account.php 20.3 KB
Newer Older
Dries's avatar
Dries committed
1
<?
Dries's avatar
 
Dries committed
2

Dries's avatar
Dries committed
3
include "includes/theme.inc";
Dries's avatar
Dries committed
4

Dries's avatar
Dries committed
5
function account_get_user($uname) {
Dries's avatar
 
Dries committed
6 7 8 9
  $result = db_query("SELECT * FROM users WHERE userid = '$uname'");
  return db_fetch_object($result);
}

Dries's avatar
 
Dries committed
10
function account_login() {
Dries's avatar
Dries committed
11 12
  $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
  $output .= " <TABLE BORDER=\"0\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
Dries's avatar
 
Dries committed
13 14 15
  $output .= "  <TR><TH ALIGN=\"right\">Username:</TH><TD><INPUT NAME=\"userid\"></TD></TR>\n";
  $output .= "  <TR><TH ALIGN=\"right\">Password:</TH><TD><INPUT NAME=\"passwd\" TYPE=\"password\"></TD></TR>\n";
  $output .= "  <TR><TD ALIGN=\"right\" COLSPAN=\"2\"><INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"Login\"></TD></TR>\n";
Dries's avatar
 
Dries committed
16 17
  $output .= " </TABLE>\n";
  $output .= "</FORM>\n";
Dries's avatar
 
Dries committed
18 19
  $output .= "You don't have an account yet?  <A HREF=\"account.php?op=register\">Register</A> as new user.\n";

Dries's avatar
 
Dries committed
20
  return $output;
21
}
Dries's avatar
 
Dries committed
22

Dries's avatar
Dries committed
23 24
function account_session_start($userid, $passwd) {
  global $user;
Dries's avatar
 
Dries committed
25

Dries's avatar
Dries committed
26
  $user = new User($userid, $passwd);
Dries's avatar
 
Dries committed
27 28
  if ($user->id) {
    session_start();
Dries's avatar
Dries committed
29
    session_register("user");
Dries's avatar
 
Dries committed
30
    watchdog(1, "session opened for user `$user->userid'");
Dries's avatar
Dries committed
31 32
  }
  else {
Dries's avatar
 
Dries committed
33
    watchdog(2, "failed login for user `$userid'");
Dries's avatar
Dries committed
34 35 36 37 38
  }
}

function account_session_close() {
  global $user;  
Dries's avatar
 
Dries committed
39
  watchdog(1, "session closed for user `$user->userid'");
Dries's avatar
Dries committed
40 41 42 43 44 45 46 47
  session_unset();
  session_destroy();
  unset($user);
}

function account_user_edit() {
  global $theme, $user;

Dries's avatar
 
Dries committed
48
  if ($user->id) {
Dries's avatar
Dries committed
49 50
    ### Generate output/content:
    $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
Dries's avatar
 
Dries committed
51 52 53
    $output .= "<B>Username:</B><BR>\n";
    $output .= "&nbsp; $user->userid<P>\n";
    $output .= "<I>Required, unique, and can not be changed.</I><P>\n";
Dries's avatar
Dries committed
54 55 56 57
    $output .= "<B>Real name:</B><BR>\n";
    $output .= "<INPUT NAME=\"edit[name]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->name\"><BR>\n";
    $output .= "<I>Optional.</I><P>\n";
    $output .= "<B>Real e-mail address:</B><BR>\n";
Dries's avatar
 
Dries committed
58 59
    $output .= "&nbsp; $user->real_email<P>\n";
    $output .= "<I>Required, unique, can not be changed and is never displayed publicly: only needed in case you lose your password.</I><P>\n";
Dries's avatar
Dries committed
60
    $output .= "<B>Fake e-mail address:</B><BR>\n";
Dries's avatar
 
