blob: 6d921b278f9eac9f945c404250cd8dd684c5085d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
<?php
/**
* Elgg openid_client sync data page
*
* @package openid_client
* @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
* @author Kevin Jardiner <kevin@radagast.biz>
* @copyright Curverider Ltd 2008-2009
* @link http://elgg.com/
*
* @uses the following values in $vars:
*
* 'userid' the user's GUID
* 'new_email' the user's new email
* 'new_name' the user's new full name
* 'email_confirmation' whether the email address needs to be confirmed
*/
$emailLabel = elgg_echo('openid_client:email_label');
$nameLabel = elgg_echo('openid_client:name_label');
$submitLabel = elgg_echo('openid_client:submit_label');
$cancelLabel = elgg_echo('openid_client:cancel_label');
$noSyncLabel = elgg_echo('openid_client:nosync_label');
$instructions = elgg_echo('openid_client:sync_instructions');
$new_email = $vars['new_email'];
$new_name = $vars['new_name'];
$email_confirmation = $vars['email_confirmation'];
$user = get_user($vars['userid']);
$old_email = $user->email;
$old_name = $user->name;
$openid_url = $user->alias;
if ($new_email && $new_email != $old_email) {
$change_fields .= '<table><tr><td><label for="emailchange"><input type="checkbox"'
.' id="emailchange" name="emailchange" value="yes" />'
." $emailLabel</label></td><td>$old_email => $new_email</td></tr></table>\n";
if (!$email_confirmation) {
// the email address is from a green server, so we can change the email without a confirmation message
// add an invitation code however to prevent this form from being forged
// the user ident and new email address can then securely be stored in the database invitation table
// rather than the form
$details = openid_client_create_invitation('c',$openid_url,$vars['userid'],$new_email,$new_name);
$form_stuff = '<input type="hidden" name="i_code" value="'.$details->code.'" />';
} else {
// the email will be confirmed anyway so it is safe to put it in the form
$form_stuff .= <<< END
<input type="hidden" name="new_email" value="$new_email" />
END;
}
}
if ($new_name && $new_name != $old_name) {
$change_fields .= '<table><tr><td><label for="namechange"><input type="checkbox"'
.' id="namechange" name="namechange" value="yes" />'
."$nameLabel</label></td><td>$old_name => $new_name</td></tr></table>\n";
}
$action = $CONFIG->wwwroot.'action/openid_client/sync';
$security_token = elgg_view('input/securitytoken');
$body .= <<< END
$instructions
<form action="$action" method="post">
$security_token
<p>
$change_fields
</p>
<p>
<label for="nosync"><input type="checkbox" id="nosync" name="nosync" value="yes" />$noSyncLabel</label>
<br /><br />
$form_stuff
<input type="hidden" name="new_name" value="$new_name" />
<input type="submit" name="submit" value="$submitLabel" />
<input type="submit" name="cancel" value="$cancelLabel" />
</p>
</form>
END;
echo elgg_view('page_elements/contentwrapper',array('body'=>$body));
?>
|
