site_login/myaccount.php - websites/dev.eclipse.org - Git at Google

 <?php
 require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/system/app.class.php");
 require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/system/nav.class.php");
 require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/system/menu.class.php");
 $App 	= new App();
 $Nav	= new Nav();
 $Menu 	= new Menu();
 include("_projectCommon.php");

 $App->preventCaching();

 /*******************************************************************************
  * Copyright (c) 2012 Eclipse Foundation and others.
  * All rights reserved. This program and the accompanying materials
  * are made available under the terms of the Eclipse Public License v1.0
  * which accompanies this distribution, and is available at
  * http://www.eclipse.org/legal/epl-v10.html
  *
  * Contributors:
  *    Denis Roy (Eclipse Foundation)- initial API and implementation
  *******************************************************************************/

 	require_once '/home/data/httpd/eclipse-php-classes/system/ldapconnection.class.php';

 	$pageTitle 		= "My Eclipse account";
 	$pageKeywords	= "eclipse,friends,login,account,signon,sign-on";
 	$pageAuthor		= "Eclipse Foundation, Inc.";
 	header("Content-type: text/html; charset=utf-8");
 	header("Cache-Control: no-cache, must-revalidate");

 	# require session for this page
 	$Session = $App->useSession(true);
 	$Friend = $Session->getFriend();

 	$stage			= $App->getHTTPParameter("stage", "POST");
 	$error			= "";

 	$takemeback 	= "";

 	$includefile	= "content/en_welcomeback2.php";


 	if($stage == "save") {
 		$username		= $App->getHTTPParameter("username", "POST");
 		$submit 		= $App->getHTTPParameter("submit", "POST");
 		$fname			= $App->getHTTPParameter("fname", "POST");
 		$lname			= $App->getHTTPParameter("lname", "POST");
 		$oldpassword	= $App->getHTTPParameter("oldpassword", "POST");
 		$password1		= $App->getHTTPParameter("password1", "POST");
 		$password2		= $App->getHTTPParameter("password2", "POST");
 		$githubid 		= $App->getHTTPParameter("githubid", "POST");
 		# Sanitize for XSS
 		$username		= preg_replace($xss_patterns, '', $username);
 		$fname			= preg_replace($name_regexp, '', $fname);
 		$lname			= preg_replace($name_regexp, '', $lname);
 		$oldpassword	= preg_replace($xss_patterns, '', $oldpassword);
 		$password1		= preg_replace($xss_patterns, '', $password1);
 		$password2		= preg_replace($xss_patterns, '', $password2);
 		$githubid		= preg_replace($xss_patterns, '', $githubid);

 		if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
 	 		$oldpassword 	= stripslashes($oldpassword);
 			$password1 		= stripslashes($password1);
 			$password2 		= stripslashes($password2);
 			$fname			= stripslashes($fname);
 			$lname			= stripslashes($lname);
 		}

 		if($username != "" && $fname != "" && $lname != "" && $password1 != "") {
 			# update account.
 			# we must first bind to ldap to be able to change attributes
 			$ldapconn = new LDAPConnection();
 			$dn = $ldapconn->authenticate($Friend->getEmail(), $oldpassword);
 			if($dn) {

 				$update_bz_name = false;
 				if($ldapconn->getLDAPAttribute($dn, "givenName") != $fname) {
 					$ldapconn->changeAttributeValue($dn, $oldpassword, "givenName", $fname);
 					$Friend->setFirstName($fname);
 					$update_bz_name = true;
 				}
 				if($ldapconn->getLDAPAttribute($dn, "sn") != $lname) {
 					$ldapconn->changeAttributeValue($dn, $oldpassword, "sn", $lname);
 					$Friend->setLastName($lname);
 					$update_bz_name = true;
 				}
 				if($ldapconn->getLDAPAttribute($dn, "cn") != $fname . " " . $lname) {
 					$ldapconn->changeAttributeValue($dn, $oldpassword, "cn", $fname . " " . $lname);
 					$update_bz_name = true;
 				}
 				if($update_bz_name) {
 					$App->bugzilla_sql("SET NAMES 'utf8'");
 					$SQL = "UPDATE profiles SET realname='" . $App->sqlSanitize($fname . " " . $lname) . "' WHERE login_name = " .  $App->returnQuotedString($App->sqlSanitize($username)) . " LIMIT 1";
 					$App->bugzilla_sql($SQL);
 				}

