diff options
| author |  cweiske | 2009-10-03 14:00:33 +0000 |
|---|---|---|
| committer | cweiske | 2009-10-03 14:00:33 +0000 |
| commit | 29422fa55379aa61a61019b832c83dab6d450264 (patch) | |
| tree | e5884ce6fed2cf1d02165a1b5667b99cd80262e5 /profile.php | |
| parent | b8b1d06b2d899658fae64d0de506439ca0ea067c (diff) | |
| download | scuttle-29422fa55379aa61a61019b832c83dab6d450264.tar.gz scuttle-29422fa55379aa61a61019b832c83dab6d450264.zip | |
move files to new locations
git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@386 b3834d28-1941-0410-a4f8-b48e95affb8f
Diffstat (limited to 'profile.php')
| -rw-r--r-- | profile.php | 129 |
1 files changed, 0 insertions, 129 deletions
diff --git a/profile.php b/profile.php deleted file mode 100644 index 2d00101..0000000 --- a/profile.php +++ /dev/null @@ -1,129 +0,0 @@ -<?php -/*************************************************************************** - Copyright (C) 2004 - 2006 Scuttle project - http://sourceforge.net/projects/scuttle/ - http://scuttle.org/ - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - ***************************************************************************/ - -require_once('header.inc.php'); - -/* Service creation: only useful services are created */ -// No specific services - -/* Managing all possible inputs */ -isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): define('POST_SUBMITTED', ''); -isset($_POST['pPass']) ? define('POST_PASS', $_POST['pPass']): define('POST_PASS', ''); -isset($_POST['pPassConf']) ? define('POST_PASSCONF', $_POST['pPassConf']): define('POST_PASSCONF', ''); -isset($_POST['pName']) ? define('POST_NAME', $_POST['pName']): define('POST_NAME', ''); -isset($_POST['pMail']) ? define('POST_MAIL', $_POST['pMail']): define('POST_MAIL', ''); -isset($_POST['pPage']) ? define('POST_PAGE', $_POST['pPage']): define('POST_PAGE', ''); -isset($_POST['pDesc']) ? define('POST_DESC', $_POST['pDesc']): define('POST_DESC', ''); - -isset($_POST['token']) ? define('POST_TOKEN', $_POST['token']): define('POST_TOKEN', ''); -isset($_SESSION['token']) ? define('SESSION_TOKEN', $_SESSION['token']): define('SESSION_TOKEN', ''); -isset($_SESSION['token_stamp']) ? define('SESSION_TOKENSTAMP', $_SESSION['token_stamp']): define('SESSION_TOKENSTAMP', ''); - - -@list($url, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL; - -if ($user) { - - if (is_int($user)) { - $userid = intval($user); - } else { - $user = urldecode($user); - $userinfo = $userservice->getObjectUserByUsername($user); - if ($userinfo == NULL) { - $tplVars['error'] = sprintf(T_('User with username %s was not found'), $user); - $templateservice->loadTemplate('error.404.tpl', $tplVars); - exit(); - } else { - $userid =& $userinfo->getId(); - } - } -} else { - $tplVars['error'] = T_('Username was not specified'); - $templateservice->loadTemplate('error.404.tpl', $tplVars); - exit(); -} - -if ($userservice->isLoggedOn() && $user == $currentUser->getUsername()) { - $title = T_('My Profile'); -} else { - $title = T_('Profile') .': '. $user; -} -$tplVars['pagetitle'] = $title; -$tplVars['subtitle'] = $title; - -$tplVars['user'] = $user; -$tplVars['userid'] = $userid; - -if (POST_SUBMITTED!='' && $currentUser->getId() == $userid) { - $error = false; - $detPass = trim(POST_PASS); - $detPassConf = trim(POST_PASSCONF); - $detName = trim(POST_NAME); - $detMail = trim(POST_MAIL); - $detPage = trim(POST_PAGE); - $detDesc = filter(POST_DESC); - - // manage token preventing from CSRF vulnaribilities - if ( SESSION_TOKEN == '' - || time() - SESSION_TOKENSTAMP > 600 //limit token lifetime, optionnal - || SESSION_TOKEN != POST_TOKEN) { - $error = true; - $tplVars['error'] = T_('Invalid Token'); - } - - if ($detPass != $detPassConf) { - $error = true; - $tplVars['error'] = T_('Password and confirmation do not match.'); - } - if ($detPass != "" && strlen($detPass) < 6) { - $error = true; - $tplVars['error'] = T_('Password must be at least 6 characters long.'); - } - if (!$userservice->isValidEmail($detMail)) { - $error = true; - $tplVars['error'] = T_('E-mail address is not valid.'); - } - if (!$error) { - if (!$userservice->updateUser($userid, $detPass, $detName, $detMail, $detPage, $detDesc)) { - $tplvars['error'] = T_('An error occurred while saving your changes.'); - } else { - $tplVars['msg'] = T_('Changes saved.'); - } - } - $userinfo = $userservice->getObjectUserByUsername($user); -} - -if (!$userservice->isLoggedOn() || $currentUser->getId() != $userid) { - $templatename = 'profile.tpl.php'; -} else { - //Token Init - $_SESSION['token'] = md5(uniqid(rand(), true)); - $_SESSION['token_stamp'] = time(); - - $templatename = 'editprofile.tpl.php'; - $tplVars['formaction'] = createURL('profile', $user); - $tplVars['token'] = $_SESSION['token']; - -} - -$tplVars['objectUser'] = $userinfo; -$templateservice->loadTemplate($templatename, $tplVars); -?> |