Dries's avatar
 
Dries committed
25

Dries's avatar
Dries committed
26
  $user = new User($userid, $passwd);
Dries's avatar
 
Dries committed
27 28 29

  if ($user->id) {
    session_start();
Dries's avatar
Dries committed
30
    session_register("user");
Dries's avatar
 
Dries committed
31
    watchdog(1, "session opened for user `$user->userid'");
Dries's avatar
Dries committed
32 33
  }
  else {
Dries's avatar
 
Dries committed
34
    watchdog(2, "failed login for user `$userid'");
Dries's avatar
Dries committed
35 36 37 38 39
  }
}

function account_session_close() {
  global $user;  
Dries's avatar
 
Dries committed
40
  watchdog(1, "$user->userid: sucessful attempt to logout");
Dries's avatar
Dries committed
41 42 43 44 45 46 47 48
  session_unset();
  session_destroy();
  unset($user);
}

function account_user_edit() {
  global $theme, $user;

Dries's avatar
 
Dries committed
49
  if ($user->id) {
Dries's avatar
Dries committed
50 51
    ### Generate output/content:
    $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
Dries's avatar
 
Dries committed
52 53 54
    $output .= "<B>Username:</B><BR>\n";
    $output .= "&nbsp; $user->userid<P>\n";
    $output .= "<I>Required, unique, and can not be changed.</I><P>\n";
Dries's avatar
Dries committed
55 56 57 58
    $output .= "<B>Real name:</B><BR>\n";
    $output .= "<INPUT NAME=\"edit[name]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->name\"><BR>\n";
    $output .= "<I>Optional.</I><P>\n";
    $output .= "<B>Real e-mail address:</B><BR>\n";
Dries's avatar
 
Dries committed
59 60
    $output .= "&nbsp; $user->real_email<P>\n";
    $output .= "<I>Required, unique, can not be changed and is never displayed publicly: only needed in case you lose your password.</I><P>\n";
Dries's avatar
Dries committed
61
    $output .= "<B>Fake e-mail address:</B><BR>\n";
Dries's avatar
 
Dries committed
62 63
    $output .= "<INPUT NAME=\"edit[fake_email]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->fake_email\"><BR>\n";
    $output .= "<I>Optional, and displayed publicly. You may spam proof your real e-mail address if you want.</I><P>\n";
Dries's avatar
Dries committed
64 65 66 67 68 69 70 71 72 73
    $output .= "<B>URL of homepage:</B><BR>\n";
    $output .= "<INPUT NAME=\"edit[url]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->url\"><BR>\n";
    $output .= "<I>Optional, but make sure you enter fully qualified URLs only. That is, remember to include \"http://\".</I><P>\n";
    $output .= "<B>Bio:</B> (255 char. limit)<BR>\n";
    $output .= "<TEXTAREA NAME=\"edit[bio]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$user->bio</TEXTAREA><BR>\n";
    $output .= "<I>Optional. This biographical information is publicly displayed on your user page.</I><P>\n";
    $output .= "<B>Singature:</B> (255 char. limit)<BR>\n";
    $output .= "<TEXTAREA NAME=\"edit[signature]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$user->signature</TEXTAREA><BR>\n";
    $output .= "<I>Optional. This information will be publicly displayed at the end of your comments. </I><P>\n";
    $output .= "<B>Password:</B><BR>\n";
Dries's avatar
 
Dries committed
74
    $output .= "<INPUT TYPE=\"password\" NAME=\"edit[pass1]\" SIZE=\"10\" MAXLENGTH=\"20\"> <INPUT TYPE=\"password\" NAME=\"edit[pass2]\" SIZE=\"10\" MAXLENGTH=\"20\"><BR>\n";
Dries's avatar
Dries committed
75 76 77 78 79 80 81 82 83 84 85
    $output .= "<I>Enter your new password twice if you want to change your current password or leave it blank if you are happy with your current password.</I><P>\n";
    $output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save user information\"><BR>\n";
    $output .= "</FORM>\n";

