Copyright 2002, 2003 David DELON Copyright 2002, 2003 Charles NEPOTE Copyright 2002 Patrick PAUL All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ if (!isset($_REQUEST["action"])) $_REQUEST["action"] = ''; if ($_REQUEST["action"] == "logout") { $this->LogoutUser(); $this->SetMessage("Vous êtes maintenant déconnecté !"); $this->Redirect($this->href()); } else if ($user = $this->GetUser()) { // is user trying to update? if ($_REQUEST["action"] == "update") { $this->Query("update ".$this->config["table_prefix"]."users set ". "email = '".mysql_escape_string($_POST["email"])."', ". "doubleclickedit = '".mysql_escape_string($_POST["doubleclickedit"])."', ". "show_comments = '".mysql_escape_string($_POST["show_comments"])."', ". "revisioncount = '".mysql_escape_string($_POST["revisioncount"])."', ". "changescount = '".mysql_escape_string($_POST["changescount"])."', ". "motto = '".mysql_escape_string($_POST["motto"])."' ". "where name = '".$user["name"]."' limit 1"); $this->SetUser($this->LoadUser($user["name"])); // forward $this->SetMessage("Paramètres sauvegardés !"); $this->Redirect($this->href()); } if ($_REQUEST["action"] == "changepass") { // check password $password = $_POST["password"]; if (preg_match("/ /", $password)) $error = "Les espaces ne sont pas permis dans les mots de passe."; else if (strlen($password) < 5) $error = "Mot de passe trop court."; else if ($user["password"] != md5($_POST["oldpass"])) $error = "Mauvais mot de passe."; else { $this->Query("update ".$this->config["table_prefix"]."users set "."password = md5('".mysql_escape_string($password)."') "."where name = '".$user["name"]."'"); $this->SetMessage("Mot de passe changé !"); $user["password"]=md5($password); $this->SetUser($user); $this->Redirect($this->href()); } } // user is logged in; display config form echo $this->FormOpen(); ?> FormClose(); echo $this->FormOpen(); ?> \n"; } ?>

	Bonjour, Link($user["name"]) ?> !
Votre adresse de messagerie électronique :	" size="40" />
Édition en double-cliquant :	/>
Par défaut, montrer les commentaires :	/>
Nombre maximum de derniers commentaires :	" size="40" />
Nombre maximum de versions :	" size="40" />
Votre devise :	" size="40" />
	'" />

	Format("Changement de mot de passe"); ?>
	", $this->Format($error), "
Votre ancien mot de passe :
Nouveau mot de passe :

FormClose(); } else { // user is not logged in // is user trying to log in or register? if ($_REQUEST["action"] == "login") { // if user name already exists, check password if ($existingUser = $this->LoadUser($_POST["name"])) { // check password if ($existingUser["password"] == md5($_POST["password"])) { $this->SetUser($existingUser, $_POST["remember"]); $this->Redirect($this->href()); } else { $error = "Mauvais mot de passe !"; } } // otherwise, create new account else { $name = trim($_POST["name"]); $email = trim($_POST["email"]); $password = $_POST["password"]; $confpassword = $_POST["confpassword"]; // check if name is WikkiName style if (!$this->IsWikiName($name)) $error = "Votre nom d'utilisateur doit être formaté en NomWiki."; else if (!$email) $error = "Vous devez spécifier une adresse de messagerie électronique."; else if (!preg_match("/^.+?\@.+?\..+$/", $email)) $error = "Ceci ne ressemble pas à une adresse de messagerie électronique."; else if ($confpassword != $password) $error = "Les mots de passe n'étaient pas identiques"; else if (preg_match("/ /", $password)) $error = "Les espaces ne sont pas permis dans un mot de passe."; else if (strlen($password) < 5) $error = "Mot de passe trop court. Un mot de passe doit contenir au minimum 5 caractères alphanumériques."; else { $this->Query("insert into ".$this->config["table_prefix"]."users set ". "signuptime = now(), ". "name = '".mysql_escape_string($name)."', ". "email = '".mysql_escape_string($email)."', ". "password = md5('".mysql_escape_string($_POST["password"])."')"); // log in $this->SetUser($this->LoadUser($name)); // forward $this->Redirect($this->href()); } } } echo $this->FormOpen(); ?> \n"; } ?>

	Format("Si vous êtes déjà enregistré, identifiez-vous ici"); ?>
	", $this->Format($error), "
Votre NomWiki :
Mot de passe (5 caractères minimum) :	Se souvenir de moi.

	Format("Les champs suivants sont à remplir si vous vous identifiez pour la première fois (vous créerez ainsi un compte)"); ?>
Confirmation du mot de passe :
Adresse de messagerie électronique. :

FormClose(); } ?>