WebSVN – oidplus – Diff – /trunk/plugins/raPages/102_change_email/OIDplusPageRaChangeEMail.class.php



class OIDplusPageRaChangeEMail extends OIDplusPagePluginRa {
 
        public function action($actionID, $params) {
                if ($actionID == 'change_ra_email') {
                        if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()::isAdminLoggedIn()) {
                                throw new OIDplusException(_L('This functionality has been disabled by the administrator.'));
                        }
 
                        $old_email = $params['old_email'];
                        $new_email = $params['new_email'];
 
                        if (!OIDplus::authUtils()::isRaLoggedIn($old_email) && !OIDplus::authUtils()::isAdminLoggedIn()) {
                                throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA to update its email address.'));
                        }
 
                        if (!OIDplus::mailUtils()->validMailAddress($new_email)) {
                                throw new OIDplusException(_L('eMail address is invalid.'));
                        }
 
                        $res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email));
                        if ($res->num_rows() == 0) {
                                throw new OIDplusException(_L('eMail address does not exist anymore. It was probably already changed.'));
                        }
 
                        $res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email));
                        if ($res->num_rows() > 0) {
                                throw new OIDplusException(_L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.'));
                        }
 
                        if (OIDplus::authUtils()::isAdminLoggedIn()) {
                                OIDplus::logger()->log("[WARN]RA($old_email)!+[INFO]RA($new_email)!+[OK]A!", "Admin changed email address '$old_email' to '$new_email'");
 

                        }
                }
 
                else if ($actionID == 'activate_new_ra_email') {
                        if (!OIDplus::config()->getValue('allow_ra_email_change')) {
                                throw new OIDplusException(_L('This functionality has been disabled by the administrator.'));
                        }
 
                        $old_email = $params['old_email'];
                        $new_email = $params['new_email'];
                        $password = $params['password'];
 
                        $auth = $params['auth'];
                        $timestamp = $params['timestamp'];
 
                        if (!OIDplus::authUtils()::validateAuthKey('activate_new_ra_email;'.$old_email.';'.$new_email.';'.$timestamp, $auth)) {
                                throw new OIDplusException(_L('Invalid auth key'));
                        }
 
                        if ((OIDplus::config()->getValue('max_ra_email_change_time') > 0) && (time()-$timestamp > OIDplus::config()->maxEmailChangeTime())) {
                                throw new OIDplusException(_L('Activation link expired!'));
                        }
 
                        $res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email));
                        if ($res->num_rows() == 0) {
                                throw new OIDplusException(_L('eMail address does not exist anymore. It was probably already changed.'));
                        }
 
                        $res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email));
                        if ($res->num_rows() > 0) {
                                throw new OIDplusException(_L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.'));
                        }
 
                        $ra = new OIDplusRA($old_email);
                        if (!$ra->checkPassword($password)) {
                                throw new OIDplusException(_L('Wrong password'));
                        }
 
                        $ra->change_email($new_email);
 
                        OIDplus::db()->query("update ###objects set ra_email = ? where ra_email = ?", array($new_email, $old_email));

                        $message = str_replace('{{NEW_EMAIL}}', $new_email, $message);
                        OIDplus::mailUtils()->sendMail($old_email, OIDplus::config()->getValue('system_title').' - eMail address changed', $message);
 
                        return array("status" => 0);
                } else {
                        throw new OIDplusException(_L('Unknown action ID'));
                }
        }
 
        public function init($html=true) {
                OIDplus::config()->prepareConfigKey('max_ra_email_change_time', 'Max RA email change time in seconds (0 = infinite)', '0', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
                        if (!is_numeric($value) || ($value < 0)) {
                                throw new OIDplusException(_L('Please enter a valid value.'));
                        }
                });
                OIDplus::config()->prepareConfigKey('allow_ra_email_change', 'Allow that RAs change their email address (0/1)', '1', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
                        if (($value != '0') && ($value != '1')) {
                                throw new OIDplusException(_L('Please enter a valid value (0=no, 1=yes).'));
                        }
                });
        }
 
        public function gui($id, &$out, &$handled) {
                if (explode('$',$id)[0] == 'oidplus:change_ra_email') {
                        $handled = true;
 
