-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathemail_request.php
143 lines (123 loc) · 3.63 KB
/
email_request.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
<?php
require_once 'include/page_base.php';
require_once 'include/email.php';
class Page extends PageBase
{
private $message;
protected function prepare()
{
global $_profile;
$this->message = NULL;
if (!isset($_REQUEST['code']))
{
throw new Exc(get_label('Unknown [0]', get_label('email code')));
}
$code = $_REQUEST['code'];
if (isset($_REQUEST['user_id']))
{
$user_id = $_REQUEST['user_id'];
}
else if (isset($_REQUEST['uid'])) // Remove it. It is a temporary fix, because some emails with uid are already sent in October 2018. If you are reading it in November 2018 or later, remove it.
{
$user_id = $_REQUEST['uid'];
}
else
{
throw new Exc(get_label('Unknown [0]', get_label('user')));
}
$query = new DbQuery(
'SELECT e.obj, e.obj_id, u.flags, u.auth_key FROM emails e, users u WHERE e.user_id = u.id AND u.id = ? AND e.code = ? AND e.send_time >= UNIX_TIMESTAMP() - ' . EMAIL_EXPIRATION_TIME,
$user_id, $code);
if (!($row = $query->next()))
{
throw new FatalExc(get_label('Your email has expired.'));
}
list ($obj, $obj_id, $flags, $auth_key) = $row;
if (!login($user_id))
{
throw new Exc('login failed');
}
if (isset($_REQUEST['unsub']))
{
throw new RedirectExc('unsubscribe.php');
}
switch ($obj)
{
case EMAIL_OBJ_EVENT:
if (isset($_REQUEST['decline']))
{
$query1 = new DbQuery('SELECT event_id FROM event_mailings WHERE id = ?', $obj_id);
if ($row1 = $query1->next())
{
throw new RedirectExc('event_info.php?decline&id=' . $row1[0]);
}
}
else if (isset($_REQUEST['accept']))
{
$query1 = new DbQuery('SELECT event_id FROM event_mailings WHERE id = ?', $obj_id);
if ($row1 = $query1->next())
{
throw new RedirectExc('event_info.php?attend&id=' . $row1[0]);
}
}
throw new RedirectExc('event_info.php?id=' . $obj_id);
case EMAIL_OBJ_TOURNAMENT:
throw new RedirectExc('tournament_info.php?id=' . $obj_id);
case EMAIL_OBJ_GAME:
throw new RedirectExc('view_game.php?id=' . $obj_id);
case EMAIL_OBJ_PHOTO:
if (isset($_REQUEST['pid']))
{
throw new RedirectExc('photo.php?id=' . $_REQUEST['pid']);
}
throw new RedirectExc('photo.php?id=' . $obj_id);
case EMAIL_OBJ_VIDEO:
if (isset($_REQUEST['pid']))
{
throw new RedirectExc('video.php?id=' . $_REQUEST['pid']);
}
throw new RedirectExc('video.php?id=' . $obj_id);
case EMAIL_OBJ_SIGN_IN:
if (isset($_REQUEST['email']))
{
$email = urldecode($_REQUEST['email']);
if ( $email != $_profile->user_email)
{
Db::begin();
Db::exec(get_label('user'), 'UPDATE users SET email = ? WHERE id = ?', $email, $_profile->user_id);
if (Db::affected_rows() > 0)
{
$log_details = new stdClass();
$log_details->email = $email;
db_log(LOG_OBJECT_USER, 'changed', $log_details, $_profile->user_id);
}
$_profile->user_email = $email;
Db::commit();
$this->message = '<p>' . get_label('Your email has been changed to [0]', $email) . '</p>';
}
}
if ($this->message == NULL)
{
throw new RedirectExc('index.php');
}
break;
// +-----------------------+
// | #SUGGEST_JOINING_CLUB |
// +-----------------------+
// case EMAIL_JOIN_CLUB:
// break;
default:
throw new FatalExc(get_label('Invalid request'));
}
}
protected function js_on_load()
{
if ($this->message != NULL)
{
echo 'dlg.info("' . $this->message . '", null, null, function() { window.location.replace("index.php"); });';
}
}
}
$page = new Page();
$page->run(get_label('Email request'));
?>