+ my $pass = $c->req->param('pass');
+ if (length $pass < 4) {
+ $c->flash(error => "Your password need to be at least 4 characters");
+ } else {
+ my $query = $dbh->prepare(q{UPDATE users SET password = $1
+ WHERE password = crypt($2,password) AND uid = $3
+ });
+ my $oldpass = $c->req->param('oldpass');
+ $query->execute($pass,$oldpass,$c->user->id);
+
+ $c->flash(error => "Old password was invalid") unless $query->rows;
+ }
+
+ $c->res->redirect($c->uri_for(''));
+}
+
+sub changeEmail : Local {
+ my ( $self, $c ) = @_;
+ my $dbh = $c->model;
+
+ my $email = $c->req->param('email');
+
+ if ($email =~ /^\s*$/) {
+ my $update = $dbh->prepare(q{
+UPDATE users SET email = NULL WHERE uid = $1;
+ });
+ $update->execute($c->user->id);
+ $c->flash(error => 'email cleared');
+ $c->res->redirect($c->uri_for(''));
+ return,
+ }
+
+ unless (Email::Valid->address($email)){
+ $c->flash(email => $email);
+ $c->flash(error => 'Invalid email address');
+ $c->res->redirect($c->uri_for(''));
+ return,
+ }
+
+ eval{
+ my $insert = $dbh->prepare(q{
+INSERT INTO email_change (uid,email) VALUES ($1,$2) RETURNING id;
+ });
+ $insert->execute($c->user->id,$email);
+
+ my ($id) = $insert->fetchrow_array;
+
+ my %mail = (
+ smtp => 'localhost',
+ To => $email,
+ From => 'NewDawn Command <nd@ruin.nu>',
+ 'Content-type' => 'text/plain; charset="UTF-8"',
+ Subject => 'Change email address',
+ Message => qq{
+You have requested to change email address on the NewDawn website.
+If that is not the case, then feel free to ignore this email. Otherwise
+use the following url to confirm the change:
+
+}.$c->uri_for('confirmEmail',$id)."\n",
+ );
+
+ if (sendmail %mail) {
+ $c->flash(error => 'Sent mail for confirmation.');
+ }else {
+ $c->flash(error => $Mail::Sendmail::error);
+ }
+ };
+ if($@){
+ if($@ =~ /duplicate key value violates unique constraint/){
+ $c->flash(email => $email);
+ $c->flash(error => 'Something went wrong, try to set the email again');
+ }else{
+ die $@;
+ }
+ }
+ $c->res->redirect($c->uri_for(''));
+}
+
+sub changeDiscordId : Local {
+ my ( $self, $c ) = @_;
+ my $dbh = $c->model;
+
+ my $discord_id = $c->req->param('discord_id');
+
+ if ($discord_id =~ /^\s*$/) {
+ my $update = $dbh->prepare(q{
+UPDATE users SET discord_id = NULL WHERE uid = $1;
+ });
+ $update->execute($c->user->id);
+ $c->flash(error => 'discord id cleared');
+ $c->res->redirect($c->uri_for(''));
+ return,
+ }
+
+ eval{
+ my $update = $dbh->prepare(q{
+UPDATE users SET discord_id = $2 WHERE uid = $1;
+ });
+ $update->execute($c->user->id,$discord_id);
+ };
+ if($@){
+ if($@ =~ /duplicate key value violates unique constraint/){
+ $c->flash(discord_id => $discord_id);
+ $c->flash(error => 'Someone else is using this discord id, duplicate account?');
+ }else{
+ die $@;
+ }
+ }
+ $c->res->redirect($c->uri_for(''));
+}
+
+sub confirmEmail : Local {
+ my ( $self, $c, $id ) = @_;
+ my $dbh = $c->model;
+
+ $dbh->begin_work;
+ my $query = $dbh->prepare(q{
+UPDATE email_change SET confirmed = TRUE
+WHERE uid = $1 AND id = $2 AND NOT confirmed
+RETURNING email