                        $ra_email = explode('$',$id)[1];
 
                        $out['title'] = _L('Change RA email');
                        $out['icon'] = file_exists(__DIR__.'/icon_big.png') ? OIDplus::webpath(__DIR__).'icon_big.png' : '';
 
                        if (!OIDplus::authUtils()::isRaLoggedIn($ra_email) && !OIDplus::authUtils()::isAdminLoggedIn()) {
                                $out['icon'] = 'img/error_big.png';
                                $out['text'] = '<p>'._L('You need to <a %1>log in</a> as the requested RA %2 or as admin.',OIDplus::gui()->link('oidplus:login'),'<b>'.htmlentities($ra_email).'</b>').'</p>';
                                return;
                        }
 
                        $res = OIDplus::db()->query("select * from ###ra where email = ?", array($ra_email));
                        if ($res->num_rows() == 0) {
                                $out['icon'] = 'img/error_big.png';
                                $out['text'] = _L('RA "%1" does not exist','<b>'.htmlentities($ra_email).'</b>');
                                return;
                        }
 
                        if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()::isAdminLoggedIn()) {
                                $out['icon'] = 'img/error_big.png';
                                $out['text'] = '<p>'._L('This functionality has been disabled by the administrator.').'</p>';
                                return;
                        }
 
                        if (OIDplus::authUtils()::isAdminLoggedIn()) {
                                $out['text'] .= '<form id="changeRaEmailForm" onsubmit="return changeRaEmailFormOnSubmit(true);">';
                                $out['text'] .= '<input type="hidden" id="old_email" value="'.htmlentities($ra_email).'"/><br>';
                                $out['text'] .= '<div><label class="padding_label">'._L('Old address').':</label><b>'.htmlentities($ra_email).'</b></div>';
                                $out['text'] .= '<div><label class="padding_label">'._L('New address').':</label><input type="text" id="new_email" value=""/></div>';
                                $out['text'] .= '<br><input type="submit" value="'._L('Change password').'"> '._L('(admin does not require email verification)').'</form>';
                        } else {
                                $out['text'] .= '<form id="changeRaEmailForm" onsubmit="return changeRaEmailFormOnSubmit(false);">';
                                $out['text'] .= '<input type="hidden" id="old_email" value="'.htmlentities($ra_email).'"/><br>';
                                $out['text'] .= '<div><label class="padding_label">'._L('Old address').':</label><b>'.htmlentities($ra_email).'</b></div>';
                                $out['text'] .= '<div><label class="padding_label">'._L('New address').':</label><input type="text" id="new_email" value=""/></div>';
                                $out['text'] .= '<br><input type="submit" value="'._L('Send new activation email').'"></form>';
                        }
                } else if (explode('$',$id)[0] == 'oidplus:activate_new_ra_email') {
                        $handled = true;
 
                        $old_email = explode('$',$id)[1];

                        $timestamp = explode('$',$id)[3];
                        $auth = explode('$',$id)[4];
 
                        if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()::isAdminLoggedIn()) {
                                $out['icon'] = 'img/error_big.png';
                                $out['text'] = '<p>'._L('This functionality has been disabled by the administrator.').'</p>';
                                return;
                        }
 
                        $out['title'] = _L('Perform email address change');
                        $out['icon'] = file_exists(__DIR__.'/icon_big.png') ? OIDplus::webpath(__DIR__).'icon_big.png' : '';
 
                        $res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email));
                        if ($res->num_rows() == 0) {
                                $out['icon'] = 'img/error_big.png';
                                $out['text'] = _L('eMail address does not exist anymore. It was probably already changed.');
                        } else {
                                $res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email));
                                if ($res->num_rows() > 0) {
                                        $out['icon'] = 'img/error_big.png';
                                        $out['text'] = _L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.');
                                } else {
                                        if (!OIDplus::authUtils()::validateAuthKey('activate_new_ra_email;'.$old_email.';'.$new_email.';'.$timestamp, $auth)) {
                                                $out['icon'] = 'img/error_big.png';
                                                $out['text'] = _L('Invalid authorization. Is the URL OK?');
                                        } else {
                                                $out['text'] = '<p>'._L('Old eMail-Address').': <b>'.$old_email.'</b></p>
                                                <p>'._L('New eMail-Address').': <b>'.$new_email.'</b></p>
 