Dries committed
61 62
    $output .= "<INPUT NAME=\"edit[fake_email]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->fake_email\"><BR>\n";
    $output .= "<I>Optional, and displayed publicly. You may spam proof your real e-mail address if you want.</I><P>\n";
Dries's avatar
Dries committed
63 64 65 66 67 68 69 70 71 72
    $output .= "<B>URL of homepage:</B><BR>\n";
    $output .= "<INPUT NAME=\"edit[url]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->url\"><BR>\n";
    $output .= "<I>Optional, but make sure you enter fully qualified URLs only. That is, remember to include \"http://\".</I><P>\n";
    $output .= "<B>Bio:</B> (255 char. limit)<BR>\n";
    $output .= "<TEXTAREA NAME=\"edit[bio]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$user->bio</TEXTAREA><BR>\n";
    $output .= "<I>Optional. This biographical information is publicly displayed on your user page.</I><P>\n";
    $output .= "<B>Singature:</B> (255 char. limit)<BR>\n";
    $output .= "<TEXTAREA NAME=\"edit[signature]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$user->signature</TEXTAREA><BR>\n";
    $output .= "<I>Optional. This information will be publicly displayed at the end of your comments. </I><P>\n";
    $output .= "<B>Password:</B><BR>\n";
Dries's avatar
 
Dries committed
73
    $output .= "<INPUT TYPE=\"password\" NAME=\"edit[pass1]\" SIZE=\"10\" MAXLENGTH=\"20\"> <INPUT TYPE=\"password\" NAME=\"edit[pass2]\" SIZE=\"10\" MAXLENGTH=\"20\"><BR>\n";
Dries's avatar
Dries committed
74 75 76 77 78 79 80 81 82 83 84
    $output .= "<I>Enter your new password twice if you want to change your current password or leave it blank if you are happy with your current password.</I><P>\n";
    $output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save user information\"><BR>\n";
    $output .= "</FORM>\n";

    ### Display output/content:
    $theme->header();
    $theme->box("Edit your information", $output);
    $theme->footer();
  }
  else {
    $theme->header();
Dries's avatar
 
Dries committed
85
    $theme->box("Login", account_login()); 
Dries's avatar
Dries committed
86 87 88 89 90 91
    $theme->footer();
  }
}

function account_user_save($edit) {
  global $user;
Dries's avatar
 
Dries committed
92
  if ($user->id) {
Dries's avatar
Dries committed
93
    $data[name] = $edit[name];
Dries's avatar
 
Dries committed
94
    $data[fake_email] = $edit[fake_email];
Dries's avatar
Dries committed
95 96 97
    $data[url] = $edit[url];
    $data[bio] = $edit[bio];
    $data[signature] = $edit[signature];
Dries's avatar
 
Dries committed
98 99 100 101

    if ($edit[pass1] && $edit[pass1] == $edit[pass2]) $data[passwd] = $edit[pass1];

    user_save($data, $user->id);
Dries's avatar
Dries committed
102 103 104 105 106 107
  }
}

function account_page_edit() {
  global $theme, $themes, $user;

Dries's avatar
 
Dries committed
108
  if ($user->id) {
Dries's avatar
Dries committed
109 110 111 112
    $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
    $output .= "<B>Theme:</B><BR>\n";

    foreach ($themes as $key=>$value) { 
Dries's avatar
 
Dries committed
113
      $options1 .= " <OPTION VALUE=\"$key\"". (($user->theme == $key) ? " SELECTED" : "") .">$key - $value[1]</OPTION>\n";
Dries's avatar
Dries committed
114 115
    }

Dries's avatar
 
Dries committed
116
    $output .= "<SELECT NAME=\"edit[theme]\">\n$options1</SELECT><BR>\n";
Dries's avatar
Dries committed
117
    $output .= "<I>Selecting a different theme will change the look and feel of the site.</I><P>\n";
Dries's avatar
 
Dries committed
118 119 120 121 122 123 124 125 126
    $output .= "<B>Timezone:</B><BR>\n";

    $date = time() - date("Z");
    for ($zone = -43200; $zone <= 43200; $zone += 3600) {
      $options2 .= " <OPTION VALUE=\"$zone\"". (($user->timezone == $zone) ? " SELECTED" : "") .">". date("l, F dS, Y - h:i A", $date + $zone) ." (GMT ". $zone / 3600 .")</OPTION>\n";
    }

    $output .= "<SELECT NAME=\"edit[timezone]\">\n$options2</SELECT><BR>\n";
    $output .= "<I>Select what time you currently have and your timezone settings will be set appropriate.</I><P>\n";
Dries's avatar
Dries committed
127
    $output .= "<B>Maximum number of stories:</B><BR>\n";
Dries's avatar
 
Dries committed
128
    $output .= "<INPUT NAME=\"edit[stories]\" MAXLENGTH=\"3\" SIZE=\"3\" VALUE=\"$user->stories\"><P>\n";
Dries's avatar
Dries committed
129
    $output .= "<I>The maximum number of stories that will be displayed on the main page.</I><P>\n";
Dries's avatar
 
