'id' => 'emailsettings',
'action' =>
common_local_url('emailsettings')));
+ common_hidden('token', common_session_token());
common_element('h2', NULL, _('Address'));
common_checkbox('emailnotifysub',
_('Send me notices of new subscriptions through email.'),
$user->emailnotifysub);
+ common_checkbox('emailnotifyfav',
+ _('Send me email when someone adds my notice as a favorite.'),
+ $user->emailnotifyfav);
+ common_checkbox('emailnotifymsg',
+ _('Send me email when someone sends me a private message.'),
+ $user->emailnotifymsg);
common_checkbox('emailpost',
_('I want to post notices by email.'),
$user->emailpost);
function handle_post() {
+ # CSRF protection
+ $token = $this->trimmed('token');
+ if (!$token || $token != common_session_token()) {
+ $this->show_form(_('There was a problem with your session token. Try again, please.'));
+ return;
+ }
+
if ($this->arg('save')) {
$this->save_preferences();
} else if ($this->arg('add')) {
function save_preferences() {
$emailnotifysub = $this->boolean('emailnotifysub');
+ $emailnotifyfav = $this->boolean('emailnotifyfav');
+ $emailnotifymsg = $this->boolean('emailnotifymsg');
$emailmicroid = $this->boolean('emailmicroid');
$emailpost = $this->boolean('emailpost');
$original = clone($user);
$user->emailnotifysub = $emailnotifysub;
+ $user->emailnotifyfav = $emailnotifyfav;
+ $user->emailnotifymsg = $emailnotifymsg;
$user->emailmicroid = $emailmicroid;
$user->emailpost = $emailpost;