Файл: adultscript-2.0.3-pro/files/modules/user/components/account.php
Строк: 60
<?php
defined('_VALID') or die('Restricted Access!');
class VComponent_user_account extends VModule_user
{
public function __construct()
{
parent::__construct();
}
public function render()
{
VAuth::check('Registered');
$user_id = (int) $_SESSION['user_id'];
$locked = $this->is_locked($user_id);
$errors = array();
$messages = array();
if ($locked) {
$errors[] = __('account-locked');
}
if (isset($_POST['update-user-account-settings']) && !$locked) {
$filter = VF::factory('filter');
$username = $filter->get('username');
$email = $filter->get('email');
$password = trim($_POST['password']);
$password_c = trim($_POST['password_c']);
if (VCfg::get('user.account_pwd_check')) {
$password_o = trim($_POST['password_o']);
}
if ($username == '') {
$errors[] = __('username-empty');
} elseif (!VValid::length($username, 1, 16)) {
$errors[] = __('username-length', array(VCfg::get('user.username_max_length')));
} elseif (!VValid::aldash($username)) {
$errors[] = __('username-invalid');;
} else {
if (VCfg::get('user.account_username_change')) {
$this->db->query("SELECT user_id
FROM #__user
WHERE username = '".$this->db->escape($username)."'
AND user_id != ".$user_id."
LIMIT 1");
if ($this->db->affected_rows()) {
$errors[] = __('username-used');
}
} elseif ($username != $_SESSION['username']) {
$errors[] = __('username-changed');
}
}
if ($email == '') {
$errors[] = __('email-empty');
} elseif (!VValid::email($email)) {
$errors[] = __('email-invalid');
} else {
$this->db->query("SELECT user_id FROM #__user WHERE email = '".$this->db->escape($email)."' AND user_id != ".$user_id." LIMIT 1");
if ($this->db->affected_rows()) {
$errors[] = __('email-used');
}
}
if ($password != '') {
if ($password != $password_c) {
$errors[] = __('password-mismatch');
}
}
if (!$errors) {
if (VCfg::get('user.account_pwd_check')) {
$this->db->query("SELECT password
FROM #__user
WHERE user_id = ".$user_id."
LIMIT 1");
if ($this->db->affected_rows()) {
$password_c = $this->db->fetch_field('password');
if (!VHash::check($password_o, $password_c)) {
$errors[] = __('password-incorrect');
}
}
}
if (!$errors) {
$sql_add = '';
if ($password != '') {
$sql_add = ", password = '".VHash::encrypt($password)."'";
}
$this->db->query("UPDATE #__user
SET username = '".$this->db->escape($username)."',
email = '".$this->db->escape($email)."'".$sql_add."
WHERE user_id = ".$user_id."
LIMIT 1");
$messages[] = __('account-success');
}
}
}
$this->tpl->menu = 'home';
$this->tpl->submenu = 'user-account';
$this->tpl->colmenu = 'account';
$this->tpl->title = __('account-title');
$this->tpl->meta_title = __('account-meta-title');
$this->tpl->user_id = $user_id;
$this->tpl->errors = $errors;
$this->tpl->messages = $messages;
$this->tpl->load(array('header', 'user_account', 'footer'));
$this->tpl->display();
}
private function is_locked($user_id)
{
$this->db->query("SELECT locked FROM #__user WHERE user_id = ".$user_id." LIMIT 1");
if ($this->db->affected_rows()) {
return (bool) $this->db->fetch_field('locked');
}
VModule::load('error', TRUE);
}
}