    ### Display output/content:
    $theme->header();
    $theme->box("Edit your information", $output);
    $theme->footer();
  }
  else {
    $theme->header();
Dries's avatar
 
Dries committed
86
    $theme->box("Login", account_login()); 
Dries's avatar
Dries committed
87 88 89 90 91 92
    $theme->footer();
  }
}

function account_user_save($edit) {
  global $user;
Dries's avatar
 
Dries committed
93
  if ($user->id) {
Dries's avatar
Dries committed
94
    $data[name] = $edit[name];
Dries's avatar
 
Dries committed
95
    $data[fake_email] = $edit[fake_email];
Dries's avatar
Dries committed
96 97 98
    $data[url] = $edit[url];
    $data[bio] = $edit[bio];
    $data[signature] = $edit[signature];
Dries's avatar
 
Dries committed
99 100 101 102

    if ($edit[pass1] && $edit[pass1] == $edit[pass2]) $data[passwd] = $edit[pass1];

    user_save($data, $user->id);
Dries's avatar
Dries committed
103 104 105 106 107 108
  }
}

function account_page_edit() {
  global $theme, $themes, $user;

Dries's avatar
 
Dries committed
109
  if ($user->id) {
Dries's avatar
Dries committed
110 111 112 113 114 115 116 117 118 119 120 121
    ### Generate output/content:
    $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
    $output .= "<B>Theme:</B><BR>\n";

    ### Loop (dynamically) through all available themes:
    foreach ($themes as $key=>$value) { 
      $options .= "<OPTION VALUE=\"$key\"". (($user->theme == $key) ? " SELECTED" : "") .">$key - $value[1]</OPTION>";
    }

    $output .= "<SELECT NAME=\"edit[theme]\">$options</SELECT><BR>\n";
    $output .= "<I>Selecting a different theme will change the look and feel of the site.</I><P>\n";
    $output .= "<B>Maximum number of stories:</B><BR>\n";
Dries's avatar
 
Dries committed
122
    $output .= "<INPUT NAME=\"edit[stories]\" MAXLENGTH=\"3\" SIZE=\"3\" VALUE=\"$user->stories\"><P>\n";
Dries's avatar
Dries committed
123
    $output .= "<I>The maximum number of stories that will be displayed on the main page.</I><P>\n";
Dries's avatar
 
Dries committed
124 125 126
    $options  = "<OPTION VALUE=\"nested\"". ($user->mode == "nested" ? " SELECTED" : "") .">Nested</OPTION>";
    $options .= "<OPTION VALUE=\"flat\"". ($user->mode == "flat" ? " SELECTED" : "") .">Flat</OPTION>";
    $options .= "<OPTION VALUE=\"threaded\"". ($user->mode == "threaded" ? " SELECTED" : "") .">Threaded</OPTION>";
Dries's avatar
Dries committed
127
    $output .= "<B>Comment display mode:</B><BR>\n";
Dries's avatar
 
Dries committed
128 129 130 131
    $output .= "<SELECT NAME=\"edit[mode]\">$options</SELECT><P>\n";
    $options  = "<OPTION VALUE=\"0\"". ($user->sort == 0 ? " SELECTED" : "") .">Oldest first</OPTION>";
    $options .= "<OPTION VALUE=\"1\"". ($user->sort == 1 ? " SELECTED" : "") .">Newest first</OPTION>";
    $options .= "<OPTION VALUE=\"2\"". ($user->sort == 2 ? " SELECTED" : "") .">Highest scoring first</OPTION>";
Dries's avatar
Dries committed
132
    $output .= "<B>Comment sort order:</B><BR>\n";
Dries's avatar
 
