| 2 | ddelon | 1 | <?php
 | 
        
           |  |  | 2 | if (!function_exists("LoadUser"))
 | 
        
           |  |  | 3 | {
 | 
        
           |  |  | 4 |         function LoadUser($name, $password = 0)
 | 
        
           |  |  | 5 | 	{
 | 
        
           |  |  | 6 |                 global $wiki;
 | 
        
           |  |  | 7 |                 return $wiki->LoadSingle("select * from ".$wiki->config["common_table_prefix"]."users where name = '".mysql_escape_string($name)."' ".($password === 0 ? "" : "and password = '".mysql_escape_string($password)."'")." limit 1");
 | 
        
           |  |  | 8 | 	}
 | 
        
           |  |  | 9 | }
 | 
        
           |  |  | 10 | if ($_REQUEST["action"] == "logout")
 | 
        
           |  |  | 11 | {
 | 
        
           |  |  | 12 | 	$this->LogoutUser();
 | 
        
           |  |  | 13 | 	$this->SetMessage("Vous êtes maintenant déconnecté !");
 | 
        
           |  |  | 14 | 	$this->Redirect($this->href());
 | 
        
           |  |  | 15 | }
 | 
        
           |  |  | 16 | else if ($user = $this->GetUser())
 | 
        
           |  |  | 17 | {
 | 
        
           |  |  | 18 |   | 
        
           |  |  | 19 | 	// is user trying to update?
 | 
        
           |  |  | 20 | 	if ($_REQUEST["action"] == "update")
 | 
        
           |  |  | 21 | 	{
 | 
        
           |  |  | 22 | 		$this->Query("update ".$this->config["common_table_prefix"]."users set ".
 | 
        
           |  |  | 23 | 			"email = '".mysql_escape_string($_POST["email"])."', ".
 | 
        
           |  |  | 24 | 			"doubleclickedit = '".mysql_escape_string($_POST["doubleclickedit"])."', ".
 | 
        
           |  |  | 25 | 			"show_comments = '".mysql_escape_string($_POST["show_comments"])."', ".
 | 
        
           |  |  | 26 | 			"revisioncount = '".mysql_escape_string($_POST["revisioncount"])."', ".
 | 
        
           |  |  | 27 | 			"changescount = '".mysql_escape_string($_POST["changescount"])."', ".
 | 
        
           |  |  | 28 | 			"motto = '".mysql_escape_string($_POST["motto"])."' ".
 | 
        
           |  |  | 29 | 			"where name = '".$user["name"]."' limit 1");
 | 
        
           |  |  | 30 |   | 
        
           |  |  | 31 | 		$this->SetUser(LoadUser($user["name"]));
 | 
        
           |  |  | 32 |   | 
        
           |  |  | 33 | 		// forward
 | 
        
           |  |  | 34 | 		$this->SetMessage("Paramètres sauvegardés !");
 | 
        
           |  |  | 35 | 		$this->Redirect($this->href());
 | 
        
           |  |  | 36 | 	}
 | 
        
           |  |  | 37 |   | 
        
           |  |  | 38 | 	if ($_REQUEST["action"] == "changepass")
 | 
        
           |  |  | 39 | 	{
 | 
        
           |  |  | 40 | 			// check password
 | 
        
           |  |  | 41 | 			$password = $_POST["password"];
 | 
        
           |  |  | 42 |                         if (preg_match("/ /", $password)) $error = "Les espaces ne sont pas permis dans les mots de passe.";
 | 
        
           |  |  | 43 | 			else if (strlen($password) < 5) $error = "Password too short.";
 | 
        
           |  |  | 44 | 			else if ($user["password"] != md5($_POST["oldpass"])) $error = "Mauvais mot de passe.";
 | 
        
           |  |  | 45 | 			else
 | 
        
           |  |  | 46 | 			{
 | 
        
           |  |  | 47 | 				$this->Query("update ".$this->config["common_table_prefix"]."users set "."password = md5('".mysql_escape_string($password)."') "."where name = '".$user["name"]."'");
 | 
        