                                                 <form id="activateNewRaEmailForm" onsubmit="return activateNewRaEmailFormOnSubmit();">
                                            <input type="hidden" id="old_email" value="'.htmlentities($old_email).'"/>
                                            <input type="hidden" id="new_email" value="'.htmlentities($new_email).'"/>
                                            <input type="hidden" id="timestamp" value="'.htmlentities($timestamp).'"/>
                                            <input type="hidden" id="auth" value="'.htmlentities($auth).'"/>
 
                                            <div><label class="padding_label">'._L('Please verify your password').':</label><input type="password" id="password" value=""/></div>
                                            <br><input type="submit" value="'._L('Change email address').'">
                                          </form>';
                                        }
                                }
                        }
                }

                }
 
                $json[] = array(
                        'id' => 'oidplus:change_ra_email$'.$ra_email,
                        'icon' => $tree_icon,
                        'text' => _L('Change email address')
                );
 
                return true;
        }
 

Subversion Repositories oidplus

oidplus/trunk/plugins/raPages/102_change_email/OIDplusPageRaChangeEMail.class.php – Rev 328 → 360

Rev 328		Rev 360
Line 20...		Line 20...
20	class OIDplusPageRaChangeEMail extends OIDplusPagePluginRa {	20	class OIDplusPageRaChangeEMail extends OIDplusPagePluginRa {
21		21
22	public function action($actionID, $params) {	22	public function action($actionID, $params) {
23	if ($actionID == 'change_ra_email') {	23	if ($actionID == 'change_ra_email') {
24	if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()::isAdminLoggedIn()) {	24	if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()::isAdminLoggedIn()) {
25	throw new OIDplusException('This functionality has been disabled by the administrator.');	25	throw new OIDplusException(_L('This functionality has been disabled by the administrator.'));
26	}	26	}
27		27
28	$old_email = $params['old_email'];	28	$old_email = $params['old_email'];
29	$new_email = $params['new_email'];	29	$new_email = $params['new_email'];
30		30
31	if (!OIDplus::authUtils()::isRaLoggedIn($old_email) && !OIDplus::authUtils()::isAdminLoggedIn()) {	31	if (!OIDplus::authUtils()::isRaLoggedIn($old_email) && !OIDplus::authUtils()::isAdminLoggedIn()) {
32	throw new OIDplusException('Authentication error. Please log in as the RA to update its email address.');	32	throw new OIDplusException(_L('Authentication error. Please log in as admin, or as the RA to update its email address.'));
33	}	33	}
34		34
35	if (!OIDplus::mailUtils()->validMailAddress($new_email)) {	35	if (!OIDplus::mailUtils()->validMailAddress($new_email)) {
36	throw new OIDplusException('eMail address is invalid.');	36	throw new OIDplusException(_L('eMail address is invalid.'));
37	}	37	}
38		38
39	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email));	39	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email));
40	if ($res->num_rows() == 0) {	40	if ($res->num_rows() == 0) {
41	throw new OIDplusException('eMail address does not exist anymore. It was probably already changed.');	41	throw new OIDplusException(_L('eMail address does not exist anymore. It was probably already changed.'));
42	}	42	}
43		43
44	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email));	44	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email));
45	if ($res->num_rows() > 0) {	45	if ($res->num_rows() > 0) {
