| 448 |
ddelon |
1 |
<?php
|
|
|
2 |
if (!function_exists("LoadUser"))
|
|
|
3 |
{
|
|
|
4 |
function LoadUser($name, $password = 0)
|
|
|
5 |
{
|
|
|
6 |
global $wiki;
|
|
|
7 |
return $wiki->LoadSingle("select * from ".$wiki->config["common_table_prefix"]."users where name = '".mysql_escape_string($name)."' ".($password === 0 ? "" : "and password = '".mysql_escape_string($password)."'")." limit 1");
|
|
|
8 |
}
|
|
|
9 |
}
|
|
|
10 |
if ($_REQUEST["action"] == "logout")
|
|
|
11 |
{
|
|
|
12 |
$this->LogoutUser();
|
|
|
13 |
$this->SetMessage("Vous êtes maintenant déconnecté !");
|
|
|
14 |
$this->Redirect($this->href());
|
|
|
15 |
}
|
|
|
16 |
else if ($user = $this->GetUser())
|
|
|
17 |
{
|
|
|
18 |
|
|
|
19 |
// is user trying to update?
|
|
|
20 |
if ($_REQUEST["action"] == "update")
|
|
|
21 |
{
|
|
|
22 |
$this->Query("update ".$this->config["common_table_prefix"]."users set ".
|
|
|
23 |
"email = '".mysql_escape_string($_POST["email"])."', ".
|
|
|
24 |
"doubleclickedit = '".mysql_escape_string($_POST["doubleclickedit"])."', ".
|
|
|
25 |
"show_comments = '".mysql_escape_string($_POST["show_comments"])."', ".
|
|
|
26 |
"revisioncount = '".mysql_escape_string($_POST["revisioncount"])."', ".
|
|
|
27 |
"changescount = '".mysql_escape_string($_POST["changescount"])."', ".
|
|
|
28 |
"motto = '".mysql_escape_string($_POST["motto"])."' ".
|
|
|
29 |
"where name = '".$user["name"]."' limit 1");
|
|
|
30 |
|
|
|
31 |
$this->SetUser(LoadUser($user["name"]));
|
|
|
32 |
|
|
|
33 |
// forward
|
|
|
34 |
$this->SetMessage("Paramètres sauvegardés !");
|
|
|
35 |
$this->Redirect($this->href());
|
|
|
36 |
}
|
|
|
37 |
|
|
|
38 |
if ($_REQUEST["action"] == "changepass")
|
|
|
39 |
{
|
|
|
40 |
// check password
|
|
|
41 |
$password = $_POST["password"];
|
|
|
42 |
if (preg_match("/ /", $password)) $error = "Les espaces ne sont pas permis dans les mots de passe.";
|
|
|
43 |
else if (strlen($password) < 5) $error = "Password too short.";
|
|
|
44 |
else if ($user["password"] != md5($_POST["oldpass"])) $error = "Mauvais mot de passe.";
|
|
|
45 |
else
|
|
|
46 |
{
|
|
|
47 |
$this->Query("update ".$this->config["common_table_prefix"]."users set "."password = md5('".mysql_escape_string($password)."') "."where name = '".$user["name"]."'");
|
|
|
48 |
$this->SetMessage("Mot de passe changé !");
|
|
|
49 |
$user["password"]=md5($password);
|
|
|
50 |
$this->SetUser($user);
|
|
|
51 |
$this->Redirect($this->href());
|
|
|
52 |
}
|
|
|
53 |
}
|
|
|
54 |
// user is logged in; display config form
|
|
|
55 |
print($this->FormOpen());
|
|
|
56 |
?>
|
|
|
57 |
<input type="hidden" name="action" value="update" />
|
|
|
58 |
<table>
|
|
|
59 |
<tr>
|
|
|
60 |
<td align="right"></td>
|
|
|
61 |
<td>Hello, <?php echo $this->Link($user["name"]) ?>!</td>
|
|
|
62 |
</tr>
|
|
|
63 |
<tr>
|
|
|
64 |
<td align="right">Votre adresse e-mail :</td>
|
|
|
65 |
