add csrf protection to profile settings

[quix0rs-gnu-social.git] / actions / confirmaddress.php

diff --git a/actions/confirmaddress.php b/actions/confirmaddress.php
index c34a63668517bdd87f37d8b37687a93c38212427..3cffda8710b59c15efa87ca347c22e087df3e073 100644 (file)
--- a/actions/confirmaddress.php
+++ b/actions/confirmaddress.php
@@ -30,61 +30,62 @@ class ConfirmaddressAction extends Action {
         }
         $code = $this->trimmed('code');
         if (!$code) {
-            $this->client_error(_t('No confirmation code.'));
+            $this->client_error(_('No confirmation code.'));
             return;
         }
         $confirm = Confirm_address::staticGet('code', $code);
         if (!$confirm) {
-            $this->client_error(_t('Confirmation code not found.'));
+            $this->client_error(_('Confirmation code not found.'));
             return;
         }
         $cur = common_current_user();
         if ($cur->id != $confirm->user_id) {
-            $this->client_error(_t('That confirmation code is not for you!'));
+            $this->client_error(_('That confirmation code is not for you!'));
             return;
         }
                $type = $confirm->address_type;
                if (!in_array($type, array('email', 'jabber', 'sms'))) {
-                       $this->server_error(_t('Unrecognized address type ') . $type);
+                       $this->server_error(sprintf(_('Unrecognized address type %s'), $type));
                        return;
                }
         if ($cur->$type == $confirm->address) {
-            $this->client_error(_t('That address has already been confirmed.'));
+            $this->client_error(_('That address has already been confirmed.'));
                        return;
                }
-               
+
         $cur->query('BEGIN');
-               
+
         $orig_user = clone($cur);
 
                $cur->$type = $confirm->address;
 
                if ($type == 'sms') {
                        $cur->carrier = ($confirm->address_extra)+0;
+                       $carrier = Sms_carrier::staticGet($cur->carrier);
+                       $cur->smsemail = $carrier->toEmailAddress($cur->sms);
                }
-               
+
                $result = $cur->updateKeys($orig_user);
-               
+
         if (!$result) {
                        common_log_db_error($cur, 'UPDATE', __FILE__);
-            $this->server_error(_t('Couldn\'t update user.'));
+            $this->server_error(_('Couldn\'t update user.'));
             return;
         }
-               
+
         $result = $confirm->delete();
-               
+
         if (!$result) {
                        common_log_db_error($confirm, 'DELETE', __FILE__);
-            $this->server_error(_t('Couldn\'t delete email confirmation.'));
+            $this->server_error(_('Couldn\'t delete email confirmation.'));
             return;
         }
-               
+
         $cur->query('COMMIT');
 
-        common_show_header(_t('Confirm Address'));
+        common_show_header(_('Confirm Address'));
         common_element('p', NULL,
-                       _t('The address "') . $cur->email . 
-                       _t('" has been confirmed for your account.'));
+                       sprintf(_('The address "%s" has been confirmed for your account.'), $cur->$type));
         common_show_footer();
     }
 }