46	throw new OIDplusException('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.');	46	throw new OIDplusException(_L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.'));
47	}	47	}
48		48
49	if (OIDplus::authUtils()::isAdminLoggedIn()) {	49	if (OIDplus::authUtils()::isAdminLoggedIn()) {
50	OIDplus::logger()->log("[WARN]RA($old_email)!+[INFO]RA($new_email)!+[OK]A!", "Admin changed email address '$old_email' to '$new_email'");	50	OIDplus::logger()->log("[WARN]RA($old_email)!+[INFO]RA($new_email)!+[OK]A!", "Admin changed email address '$old_email' to '$new_email'");
51		51
Line 81...		Line 81...
81	}	81	}
82	}	82	}
83		83
84	else if ($actionID == 'activate_new_ra_email') {	84	else if ($actionID == 'activate_new_ra_email') {
85	if (!OIDplus::config()->getValue('allow_ra_email_change')) {	85	if (!OIDplus::config()->getValue('allow_ra_email_change')) {
86	throw new OIDplusException('This functionality has been disabled by the administrator.');	86	throw new OIDplusException(_L('This functionality has been disabled by the administrator.'));
87	}	87	}
88		88
89	$old_email = $params['old_email'];	89	$old_email = $params['old_email'];
90	$new_email = $params['new_email'];	90	$new_email = $params['new_email'];
91	$password = $params['password'];	91	$password = $params['password'];
92		92
93	$auth = $params['auth'];	93	$auth = $params['auth'];
94	$timestamp = $params['timestamp'];	94	$timestamp = $params['timestamp'];
95		95
96	if (!OIDplus::authUtils()::validateAuthKey('activate_new_ra_email;'.$old_email.';'.$new_email.';'.$timestamp, $auth)) {	96	if (!OIDplus::authUtils()::validateAuthKey('activate_new_ra_email;'.$old_email.';'.$new_email.';'.$timestamp, $auth)) {
97	throw new OIDplusException('Invalid auth key');	97	throw new OIDplusException(_L('Invalid auth key'));
98	}	98	}
99		99
100	if ((OIDplus::config()->getValue('max_ra_email_change_time') > 0) && (time()-$timestamp > OIDplus::config()->maxEmailChangeTime())) {	100	if ((OIDplus::config()->getValue('max_ra_email_change_time') > 0) && (time()-$timestamp > OIDplus::config()->maxEmailChangeTime())) {
101	throw new OIDplusException('Activation link expired!');	101	throw new OIDplusException(_L('Activation link expired!'));
102	}	102	}
103		103
104	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email));	104	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email));
105	if ($res->num_rows() == 0) {	105	if ($res->num_rows() == 0) {
106	throw new OIDplusException('eMail address does not exist anymore. It was probably already changed.');	106	throw new OIDplusException(_L('eMail address does not exist anymore. It was probably already changed.'));
107	}	107	}
108		108
109	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email));	109	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email));
110	if ($res->num_rows() > 0) {	110	if ($res->num_rows() > 0) {
111	throw new OIDplusException('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.');	111	throw new OIDplusException(_L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.'));
112	}	112	}
113		113
114	$ra = new OIDplusRA($old_email);	114	$ra = new OIDplusRA($old_email);
115	if (!$ra->checkPassword($password)) {	115	if (!$ra->checkPassword($password)) {
116	throw new OIDplusException('Wrong password');	116	throw new OIDplusException(_L('Wrong password'));
117	}	117	}
118		118
119	$ra->change_email($new_email);	119	$ra->change_email($new_email);
120		120
121	OIDplus::db()->query("update ###objects set ra_email = ? where ra_email = ?", array($new_email, $old_email));	121	OIDplus::db()->query("update ###objects set ra_email = ? where ra_email = ?", array($new_email, $old_email));
Line 133...		Line 133...
133	$message = str_replace('{{NEW_EMAIL}}', $new_email, $message);	133	$message = str_replace('{{NEW_EMAIL}}', $new_email, $message);
