| 439 |
ddelon |
1 |
<?php
|
|
|
2 |
/*
|
|
|
3 |
usersettings.php
|
|
|
4 |
Copyright (c) 2002, Hendrik Mans <hendrik@mans.de>
|
|
|
5 |
Copyright 2002, 2003 David DELON
|
|
|
6 |
Copyright 2002, 2003 Charles NEPOTE
|
|
|
7 |
Copyright 2002 Patrick PAUL
|
|
|
8 |
All rights reserved.
|
|
|
9 |
Redistribution and use in source and binary forms, with or without
|
|
|
10 |
modification, are permitted provided that the following conditions
|
|
|
11 |
are met:
|
|
|
12 |
1. Redistributions of source code must retain the above copyright
|
|
|
13 |
notice, this list of conditions and the following disclaimer.
|
|
|
14 |
2. Redistributions in binary form must reproduce the above copyright
|
|
|
15 |
notice, this list of conditions and the following disclaimer in the
|
|
|
16 |
documentation and/or other materials provided with the distribution.
|
|
|
17 |
3. The name of the author may not be used to endorse or promote products
|
|
|
18 |
derived from this software without specific prior written permission.
|
|
|
19 |
|
|
|
20 |
THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
|
21 |
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
|
22 |
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
|
|
23 |
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
|
24 |
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
|
25 |
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
|
26 |
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
|
27 |
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
28 |
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
|
29 |
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
30 |
*/
|
|
|
31 |
if (!isset($_REQUEST["action"])) $_REQUEST["action"] = '';
|
|
|
32 |
if ($_REQUEST["action"] == "logout")
|
|
|
33 |
{
|
|
|
34 |
$this->LogoutUser();
|
|
|
35 |
$this->SetMessage("Vous êtes maintenant déconnecté !");
|
|
|
36 |
$this->Redirect($this->href());
|
|
|
37 |
}
|
|
|
38 |
else if ($user = $this->GetUser())
|
|
|
39 |
{
|
|
|
40 |
|
|
|
41 |
// is user trying to update?
|
|
|
42 |
if ($_REQUEST["action"] == "update")
|
|
|
43 |
{
|
|
|
44 |
$this->Query("update ".$this->config["table_prefix"]."users set ".
|
|
|
45 |
"email = '".mysql_escape_string($_POST["email"])."', ".
|
|
|
46 |
"doubleclickedit = '".mysql_escape_string($_POST["doubleclickedit"])."', ".
|
|
|
47 |
"show_comments = '".mysql_escape_string($_POST["show_comments"])."', ".
|
|
|
48 |
"revisioncount = '".mysql_escape_string($_POST["revisioncount"])."', ".
|
|
|
49 |
"changescount = '".mysql_escape_string($_POST["changescount"])."', ".
|
|
|
50 |
"motto = '".mysql_escape_string($_POST["motto"])."' ".
|
|
|
51 |
"where name = '".$user["name"]."' limit 1");
|
|
|
52 |
|
|
|
53 |
$this->SetUser($this->LoadUser($user["name"]));
|
|
|
54 |
|
|
|
55 |
// forward
|
|
|
56 |
$this->SetMessage("Paramètres sauvegardés !");
|
|
|
57 |
$this->Redirect($this->href());
|
|
|
58 |
}
|
|
|
59 |
|
|
|
60 |
if ($_REQUEST["action"] == "changepass")
|
|
|
61 |
{
|
|
|
62 |
// check password
|
|
|
63 |
$password = $_POST["password"];
|
|
|
64 |
if (preg_match("/ /", $password)) $error = "Les espaces ne sont pas permis dans les mots de passe.";
|
|
|
65 |
else if (strlen($password) < 5) $error = "Mot de passe trop court.";
|
|
|
66 |
else if ($user["password"] != md5($_POST["oldpass"])) $error = "Mauvais mot de passe.";
|
|
|
67 |
else
|
|
|
68 |
{
|
|
|
69 |
$this->Query("update ".$this->config["table_prefix"]."users set "."password = md5('".mysql_escape_string($password)."') "."where name = '".$user["name"]."'");
|
|
|
70 |
