'id' => 'emailsettings',
'action' =>
common_local_url('emailsettings')));
+ common_hidden('token', common_session_token());
common_element('h2', NULL, _('Address'));
}
common_element('h2', NULL, _('Preferences'));
-
+
common_checkbox('emailnotifysub',
- _('Send me notices of new subscriptions through email.'),
- $user->emailnotifysub);
+ _('Send me notices of new subscriptions through email.'),
+ $user->emailnotifysub);
+ common_checkbox('emailnotifyfav',
+ _('Send me email when someone adds my notice as a favorite.'),
+ $user->emailnotifyfav);
+ common_checkbox('emailnotifymsg',
+ _('Send me email when someone sends me a private message.'),
+ $user->emailnotifymsg);
common_checkbox('emailpost',
_('I want to post notices by email.'),
$user->emailpost);
-
+ common_checkbox('emailmicroid',
+ _('Publish a MicroID for my email address.'),
+ $user->emailmicroid);
+
common_submit('save', _('Save'));
common_element_end('form');
function handle_post() {
+ # CSRF protection
+ $token = $this->trimmed('token');
+ if (!$token || $token != common_session_token()) {
+ $this->show_form(_('There was a problem with your session token. Try again, please.'));
+ return;
+ }
+
if ($this->arg('save')) {
$this->save_preferences();
} else if ($this->arg('add')) {
function save_preferences() {
$emailnotifysub = $this->boolean('emailnotifysub');
+ $emailnotifyfav = $this->boolean('emailnotifyfav');
+ $emailnotifymsg = $this->boolean('emailnotifymsg');
+ $emailmicroid = $this->boolean('emailmicroid');
$emailpost = $this->boolean('emailpost');
-
+
$user = common_current_user();
assert(!is_null($user)); # should already be checked
$original = clone($user);
$user->emailnotifysub = $emailnotifysub;
+ $user->emailnotifyfav = $emailnotifyfav;
+ $user->emailnotifymsg = $emailnotifymsg;
+ $user->emailmicroid = $emailmicroid;
$user->emailpost = $emailpost;
$result = $user->update($original);
$orig = clone($user);
$user->incomingemail = NULL;
-
- if (!$user->update($orig)) {
+
+ if (!$user->updateKeys($orig)) {
common_log_db_error($user, 'UPDATE', __FILE__);
$this->server_error(_("Couldn't update user record."));
}
$orig = clone($user);
$user->incomingemail = mail_new_incoming_address();
- if (!$user->update($orig)) {
+ if (!$user->updateKeys($orig)) {
common_log_db_error($user, 'UPDATE', __FILE__);
$this->server_error(_("Couldn't update user record."));
}