Index: branches/5.2.x/core/units/users/users_event_handler.php
===================================================================
diff -u -N -r14971 -r14973
--- branches/5.2.x/core/units/users/users_event_handler.php	(.../users_event_handler.php)	(revision 14971)
+++ branches/5.2.x/core/units/users/users_event_handler.php	(.../users_event_handler.php)	(revision 14973)
@@ -1,6 +1,6 @@
 <?php
 /**
-* @version	$Id: users_event_handler.php 14971 2012-01-03 16:55:03Z alex $
+* @version	$Id: users_event_handler.php 14973 2012-01-03 17:02:03Z alex $
 * @package	In-Portal
 * @copyright	Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
 * @license      GNU/GPL
@@ -910,18 +910,22 @@
 			$object =& $event->getObject();
 			/* @var $object kDBItem */
 
-			if ($event->Special == 'forgot') {
+			if ( $event->Special == 'forgot' ) {
 				$object->SetDBField('PwResetConfirm', '');
 				$object->SetDBField('PwRequestTime_date', NULL);
 				$object->SetDBField('PwRequestTime_time', NULL);
 			}
 
-			$changed_fields = array_keys( $object->GetChangedFields() );
+			$changed_fields = array_keys($object->GetChangedFields());
 
 			if ( $changed_fields && !in_array('Modified', $changed_fields) ) {
 				$object->SetDBField('Modified_date', adodb_mktime());
 				$object->SetDBField('Modified_time', adodb_mktime());
 			}
+
+			if ( !$this->Application->isAdmin && in_array('Email', $changed_fields) && ($event->Special != 'email-restore') ) {
+				$object->SetDBField('EmailVerified', 0);
+			}
 		}
 
 		/**
@@ -1286,10 +1290,14 @@
 			$object =& $event->getObject();
 			/* @var $object UsersItem */
 
-			if (!$this->Application->isAdmin || $object->IsTempTable()) {
-				return ;
+			if ( !$this->Application->isAdmin && ($event->Special != 'email-restore') ) {
+				$this->sendEmailChangeEvent($event);
 			}
 
+			if ( !$this->Application->isAdmin || $object->IsTempTable() ) {
+				return;
+			}
+
 			$this->sendStatusChangeEvent($object->GetID(), $object->GetOriginalField('Status'), $object->GetDBField('Status'));
 		}
 
@@ -1433,6 +1441,57 @@
 		}
 
 		/**
+		 * Sends restore/validation email event on user email change
+		 *
+		 * @param kEvent $event
+		 * @return void
+		 * @access protected
+		 */
+		protected function sendEmailChangeEvent(kEvent &$event)
+		{
+			$object =& $event->getObject();
+			/* @var $object UsersItem */
+
+			$new_email = $object->GetDBField('Email');
+			$prev_email = $object->GetOriginalField('Email');
+
+			if ( !$new_email || ($prev_email == $new_email) ) {
+				return;
+			}
+
+			$prev_emails = $object->GetDBField('PrevEmails');
+			$prev_emails = $prev_emails ? unserialize($prev_emails) : Array ();
+
+			$fields_hash = Array (
+				'PrevEmails' => serialize($prev_emails),
+				'EmailVerified' => 0,
+			);
+
+			$user_id = $object->GetID();
+
+			if ( $prev_email ) {
+				$hash = md5(TIMENOW + $user_id);
+				$prev_emails[$hash] = $prev_email;
+				$fields_hash['PrevEmails'] = serialize($prev_emails);
+
+				$send_params = Array (
+					'hash' => $hash,
+					'to_email' => $prev_email,
+					'to_name' => trim($object->GetDBField('FirstName') . ' ' . $object->GetDBField('LastName')),
+				);
+
+				$this->Application->EmailEventUser('USER.EMAIL.CHANGE.UNDO', null, $send_params);
+			}
+
+			if ( $new_email ) {
+				$this->Application->EmailEventUser('USER.EMAIL.CHANGE.VERIFY', $user_id);
+			}
+
+			// direct DB update, since USER.EMAIL.CHANGE.VERIFY puts verification code in user record, that we don't want to loose
+			$this->Conn->doUpdate($fields_hash, $object->TableName, 'PortalUserId = ' . $user_id);
+		}
+
+		/**
 		 * OnAfterConfigRead for users
 		 *
 		 * @param kEvent $event