$this->SetMessage("Mot de passe changé !");
|
|
|
71 |
$user["password"]=md5($password);
|
|
|
72 |
$this->SetUser($user);
|
|
|
73 |
$this->Redirect($this->href());
|
|
|
74 |
}
|
|
|
75 |
}
|
|
|
76 |
// user is logged in; display config form
|
|
|
77 |
echo $this->FormOpen();
|
|
|
78 |
?>
|
|
|
79 |
<input type="hidden" name="action" value="update" />
|
|
|
80 |
<table>
|
|
|
81 |
<tr>
|
|
|
82 |
<td align="right"></td>
|
|
|
83 |
<td>Bonjour, <?php echo $this->Link($user["name"]) ?> !</td>
|
|
|
84 |
</tr>
|
|
|
85 |
<tr>
|
|
|
86 |
<td align="right">Votre adresse de messagerie électronique :</td>
|
|
|
87 |
<td><input name="email" value="<?php echo htmlentities($user["email"]) ?>" size="40" /></td>
|
|
|
88 |
</tr>
|
|
|
89 |
<tr>
|
|
|
90 |
<td align="right">Édition en double-cliquant :</td>
|
|
|
91 |
<td><input type="hidden" name="doubleclickedit" value="N" /><input type="checkbox" name="doubleclickedit" value="Y" <?php echo $user["doubleclickedit"] == "Y" ? "checked=\"checked\"" : "" ?> /></td>
|
|
|
92 |
</tr>
|
|
|
93 |
<tr>
|
|
|
94 |
<td align="right">Par défaut, montrer les commentaires :</td>
|
|
|
95 |
<td><input type="hidden" name="show_comments" value="N" /><input type="checkbox" name="show_comments" value="Y" <?php echo $user["show_comments"] == "Y" ? "checked\"checked\"" : "" ?> /></td>
|
|
|
96 |
</tr>
|
|
|
97 |
<tr>
|
|
|
98 |
<td align="right">Nombre maximum de derniers commentaires :</td>
|
|
|
99 |
<td><input name="changescount" value="<?php echo htmlentities($user["changescount"]) ?>" size="40" /></td>
|
|
|
100 |
</tr>
|
|
|
101 |
<tr>
|
|
|
102 |
<td align="right">Nombre maximum de versions :</td>
|
|
|
103 |
<td><input name="revisioncount" value="<?php echo htmlentities($user["revisioncount"]) ?>" size="40" /></td>
|
|
|
104 |
</tr>
|
|
|
105 |
<tr>
|
|
|
106 |
<td align="right">Votre devise :</td>
|
|
|
107 |
<td><input name="motto" value="<?php echo htmlentities($user["motto"]) ?>" size="40" /></td>
|
|
|
108 |
</tr>
|
|
|
109 |
<tr>
|
|
|
110 |
<td></td>
|
|
|
111 |
<td><input type="submit" value="Mise à jour" /> <input type="button" value="Déconnexion" onclick="document.location='<?php echo $this->href("", "", "action=logout"); ?>'" /></td>
|
|
|
112 |
</tr>
|
|
|
113 |
|
|
|
114 |
<?php
|
|
|
115 |
echo $this->FormClose();
|
|
|
116 |
|
|
|
117 |
echo $this->FormOpen();
|
|
|
118 |
?>
|
|
|
119 |
<input type="hidden" name="action" value="changepass" />
|
|
|
120 |
|
|
|
121 |
<tr>
|
|
|
122 |
<td> </td>
|
|
|
123 |
<td> </td>
|
|
|
124 |
</tr>
|
|
|
125 |
<tr>
|
|
|
126 |
<td align="right"></td>
|
|
|
127 |
<td><?php echo $this->Format("Changement de mot de passe"); ?></td>
|
|
|
128 |
</tr>
|
|
|
129 |
<?php
|
|
|
130 |
if (isset($error))
|
|
|
131 |
{
|
|
|
132 |
echo "<tr><td></td><td><div class=\"error\">", $this->Format($error), "</div></td></tr>\n";
|
|
|
133 |
}
|
|
|
134 |
?>
|
|
|
135 |
<tr>
|
|
|
136 |
<td align="right">Votre ancien mot de passe :</td>
|
|
|
137 |
<td><input type="password" name="oldpass" size="40" /></td>
|
|
|
138 |
</tr>
|
|
|
139 |
<tr>
|
|
|
140 |
<td align="right">Nouveau mot de passe :</td>
|
|
|
141 |
<td><input type="password" name="password" size="40" /></td>
|
|
|
142 |
</tr>
|
|
|
143 |
<tr>
|
|
|
144 |
<td></td>
|
|
|
145 |
<td><input type="submit" value="Changer" size="40" /></td>
|
|
|
146 |
</tr>
|
|
|
147 |
</table>
|
|
|
148 |
<?php
|
|
|
149 |
echo $this->FormClose();
|
|
|
150 |
|
|
|
151 |
}
|
|
|
152 |
else
|
|
|
153 |
{
|
|
|
154 |
// user is not logged in
|
|
|
155 |
|
|
|
156 |
// is user trying to log in or register?