Dries committed
133 134 135 136 137 138 139 140
    $output .= "<SELECT NAME=\"edit[sort]\">$options</SELECT><P>\n";
    $options  = "<OPTION VALUE=\"-1\"". ($user->threshold == -1 ? " SELECTED" : "") .">-1: Display uncut and raw comments.</OPTION>";
    $options .= "<OPTION VALUE=\"0\"". ($user->threshold == 0 ? " SELECTED" : "") .">0: Display almost all comments.</OPTION>";
    $options .= "<OPTION VALUE=\"1\"". ($user->threshold == 1 ? " SELECTED" : "") .">1: Display almost no anonymous comments.</OPTION>";
    $options .= "<OPTION VALUE=\"2\"". ($user->threshold == 2 ? " SELECTED" : "") .">2: Display comments with score +2 only.</OPTION>";
    $options .= "<OPTION VALUE=\"3\"". ($user->threshold == 3 ? " SELECTED" : "") .">3: Display comments with score +3 only.</OPTION>";
    $options .= "<OPTION VALUE=\"4\"". ($user->threshold == 4 ? " SELECTED" : "") .">4: Display comments with score +4 only.</OPTION>";
    $options .= "<OPTION VALUE=\"5\"". ($user->threshold == 5 ? " SELECTED" : "") .">5: Display comments with score +5 only.</OPTION>";
Dries's avatar
Dries committed
141
    $output .= "<B>Comment threshold:</B><BR>\n";
Dries's avatar
 
Dries committed
142
    $output .= "<SELECT NAME=\"edit[threshold]\">$options</SELECT><BR>\n";
Dries's avatar
Dries committed
143 144 145 146 147 148 149 150 151 152 153
    $output .= "<I>Comments that scored less than this setting will be ignored. Anonymous comments start at 0, comments of people logged on start at 1 and moderators can add and subtract points.</I><P>\n";
    $output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save page settings\"><BR>\n";
    $output .= "</FORM>\n";

    ### Display output/content:
    $theme->header();
    $theme->box("Customize your page", $output);
    $theme->footer();
  }
  else {
    $theme->header();
Dries's avatar
 
Dries committed
154
    $theme->box("Login", account_login()); 
Dries's avatar
Dries committed
155 156 157 158 159 160
    $theme->footer();
  }
}

function account_page_save($edit) {
  global $user;
Dries's avatar
 
Dries committed
161
  if ($user->id) {
Dries's avatar
Dries committed
162
    $data[theme] = $edit[theme];
Dries's avatar
 
Dries committed
163 164 165 166 167
    $data[stories] = $edit[stories];
    $data[mode] = $edit[mode];
    $data[sort] = $edit[sort];
    $data[threshold] = $edit[threshold];
    user_save($data, $user->id);
Dries's avatar
Dries committed
168
  }
169
}
Dries's avatar
 
Dries committed
170

Dries's avatar
Dries committed
171
function account_user($uname) {
Dries's avatar
 
Dries committed
172
  global $user, $theme;
Dries's avatar
 
Dries committed
173
  
Dries's avatar
 
Dries committed
174
  if ($user->id && $user->userid == $uname) {
Dries's avatar
 
Dries committed
175
    $output .= "<P>Welcome $user->userid! This is <B>your</B> user info page. There are many more, but this one is yours. You are probably most interested in editing something, but if you need to kill some time, this place is as good as any other place.</P>\n";
Dries's avatar
 
Dries committed
176
    $output .= "<TABLE BORDER=\"0\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
177 178
    $output .= " <TR><TD ALIGN=\"right\"><B>User ID:</B></TD><TD>$user->userid</TD></TR>\n";
    $output .= " <TR><TD ALIGN=\"right\"><B>Name:</B></TD><TD>". format_data($user->name) ."</TD></TR>\n";
Dries's avatar
 
Dries committed
179
    $output .= " <TR><TD ALIGN=\"right\"><B>E-mail:</B></TD><TD>". format_email_address($user->fake_email) ."</A></TD></TR>\n";
180 181 182
    $output .= " <TR><TD ALIGN=\"right\"><B>URL:</B></TD><TD>". format_url($user->url) ."</TD></TR>\n";
    $output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Bio:</B></TD><TD>". format_data($user->bio) ."</TD></TR>\n";
    $output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Signature:</B></TD><TD>". format_data($user->signature) ."</TD></TR>\n";
Dries's avatar
 
