summaryrefslogtreecommitdiff
path: root/pages
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2013-08-25 21:07:02 +0200
committerMichael Tänzer <neo@nhng.de>2013-08-25 21:07:02 +0200
commit0b92c4652f949b0a795e15064efe9f41c1eca769 (patch)
tree744543bc591ec364cfd83ef5a9804a58a6dbd3c4 /pages
parent32bf5ece566116fe1f9eb0ee88b8e8e6cbe27f97 (diff)
parent60d9c34c385d47463ce0dc729f8a5e9857752b58 (diff)
downloadcacert-devel-0b92c4652f949b0a795e15064efe9f41c1eca769.tar.gz
cacert-devel-0b92c4652f949b0a795e15064efe9f41c1eca769.tar.xz
cacert-devel-0b92c4652f949b0a795e15064efe9f41c1eca769.zip
Merge remote-tracking branch 'origin/bug-663' into release
Diffstat (limited to 'pages')
-rw-r--r--pages/account/13.php82
1 files changed, 45 insertions, 37 deletions
diff --git a/pages/account/13.php b/pages/account/13.php
index c2b7cc5..1c1cfc6 100644
--- a/pages/account/13.php
+++ b/pages/account/13.php
@@ -16,30 +16,33 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<?
- $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `users`.`deleted`=0";
- $res = mysql_query($query);
- $user = mysql_fetch_assoc($res);
+ $query = "select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and `users`.`deleted`=0";
+ $res = mysql_query($query);
+ $user = mysql_fetch_assoc($res);
- $year = intval(substr($user['dob'], 0, 4));
- $month = intval(substr($user['dob'], 5, 2));
- $day = intval(substr($user['dob'], 8, 2));
+ $year = intval(substr($user['dob'], 0, 4));
+ $month = intval(substr($user['dob'], 5, 2));
+ $day = intval(substr($user['dob'], 8, 2));
+ $showdetails = array_key_exists('showdetails', $_REQUEST) && !!intval($_REQUEST['showdetails']);
+ if($showdetails){
+ $body = sprintf(_("Hi %s,"),$user['fname'])."\n\n";
+ $body .= _("You receive this automatic mail since you yourself or someone ".
+ "else looked up your secret questions and answers for a forgotten ".
+ "password.\n\n".
+ "If it was you who looked up or changed that data, or clicked ".
+ "through the menu in your account, everything is in best order ".
+ "and you can ignore this mail.\n\n".
+ "But if you received this mail without a recognisable reason, ".
+ "there is a danger that an unauthorised person accessed your ".
+ "account, and you should promptly change your password and your ".
+ "secret questions and answers.")."\n\n";
- $body = sprintf(_("Hi %s,"),$user['fname'])."\n\n";
- $body .= _("You receive this automatic mail since you yourself or someone ".
- "else looked up your secret questions and answers for a forgotten ".
- "password.\n\n".
- "If it was you who looked up or changed that data, or clicked ".
- "through the menu in your account, everything is in best order ".
- "and you can ignore this mail.\n\n".
- "But if you received this mail without a recognisable reason, ".
- "there is a danger that an unauthorised person accessed your ".
- "account, and you should promptly change your password and your ".
- "secret questions and answers.")."\n\n";
+ $body .= _("Best regards")."\n"._("CAcert Support");
- $body .= _("Best regards")."\n"._("CAcert Support");
-
- sendmail($user['email'], "[CAcert.org] "._("Email Notification"), $body, "support@cacert.org", "", "", "CAcert Support");
+ sendmail($user['email'], "[CAcert.org] "._("Email Notification"), $body, "support@cacert.org", "", "", "CAcert Support");
+ }
?>
+
<form method="post" action="account.php">
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
<tr>
@@ -70,24 +73,24 @@
(<?=_("dd/mm/yyyy")?>)</td>
<td class="DataTD"><nobr><select name="day">
<?
- for($i = 1; $i <= 31; $i++)
- {
- echo "<option";
- if($day == $i)
- echo " selected='selected'";
- echo ">$i</option>";
- }
+ for($i = 1; $i <= 31; $i++)
+ {
+ echo "<option";
+ if($day == $i)
+ echo " selected='selected'";
+ echo ">$i</option>";
+ }
?>
</select>
<select name="month">
<?
- for($i = 1; $i <= 12; $i++)
- {
- echo "<option value='$i'";
- if($month == $i)
- echo " selected='selected'";
- echo ">".ucwords(recode("utf-8..html", strftime("%B", mktime(0,0,0,$i,1,date("Y")))))."</option>";
- }
+ for($i = 1; $i <= 12; $i++)
+ {
+ echo "<option value='$i'";
+ if($month == $i)
+ echo " selected='selected'";
+ echo ">".ucwords(recode("utf-8..html", strftime("%B", mktime(0,0,0,$i,1,date("Y")))))."</option>";
+ }
?>
</select>
<input type="text" name="year" value="<?=$year?>" size="4"></nobr>
@@ -115,18 +118,22 @@
</tr>
<tr>
<td class="DataTD"><?=_("Date of Birth")?><br>
- (<?=_("dd/mm/yyyy")?>)</td>
+ (<?=_("dd/mm/yyyy")?>)</td>
<td class="DataTD"><?=$day?> <?=ucwords(recode("utf-8..html", strftime("%B", mktime(0,0,0,$month,1,1))))?> <?=$year?></td>
</tr>
<? } ?>
<tr>
+ <td colspan="2" class="title"><a href="account.php?id=13&amp;showdetails=<?=!$showdetails?>"><?=_("View secret question & answers and OTP phrases")?></a></td>
+ </tr>
+ <? if($showdetails){ ?>
+ <tr>
<td class="DataTD"><?=_("OTP Hash")?><br>
- (<?=_("Not displayed")?>)</td>
+ (<?=_("Not displayed")?>)</td>
<td class="DataTD"><input type="text" name="otphash"></td>
</tr>
<tr>
<td class="DataTD"><?=_("OTP PIN")?><br>
- (<?=_("Not displayed")?>)</td>
+ (<?=_("Not displayed")?>)</td>
<td class="DataTD"><input type="text" name="otppin"></td>
</tr>
<tr>
@@ -153,6 +160,7 @@
<td class="DataTD"><input type="text" name="A5" value="<?=sanitizeHTML($user['A5'])?>"></td>
</tr>
<tr>
+ <? } ?>
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
</tr>
</table>