|
|
|
157 |
if ($_REQUEST["action"] == "login")
|
|
|
158 |
{
|
|
|
159 |
// if user name already exists, check password
|
|
|
160 |
if ($existingUser = $this->LoadUser($_POST["name"]))
|
|
|
161 |
{
|
|
|
162 |
// check password
|
|
|
163 |
if ($existingUser["password"] == md5($_POST["password"]))
|
|
|
164 |
{
|
|
|
165 |
$this->SetUser($existingUser, $_POST["remember"]);
|
|
|
166 |
$this->Redirect($this->href());
|
|
|
167 |
}
|
|
|
168 |
else
|
|
|
169 |
{
|
|
|
170 |
$error = "Mauvais mot de passe !";
|
|
|
171 |
}
|
|
|
172 |
}
|
|
|
173 |
// otherwise, create new account
|
|
|
174 |
else
|
|
|
175 |
{
|
|
|
176 |
$name = trim($_POST["name"]);
|
|
|
177 |
$email = trim($_POST["email"]);
|
|
|
178 |
$password = $_POST["password"];
|
|
|
179 |
$confpassword = $_POST["confpassword"];
|
|
|
180 |
|
|
|
181 |
// check if name is WikkiName style
|
|
|
182 |
if (!$this->IsWikiName($name)) $error = "Votre nom d'utilisateur doit être formaté en NomWiki.";
|
|
|
183 |
else if (!$email) $error = "Vous devez spécifier une adresse de messagerie électronique.";
|
|
|
184 |
else if (!preg_match("/^.+?\@.+?\..+$/", $email)) $error = "Ceci ne ressemble pas à une adresse de messagerie électronique.";
|
|
|
185 |
else if ($confpassword != $password) $error = "Les mots de passe n'étaient pas identiques";
|
|
|
186 |
else if (preg_match("/ /", $password)) $error = "Les espaces ne sont pas permis dans un mot de passe.";
|
|
|
187 |
else if (strlen($password) < 5) $error = "Mot de passe trop court. Un mot de passe doit contenir au minimum 5 caractères alphanumériques.";
|
|
|
188 |
else
|
|
|
189 |
{
|
|
|
190 |
$this->Query("insert into ".$this->config["table_prefix"]."users set ".
|
|
|
191 |
"signuptime = now(), ".
|
|
|
192 |
"name = '".mysql_escape_string($name)."', ".
|
|
|
193 |
"email = '".mysql_escape_string($email)."', ".
|
|
|
194 |
"password = md5('".mysql_escape_string($_POST["password"])."')");
|
|
|
195 |
|
|
|
196 |
// log in
|
|
|
197 |
$this->SetUser($this->LoadUser($name));
|
|
|
198 |
|
|
|
199 |
// forward
|
|
|
200 |
$this->Redirect($this->href());
|
|
|
201 |
}
|
|
|
202 |
}
|
|
|
203 |
}
|
|
|
204 |
|
|
|
205 |
echo $this->FormOpen();
|
|
|
206 |
?>
|
|
|
207 |
<input type="hidden" name="action" value="login" />
|
|
|
208 |
<table>
|
|
|
209 |
<tr>
|
|
|
210 |
<td></td>
|
|
|
211 |
<td><?php echo $this->Format("Si vous êtes déjà enregistré, identifiez-vous ici"); ?></td>
|
|
|
212 |
</tr>
|
|
|
213 |
<?php
|
|
|
214 |
if (isset($error))
|
|
|
215 |
{
|
|
|
216 |
echo "<tr><td></td><td><div class=\"error\">", $this->Format($error), "</div></td></tr>\n";
|
|
|
217 |
}
|
|
|
218 |
?>
|
|
|
219 |
<tr>
|
|
|
220 |
<td align="right">Votre NomWiki :</td>
|
|
|
221 |
<td><input name="name" size="40" value="<?php if (isset($name)) echo $name ?>" /></td>
|
|
|
222 |
</tr>
|
|
|
223 |
<tr>
|
|
|
224 |
<td align="right">Mot de passe (5 caractères minimum) :</td>
|
|
|
225 |
<td>
|
|
|
226 |
<input type="password" name="password" size="40" />
|
|
|
227 |
<input type="hidden" name="remember" value="0" />
|
|
|
228 |
<input type="checkbox" name="remember" value="1" /> Se souvenir de moi.
|
|
|
229 |
</td>
|
|
|
230 |
</tr>
|
|
|
231 |
<tr>
|
|
|
232 |
<td></td>
|
|
|
233 |
<td><input type="submit" value="Identification" size="40" /></td>
|
|
|
234 |
</tr>
|
|
|
235 |
<tr>
|
|
|
236 |
<td></td>
|
|
|
237 |
<td width="500"><?php echo $this->Format("Les champs suivants sont à remplir si vous vous identifiez pour la première fois (vous créerez ainsi un compte)"); ?></td>
|
|
|
238 |
</tr>
|
|
|
239 |
<tr>
|
|
|
240 |
<td align="right">Confirmation du mot de passe :</td>
|
|
|
241 |
<td><input type="password" name="confpassword" size="40" /></td>
|
|
|
242 |
</tr>
|
|
|
243 |
<tr>
|
|
|
244 |
<td align="right">Adresse de messagerie électronique. :</td>
|
|
|
245 |
<td><input name="email" size="40" value="<?php if (isset($email)) echo $email ?>" /></td>
|
|
|
246 |
</tr>
|
|
|
247 |
<tr>
|
|
|
248 |
<td></td>
|
|
|
249 |
<td><input type="submit" value="Nouveau compte" size="40" /></td>
|
|
|
250 |
</tr>
|
|
|
251 |
</table>
|
|
|
252 |
<?php
|
|
|
253 |
echo $this->FormClose();
|
|
|
254 |
}
|
|
|
255 |
?>
|
|
|
256 |
|