Location: PHPKode > projects > Esvon Personals > esvon-personals/inc/pages/email_change.php
<?php

// --------------------------------------------------------------------------
//
// Esvon Classifieds v.4.0
// Copyright(C), Esvon LTD, 2001-2010, All Rights Reserved.
// E-mail: hide@address.com
//
// All forms of reproduction, including, but not limited to, internet posting, 
// printing, e-mailing, faxing and recording are strictly prohibited.
// One license required per site running Esvon Classifieds. 
// To obtain a license for using Esvon Classifieds, please register at
// http://www.esvon.com/pg/products/p_classifieds/
//
// --------------------------------------------------------------------------

if(!defined('SITE_PATH')) die('Access Denied');

$err_msg = '';
if($_GET['code']) finishEmailChange($_GET['code']);

CheckLoggedIn();

if($_POST['email1']){
  startEmailChange(); 
  if(!$err_msg) return;
}

showEmailPage();


// functions

function showEmailPage(){
global $db,$err_msg;
  $z = compact('err_msg');
  $ses_uid = (int)hwSessionGetVar('userid');
  $z['email'] = $db->one_data('SELECT email FROM '.TBL_USER.' WHERE id='.$ses_uid);
  $z['email1'] = html_esc($_POST['email1']);
  $z['email2'] = html_esc($_POST['email2']);
  EvalAdvTpl(TPL_PATH.'user_email_change.htm',$z,1);
}

function startEmailChange(){
global $err_msg,$ses_uid;

  $email = html_esc($_POST['email1']);
  if(!isEmail($email) || $email!=$_POST['email2']) return;
  
  // email change
  
  $err_msg = hwIsDBUniqueTaken(TBL_USER,'email',$email,'',hwLng('email'));
  if($err_msg) return;
  
  $tpl_v = compact('email');
  $tpl_v['ADMIN_EMAIL'] = ADMIN_EMAIL;
  EvalAdvTpl(TPL_PATH.'user_email_change_ok.htm', $tpl_v, 1);

  global $db;
  $db_email = $db->esc($email);

  $code = $db->one_data('SELECT code FROM '.TBL_REG_CONFIRM.' WHERE email='.$db_email);

  if(!$code || !strpos($code,'_')){
    $code = hwSessionGetVar('userid').'_'.substr(md5(mt_rand().HW_TIME),0,6);
    $db->query('REPLACE INTO '.TBL_REG_CONFIRM." (email,code,regdate) VALUES ($db_email,'$code',".SQL_NOW.')');
  }

  $tpl_v['confirm_url'] = SITE_URL.'index.php?page=email_change&code='.urlencode($code);
  
  $em_body = EvalAdvTpl(TPL_PATH.'user_email_change.mail',$tpl_v);
  //echo $em_body; exit;
  hwSendMail($email,ADMIN_EMAIL,'',$em_body);

}

function finishEmailChange($code){
global $db,$err_msg;

  if(!strpos($code,'_')) return;
  $email_new = $db->one_data('SELECT email FROM '.TBL_REG_CONFIRM.' WHERE code='.$db->esc($code));
  $db->query('DELETE FROM '.TBL_REG_CONFIRM.' WHERE code='.$db->esc($code));

  if(!$email_new || !isEmail($email_new)) return;

  $err_msg = hwIsDBUniqueTaken(TBL_USER,'email',$email_new,'',hwLng('email'));
  if($err_msg) return;

  list($uid) = explode('_',$code);
  // validate 
  $uid = $db->one_data('SELECT id FROM '.TBL_USER.' WHERE id='.(int)$uid);
  if(!$uid) return;
  $db->query('UPDATE '.TBL_USER.' SET email='.$db->esc($email_new).' WHERE id='.$uid);

  if(!IsUser(0)){

    $col = EN_LOGIN_EM ? 'email' : 'username';
    list($login,$pwd) = $db->one_row("SELECT $col,pwd FROM ".TBL_USER." WHERE id=$uid");

    include_once SITE_PATH.'inc/auth.inc.php';
    $auth_ok = UserAuthenticate( $login, $pwd );
    if(!$auth_ok) die('Authorization Failed');

  }
  else {
    hwSessionSetVar('email', $email_new);
  }
  JSRedirect('index.php?page=reg');
  exit;
  
}

?>
Return current item: Esvon Personals