-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsettings.php
113 lines (92 loc) · 2.72 KB
/
settings.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
<?php
session_start();
include 'database/connect.php';
include 'functions.php';
include 'langCheck.php';
protect();
$query = $con->prepare( "SELECT user_id FROM users WHERE username = ?" );
$query->bind_param( "s", $_SESSION['user']);
$query->execute();
$query->bind_result( $user_id);
$query->fetch();
$query->close();
if( !empty( $_POST['set'] ) ) {
$set = $_POST['set'];
if( $set === '1' ) { // page 1 - main
$lineNums = $_POST['line-nums'];
$font = $_POST['font'];
$size = $_POST['size'];
$query = $con->prepare( "UPDATE users SET line_nums = ?, font = ?, size = ? WHERE user_id = ?" );
$query->bind_param( "ssss", $lineNums, $font, $size, $user_id);
$query->execute();
$query->close();
echo 'ok';
exit();
} else if( $set === '2' ) { // page 2 - change email
$mail = $_POST['new-mail'];
$repMail = $_POST['rep-mail'];
if( empty( $mail ) ) {
echo $lang['emailEmpty'];
exit();
}
if( !filter_var( $mail, FILTER_VALIDATE_EMAIL ) ) {
echo $lang['emailInvalid'];
exit();
}
if( $mail !== $repMail ) {
echo $lang['emailNotMatch'];
exit();
}
$code = uniqid();
/* TODO: add text to lang.php */
$to = $mail;
$subject = "Confirm your email"; //email subject
$headers = "From: $yourEmail";
$body = "Hello\n\n
You requested a change of your email address. To complete this process\n
please click on following link or paste it in your browser:\n\n
$pageRoot/validate.php?user=$user_id&code=$code&mail=$mail\n\n
Thank you!";
if( !mail( $to, $subject, $body, $headers ) ) {
echo $lang['mailError'];
exit();
}
$query = $con->prepare( "UPDATE users SET code = ? WHERE user_id = ?" );
$query->bind_param( "ss", $code, $user_id);
$query->execute();
$query->close();
echo 'ok';
exit();
} else if( $set === '3' ) { // page 3 - change password
$oldPass = $_POST['old-pass'];
$newPass = $_POST['new-pass'];
$repPass = $_POST['rep-pass'];
if( empty( $oldPass ) || empty( $newPass ) || empty( $repPass ) ) {
echo $lang['fillAllFields'];
exit();
}
$pass = encrypt( $oldPass );
$query = $con->prepare( "SELECT * FROM users WHERE user_id = ? AND password = ?" );
$query->bind_param( "ss", $user_id, $pass );
$query->execute();
$query->store_result();
$num = $query->num_rows;
$query->close();
if( $num === 0) {
echo $lang['passwordInvalid'];
exit();
}
if( $newPass !== $repPass ) {
echo $lang['passwordsNotMatch'];
exit();
}
$pass = encrypt( $newPass );
$query = $con->prepare( "UPDATE users SET password = ? WHERE user_id = ?" );
$query->bind_param( "ss", $pass, $user_id );
$query->execute();
$query->close();
echo 'ok';
exit();
}
}
?>