1<?php 2 3/** 4 * 5 * User selfMod check end execute 6 * 7 */ 8 9header('Content-Type: text/html; charset=utf-8'); 10 11# include required scripts 12require_once( dirname(__FILE__) . '/../../../functions/functions.php' ); 13 14# initialize required objects 15$Database = new Database_PDO; 16$Result = new Result; 17$User = new User ($Database); 18$Password_check = new Password_check (); 19 20# verify that user is logged in 21$User->check_user_session(); 22 23# validate csrf cookie 24$User->Crypto->csrf_cookie ("validate", "user-menu", $_POST['csrf_cookie']) === false ? $Result->show("danger", _("Invalid CSRF cookie"), true) : ""; 25 26# verify email 27if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { $Result->show("danger alert-absolute", _('Email not valid!'), true); } 28 29# verify lang 30if(!is_numeric($_POST['lang'])) { $Result->show("danger alert-absolute", _('Invalid language!'), true); } 31 32# verify password if changed (not empty) 33if (strlen($_POST['password1']) != 0) { 34 if ($_POST['password1'] != $_POST['password2']) { $Result->show("danger alert-absolute", _('Passwords do not match!'), true); } 35 # validate pass against policy 36 $policy = (json_decode($User->settings->passwordPolicy, true)); 37 $Password_check->set_requirements ($policy, explode(",",$policy['allowedSymbols'])); 38 if (!$Password_check->validate ($_POST['password1'])) { $Result->show("danger alert-danger ", _('Password validation errors').":<br> - ".implode("<br> - ", $Password_check->get_errors ()), true); } 39} 40 41# Verify Theme 42if (!empty($_POST['theme'])) { 43 if (!in_array($_POST['theme'], ['default', 'white', 'dark'])) { $Result->show("danger alert-absolute", _('Invalid theme'), true); } 44} 45 46# set override 47$_POST['compressOverride'] = @$_POST['compressOverride']=="Uncompress" ? "Uncompress" : "default"; 48 49# Update user 50if (!$User->self_update ($_POST)) { $Result->show("danger alert-absolute", _('Error updating user account!'), true); } 51else { $Result->show("success alert-absolute", _('Account updated successfully'), false); } 52 53# update language 54$User->update_session_language ();