 				# Update GitHub ID?
 				if($githubid != "") {
 					$oldgithubid 	= $ldapconn->getGithubIDFromMail($Friend->getEmail());

 					# we can't change GH ID's automagically
 					if($oldgithubid != "") {
 						$error .= "- Your GitHub ID cannot be changed from this form.  Please contact webmaster@eclipse.org to update your GitHub ID.<br />";
 					}
 					else {
 						$ldapconn->setGithubID($dn, $oldpassword, $githubid);
 					}
 				}

 				if(!preg_match("/(?=^.{6,}$)(?=.*[\d|\W])(?=.*[A-Za-z]).*$/", $password1)) {
 					$error .= "- Your password does not meet the complexity requirements.  It must be at least 6 characters long, and contain one number or one symbol.<br />";
 				}
 				else {
 					if($oldpassword != $password1) {
 						$ldapconn->changePassword($dn, $oldpassword, $password1);
 						$bzpass = &generateBugzillaSHA256Password($password1);
 						$SQL = "UPDATE profiles SET cryptpassword='" . $App->sqlSanitize($bzpass) . "' WHERE login_name = " .  $App->returnQuotedString($App->sqlSanitize($username)) . " LIMIT 1";
 						$App->bugzilla_sql($SQL);
 						$App->ipzilla_sql($SQL);
 					}
 				}

 				# if email address has changed, we must update Bugzilla DB record too.
 				$oldmail = $ldapconn->getLDAPAttribute($dn, "mail");
 				$mailmsg = "";
 				if($username != $oldmail) {
 					if(!$ldapconn->checkEmailAvailable($username)) {
 						$error .= "- Unable to change your email address<br />";
 					}
 					elseif(!preg_match($email_regexp, $username)) {
 						$error .= "- Your email address is not formatted correctly<br />";
 					}
 					else {
 						# Check that someone isn't piling on a bunch of requests for mail changes just to piss everyone off
 						$SQL = "SELECT /* USE MASTER */ COUNT(1) AS RecordCount FROM account_requests WHERE ip = " . $App->returnQuotedString($_SERVER['REMOTE_ADDR']);
 						$SQL .= "OR email = " . $App->returnQuotedString($oldmail);
 						$rs = $App->eclipse_sql($SQL);
 						$myrow = mysql_fetch_assoc($rs);
 						if($myrow['RecordCount'] > 0) {
 							$error = "<b>You have already submitted a request. Please check your email inbox and spam folders to respond to the previous request.</b>";
 						}
 						else {
 							# Toss in a request to change the email address
 							$mailmsg = " Please check your Inbox for a confirmation email with instructions to complete the email address change.  Your email address will not be updated until the process is complete.";
 							$token = $token = $App->getAlphaCode(64);
 							$sql = "INSERT INTO account_requests VALUES (" . $App->returnQuotedString($oldmail) . ",
 							" . $App->returnQuotedString($App->sqlSanitize($username)) . ",
 							" . $App->returnQuotedString("MAILCHANGE") . ",
 							" . $App->returnQuotedString("MAILCHANGE") . ",
 							'',
 							" . $App->returnQuotedString($_SERVER['REMOTE_ADDR']) . ",
 							NOW(),
 							" . $App->returnQuotedString($token) . ")";
 							$App->eclipse_sql($sql);