Dries committed
130 131 132
    $options  = "<OPTION VALUE=\"nested\"". ($user->mode == "nested" ? " SELECTED" : "") .">Nested</OPTION>";
    $options .= "<OPTION VALUE=\"flat\"". ($user->mode == "flat" ? " SELECTED" : "") .">Flat</OPTION>";
    $options .= "<OPTION VALUE=\"threaded\"". ($user->mode == "threaded" ? " SELECTED" : "") .">Threaded</OPTION>";
Dries's avatar
Dries committed
133
    $output .= "<B>Comment display mode:</B><BR>\n";
Dries's avatar
 
Dries committed
134 135 136 137
    $output .= "<SELECT NAME=\"edit[mode]\">$options</SELECT><P>\n";
    $options  = "<OPTION VALUE=\"0\"". ($user->sort == 0 ? " SELECTED" : "") .">Oldest first</OPTION>";
    $options .= "<OPTION VALUE=\"1\"". ($user->sort == 1 ? " SELECTED" : "") .">Newest first</OPTION>";
    $options .= "<OPTION VALUE=\"2\"". ($user->sort == 2 ? " SELECTED" : "") .">Highest scoring first</OPTION>";
Dries's avatar
Dries committed
138
    $output .= "<B>Comment sort order:</B><BR>\n";
Dries's avatar
 
Dries committed
139 140 141 142 143 144 145 146
    $output .= "<SELECT NAME=\"edit[sort]\">$options</SELECT><P>\n";
    $options  = "<OPTION VALUE=\"-1\"". ($user->threshold == -1 ? " SELECTED" : "") .">-1: Display uncut and raw comments.</OPTION>";
    $options .= "<OPTION VALUE=\"0\"". ($user->threshold == 0 ? " SELECTED" : "") .">0: Display almost all comments.</OPTION>";
    $options .= "<OPTION VALUE=\"1\"". ($user->threshold == 1 ? " SELECTED" : "") .">1: Display almost no anonymous comments.</OPTION>";
    $options .= "<OPTION VALUE=\"2\"". ($user->threshold == 2 ? " SELECTED" : "") .">2: Display comments with score +2 only.</OPTION>";
    $options .= "<OPTION VALUE=\"3\"". ($user->threshold == 3 ? " SELECTED" : "") .">3: Display comments with score +3 only.</OPTION>";
    $options .= "<OPTION VALUE=\"4\"". ($user->threshold == 4 ? " SELECTED" : "") .">4: Display comments with score +4 only.</OPTION>";
    $options .= "<OPTION VALUE=\"5\"". ($user->threshold == 5 ? " SELECTED" : "") .">5: Display comments with score +5 only.</OPTION>";
Dries's avatar
Dries committed
147
    $output .= "<B>Comment threshold:</B><BR>\n";
Dries's avatar
 
Dries committed
148
    $output .= "<SELECT NAME=\"edit[threshold]\">$options</SELECT><BR>\n";
Dries's avatar
Dries committed
149 150 151 152 153 154 155 156 157 158
    $output .= "<I>Comments that scored less than this setting will be ignored. Anonymous comments start at 0, comments of people logged on start at 1 and moderators can add and subtract points.</I><P>\n";
    $output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save page settings\"><BR>\n";
    $output .= "</FORM>\n";

    $theme->header();
    $theme->box("Customize your page", $output);
    $theme->footer();
  }
  else {
    $theme->header();
Dries's avatar
 
Dries committed
159
    $theme->box("Login", account_login()); 
Dries's avatar
Dries committed
160 161 162 163 164 165
    $theme->footer();
  }
}

function account_page_save($edit) {
  global $user;
Dries's avatar
 
Dries committed
166
  if ($user->id) {
Dries's avatar
Dries committed
167
    $data[theme] = $edit[theme];
Dries's avatar
 
Dries committed
168
    $data[timezone] = $edit[timezone];
Dries's avatar
 
Dries committed
169 170 171 172 173
    $data[stories] = $edit[stories];
    $data[mode] = $edit[mode];
    $data[sort] = $edit[sort];
    $data[threshold] = $edit[threshold];
    user_save($data, $user->id);
Dries's avatar
Dries committed
174
  }
175
}
Dries's avatar
 