<td><input name="email" value="<?php echo htmlentities($user["email"]) ?>" size="40" /></td>
|
|
|
66 |
</tr>
|
|
|
67 |
<tr>
|
|
|
68 |
<td align="right">Edition en Doublecliquant :</td>
|
|
|
69 |
<td><input type="hidden" name="doubleclickedit" value="N" /><input type="checkbox" name="doubleclickedit" value="Y" <?php echo $user["doubleclickedit"] == "Y" ? "checked=\"checked\"" : "" ?> /></td>
|
|
|
70 |
</tr>
|
|
|
71 |
<tr>
|
|
|
72 |
<td align="right">Montrer les commentaires par default :</td>
|
|
|
73 |
<td><input type="hidden" name="show_comments" value="N" /><input type="checkbox" name="show_comments" value="Y" <?php echo $user["show_comments"] == "Y" ? "checked\"checked\"" : "" ?> /></td>
|
|
|
74 |
</tr>
|
|
|
75 |
<tr>
|
|
|
76 |
<td align="right">Nombre maximum de derniers commentaires :</td>
|
|
|
77 |
<td><input name="changescount" value="<?php echo htmlentities($user["changescount"]) ?>" size="40" /></td>
|
|
|
78 |
</tr>
|
|
|
79 |
<tr>
|
|
|
80 |
<td align="right">Nombre maximum de versions :</td>
|
|
|
81 |
<td><input name="revisioncount" value="<?php echo htmlentities($user["revisioncount"]) ?>" size="40" /></td>
|
|
|
82 |
</tr>
|
|
|
83 |
<tr>
|
|
|
84 |
<td align="right">Votre devise :</td>
|
|
|
85 |
<td><input name="motto" value="<?php echo htmlentities($user["motto"]) ?>" size="40" /></td>
|
|
|
86 |
</tr>
|
|
|
87 |
<tr>
|
|
|
88 |
<td></td>
|
|
|
89 |
<td><input type="submit" value="Mise à jour" /> <input type="button" value="Déconnection" onClick="document.location='<?php echo $this->href("", "", "action=logout"); ?>'" /></td>
|
|
|
90 |
</tr>
|
|
|
91 |
|
|
|
92 |
<?php
|
|
|
93 |
print($this->FormClose());
|
|
|
94 |
|
|
|
95 |
print($this->FormOpen());
|
|
|
96 |
?>
|
|
|
97 |
<input type="hidden" name="action" value="changepass" />
|
|
|
98 |
|
|
|
99 |
<tr>
|
|
|
100 |
<td> </td>
|
|
|
101 |
<td> </td>
|
|
|
102 |
</tr>
|
|
|
103 |
<tr>
|
|
|
104 |
<td align="right"></td>
|
|
|
105 |
<td><?php echo $this->Format("Changement de mot de passe"); ?></td>
|
|
|
106 |
</tr>
|
|
|
107 |
<?php
|
|
|
108 |
if ($error)
|
|
|
109 |
{
|
|
|
110 |
print("<tr><td></td><td><div class=\"error\">".$this->Format($error)."</div></td></tr>\n");
|
|
|
111 |
}
|
|
|
112 |
?>
|
|
|
113 |
<tr>
|
|
|
114 |
<td align="right">Votre ancien mot de passe :</td>
|
|
|
115 |
<td><input type="password" name="oldpass" size="40" /></td>
|
|
|
116 |
</tr>
|
|
|
117 |
<tr>
|
|
|
118 |
<td align="right">Nouveau mot de passe :</td>
|
|
|
119 |
<td><input type="password" name="password" size="40" /></td>
|
|
|
120 |
</tr>
|
|
|
121 |
<tr>
|
|
|
122 |
<td></td>
|
|
|
123 |
<td><input type="submit" value="Changer" size="40" /></td>
|
|
|
124 |
</tr>
|
|
|
125 |
</table>
|
|
|
126 |
<?php
|
|
|
127 |
print($this->FormClose());
|
|
|
128 |
|
|
|
129 |
}
|
|
|
130 |
else
|
|
|
131 |
{
|
|
|
132 |
// user is not logged in
|
|
|
133 |
|
|
|
134 |
// is user trying to log in or register?