 							# Send mail to dest
 							$mail = "You (or someone pretending to be you) has changed their Eclipse.org account email address to this one (" . $App->sqlSanitize($username) . ") from this IP address:\n";
 							$mail .= "    " . $_SERVER['REMOTE_ADDR'] . "\n\n";
 				 			$mail .= "To confirm this email change, please click the link below:\n";
 				 			$mail .= "    https://dev.eclipse.org/site_login/r.php?t=$token\n\n";
 				 			$mail .= "If you have not issued this request, you can safely ignore it.\n\n";
 							$mail .= " -- Eclipse webmaster\n";
 							$headers = 'From: Eclipse Webmaster (automated) <webmaster@eclipse.org>';
 				    		mail($username, "Eclipse Account Change", $mail, $headers);
 						}
 					}
 				}

 				if($error != "") {
 					$error = "The following error(s) have occurred:<br />" . $error;
 				}
 				else {
 					$error = "<span style='color:green;'><b>Your account details have been updated successfully." . $mailmsg . "</b></span>";
 					# Update was successful.  Regenetate session info since the Friend object is stored within.
 					# If we don't regen Session, user could come back to myaccount.php only to see old info
 					$Session->destroy();
 					$Session->setFriend($Friend);
 					$Session->create();
 				}
 			}
 			else {
 				$error = "Your current password is incorrect.";
 			}
 		}
 		else {
 			$error = "An error occurred while processing your request.  Please ensure that all the required fields are entered correctly and try again.";
 		}
 	}
 	else {
 		$username 	= $Friend->getEmail();
 		$fname		= $Friend->getFirstName();
 		$lname		= $Friend->getLastName();
 		$oldpassword= "";
 		$password1	= "";
 		$password2 	= "";

 		$ldapconn = new LDAPConnection();
 		$githubid 	= $ldapconn->getGithubIDFromMail($Friend->getEmail());
 	}

 	include($includefile);
 	# Generate the web page
 	//$Nav->addCustomNav("Friends of Eclipse", 	"http://www.eclipse.org/donate/", 		"_self", 0);
 	$App->setGoogleAnalyticsTrackingCode(NULL);
 	$App->generatePage($theme, $Menu, $Nav, $pageAuthor, $pageKeywords, $pageTitle, $html);
 ?>
	<?php
	require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/system/app.class.php");
	require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/system/nav.class.php");
	require_once($_SERVER['DOCUMENT_ROOT'] . "/eclipse.org-common/system/menu.class.php");
	$App = new App();
	$Nav = new Nav();
	$Menu = new Menu();
	include("_projectCommon.php");

	$App->preventCaching();

	/*******************************************************************************
	* Copyright (c) 2012 Eclipse Foundation and others.
	* All rights reserved. This program and the accompanying materials
	* are made available under the terms of the Eclipse Public License v1.0
	* which accompanies this distribution, and is available at
	* http://www.eclipse.org/legal/epl-v10.html
	*
	* Contributors:
	* Denis Roy (Eclipse Foundation)- initial API and implementation
	*******************************************************************************/

	require_once '/home/data/httpd/eclipse-php-classes/system/ldapconnection.class.php';

	$pageTitle = "My Eclipse account";
	$pageKeywords = "eclipse,friends,login,account,signon,sign-on";
	$pageAuthor = "Eclipse Foundation, Inc.";
	header("Content-type: text/html; charset=utf-8");
	header("Cache-Control: no-cache, must-revalidate");

	# require session for this page
	$Session = $App->useSession(true);
	$Friend = $Session->getFriend();

	$stage = $App->getHTTPParameter("stage", "POST");
	$error = "";

	$takemeback = "";