Dries committed
183
    $output .= "</TABLE>\n";
Dries's avatar
 
Dries committed
184 185

    ### Display account information:
Dries's avatar
 
Dries committed
186
    $theme->header();
187
    $theme->box("Your user information", $output);
Dries's avatar
 
Dries committed
188 189
    $theme->footer();
  }
Dries's avatar
Dries committed
190
  elseif ($uname && $account = account_get_user($uname)) {
Dries's avatar
 
Dries committed
191
    $box1 .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n";
192
    $box1 .= " <TR><TD ALIGN=\"right\"><B>Username:</B></TD><TD>$account->userid</TD></TR>\n";
Dries's avatar
 
Dries committed
193
    $box1 .= " <TR><TD ALIGN=\"right\"><B>E-mail:</B></TD><TD>". format_email_address($account->fake_email) ."</TD></TR>\n";
194 195
    $box1 .= " <TR><TD ALIGN=\"right\"><B>URL:</B></TD><TD>". format_url($account->url) ."</TD></TR>\n";
    $box1 .= " <TR><TD ALIGN=\"right\"><B>Bio:</B></TD><TD>". format_data($account->bio) ."</TD></TR>\n";
196 197 198 199
    $box1 .= "</TABLE>\n";

    $result = db_query("SELECT c.cid, c.pid, c.sid, c.subject, c.timestamp, s.subject AS story FROM comments c LEFT JOIN users u ON u.id = c.author LEFT JOIN stories s ON s.id = c.sid WHERE u.userid = '$uname' AND c.timestamp > ". (time() - 1209600) ." ORDER BY cid DESC LIMIT 10");
    while ($comment = db_fetch_object($result)) {
Dries's avatar
 
Dries committed
200 201 202 203 204 205
      $box2 .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n";
      $box2 .= " <TR><TD ALIGN=\"right\"><B>Comment:</B></TD><TD><A HREF=\"discussion.php?id=$comment->sid&cid=$comment->cid&pid=$comment->pid\">$comment->subject</A></TD></TR>\n";
      $box2 .= " <TR><TD ALIGN=\"right\"><B>Date:</B></TD><TD>". format_date($comment->timestamp) ."</TD></TR>\n";
      $box2 .= " <TR><TD ALIGN=\"right\"><B>Story:</B></TD><TD><A HREF=\"discussion.php?id=$comment->sid\">$comment->story</A></TD></TR>\n";
      $box2 .= "</TABLE>\n";
      $box2 .= "<BR><BR>\n";
206 207
      $comments++;
    }
Dries's avatar
 
Dries committed
208

209 210
    $result = db_query("SELECT d.* FROM diaries d LEFT JOIN users u ON u.id = d.author WHERE u.userid = '$uname' AND d.timestamp > ". (time() - 1209600) ."  ORDER BY id DESC LIMIT 2");
    while ($diary = db_fetch_object($result)) {
Dries's avatar
 
Dries committed
211
      $box3 .= "<DL><DT><B>". date("l, F jS", $diary->timestamp) .":</B></DT><DD><P>". check_output($diary->text) ."</P><P>[ <A HREF=\"diary.php?op=view&name=$uname\">more</A> ]</P></DD></DL>\n";
212 213 214
      $diaries++;
    }
    
Dries's avatar
 
Dries committed
215
    ### Display account information:
Dries's avatar
 
Dries committed
216
    $theme->header();
217 218 219
    if ($box1) $theme->box("User information for $uname", $box1);
    if ($box2) $theme->box("$uname has posted ". format_plural($comments, "comment", "comments") ." recently", $box2);
    if ($box3) $theme->box("$uname has posted ". format_plural($diaries, "diary entry", "diary entries") ." recently", $box3);
Dries's avatar
 
