/
account_update.php
78 lines (64 loc) · 2.38 KB
/
account_update.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
<?php
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
# Copyright (C) 2002 - 2004 Mantis Team - mantisbt-dev@lists.sourceforge.net
# This program is distributed under the terms and conditions of the GPL
# See the README and LICENSE files for details
# --------------------------------------------------------
# $Id: account_update.php,v 1.35 2004-05-26 02:28:55 int2str Exp $
# --------------------------------------------------------
?>
<?php
# This page updates a user's information
# If an account is protected then changes are forbidden
# The page gets redirected back to account_page.php
?>
<?php
require_once( 'core.php' );
$t_core_path = config_get( 'core_path' );
require_once( $t_core_path.'email_api.php' );
?>
<?php
auth_ensure_user_authenticated();
current_user_ensure_unprotected();
?>
<?php
$f_email = gpc_get_string( 'email', '' );
$f_password = gpc_get_string( 'password', '' );
$f_password_confirm = gpc_get_string( 'password_confirm', '' );
$f_realname = gpc_get_string( 'realname', '' );
$f_email = email_append_domain( $f_email );
# get the user id once, so that if we decide in the future to enable this for
# admins / managers to change details of other users.
$t_user_id = auth_get_current_user_id();
$t_redirect = 'account_page.php';
html_page_top1();
html_meta_redirect( $t_redirect );
html_page_top2();
echo '<br /><div align="center">';
# @@@ Listing what fields were updated is not standard behaviour of Mantis
# it also complicates the code.
echo lang_get( 'operation_successful' ) . '<br />';
if ( $f_email != user_get_email( $t_user_id ) ) {
user_set_email( $t_user_id, $f_email );
echo lang_get( 'email_updated' ) . '<br />';
}
if ( $f_realname != user_get_name( $t_user_id ) ) {
user_set_realname( $t_user_id, $f_realname );
echo lang_get( 'realname_updated' ) . '<br />';
}
# Update password if the two match and are not empty
if ( !is_blank( $f_password ) ) {
if ( $f_password != $f_password_confirm ) {
trigger_error( ERROR_USER_CREATE_PASSWORD_MISMATCH, ERROR );
} else {
if ( !auth_does_password_match( $t_user_id, $f_password ) ) {
user_set_password( $t_user_id, $f_password );
echo lang_get( 'password_updated' ) . '<br />';
}
}
}
print_bracket_link( $t_redirect, lang_get( 'proceed' ) );
echo '</div>';
html_page_bottom1( __FILE__ );
?>