	$includefile = "content/en_welcomeback2.php";



	if($stage == "save") {
	$username = $App->getHTTPParameter("username", "POST");
	$submit = $App->getHTTPParameter("submit", "POST");
	$fname = $App->getHTTPParameter("fname", "POST");
	$lname = $App->getHTTPParameter("lname", "POST");
	$oldpassword = $App->getHTTPParameter("oldpassword", "POST");
	$password1 = $App->getHTTPParameter("password1", "POST");
	$password2 = $App->getHTTPParameter("password2", "POST");
	$githubid = $App->getHTTPParameter("githubid", "POST");
	# Sanitize for XSS
	$username = preg_replace($xss_patterns, '', $username);
	$fname = preg_replace($name_regexp, '', $fname);
	$lname = preg_replace($name_regexp, '', $lname);
	$oldpassword = preg_replace($xss_patterns, '', $oldpassword);
	$password1 = preg_replace($xss_patterns, '', $password1);
	$password2 = preg_replace($xss_patterns, '', $password2);
	$githubid = preg_replace($xss_patterns, '', $githubid);

	if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
	$oldpassword = stripslashes($oldpassword);
	$password1 = stripslashes($password1);
	$password2 = stripslashes($password2);
	$fname = stripslashes($fname);
	$lname = stripslashes($lname);
	}

	if($username != "" && $fname != "" && $lname != "" && $password1 != "") {
	# update account.
	# we must first bind to ldap to be able to change attributes
	$ldapconn = new LDAPConnection();
	$dn = $ldapconn->authenticate($Friend->getEmail(), $oldpassword);
	if($dn) {

	$update_bz_name = false;
	if($ldapconn->getLDAPAttribute($dn, "givenName") != $fname) {
	$ldapconn->changeAttributeValue($dn, $oldpassword, "givenName", $fname);
	$Friend->setFirstName($fname);
	$update_bz_name = true;
	}
	if($ldapconn->getLDAPAttribute($dn, "sn") != $lname) {
	$ldapconn->changeAttributeValue($dn, $oldpassword, "sn", $lname);
	$Friend->setLastName($lname);
	$update_bz_name = true;
	}
	if($ldapconn->getLDAPAttribute($dn, "cn") != $fname . " " . $lname) {
	$ldapconn->changeAttributeValue($dn, $oldpassword, "cn", $fname . " " . $lname);
	$update_bz_name = true;
	}
	if($update_bz_name) {
	$App->bugzilla_sql("SET NAMES 'utf8'");
	$SQL = "UPDATE profiles SET realname='" . $App->sqlSanitize($fname . " " . $lname) . "' WHERE login_name = " . $App->returnQuotedString($App->sqlSanitize($username)) . " LIMIT 1";
	$App->bugzilla_sql($SQL);
	}

	# Update GitHub ID?
	if($githubid != "") {
	$oldgithubid = $ldapconn->getGithubIDFromMail($Friend->getEmail());

	# we can't change GH ID's automagically
	if($oldgithubid != "") {
	$error .= "- Your GitHub ID cannot be changed from this form. Please contact webmaster@eclipse.org to update your GitHub ID.<br />";
	}
	else {
	$ldapconn->setGithubID($dn, $oldpassword, $githubid);
	}
	}

	if(!preg_match("/(?=^.{6,}$)(?=.[\d\|\W])(?=.[A-Za-z]).*$/", $password1)) {
	$error .= "- Your password does not meet the complexity requirements. It must be at least 6 characters long, and contain one number or one symbol.<br />";
	}
	else {
	if($oldpassword != $password1) {
	$ldapconn->changePassword($dn, $oldpassword, $password1);
	$bzpass = &generateBugzillaSHA256Password($password1);
	$SQL = "UPDATE profiles SET cryptpassword='" . $App->sqlSanitize($bzpass) . "' WHERE login_name = " . $App->returnQuotedString($App->sqlSanitize($username)) . " LIMIT 1";
	$App->bugzilla_sql($SQL);
	$App->ipzilla_sql($SQL);
	}
	}