Dries committed
220 221 222
    $theme->footer();
  }
  else { 
Dries's avatar
 
Dries committed
223
    ### Display login form:
Dries's avatar
 
Dries committed
224
    $theme->header();
Dries's avatar
 
Dries committed
225
    $theme->box("Login", account_login()); 
Dries's avatar
 
Dries committed
226
    $theme->footer();
Dries's avatar
Dries committed
227 228
  }
}
Dries's avatar
 
Dries committed
229

Dries's avatar
 
Dries committed
230 231
function account_validate($user) {
  include "includes/ban.inc";
Dries's avatar
Dries committed
232

Dries's avatar
 
Dries committed
233 234 235 236 237 238 239 240 241 242 243 244 245 246 247
  ### Verify username and e-mail address:
  $user[userid] = trim($user[userid]);
  if (empty($user[real_email]) || (!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $user[real_email]))) $error .= "<LI>the specified e-mail address is not valid.</LI>\n";
  if (empty($user[userid]) || (ereg("[^a-zA-Z0-9_-]", $user[userid]))) $error .= "<LI>the specified username is not valid.</LI>\n";
  if (strlen($user[userid]) > 15) $error .= "<LI>the specified username is too long: it must be less than 15 characters.</LI>\n";

  ### Check to see whether the username or e-mail address are banned:
  if ($ban = ban_match($user[userid], $type2index[usernames])) $error .= "<LI>the specified username is banned  for the following reason: <I>$ban->reason</I>.</LI>\n";
  if ($ban = ban_match($user[real_email], $type2index[addresses])) $error .= "<LI>the specified e-mail address is banned for the following reason: <I>$ban->reason</I>.</LI>\n";

  ### Verify whether username and e-mail address are unique:
  if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) $error .= "<LI>the specified username is already taken.</LI>\n";
  if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email)=LOWER('$user[real_email]')")) > 0) $error .= "<LI>the specified e-mail address is already registered.</LI>\n";

  return $error;
Dries's avatar
Dries committed
248 249
}

Dries's avatar
 
Dries committed
250
function account_register_enter($user = "", $error = "") {
251 252
  global $theme;

Dries's avatar
 
Dries committed
253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269
  if ($error) $output .= "<B><FONT COLOR=\"red\">Failed to register.</FONT>$error</B>\n";
  else $output .= "<P>Registering allows you to comment on stories, to moderate comments and pending stories, to maintain an online diary, to customize the look and feel of the site and generally helps you interact with the site more efficiently.</P><P>To create an account, simply fill out this form an click the `Register' button below.  An e-mail will then be sent to you with instructions on how to validate your account.</P>\n";

  $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
  $output .= "<P>\n";
  $output .= " <B>Username:</B><BR>\n";
  $output .= " <INPUT NAME=\"new[userid]\" VALUE=\"$new[userid]\"><BR>\n";
  $output .= " <SMALL><I>Enter your desired username: only letters, numbers and some special characters are allowed.</I></SMALL><BR>\n";
  $output .= "</P>\n";
  $output .= "<P>\n";
  $output .= " <B>E-mail address:</B><BR>\n";
  $output .= " <INPUT NAME=\"new[real_email]\" VALUE=\"$new[real_email]\"><BR>\n";
  $output .= " <SMALL><I>You will be sent instructions on how to validate your account via this e-mail address - please make sure it is accurate.</I></SMALL><BR>\n";
  $output .= "</P>\n";
  $output .= "<P>\n";
  $output .= " <INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"Register\">\n";
  $output .= "</P>\n";
Dries's avatar
 
Dries committed
270 271
  $output .= "</FORM>\n";

Dries's avatar
Dries committed
272
  $theme->header();
Dries's avatar
 
Dries committed
273
  $theme->box("Register as new user", $output);
Dries's avatar
Dries committed
274 275
  $theme->footer();
}
Dries's avatar
 
Dries committed
276

Dries's avatar
 
Dries committed
277 278
function account_register_submit($new) {
  global $theme, $mail, $sitename;
Dries's avatar
 