           |  |  | 48 | 				$this->SetMessage("Mot de passe changé !");
 | 
        
           |  |  | 49 | 				$user["password"]=md5($password);
 | 
        
           |  |  | 50 | 				$this->SetUser($user);
 | 
        
           |  |  | 51 | 				$this->Redirect($this->href());
 | 
        
           |  |  | 52 | 			}
 | 
        
           |  |  | 53 | 	}
 | 
        
           |  |  | 54 | 	// user is logged in; display config form
 | 
        
           |  |  | 55 | 	print($this->FormOpen());
 | 
        
           |  |  | 56 | 	?>
 | 
        
           |  |  | 57 | 	<input type="hidden" name="action" value="update" />
 | 
        
           |  |  | 58 | 	<table>
 | 
        
           |  |  | 59 | 		<tr>
 | 
        
           |  |  | 60 | 			<td align="right"></td>
 | 
        
           |  |  | 61 | 			<td>Hello, <?php echo  $this->Link($user["name"]) ?>!</td>
 | 
        
           |  |  | 62 | 		</tr>
 | 
        
           |  |  | 63 | 		<tr>
 | 
        
           |  |  | 64 | 			<td align="right">Votre adresse e-mail :</td>
 | 
        
           |  |  | 65 | 			<td><input name="email" value="<?php echo  htmlentities($user["email"]) ?>" size="40" /></td>
 | 
        
           |  |  | 66 | 		</tr>
 | 
        
           |  |  | 67 | 		<tr>
 | 
        
           |  |  | 68 | 			<td align="right">Edition en Doublecliquant :</td>
 | 
        
           |  |  | 69 | 			<td><input type="hidden" name="doubleclickedit" value="N" /><input type="checkbox" name="doubleclickedit" value="Y" <?php echo  $user["doubleclickedit"] == "Y" ? "checked=\"checked\"" : "" ?> /></td>
 | 
        
           |  |  | 70 | 		</tr>
 | 
        
           |  |  | 71 | 		<tr>
 | 
        
           |  |  | 72 | 			<td align="right">Montrer les commentaires par default :</td>
 | 
        
           |  |  | 73 | 			<td><input type="hidden" name="show_comments" value="N" /><input type="checkbox" name="show_comments" value="Y" <?php echo  $user["show_comments"] == "Y" ? "checked\"checked\"" : "" ?> /></td>
 | 
        
           |  |  | 74 | 		</tr>
 | 
        
           |  |  | 75 | 		<tr>
 | 
        
           |  |  | 76 | 			<td align="right">Nombre maximum de derniers commentaires :</td>
 | 
        
           |  |  | 77 | 			<td><input name="changescount" value="<?php echo  htmlentities($user["changescount"]) ?>" size="40" /></td>
 | 
        
           |  |  | 78 | 		</tr>
 | 
        
           |  |  | 79 | 		<tr>
 | 
        
           |  |  | 80 | 			<td align="right">Nombre maximum de versions :</td>
 | 
        
           |  |  | 81 | 			<td><input name="revisioncount" value="<?php echo  htmlentities($user["revisioncount"]) ?>" size="40" /></td>
 | 
        
           |  |  | 82 | 		</tr>
 | 
        
           |  |  | 83 | 		<tr>
 | 
        
           |  |  | 84 | 			<td align="right">Votre devise :</td>
 | 
        
           |  |  | 85 | 			<td><input name="motto" value="<?php echo  htmlentities($user["motto"]) ?>" size="40" /></td>
 | 
        
           |  |  | 86 | 		</tr>
 | 
        
           |  |  | 87 | 		<tr>
 | 
        
           |  |  | 88 | 			<td></td>
 | 
        
           |  |  | 89 | 			<td><input type="submit" value="Mise à jour" /> <input type="button" value="Déconnection" onClick="document.location='<?php echo  $this->href("", "", "action=logout"); ?>'" /></td>
 | 
        
           |  |  | 90 | 		</tr>
 | 
        
           |  |  | 91 |   | 
        
           |  |  | 92 | 	<?php
 | 
        
           |  |  | 93 | 	print($this->FormClose());
 | 
        
           |  |  | 94 |   | 
        
           |  |  | 95 | 	print($this->FormOpen());
 | 
        
           |  |  | 96 | 	?>
 | 
        
           |  |  | 97 | 	<input type="hidden" name="action" value="changepass" />
 | 
        
           |  |  | 98 |   | 
        
           |  |  | 99 | 		<tr>
 | 
        
           |  |  | 100 | 			<td> </td>
 | 
        
           |  |  | 101 | 			<td> </td>
 | 
        
           |  |  | 102 | 		</tr>
 | 
        
           |  |  | 103 | 		<tr>
 | 
        
           |  |  | 104 | 			<td align="right"></td>
 | 
        
           |  |  | 105 | 			<td><?php echo  $this->Format("Changement de mot de passe"); ?></td>
 | 
        
           |  |  | 106 | 		</tr>
 | 
        
           |  |  | 107 | 		<?php
 | 
        
           |  |  | 108 | 		if ($error)
 | 
        
           |  |  | 109 | 		{
 | 
        
           |  |  | 110 | 			print("<tr><td></td><td><div class=\"error\">".$this->Format($error)."</div></td></tr>\n");
 | 
        