Dries committed
176

Dries's avatar
Dries committed
177
function account_user($uname) {
Dries's avatar
 
Dries committed
178
  global $user, $theme;
Dries's avatar
 
Dries committed
179

Dries's avatar
 
Dries committed
180
  if ($user->id && $user->userid == $uname) {
Dries's avatar
 
Dries committed
181
    $output .= "<P>Welcome $user->userid! This is <B>your</B> user info page. There are many more, but this one is yours. You are probably most interested in editing something, but if you need to kill some time, this place is as good as any other place.</P>\n";
Dries's avatar
 
Dries committed
182
    $output .= "<TABLE BORDER=\"0\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
183 184
    $output .= " <TR><TD ALIGN=\"right\"><B>User ID:</B></TD><TD>$user->userid</TD></TR>\n";
    $output .= " <TR><TD ALIGN=\"right\"><B>Name:</B></TD><TD>". format_data($user->name) ."</TD></TR>\n";
Dries's avatar
 
Dries committed
185
    $output .= " <TR><TD ALIGN=\"right\"><B>E-mail:</B></TD><TD>". format_email($user->fake_email) ."</A></TD></TR>\n";
186 187 188
    $output .= " <TR><TD ALIGN=\"right\"><B>URL:</B></TD><TD>". format_url($user->url) ."</TD></TR>\n";
    $output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Bio:</B></TD><TD>". format_data($user->bio) ."</TD></TR>\n";
    $output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Signature:</B></TD><TD>". format_data($user->signature) ."</TD></TR>\n";
Dries's avatar
 
Dries committed
189
    $output .= "</TABLE>\n";
Dries's avatar
 
Dries committed
190 191

    ### Display account information:
Dries's avatar
 
Dries committed
192
    $theme->header();
193
    $theme->box("Your user information", $output);
Dries's avatar
 
Dries committed
194 195
    $theme->footer();
  }
Dries's avatar
Dries committed
196
  elseif ($uname && $account = account_get_user($uname)) {
Dries's avatar
 
Dries committed
197
    $box1 .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n";
198
    $box1 .= " <TR><TD ALIGN=\"right\"><B>Username:</B></TD><TD>$account->userid</TD></TR>\n";
Dries's avatar
 
Dries committed
199
    $box1 .= " <TR><TD ALIGN=\"right\"><B>E-mail:</B></TD><TD>". format_email($account->fake_email) ."</TD></TR>\n";
200 201
    $box1 .= " <TR><TD ALIGN=\"right\"><B>URL:</B></TD><TD>". format_url($account->url) ."</TD></TR>\n";
    $box1 .= " <TR><TD ALIGN=\"right\"><B>Bio:</B></TD><TD>". format_data($account->bio) ."</TD></TR>\n";
202 203 204 205
    $box1 .= "</TABLE>\n";

    $result = db_query("SELECT c.cid, c.pid, c.sid, c.subject, c.timestamp, s.subject AS story FROM comments c LEFT JOIN users u ON u.id = c.author LEFT JOIN stories s ON s.id = c.sid WHERE u.userid = '$uname' AND c.timestamp > ". (time() - 1209600) ." ORDER BY cid DESC LIMIT 10");
    while ($comment = db_fetch_object($result)) {
Dries's avatar
 
Dries committed
206
      $box2 .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n";
Dries's avatar
 
Dries committed
207
      $box2 .= " <TR><TD ALIGN=\"right\"><B>Comment:</B></TD><TD><A HREF=\"discussion.php?id=$comment->sid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A></TD></TR>\n";
Dries's avatar
 
Dries committed
208
      $box2 .= " <TR><TD ALIGN=\"right\"><B>Date:</B></TD><TD>". format_date($comment->timestamp) ."</TD></TR>\n";
Dries's avatar
 
Dries committed
209
      $box2 .= " <TR><TD ALIGN=\"right\"><B>Story:</B></TD><TD><A HREF=\"discussion.php?id=$comment->sid\">". check_output($comment->story) ."</A></TD></TR>\n";
Dries's avatar
 
Dries committed
210 211
      $box2 .= "</TABLE>\n";
      $box2 .= "<BR><BR>\n";
212 213
      $comments++;
    }
Dries's avatar
 