Dries committed
279

Dries's avatar
 
Dries committed
280 281 282 283 284 285 286
  if ($rval = account_validate($new)) { 
    account_register_enter($new, "$rval");
  }
  else {
    $new[passwd] = account_password();
    $new[status] = 1;
    $new[hash] = substr(md5("$new[userid]. ". time() .""), 0, 12);
Dries's avatar
 
Dries committed
287

Dries's avatar
 
Dries committed
288
    user_save($new);
Dries's avatar
Dries committed
289

Dries's avatar
 
Dries committed
290 291 292 293 294 295
    $link = "http://". getenv("HOSTNAME") ."/account.php?op=confirm&name=$new[userid]&hash=$new[hash]";
    $message = "$new[userid],\n\n\nsomeone signed up for a user account on $sitename and supplied this email address as their contact.  If it wasn't you, don't get your panties in a knot and simply ignore this mail.\n\nIf this was you, you have to activate your account first before you can login.  You can activate your account by visiting the URL below:\n\n    $link\n\nVisiting this URL will automatically activate your account.  Once activated you can login using the following information:\n\n    username: $new[userid]\n    password: $new[passwd]\n\n\n-- $sitename crew\n";
    // mail($new[real_email], "Account details for $sitename", $message, "From: noreply@$sitename");
    print "<PRE>$message</PRE>\n";

    watchdog(1, "new user `$new[userid]' &lt;$new[real_email]&gt;");
Dries's avatar
 
Dries committed
296

Dries's avatar
 
Dries committed
297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332
    $theme->header();
    $theme->box("Account details", "Congratulations!  Your member account has been sucessfully created and further instructions on how to activate your account have been sent to your e-mail address.");
    $theme->footer();
  }
}

function account_register_confirm($name, $hash) {
  global $theme;

  $result = db_query("SELECT userid, hash, status FROM users WHERE userid = '$name'");

  if ($account = db_fetch_object($result)) {
    if ($account->status == 1) {
      if ($account->hash == $hash) {
        db_query("UPDATE users SET status = 2, hash = '' WHERE userid = '$name'");
        $output .= "Your account has been sucessfully confirmed.  You can click <A HREF=\"account.php?op=login\">here</A> to login.\n";
        watchdog(1, "$name: account confirmation sucessful");
      }
      else {
        $output .= "Confirmation failed: invalid confirmation hash.\n";
        watchdog(3, "$name: invalid confirmation hash");
      }
    }
    else {
      $output .= "Confirmation failed: your account has already been confirmed.  You can click <A HREF=\"account.php?op=login\">here</A> to login.\n";
      watchdog(3, "$name: attempt to re-confirm account");
    }
  }
  else {
    $output .= "Confirmation failed: no such account found.<BR>";
    watchdog(3, "$name: attempt to confirm non-existing account");
  }

  $theme->header();
  $theme->box("Account confirmation", $output);
  $theme->footer();
Dries's avatar
Dries committed
333
}
Dries's avatar
 
Dries committed
334

Dries's avatar
Dries committed
335
function account_password($min_length=6) {
336
  mt_srand((double)microtime() * 1000000);
Dries's avatar
 
Dries committed
337
  $words = array("foo","bar","guy","neo","tux","moo","sun","asm","dot","god","axe","geek","nerd","fish","hack","star","mice","warp","moon","hero","cola","girl","fish","java","perl","boss","dark","sith","jedi","drop","mojo");
Dries's avatar
 
Dries committed
338
  while(strlen($password) < $min_length) $password .= $words[mt_rand(0, count($words))];
339
  return $password;
Dries's avatar
Dries committed
340 341
}

Dries's avatar
Dries committed
342 343
function account_comments() {
  global $theme, $user;
Dries's avatar
 
Dries committed
344

Dries's avatar
 
Dries committed
345
  $info = "<P>This page might be helpful in case you want to keep track of your most recent comments in any of the discussions.  You are given an overview of your comments in each of the stories you participates in along with the number of replies each comment got.\n<P>\n"; 
Dries's avatar
 