           |  |  | 111 | 		}
 | 
        
           |  |  | 112 | 		?>
 | 
        
           |  |  | 113 | 		<tr>
 | 
        
           |  |  | 114 | 			<td align="right">Votre ancien mot de passe :</td>
 | 
        
           |  |  | 115 | 			<td><input type="password" name="oldpass" size="40" /></td>
 | 
        
           |  |  | 116 | 		</tr>
 | 
        
           |  |  | 117 | 		<tr>
 | 
        
           |  |  | 118 | 			<td align="right">Nouveau mot de passe :</td>
 | 
        
           |  |  | 119 | 			<td><input type="password" name="password" size="40" /></td>
 | 
        
           |  |  | 120 | 		</tr>
 | 
        
           |  |  | 121 | 		<tr>
 | 
        
           |  |  | 122 | 			<td></td>
 | 
        
           |  |  | 123 | 			<td><input type="submit" value="Changer" size="40" /></td>
 | 
        
           |  |  | 124 | 		</tr>
 | 
        
           |  |  | 125 | 	</table>
 | 
        
           |  |  | 126 | 	<?php
 | 
        
           |  |  | 127 | 	print($this->FormClose());
 | 
        
           |  |  | 128 |   | 
        
           |  |  | 129 | }
 | 
        
           |  |  | 130 | else
 | 
        
           |  |  | 131 | {
 | 
        
           |  |  | 132 | 	// user is not logged in
 | 
        
           |  |  | 133 |   | 
        
           |  |  | 134 | 	// is user trying to log in or register?
 | 
        
           |  |  | 135 | 	if ($_REQUEST["action"] == "login")
 | 
        
           |  |  | 136 | 	{
 | 
        
           |  |  | 137 | 		// if user name already exists, check password
 | 
        
           |  |  | 138 | 		if ($existingUser = LoadUser($_POST["name"]))
 | 
        
           |  |  | 139 | 		{
 | 
        
           |  |  | 140 | 			// check password
 | 
        
           |  |  | 141 | 			if ($existingUser["password"] == md5($_POST["password"]))
 | 
        
           |  |  | 142 | 			{
 | 
        
           |  |  | 143 | 				$this->SetUser($existingUser, $_POST["remember"]);
 | 
        
           |  |  | 144 | 				$this->Redirect($this->href());
 | 
        
           |  |  | 145 | 			}
 | 
        
           |  |  | 146 | 			else
 | 
        
           |  |  | 147 | 			{
 | 
        
           |  |  | 148 | 				$error = "Mauvais mot de passe !";
 | 
        
           |  |  | 149 | 			}
 | 
        
           |  |  | 150 | 		}
 | 
        
           |  |  | 151 | 		// otherwise, create new account
 | 
        
           |  |  | 152 | 		else
 | 
        
           |  |  | 153 | 		{
 | 
        
           |  |  | 154 | 			$name = trim($_POST["name"]);
 | 
        
           |  |  | 155 | 			$email = trim($_POST["email"]);
 | 
        
           |  |  | 156 | 			$password = $_POST["password"];
 | 
        
           |  |  | 157 | 			$confpassword = $_POST["confpassword"];
 | 
        
           |  |  | 158 |   | 
        
           |  |  | 159 | 			// check if name is WikkiName style
 | 
        
           |  |  | 160 | 			if (!$this->IsWikiName($name)) $error = "Votre nom d'utilisateur dois être formaté en NomWiki.";
 | 
        
           |  |  | 161 | 			else if (!$email) $error = "Vous devez spécifier une adresse e-mail.";
 | 
        
           |  |  | 162 | 			else if (!preg_match("/^.+?\@.+?\..+$/", $email)) $error = "Ceci ne ressemble pas à une adresse e-mail.";
 | 
        
           |  |  | 163 | 			else if ($confpassword != $password) $error = "Les mots de passe n'étaient pas identiques";
 | 
        
           |  |  | 164 | 			else if (preg_match("/ /", $password)) $error = "Les espaces ne sont pas permis dans un mot de passe.";
 | 
        
           |  |  | 165 | 			else if (strlen($password) < 5) $error = "Mot de passe trop court. Un mot de passe doit contenir au minimum 5 caractères alphanumériques.";
 | 
        
           |  |  | 166 | 			else
 | 
        
           |  |  | 167 | 			{
 | 
        
           |  |  | 168 | 				$this->Query("insert into ".$this->config["common_table_prefix"]."users set ".
 | 
        
