+++ /dev/null
-<?php\r
-/*\r
-UserCake Version: 2.0.2\r
-http://usercake.com\r
-*/\r
-\r
-require_once("models/config.php");\r
-if (!securePage($_SERVER['PHP_SELF'])){die();}\r
-\r
-//Prevent the user visiting the logged in page if he is not logged in\r
-if(!isUserLoggedIn()) { header("Location: login.php"); die(); }\r
-\r
-if(!empty($_POST))\r
-{\r
- $errors = array();\r
- $successes = array();\r
- $password = $_POST["password"];\r
- $password_new = $_POST["passwordc"];\r
- $password_confirm = $_POST["passwordcheck"];\r
- \r
- $errors = array();\r
- $email = $_POST["email"];\r
- \r
- //Perform some validation\r
- //Feel free to edit / change as required\r
- \r
- //Confirm the hashes match before updating a users password\r
- $entered_pass = generateHash($password,$loggedInUser->hash_pw);\r
- \r
- if (trim($password) == ""){\r
- $errors[] = lang("ACCOUNT_SPECIFY_PASSWORD");\r
- }\r
- else if($entered_pass != $loggedInUser->hash_pw)\r
- {\r
- //No match\r
- $errors[] = lang("ACCOUNT_PASSWORD_INVALID");\r
- } \r
- if($email != $loggedInUser->email)\r
- {\r
- if(trim($email) == "")\r
- {\r
- $errors[] = lang("ACCOUNT_SPECIFY_EMAIL");\r
- }\r
- else if(!isValidEmail($email))\r
- {\r
- $errors[] = lang("ACCOUNT_INVALID_EMAIL");\r
- }\r
- else if(emailExists($email))\r
- {\r
- $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email)); \r
- }\r
- \r
- //End data validation\r
- if(count($errors) == 0)\r
- {\r
- $loggedInUser->updateEmail($email);\r
- $successes[] = lang("ACCOUNT_EMAIL_UPDATED");\r
- }\r
- }\r
- \r
- if ($password_new != "" OR $password_confirm != "")\r
- {\r
- if(trim($password_new) == "")\r
- {\r
- $errors[] = lang("ACCOUNT_SPECIFY_NEW_PASSWORD");\r
- }\r
- else if(trim($password_confirm) == "")\r
- {\r
- $errors[] = lang("ACCOUNT_SPECIFY_CONFIRM_PASSWORD");\r
- }\r
- else if(minMaxRange(8,50,$password_new))\r
- { \r
- $errors[] = lang("ACCOUNT_NEW_PASSWORD_LENGTH",array(8,50));\r
- }\r
- else if($password_new != $password_confirm)\r
- {\r
- $errors[] = lang("ACCOUNT_PASS_MISMATCH");\r
- }\r
- \r
- //End data validation\r
- if(count($errors) == 0)\r
- {\r
- //Also prevent updating if someone attempts to update with the same password\r
- $entered_pass_new = generateHash($password_new,$loggedInUser->hash_pw);\r
- \r
- if($entered_pass_new == $loggedInUser->hash_pw)\r
- {\r
- //Don't update, this fool is trying to update with the same password ¬¬\r
- $errors[] = lang("ACCOUNT_PASSWORD_NOTHING_TO_UPDATE");\r
- }\r
- else\r
- {\r
- //This function will create the new hash and update the hash_pw property.\r
- $loggedInUser->updatePassword($password_new);\r
- $successes[] = lang("ACCOUNT_PASSWORD_UPDATED");\r
- }\r
- }\r
- }\r
- if(count($errors) == 0 AND count($successes) == 0){\r
- $errors[] = lang("NOTHING_TO_UPDATE");\r
- }\r
-}\r
-\r
-require_once("models/header.php");\r
-echo "\r
-<body>\r
-<div id='wrapper'>\r
-<div id='top'><div id='logo'></div></div>\r
-<div id='content'>\r
-<h1>UserCake</h1>\r
-<h2>User Settings</h2>\r
-<div id='left-nav'>";\r
-include("left-nav.php");\r
-\r
-echo "\r
-</div>\r
-<div id='main'>";\r
-\r
-echo resultBlock($errors,$successes);\r
-\r
-echo "\r
-<div id='regbox'>\r
-<form name='updateAccount' action='".$_SERVER['PHP_SELF']."' method='post'>\r
-<p>\r
-<label>Password:</label>\r
-<input type='password' name='password' />\r
-</p>\r
-<p>\r
-<label>Email:</label>\r
-<input type='text' name='email' value='".$loggedInUser->email."' />\r
-</p>\r
-<p>\r
-<label>New Pass:</label>\r
-<input type='password' name='passwordc' />\r
-</p>\r
-<p>\r
-<label>Confirm Pass:</label>\r
-<input type='password' name='passwordcheck' />\r
-</p>\r
-<p>\r
-<label> </label>\r
-<input type='submit' value='Update' class='submit' />\r
-</p>\r
-</form>\r
-</div>\r
-</div>\r
-<div id='bottom'></div>\r
-</div>\r
-</body>\r
-</html>";\r
-\r
-?>\r