|
|
|
135 |
if ($_REQUEST["action"] == "login")
|
|
|
136 |
{
|
|
|
137 |
// if user name already exists, check password
|
|
|
138 |
if ($existingUser = LoadUser($_POST["name"]))
|
|
|
139 |
{
|
|
|
140 |
// check password
|
|
|
141 |
if ($existingUser["password"] == md5($_POST["password"]))
|
|
|
142 |
{
|
|
|
143 |
$this->SetUser($existingUser, $_POST["remember"]);
|
|
|
144 |
$this->Redirect($this->href());
|
|
|
145 |
}
|
|
|
146 |
else
|
|
|
147 |
{
|
|
|
148 |
$error = "Mauvais mot de passe !";
|
|
|
149 |
}
|
|
|
150 |
}
|
|
|
151 |
// otherwise, create new account
|
|
|
152 |
else
|
|
|
153 |
{
|
|
|
154 |
$name = trim($_POST["name"]);
|
|
|
155 |
$email = trim($_POST["email"]);
|
|
|
156 |
$password = $_POST["password"];
|
|
|
157 |
$confpassword = $_POST["confpassword"];
|
|
|
158 |
|
|
|
159 |
// check if name is WikkiName style
|
|
|
160 |
if (!$this->IsWikiName($name)) $error = "Votre nom d'utilisateur dois être formaté en NomWiki.";
|
|
|
161 |
else if (!$email) $error = "Vous devez spécifier une adresse e-mail.";
|
|
|
162 |
else if (!preg_match("/^.+?\@.+?\..+$/", $email)) $error = "Ceci ne ressemble pas à une adresse e-mail.";
|
|
|
163 |
else if ($confpassword != $password) $error = "Les mots de passe n'étaient pas identiques";
|
|
|
164 |
else if (preg_match("/ /", $password)) $error = "Les espaces ne sont pas permis dans un mot de passe.";
|
|
|
165 |
else if (strlen($password) < 5) $error = "Mot de passe trop court. Un mot de passe doit contenir au minimum 5 caractères alphanumériques.";
|
|
|
166 |
else
|
|
|
167 |
{
|
|
|
168 |
$this->Query("insert into ".$this->config["common_table_prefix"]."users set ".
|
|
|
169 |
"signuptime = now(), ".
|
|
|
170 |
"name = '".mysql_escape_string($name)."', ".
|
|
|
171 |
"email = '".mysql_escape_string($email)."', ".
|
|
|
172 |
"password = md5('".mysql_escape_string($_POST["password"])."')");
|
|
|
173 |
|
|
|
174 |
// log in
|
|
|
175 |
$this->SetUser(LoadUser($name));
|
|
|
176 |
|
|
|
177 |
// forward
|
|
|
178 |
$this->Redirect($this->href());
|
|
|
179 |
}
|
|
|
180 |
}
|
|
|
181 |
}
|
|
|
182 |
|
|
|
183 |
print($this->FormOpen());
|
|
|
184 |
?>
|
|
|
185 |
<input type="hidden" name="action" value="login" />
|
|
|
186 |
<table>
|
|
|
187 |
<tr>
|
|
|
188 |
<td align="right"></td>
|
|
|
189 |
<td><?php echo $this->Format("Si vous êtes déjà enregistré, identifiez-vous ici"); ?></td>
|
|
|
190 |
</tr>
|
|
|
191 |
<?php
|
|
|
192 |
if ($error)
|
|
|
193 |
{
|
|
|
194 |
print("<tr><td></td><td><div class=\"error\">".$this->Format($error)."</div></td></tr>\n");
|
|
|
195 |
}
|
|
|
196 |
?>
|
|
|
197 |
<tr>
|
|
|
198 |
<td align="right">Votre NomWiki :</td>
|
|
|
199 |
<td><input name="name" size="40" value="<?php echo $name ?>" /></td>
|
|
|
200 |
</tr>
|
|
|
201 |
<tr>
|
|
|
202 |
<td align="right">Mot de passe (5 caractères minimum) :</td>
|
|
|
203 |
<td><input type="password" name="password" size="40" />
|
|
|
204 |
<input type="hidden" name="remember" value="0" /><input type="checkbox" name="remember" value="1" /> <?php echo $this->Format("Se souvenir de moi.") ?> </td>
|
|
|
205 |
</tr>
|
|
|
206 |
<tr>
|
|
|
207 |
<td></td>
|
|
|
208 |
<td><input type="submit" value="Identification" size="40" /></td>
|
|
|
209 |
</tr>
|
|
|
210 |
<tr>
|
|
|
211 |
<td align="right"></td>
|
|
|
212 |
<td width="500"><?php echo $this->Format("Les champs suivants sont à remplir si vous vous identifiez pour la première fois (vous créérez ainsi un compte)"); ?></td>
|
|
|
213 |
</tr>
|
|
|
214 |
<tr>
|
|
|
215 |
<td align="right">Confirmation du mot de passe :</td>
|
|
|
216 |
<td><input type="password" name="confpassword" size="40" /></td>
|
|
|
217 |
</tr>
|
|
|
218 |
<tr>
|
|
|
219 |
<td align="right">Adresse e-mail :</td>
|
|
|
220 |
<td><input name="email" size="40" value="<?php echo $email ?>" /></td>
|
|
|
221 |
</tr>
|
|
|
222 |
<tr>
|
|
|
223 |
<td></td>
|
|
|
224 |
<td><input type="submit" value="Nouveau compte" size="40" /></td>
|
|
|
225 |
</tr>
|
|
|
226 |
</table>
|
|
|
227 |
<?php
|
|
|
228 |
print($this->FormClose());
|
|
|
229 |
}
|
|
|
230 |
?>
|
|
|
231 |
|