Dries committed
214

215 216
    $result = db_query("SELECT d.* FROM diaries d LEFT JOIN users u ON u.id = d.author WHERE u.userid = '$uname' AND d.timestamp > ". (time() - 1209600) ."  ORDER BY id DESC LIMIT 2");
    while ($diary = db_fetch_object($result)) {
Dries's avatar
 
Dries committed
217
      $box3 .= "<DL><DT><B>". date("l, F jS", $diary->timestamp) .":</B></DT><DD><P>". check_output($diary->text) ."</P><P>[ <A HREF=\"diary.php?op=view&name=$uname\">more</A> ]</P></DD></DL>\n";
218 219 220
      $diaries++;
    }
    
Dries's avatar
 
Dries committed
221
    ### Display account information:
Dries's avatar
 
Dries committed
222
    $theme->header();
223 224 225
    if ($box1) $theme->box("User information for $uname", $box1);
    if ($box2) $theme->box("$uname has posted ". format_plural($comments, "comment", "comments") ." recently", $box2);
    if ($box3) $theme->box("$uname has posted ". format_plural($diaries, "diary entry", "diary entries") ." recently", $box3);
Dries's avatar
 
Dries committed
226 227 228
    $theme->footer();
  }
  else { 
Dries's avatar
 
Dries committed
229
    ### Display login form:
Dries's avatar
 
Dries committed
230
    $theme->header();
Dries's avatar
 
Dries committed
231
    $theme->box("Login", account_login()); 
Dries's avatar
 
Dries committed
232
    $theme->footer();
Dries's avatar
Dries committed
233 234
  }
}
Dries's avatar
 
Dries committed
235

Dries's avatar
 
Dries committed
236 237
function account_validate($user) {
  include "includes/ban.inc";
Dries's avatar
Dries committed
238

Dries's avatar
 
Dries committed
239 240 241 242 243 244 245 246 247 248 249 250 251 252 253
  ### Verify username and e-mail address:
  $user[userid] = trim($user[userid]);
  if (empty($user[real_email]) || (!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $user[real_email]))) $error .= "<LI>the specified e-mail address is not valid.</LI>\n";
  if (empty($user[userid]) || (ereg("[^a-zA-Z0-9_-]", $user[userid]))) $error .= "<LI>the specified username is not valid.</LI>\n";
  if (strlen($user[userid]) > 15) $error .= "<LI>the specified username is too long: it must be less than 15 characters.</LI>\n";

  ### Check to see whether the username or e-mail address are banned:
  if ($ban = ban_match($user[userid], $type2index[usernames])) $error .= "<LI>the specified username is banned  for the following reason: <I>$ban->reason</I>.</LI>\n";
  if ($ban = ban_match($user[real_email], $type2index[addresses])) $error .= "<LI>the specified e-mail address is banned for the following reason: <I>$ban->reason</I>.</LI>\n";

  ### Verify whether username and e-mail address are unique:
  if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) $error .= "<LI>the specified username is already taken.</LI>\n";
  if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email)=LOWER('$user[real_email]')")) > 0) $error .= "<LI>the specified e-mail address is already registered.</LI>\n";

  return $error;
Dries's avatar
Dries committed
254 255
}

Dries's avatar
 
Dries committed
256
function account_register_enter($user = "", $error = "") {
257 258
  global $theme;

Dries's avatar
 
Dries committed
259 260 261 262 263 264 265
  if ($error) $output .= "<B><FONT COLOR=\"red\">Failed to register.</FONT>$error</B>\n";
  else $output .= "<P>Registering allows you to comment on stories, to moderate comments and pending stories, to maintain an online diary, to customize the look and feel of the site and generally helps you interact with the site more efficiently.</P><P>To create an account, simply fill out this form an click the `Register' button below.  An e-mail will then be sent to you with instructions on how to validate your account.</P>\n";

  $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n";
  $output .= "<P>\n";
  $output .= " <B>Username:</B><BR>\n";
  $output .= " <INPUT NAME=\"new[userid]\" VALUE=\"$new[userid]\"><BR>\n";
Dries's avatar
 
Dries committed
266
  $output .= " <SMALL><I>Enter your desired username: only letters, numbers and common special characters are allowed.</I></SMALL><BR>\n";
Dries's avatar
 
