* @copyright Curverider Ltd 2008-2009 * @link http://elgg.com/ * * @uses the following values in $vars: * * 'userid' the user's GUID * 'new_email' the user's new email * 'new_name' the user's new full name * 'email_confirmation' whether the email address needs to be confirmed */ $emailLabel = elgg_echo('openid_client:email_label'); $nameLabel = elgg_echo('openid_client:name_label'); $submitLabel = elgg_echo('openid_client:submit_label'); $cancelLabel = elgg_echo('openid_client:cancel_label'); $noSyncLabel = elgg_echo('openid_client:nosync_label'); $instructions = elgg_echo('openid_client:sync_instructions'); $new_email = $vars['new_email']; $new_name = $vars['new_name']; $email_confirmation = $vars['email_confirmation']; $user = get_user($vars['userid']); $old_email = $user->email; $old_name = $user->name; $openid_url = $user->alias; if ($new_email && $new_email != $old_email) { $change_fields .= '

' ." $emailLabel

$old_email => $new_email

\n"; if (!$email_confirmation) { // the email address is from a green server, so we can change the email without a confirmation message // add an invitation code however to prevent this form from being forged // the user ident and new email address can then securely be stored in the database invitation table // rather than the form $details = openid_client_create_invitation('c',$openid_url,$vars['userid'],$new_email,$new_name); $form_stuff = ''; } else { // the email will be confirmed anyway so it is safe to put it in the form $form_stuff .= <<< END END; } } if ($new_name && $new_name != $old_name) { $change_fields .= '

' ."$nameLabel

$old_name => $new_name

\n"; } $action = $CONFIG->wwwroot.'action/openid_client/sync'; $security_token = elgg_view('input/securitytoken'); $body .= <<< END $instructions END; echo elgg_view('page_elements/contentwrapper',array('body'=>$body)); ?>