Dries committed
346 347 348 349

  $sresult = db_query("SELECT s.id, s.subject, COUNT(s.id) as count FROM comments c LEFT JOIN stories s ON c.sid = s.id WHERE c.author = $user->id GROUP BY s.id DESC LIMIT 5");
  
  while ($story = db_fetch_object($sresult)) {
Dries's avatar
 
Dries committed
350
    $output .= "<LI>". format_plural($story->count, comment, comments) ." in story `<A HREF=\"discussion.php?id=$story->id\">$story->subject</A>`:</LI>\n";
Dries's avatar
 
Dries committed
351 352 353 354
    $output .= " <UL>\n";
   
    $cresult = db_query("SELECT * FROM comments WHERE author = $user->id AND sid = $story->id");
    while ($comment = db_fetch_object($cresult)) {
Dries's avatar
 
Dries committed
355
      $output .= "  <LI><A HREF=\"discussion.php?id=$story->id&cid=$comment->cid&pid=$comment->pid\">$comment->subject</A> (<B>". format_plural(discussion_num_replies($comment->cid), "reply", "replies") ."</B>)</LI>\n";
Dries's avatar
 
Dries committed
356 357 358
    }
    $output .= " </UL>\n";
  }
Dries's avatar
 
Dries committed
359 360 361

  $output = ($output) ? "$info $output" : "$info <CENTER><B>You have not posted any comments recently.</B></CENTER>\n";

Dries's avatar
Dries committed
362 363 364
  $theme->header();
  $theme->box("Track your comments", $output);
  $theme->footer();
Dries's avatar
 
Dries committed
365 366
}

367
switch ($op) {
Dries's avatar
Dries committed
368
  case "Login":
Dries's avatar
Dries committed
369 370
    account_session_start($userid, $passwd);
    header("Location: account.php?op=info");
Dries's avatar
Dries committed
371
    break;
Dries's avatar
 
Dries committed
372 373 374 375 376 377 378 379
  case "register":
    account_register_enter();
    break;
  case "confirm":
    account_register_confirm($name, $hash);
    break;
  case "Register":
    account_register_submit($new);
Dries's avatar
Dries committed
380
    break;
Dries's avatar
 
Dries committed
381
  case "view":
Dries's avatar
Dries committed
382
    account_user($name);
Dries's avatar
 
Dries committed
383
    break;
384
  case "info":
Dries's avatar
Dries committed
385
    account_user($user->userid);
386
    break;
Dries's avatar
 
Dries committed
387
  case "discussion":
Dries's avatar
Dries committed
388
    account_comments();
Dries's avatar
 
Dries committed
389
    break;
natrak's avatar
natrak committed
390
  case "logout":
Dries's avatar
Dries committed
391 392
    account_session_close();
    header("Location: account.php");
Dries's avatar
Dries committed
393
    break;
394
  case "Register":
Dries's avatar
 
Dries committed
395
    account_register_submit($new);
Dries's avatar
Dries committed
396
    break;
Dries's avatar
 
Dries committed
397
  case "user":
Dries's avatar
Dries committed
398
    account_user_edit();
Dries's avatar
Dries committed
399
    break;
Dries's avatar
 
Dries committed
400
  case "page":
Dries's avatar
Dries committed
401
    account_page_edit();
Dries's avatar
Dries committed
402
    break;
403
  case "Save user information":
Dries's avatar
Dries committed
404 405
    account_user_save($edit);
    account_user($user->userid);
Dries's avatar
Dries committed
406
    break;
407
  case "Save page settings":
Dries's avatar
Dries committed
408
    account_page_save($edit);
409
    header("Location: account.php?op=info");
Dries's avatar
Dries committed
410
    break;
Dries's avatar
 
Dries committed
411
  default: 
Dries's avatar
Dries committed
412
    account_user($user->userid);
Dries's avatar
Dries committed
413
}
Dries's avatar
 
Dries committed
414

Dries's avatar
Dries committed
415
?>