2003-02-19 20:34:33 +00:00
|
|
|
<?php
|
|
|
|
|
2005-02-13 06:13:33 +00:00
|
|
|
require_once("../inc/db.inc");
|
|
|
|
require_once("../inc/util.inc");
|
|
|
|
require_once("../inc/email.inc");
|
|
|
|
require_once("../inc/user.inc");
|
2003-02-19 20:34:33 +00:00
|
|
|
|
2005-02-15 22:29:32 +00:00
|
|
|
db_init();
|
|
|
|
$user = get_logged_in_user();
|
2003-02-19 20:34:33 +00:00
|
|
|
|
2005-08-07 01:33:15 +00:00
|
|
|
$email_addr = strtolower(process_user_text(post_str("email_addr")));
|
2005-10-03 22:16:32 +00:00
|
|
|
$passwd = process_user_text(post_str("passwd", true));
|
2005-08-27 20:49:05 +00:00
|
|
|
|
|
|
|
page_head("Change email address of account");
|
2003-02-19 20:34:33 +00:00
|
|
|
|
2005-08-07 01:33:15 +00:00
|
|
|
if (!is_valid_email_addr($email_addr)) {
|
2005-08-27 20:49:05 +00:00
|
|
|
echo "New email address '$email_addr' is invalid";
|
2005-02-15 22:29:32 +00:00
|
|
|
} else if ($email_addr == $user->email_addr) {
|
2005-08-27 20:49:05 +00:00
|
|
|
echo "New email address is same as existing address; no change.";
|
2005-02-15 22:29:32 +00:00
|
|
|
} else {
|
2005-08-07 01:33:15 +00:00
|
|
|
$existing = lookup_user_email_addr($email_addr);
|
2005-02-15 22:29:32 +00:00
|
|
|
if ($existing) {
|
|
|
|
echo "There's already an account with that email address";
|
2003-02-19 20:34:33 +00:00
|
|
|
} else {
|
2005-08-27 20:49:05 +00:00
|
|
|
$passwd_hash = md5($passwd.$user->email_addr);
|
2005-10-03 22:16:32 +00:00
|
|
|
|
|
|
|
// deal with the case where user hasn't set passwd
|
|
|
|
// (i.e. passwd is account key)
|
|
|
|
//
|
|
|
|
if ($passwd_hash != $user->passwd_hash) {
|
|
|
|
$passwd = $user->authenticator;
|
|
|
|
$passwd_hash = md5($passwd.$user->email_addr);
|
|
|
|
}
|
2005-08-27 20:49:05 +00:00
|
|
|
if ($passwd_hash != $user->passwd_hash) {
|
|
|
|
echo "Invalid password.";
|
2003-02-19 20:34:33 +00:00
|
|
|
} else {
|
2005-08-27 20:49:05 +00:00
|
|
|
$passwd_hash = md5($passwd.$email_addr);
|
|
|
|
$query = "update user set email_addr='$email_addr', passwd_hash='$passwd_hash', email_validated=0 where id=$user->id";
|
|
|
|
$result = mysql_query($query);
|
|
|
|
if ($result) {
|
|
|
|
echo "
|
|
|
|
The email address of your account is now
|
|
|
|
$email_addr.
|
|
|
|
<p>
|
2006-02-06 19:26:42 +00:00
|
|
|
We have sent an email message to that address.
|
2005-08-27 20:49:05 +00:00
|
|
|
<p>
|
|
|
|
To validate the new address, visit the link in the email.
|
|
|
|
";
|
|
|
|
send_verify_email($user->email_addr, $email_addr, $user);
|
|
|
|
} else {
|
|
|
|
echo "
|
|
|
|
We can't update your email address
|
|
|
|
due to a database problem. Please try again later.
|
|
|
|
";
|
|
|
|
}
|
2003-02-19 20:34:33 +00:00
|
|
|
}
|
|
|
|
}
|
2005-02-15 22:29:32 +00:00
|
|
|
}
|
2003-02-19 20:34:33 +00:00
|
|
|
|
2005-02-15 22:29:32 +00:00
|
|
|
page_tail();
|
2003-02-19 20:34:33 +00:00
|
|
|
|
|
|
|
?>
|