Dries committed
267 268 269 270 271 272 273 274 275
  $output .= "</P>\n";
  $output .= "<P>\n";
  $output .= " <B>E-mail address:</B><BR>\n";
  $output .= " <INPUT NAME=\"new[real_email]\" VALUE=\"$new[real_email]\"><BR>\n";
  $output .= " <SMALL><I>You will be sent instructions on how to validate your account via this e-mail address - please make sure it is accurate.</I></SMALL><BR>\n";
  $output .= "</P>\n";
  $output .= "<P>\n";
  $output .= " <INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"Register\">\n";
  $output .= "</P>\n";
Dries's avatar
 
Dries committed
276 277
  $output .= "</FORM>\n";

Dries's avatar
Dries committed
278
  $theme->header();
Dries's avatar
 
Dries committed
279
  $theme->box("Register as new user", $output);
Dries's avatar
Dries committed
280 281
  $theme->footer();
}
Dries's avatar
 
Dries committed
282

Dries's avatar
 
Dries committed
283
function account_register_submit($new) {
Dries's avatar
 
Dries committed
284 285
  global $theme, $mail, $sitename, $siteurl;
  
Dries's avatar
 
Dries committed
286 287 288 289 290 291 292
  if ($rval = account_validate($new)) { 
    account_register_enter($new, "$rval");
  }
  else {
    $new[passwd] = account_password();
    $new[status] = 1;
    $new[hash] = substr(md5("$new[userid]. ". time() .""), 0, 12);
Dries's avatar
 
Dries committed
293

Dries's avatar
 
Dries committed
294
    user_save($new);
Dries's avatar
Dries committed
295

Dries's avatar
 
Dries committed
296
    $link = $siteurl ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]";
Dries's avatar
 
Dries committed
297 298 299
    $message = "$new[userid],\n\n\nsomeone signed up for a user account on $sitename and supplied this email address as their contact.  If it wasn't you, don't get your panties in a knot and simply ignore this mail.\n\nIf this was you, you have to activate your account first before you can login.  You can do so simply by visiting the URL below:\n\n    $link\n\nVisiting this URL will automatically activate your account.  Once activated you can login using the following information:\n\n    username: $new[userid]\n    password: $new[passwd]\n\n\n-- $sitename crew\n";

    mail($new[real_email], "Account details for $sitename", $message, "From: noreply@$sitename");
Dries's avatar
 
Dries committed
300 301

    watchdog(1, "new user `$new[userid]' &lt;$new[real_email]&gt;");
Dries's avatar
 
Dries committed
302

Dries's avatar
 
Dries committed
303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338
    $theme->header();
    $theme->box("Account details", "Congratulations!  Your member account has been sucessfully created and further instructions on how to activate your account have been sent to your e-mail address.");
    $theme->footer();
  }
}

function account_register_confirm($name, $hash) {
  global $theme;

  $result = db_query("SELECT userid, hash, status FROM users WHERE userid = '$name'");

  if ($account = db_fetch_object($result)) {
    if ($account->status == 1) {
      if ($account->hash == $hash) {
        db_query("UPDATE users SET status = 2, hash = '' WHERE userid = '$name'");
        $output .= "Your account has been sucessfully confirmed.  You can click <A HREF=\"account.php?op=login\">here</A> to login.\n";
        watchdog(1, "$name: account confirmation sucessful");
      }
      else {
        $output .= "Confirmation failed: invalid confirmation hash.\n";
        watchdog(3, "$name: invalid confirmation hash");
      }
    }
    else {
      $output .= "Confirmation failed: your account has already been confirmed.  You can click <A HREF=\"account.php?op=login\">here</A> to login.\n";
      watchdog(3, "$name: attempt to re-confirm account");
    }
  }
  else {
    $output .= "Confirmation failed: no such account found.<BR>";
    watchdog(3, "$name: attempt to confirm non-existing account");
  }

  $theme->header();
  $theme->box("Account confirmation", $output);
  $theme->footer();
Dries's avatar
Dries committed
339
}
Dries's avatar
 
Dries committed
340

Dries's avatar
Dries committed
341
function account_password($min_length=6) {
342
  mt_srand((double)microtime() * 1000000);
Dries's avatar
 
Dries committed
343
  $words = array("foo","bar","guy","neo","tux","moo","sun","asm","dot","god","axe","geek","nerd","fish","hack","star","mice","warp","moon","hero","cola","girl","fish","java","perl","boss","dark","sith","jedi","drop","mojo");
Dries's avatar
 
Dries committed
344
  while(strlen($password) < $min_length) $password .= $words[mt_rand(0, count($words))];
345
  return $password;
Dries's avatar
Dries committed
346 347
}

