Startsida Utforska Hjälp
Logga in
epsylon
/
Elgg-Lorea-Hydra
Bevaka 1
Stjärnmärk 0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0
Träd: e48014c2e0
Grenar Taggar
Elgg-Lorea-H...
/
mod
/
security_tools
/
procedures
/
email_change_confirmation.php

email_change_confirmation.php 1.6 KB
Historik

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * This procedure handles the confirmation url when requesting an email change
    4. 

  4.  *
    5. 

  5.  * Expected input is:
    6. 

  6.  * u: for the user_guid
    7. 

  7.  * c: for the validation code
    8. 

  8.  */
    9. 

  9. 

  10. $user_guid = (int) get_input("u");
    11. 

  11. $validation_code = get_input("c");
    12. 

  12. 

  13. $forward_url = "";
    14. 

  14. 

  15. if (empty($user_guid) || empty($validation_code)) {
    16. 

  16. 	register_error(elgg_echo("error:missing_data"));
    17. 

  17. 	forward();
    18. 

  18. }
    19. 

  19. 

  20. $user = elgg_get_logged_in_user_entity();
    21. 

  21. 

  22. if (($user_guid != $user->getGUID()) || !$user->canEdit()) {
    23. 

  23. 	register_error(elgg_echo("security_tools:email_change_confirmation:error:user"));
    24. 

  24. 	forward();
    25. 

  25. }
    26. 

  26. 

  27. $new_email = $user->getAnnotations("email_change_confirmation");
    28. 

  28. if (empty($new_email)) {
    29. 

  29. 	register_error(elgg_echo("security_tools:email_change_confirmation:error:request"));
    30. 

  30. 	forward();
    31. 

  31. }
    32. 

  32. 

  33. $new_email = $new_email[0]->value;
    34. 

  34. $valid_code = security_tools_generate_email_code($user, $new_email);
    35. 

  35. if ($validation_code !== $valid_code) {
    36. 

  36. 	register_error(elgg_echo("security_tools:email_change_confirmation:error:code"));
    37. 

  37. 	forward();
    38. 

  38. }
    39. 

  39. $site = elgg_get_site_entity();
    40. 

  40. 

  41. // send confirmation to old email that change occured
    42. 

  42. $subject = elgg_echo("security_tools:notify_user:email_change:subject", array($site->name));
    43. 

  43. $message = elgg_echo("security_tools:notify_user:email_change:message", array(
    44. 

  44. 	$user->name,
    45. 

  45. 	$site->name,
    46. 

  46. ));
    47. 

  47. notify_user($user->getGUID(), $site->getGUID(), $subject, $message, null, "email");
    48. 

  48. 

  49. $user->email = $new_email;
    50. 

  50. if ($user->save()) {
    51. 

  51. 	$user->deleteAnnotations("email_change_confirmation");
    52. 

  52. 	
    53. 

  53. 	$forward_url = $user->getURL();
    54. 

  54. 	
    55. 

  55. 	system_message(elgg_echo("email:save:success"));
    56. 

  56. } else {
    57. 

  57. 	register_error(elgg_echo("email:save:fail"));
    58. 

  58. }
    59. 

  59. 

  60. forward($forward_url);
    61. 

  61.