134	OIDplus::mailUtils()->sendMail($old_email, OIDplus::config()->getValue('system_title').' - eMail address changed', $message);	134	OIDplus::mailUtils()->sendMail($old_email, OIDplus::config()->getValue('system_title').' - eMail address changed', $message);
135		135
136	return array("status" => 0);	136	return array("status" => 0);
137	} else {	137	} else {
138	throw new OIDplusException("Unknown action ID");	138	throw new OIDplusException(_L('Unknown action ID'));
139	}	139	}
140	}	140	}
141		141
142	public function init($html=true) {	142	public function init($html=true) {
143	OIDplus::config()->prepareConfigKey('max_ra_email_change_time', 'Max RA email change time in seconds (0 = infinite)', '0', OIDplusConfig::PROTECTION_EDITABLE, function($value) {	143	OIDplus::config()->prepareConfigKey('max_ra_email_change_time', 'Max RA email change time in seconds (0 = infinite)', '0', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
144	if (!is_numeric($value) \|\| ($value < 0)) {	144	if (!is_numeric($value) \|\| ($value < 0)) {
145	throw new OIDplusException("Please enter a valid value.");	145	throw new OIDplusException(_L('Please enter a valid value.'));
146	}	146	}
147	});	147	});
148	OIDplus::config()->prepareConfigKey('allow_ra_email_change', 'Allow that RAs change their email address (0/1)', '1', OIDplusConfig::PROTECTION_EDITABLE, function($value) {	148	OIDplus::config()->prepareConfigKey('allow_ra_email_change', 'Allow that RAs change their email address (0/1)', '1', OIDplusConfig::PROTECTION_EDITABLE, function($value) {
149	if (($value != '0') && ($value != '1')) {	149	if (($value != '0') && ($value != '1')) {
150	throw new OIDplusException("Please enter either 0 or 1.");	150	throw new OIDplusException(_L('Please enter a valid value (0=no, 1=yes).'));
151	}	151	}
152	});	152	});
153	}	153	}
154		154
155	public function gui($id, &$out, &$handled) {	155	public function gui($id, &$out, &$handled) {
156	if (explode('$',$id)[0] == 'oidplus:change_ra_email') {	156	if (explode('$',$id)[0] == 'oidplus:change_ra_email') {
157	$handled = true;	157	$handled = true;
158		158
159	$ra_email = explode('$',$id)[1];	159	$ra_email = explode('$',$id)[1];
160		160
161	$out['title'] = 'Change RA email';	161	$out['title'] = _L('Change RA email');
162	$out['icon'] = file_exists(__DIR__.'/icon_big.png') ? OIDplus::webpath(__DIR__).'icon_big.png' : '';	162	$out['icon'] = file_exists(__DIR__.'/icon_big.png') ? OIDplus::webpath(__DIR__).'icon_big.png' : '';
163		163
164	if (!OIDplus::authUtils()::isRaLoggedIn($ra_email) && !OIDplus::authUtils()::isAdminLoggedIn()) {	164	if (!OIDplus::authUtils()::isRaLoggedIn($ra_email) && !OIDplus::authUtils()::isAdminLoggedIn()) {
165	$out['icon'] = 'img/error_big.png';	165	$out['icon'] = 'img/error_big.png';
166	$out['text'] = '<p>You need to <a '.OIDplus::gui()->link('oidplus:login').'>log in</a> as the requested RA <b>'.htmlentities($ra_email).'</b> or as admin.</p>';	166	$out['text'] = '<p>'._L('You need to <a %1>log in</a> as the requested RA %2 or as admin.',OIDplus::gui()->link('oidplus:login'),'<b>'.htmlentities($ra_email).'</b>').'</p>';
167	return;	167	return;
168	}	168	}
169		169
170	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($ra_email));	170	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($ra_email));
171	if ($res->num_rows() == 0) {	171	if ($res->num_rows() == 0) {
172	$out['icon'] = 'img/error_big.png';	172	$out['icon'] = 'img/error_big.png';
173	$out['text'] = 'RA <b>'.htmlentities($ra_email).'</b> does not exist';	173	$out['text'] = _L('RA "%1" does not exist','<b>'.htmlentities($ra_email).'</b>');
174	return;	174	return;
175	}	175	}
176		176
177	if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()::isAdminLoggedIn()) {	177	if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()::isAdminLoggedIn()) {