Dries's avatar
Dries committed
348 349
function account_comments() {
  global $theme, $user;
Dries's avatar
 
Dries committed
350

Dries's avatar
 
Dries committed
351
  $info = "<P>This page might be helpful in case you want to keep track of your recent comments in any of the current discussions.  You are presented an overview of your comments in each of the stories you participated in along with the number of replies each comment got.\n<P>\n"; 
Dries's avatar
 
Dries committed
352 353 354 355

  $sresult = db_query("SELECT s.id, s.subject, COUNT(s.id) as count FROM comments c LEFT JOIN stories s ON c.sid = s.id WHERE c.author = $user->id GROUP BY s.id DESC LIMIT 5");
  
  while ($story = db_fetch_object($sresult)) {
Dries's avatar
 
Dries committed
356
    $output .= "<LI>". format_plural($story->count, comment, comments) ." in story `<A HREF=\"discussion.php?id=$story->id\">". check_output($story->subject) ."</A>`:</LI>\n";
Dries's avatar
 
Dries committed
357 358 359 360
    $output .= " <UL>\n";
   
    $cresult = db_query("SELECT * FROM comments WHERE author = $user->id AND sid = $story->id");
    while ($comment = db_fetch_object($cresult)) {
Dries's avatar
 
Dries committed
361
      $output .= "  <LI><A HREF=\"discussion.php?id=$story->id&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A> (<B>". format_plural(discussion_num_replies($comment->cid), "reply", "replies") ."</B>)</LI>\n";
Dries's avatar
 
Dries committed
362 363 364
    }
    $output .= " </UL>\n";
  }
Dries's avatar
 
Dries committed
365 366 367

  $output = ($output) ? "$info $output" : "$info <CENTER><B>You have not posted any comments recently.</B></CENTER>\n";

Dries's avatar
Dries committed
368 369 370
  $theme->header();
  $theme->box("Track your comments", $output);
  $theme->footer();
Dries's avatar
 
Dries committed
371 372
}

373
switch ($op) {
Dries's avatar
Dries committed
374
  case "Login":
Dries's avatar
Dries committed
375 376
    account_session_start($userid, $passwd);
    header("Location: account.php?op=info");
Dries's avatar
Dries committed
377
    break;
Dries's avatar
 
Dries committed
378 379 380 381 382 383 384 385
  case "register":
    account_register_enter();
    break;
  case "confirm":
    account_register_confirm($name, $hash);
    break;
  case "Register":
    account_register_submit($new);
Dries's avatar
Dries committed
386
    break;
Dries's avatar
 
Dries committed
387
  case "view":
Dries's avatar
Dries committed
388
    account_user($name);
Dries's avatar
 
Dries committed
389
    break;
390
  case "info":
Dries's avatar
Dries committed
391
    account_user($user->userid);
392
    break;
Dries's avatar
 
Dries committed
393
  case "discussion":
Dries's avatar
Dries committed
394
    account_comments();
Dries's avatar
 
Dries committed
395
    break;
natrak's avatar
natrak committed
396
  case "logout":
Dries's avatar
Dries committed
397 398
    account_session_close();
    header("Location: account.php");
Dries's avatar
Dries committed
399
    break;
400
  case "Register":
Dries's avatar
 
Dries committed
401
    account_register_submit($new);
Dries's avatar
Dries committed
402
    break;
Dries's avatar
 
Dries committed
403
  case "user":
Dries's avatar
Dries committed
404
    account_user_edit();
Dries's avatar
Dries committed
405
    break;
Dries's avatar
 
Dries committed
406
  case "page":
Dries's avatar
Dries committed
407
    account_page_edit();
Dries's avatar
Dries committed
408
    break;
409
  case "Save user information":
Dries's avatar
Dries committed
410 411
    account_user_save($edit);
    account_user($user->userid);
Dries's avatar
Dries committed
412
    break;
413
  case "Save page settings":
Dries's avatar
Dries committed
414
    account_page_save($edit);
415
    header("Location: account.php?op=info");
Dries's avatar
Dries committed
416
    break;
Dries's avatar
 
Dries committed
417
  default: 
Dries's avatar
Dries committed
418
    account_user($user->userid);
Dries's avatar
Dries committed
419
}
Dries's avatar
 
Dries committed
420

Dries's avatar
Dries committed
421
?>