           |  |  | 169 | 					"signuptime = now(), ".
 | 
        
           |  |  | 170 | 					"name = '".mysql_escape_string($name)."', ".
 | 
        
           |  |  | 171 | 					"email = '".mysql_escape_string($email)."', ".
 | 
        
           |  |  | 172 | 					"password = md5('".mysql_escape_string($_POST["password"])."')");
 | 
        
           |  |  | 173 |   | 
        
           |  |  | 174 | 				// log in
 | 
        
           |  |  | 175 | 				$this->SetUser(LoadUser($name));
 | 
        
           |  |  | 176 |   | 
        
           |  |  | 177 | 				// forward
 | 
        
           |  |  | 178 | 				$this->Redirect($this->href());
 | 
        
           |  |  | 179 | 			}
 | 
        
           |  |  | 180 | 		}
 | 
        
           |  |  | 181 | 	}
 | 
        
           |  |  | 182 |   | 
        
           |  |  | 183 | 	print($this->FormOpen());
 | 
        
           |  |  | 184 | 	?>
 | 
        
           |  |  | 185 | 	<input type="hidden" name="action" value="login" />
 | 
        
           |  |  | 186 | 	<table>
 | 
        
           |  |  | 187 | 		<tr>
 | 
        
           |  |  | 188 | 			<td align="right"></td>
 | 
        
           |  |  | 189 | 			<td><?php echo  $this->Format("Si vous êtes déjà enregistré, identifiez-vous ici"); ?></td>
 | 
        
           |  |  | 190 | 		</tr>
 | 
        
           |  |  | 191 | 		<?php
 | 
        
           |  |  | 192 | 		if ($error)
 | 
        
           |  |  | 193 | 		{
 | 
        
           |  |  | 194 | 			print("<tr><td></td><td><div class=\"error\">".$this->Format($error)."</div></td></tr>\n");
 | 
        
           |  |  | 195 | 		}
 | 
        
           |  |  | 196 | 		?>
 | 
        
           |  |  | 197 | 		<tr>
 | 
        
           |  |  | 198 | 			<td align="right">Votre NomWiki :</td>
 | 
        
           |  |  | 199 | 			<td><input name="name" size="40" value="<?php echo  $name ?>" /></td>
 | 
        
           |  |  | 200 | 		</tr>
 | 
        
           |  |  | 201 | 		<tr>
 | 
        
           |  |  | 202 | 			<td align="right">Mot de passe (5 caractères minimum) :</td>
 | 
        
           |  |  | 203 | 			<td><input type="password" name="password" size="40" />
 | 
        
           |  |  | 204 | 			    <input type="hidden" name="remember" value="0" /><input type="checkbox" name="remember" value="1" /> <?php echo $this->Format("Se souvenir de moi.") ?> </td>
 | 
        
           |  |  | 205 | 		</tr>
 | 
        
           |  |  | 206 | 		<tr>
 | 
        
           |  |  | 207 | 			<td></td>
 | 
        
           |  |  | 208 | 			<td><input type="submit" value="Identification" size="40" /></td>
 | 
        
           |  |  | 209 | 		</tr>
 | 
        
           |  |  | 210 | 		<tr>
 | 
        
           |  |  | 211 | 			<td align="right"></td>
 | 
        
           |  |  | 212 | 			<td width="500"><?php echo  $this->Format("Les champs suivants sont à remplir si vous vous identifiez pour la première fois (vous créérez ainsi un compte)"); ?></td>
 | 
        
           |  |  | 213 | 		</tr>
 | 
        
           |  |  | 214 | 		<tr>
 | 
        
           |  |  | 215 | 			<td align="right">Confirmation du mot de passe :</td>
 | 
        
           |  |  | 216 | 			<td><input type="password" name="confpassword" size="40" /></td>
 | 
        
           |  |  | 217 | 		</tr>
 | 
        
           |  |  | 218 | 		<tr>
 | 
        
           |  |  | 219 | 			<td align="right">Adresse e-mail :</td>
 | 
        
           |  |  | 220 | 			<td><input name="email" size="40" value="<?php echo  $email ?>" /></td>
 | 
        
           |  |  | 221 | 		</tr>
 | 
        
           |  |  | 222 | 		<tr>
 | 
        
           |  |  | 223 | 			<td></td>
 | 
        
           |  |  | 224 | 			<td><input type="submit" value="Nouveau compte" size="40" /></td>
 | 
        
           |  |  | 225 | 		</tr>
 | 
        
           |  |  | 226 | 	</table>
 | 
        
           |  |  | 227 | 	<?php
 | 
        
           |  |  | 228 | 	print($this->FormClose());
 | 
        
           |  |  | 229 | }
 | 
        
           |  |  | 230 | ?>
 | 
        
           |  |  | 231 |   |