178	$out['icon'] = 'img/error_big.png';	178	$out['icon'] = 'img/error_big.png';
179	$out['text'] = '<p>This functionality has been disabled by the administrator.</p>';	179	$out['text'] = '<p>'._L('This functionality has been disabled by the administrator.').'</p>';
180	return;	180	return;
181	}	181	}
182		182
183	if (OIDplus::authUtils()::isAdminLoggedIn()) {	183	if (OIDplus::authUtils()::isAdminLoggedIn()) {
184	$out['text'] .= '<form id="changeRaEmailForm" onsubmit="return changeRaEmailFormOnSubmit(true);">';	184	$out['text'] .= '<form id="changeRaEmailForm" onsubmit="return changeRaEmailFormOnSubmit(true);">';
185	$out['text'] .= '<input type="hidden" id="old_email" value="'.htmlentities($ra_email).'"/><br>';	185	$out['text'] .= '<input type="hidden" id="old_email" value="'.htmlentities($ra_email).'"/><br>';
186	$out['text'] .= '<div><label class="padding_label">Old address:</label><b>'.htmlentities($ra_email).'</b></div>';	186	$out['text'] .= '<div><label class="padding_label">'._L('Old address').':</label><b>'.htmlentities($ra_email).'</b></div>';
187	$out['text'] .= '<div><label class="padding_label">New address:</label><input type="text" id="new_email" value=""/></div>';	187	$out['text'] .= '<div><label class="padding_label">'._L('New address').':</label><input type="text" id="new_email" value=""/></div>';
188	$out['text'] .= '<br><input type="submit" value="Change password"> (admin does not require email verification)</form>';	188	$out['text'] .= '<br><input type="submit" value="'._L('Change password').'"> '._L('(admin does not require email verification)').'</form>';
189	} else {	189	} else {
190	$out['text'] .= '<form id="changeRaEmailForm" onsubmit="return changeRaEmailFormOnSubmit(false);">';	190	$out['text'] .= '<form id="changeRaEmailForm" onsubmit="return changeRaEmailFormOnSubmit(false);">';
191	$out['text'] .= '<input type="hidden" id="old_email" value="'.htmlentities($ra_email).'"/><br>';	191	$out['text'] .= '<input type="hidden" id="old_email" value="'.htmlentities($ra_email).'"/><br>';
192	$out['text'] .= '<div><label class="padding_label">Old address:</label><b>'.htmlentities($ra_email).'</b></div>';	192	$out['text'] .= '<div><label class="padding_label">'._L('Old address').':</label><b>'.htmlentities($ra_email).'</b></div>';
193	$out['text'] .= '<div><label class="padding_label">New address:</label><input type="text" id="new_email" value=""/></div>';	193	$out['text'] .= '<div><label class="padding_label">'._L('New address').':</label><input type="text" id="new_email" value=""/></div>';
194	$out['text'] .= '<br><input type="submit" value="Send new activation email"></form>';	194	$out['text'] .= '<br><input type="submit" value="'._L('Send new activation email').'"></form>';
195	}	195	}
196	} else if (explode('$',$id)[0] == 'oidplus:activate_new_ra_email') {	196	} else if (explode('$',$id)[0] == 'oidplus:activate_new_ra_email') {
197	$handled = true;	197	$handled = true;
198		198
199	$old_email = explode('$',$id)[1];	199	$old_email = explode('$',$id)[1];
Line 201...		Line 201...
201	$timestamp = explode('$',$id)[3];	201	$timestamp = explode('$',$id)[3];
202	$auth = explode('$',$id)[4];	202	$auth = explode('$',$id)[4];
203		203
204	if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()::isAdminLoggedIn()) {	204	if (!OIDplus::config()->getValue('allow_ra_email_change') && !OIDplus::authUtils()::isAdminLoggedIn()) {
205	$out['icon'] = 'img/error_big.png';	205	$out['icon'] = 'img/error_big.png';
206	$out['text'] = '<p>This functionality has been disabled by the administrator.</p>';	206	$out['text'] = '<p>'._L('This functionality has been disabled by the administrator.').'</p>';
207	return;	207	return;
208	}	208	}
209		209