	# if email address has changed, we must update Bugzilla DB record too.
	$oldmail = $ldapconn->getLDAPAttribute($dn, "mail");
	$mailmsg = "";
	if($username != $oldmail) {
	if(!$ldapconn->checkEmailAvailable($username)) {
	$error .= "- Unable to change your email address<br />";
	}
	elseif(!preg_match($email_regexp, $username)) {
	$error .= "- Your email address is not formatted correctly<br />";
	}
	else {
	# Check that someone isn't piling on a bunch of requests for mail changes just to piss everyone off
	$SQL = "SELECT /* USE MASTER */ COUNT(1) AS RecordCount FROM account_requests WHERE ip = " . $App->returnQuotedString($_SERVER['REMOTE_ADDR']);
	$SQL .= "OR email = " . $App->returnQuotedString($oldmail);
	$rs = $App->eclipse_sql($SQL);
	$myrow = mysql_fetch_assoc($rs);
	if($myrow['RecordCount'] > 0) {
	$error = "<b>You have already submitted a request. Please check your email inbox and spam folders to respond to the previous request.</b>";
	}
	else {
	# Toss in a request to change the email address
	$mailmsg = " Please check your Inbox for a confirmation email with instructions to complete the email address change. Your email address will not be updated until the process is complete.";
	$token = $token = $App->getAlphaCode(64);
	$sql = "INSERT INTO account_requests VALUES (" . $App->returnQuotedString($oldmail) . ",
	" . $App->returnQuotedString($App->sqlSanitize($username)) . ",
	" . $App->returnQuotedString("MAILCHANGE") . ",
	" . $App->returnQuotedString("MAILCHANGE") . ",
	'',
	" . $App->returnQuotedString($_SERVER['REMOTE_ADDR']) . ",
	NOW(),
	" . $App->returnQuotedString($token) . ")";
	$App->eclipse_sql($sql);

	# Send mail to dest
	$mail = "You (or someone pretending to be you) has changed their Eclipse.org account email address to this one (" . $App->sqlSanitize($username) . ") from this IP address:\n";
	$mail .= " " . $_SERVER['REMOTE_ADDR'] . "\n\n";
	$mail .= "To confirm this email change, please click the link below:\n";
	$mail .= " https://dev.eclipse.org/site_login/r.php?t=$token\n\n";
	$mail .= "If you have not issued this request, you can safely ignore it.\n\n";
	$mail .= " -- Eclipse webmaster\n";
	$headers = 'From: Eclipse Webmaster (automated) <webmaster@eclipse.org>';
	mail($username, "Eclipse Account Change", $mail, $headers);
	}
	}
	}

	if($error != "") {
	$error = "The following error(s) have occurred:<br />" . $error;
	}
	else {
	$error = "<span style='color:green;'><b>Your account details have been updated successfully." . $mailmsg . "</b></span>";
	# Update was successful. Regenetate session info since the Friend object is stored within.
	# If we don't regen Session, user could come back to myaccount.php only to see old info
	$Session->destroy();
	$Session->setFriend($Friend);
	$Session->create();
	}
	}
	else {
	$error = "Your current password is incorrect.";
	}
	}
	else {
	$error = "An error occurred while processing your request. Please ensure that all the required fields are entered correctly and try again.";
	}
	}
	else {
	$username = $Friend->getEmail();
	$fname = $Friend->getFirstName();
	$lname = $Friend->getLastName();
	$oldpassword= "";
	$password1 = "";
	$password2 = "";

	$ldapconn = new LDAPConnection();
	$githubid = $ldapconn->getGithubIDFromMail($Friend->getEmail());
	}

	include($includefile);
	# Generate the web page
	//$Nav->addCustomNav("Friends of Eclipse", "http://www.eclipse.org/donate/", "_self", 0);
	$App->setGoogleAnalyticsTrackingCode(NULL);
	$App->generatePage($theme, $Menu, $Nav, $pageAuthor, $pageKeywords, $pageTitle, $html);
	?>