210	$out['title'] = 'Perform email address change';	210	$out['title'] = _L('Perform email address change');
211	$out['icon'] = file_exists(__DIR__.'/icon_big.png') ? OIDplus::webpath(__DIR__).'icon_big.png' : '';	211	$out['icon'] = file_exists(__DIR__.'/icon_big.png') ? OIDplus::webpath(__DIR__).'icon_big.png' : '';
212		212
213	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email));	213	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($old_email));
214	if ($res->num_rows() == 0) {	214	if ($res->num_rows() == 0) {
215	$out['icon'] = 'img/error_big.png';	215	$out['icon'] = 'img/error_big.png';
216	$out['text'] = 'eMail address does not exist anymore. It was probably already changed.';	216	$out['text'] = _L('eMail address does not exist anymore. It was probably already changed.');
217	} else {	217	} else {
218	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email));	218	$res = OIDplus::db()->query("select * from ###ra where email = ?", array($new_email));
219	if ($res->num_rows() > 0) {	219	if ($res->num_rows() > 0) {
220	$out['icon'] = 'img/error_big.png';	220	$out['icon'] = 'img/error_big.png';
221	$out['text'] = 'eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.';	221	$out['text'] = _L('eMail address is already used by another RA. To merge accounts, please contact the superior RA of your objects and request an owner change of your objects.');
222	} else {	222	} else {
223	if (!OIDplus::authUtils()::validateAuthKey('activate_new_ra_email;'.$old_email.';'.$new_email.';'.$timestamp, $auth)) {	223	if (!OIDplus::authUtils()::validateAuthKey('activate_new_ra_email;'.$old_email.';'.$new_email.';'.$timestamp, $auth)) {
224	$out['icon'] = 'img/error_big.png';	224	$out['icon'] = 'img/error_big.png';
225	$out['text'] = 'Invalid authorization. Is the URL OK?';	225	$out['text'] = _L('Invalid authorization. Is the URL OK?');
226	} else {	226	} else {
227	$out['text'] = '<p>Old eMail-Address: <b>'.$old_email.'</b></p>	227	$out['text'] = '<p>'._L('Old eMail-Address').': <b>'.$old_email.'</b></p>
228	<p>New eMail-Address: <b>'.$new_email.'</b></p>	228	<p>'._L('New eMail-Address').': <b>'.$new_email.'</b></p>
229		229
230	<form id="activateNewRaEmailForm" onsubmit="return activateNewRaEmailFormOnSubmit();">	230	<form id="activateNewRaEmailForm" onsubmit="return activateNewRaEmailFormOnSubmit();">
231	<input type="hidden" id="old_email" value="'.htmlentities($old_email).'"/>	231	<input type="hidden" id="old_email" value="'.htmlentities($old_email).'"/>
232	<input type="hidden" id="new_email" value="'.htmlentities($new_email).'"/>	232	<input type="hidden" id="new_email" value="'.htmlentities($new_email).'"/>
233	<input type="hidden" id="timestamp" value="'.htmlentities($timestamp).'"/>	233	<input type="hidden" id="timestamp" value="'.htmlentities($timestamp).'"/>
234	<input type="hidden" id="auth" value="'.htmlentities($auth).'"/>	234	<input type="hidden" id="auth" value="'.htmlentities($auth).'"/>
235		235
236	<div><label class="padding_label">Please verify your password:</label><input type="password" id="password" value=""/></div>	236	<div><label class="padding_label">'._L('Please verify your password').':</label><input type="password" id="password" value=""/></div>
237	<br><input type="submit" value="Change email address">	237	<br><input type="submit" value="'._L('Change email address').'">
238	</form>';	238	</form>';
239	}	239	}
240	}	240	}
241	}	241	}
242	}	242	}
Line 253...		Line 253...
253	}	253	}
254		254
255	$json[] = array(	255	$json[] = array(
256	'id' => 'oidplus:change_ra_email$'.$ra_email,	256	'id' => 'oidplus:change_ra_email$'.$ra_email,
257	'icon' => $tree_icon,	257	'icon' => $tree_icon,
258	'text' => 'Change email address'	258	'text' => _L('Change email address')
259	);	259	);
260		260
261	return true;	261	return true;
262	}	262	}
263		263