Friendica Communications Platform
(please note that this is a clone of the repository at github, issues are handled there)
https://friendi.ca
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
184 lines
5.3 KiB
184 lines
5.3 KiB
<?php |
|
|
|
|
|
function settings_init(&$a) { |
|
|
|
if((! x($_SESSION,'authenticated')) && (x($_SESSION,'uid'))) { |
|
$_SESSION['sysmsg'] .= "Permission denied." . EOL; |
|
$a->error = 404; |
|
return; |
|
} |
|
require_once("mod/profile.php"); |
|
profile_load($a,$_SESSION['uid']); |
|
} |
|
|
|
|
|
function settings_post(&$a) { |
|
|
|
if((! x($_SESSION['authenticated'])) && (! (x($_SESSION,'uid')))) { |
|
$_SESSION['sysmsg'] .= "Permission denied." . EOL; |
|
return; |
|
} |
|
if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != $_SESSION['uid']) { |
|
$_SESSION['sysmsg'] .= "Permission denied." . EOL; |
|
return; |
|
} |
|
if((x($_POST,'password')) || (x($_POST,'confirm'))) { |
|
|
|
$newpass = trim($_POST['password']); |
|
$confirm = trim($_POST['confirm']); |
|
|
|
$err = false; |
|
if($newpass != $confirm ) { |
|
$_SESSION['sysmsg'] .= "Passwords do not match. Password unchanged." . EOL; |
|
$err = true; |
|
} |
|
|
|
if((! x($newpass)) || (! x($confirm))) { |
|
$_SESSION['sysmsg'] .= "Empty passwords are not allowed. Password unchanged." . EOL; |
|
$err = true; |
|
} |
|
|
|
if(! $err) { |
|
$password = hash('whirlpool',$newpass); |
|
$r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d LIMIT 1", |
|
dbesc($password), |
|
intval($_SESSION['uid'])); |
|
if($r) |
|
$_SESSION['sysmsg'] .= "Password changed." . EOL; |
|
else |
|
$_SESSION['sysmsg'] .= "Password update failed. Please try again." . EOL; |
|
} |
|
} |
|
|
|
$username = notags(trim($_POST['username'])); |
|
$email = notags(trim($_POST['email'])); |
|
if(x($_POST,'nick')) |
|
$nick = notags(trim($_POST['nick'])); |
|
$timezone = notags(trim($_POST['timezone'])); |
|
|
|
$username_changed = false; |
|
$email_changed = false; |
|
$nick_changed = false; |
|
$zone_changed = false; |
|
$err = ''; |
|
|
|
if($username != $a->user['username']) { |
|
$username_changed = true; |
|
if(strlen($username) > 40) |
|
$err .= " Please use a shorter name."; |
|
if(strlen($username) < 3) |
|
$err .= " Name too short."; |
|
} |
|
if($email != $a->user['email']) { |
|
$email_changed = true; |
|
if(!eregi('[A-Za-z0-9._%-]+@[A-Za-z0-9._%-]+\.[A-Za-z]{2,6}',$email)) |
|
$err .= " Not valid email."; |
|
$r = q("SELECT `uid` FROM `user` |
|
WHERE `email` = '%s' LIMIT 1", |
|
dbesc($email) |
|
); |
|
if($r !== NULL && count($r)) |
|
$err .= " This email address is already registered." . EOL; |
|
} |
|
if((x($nick)) && ($nick != $a->user['nickname'])) { |
|
$nick_changed = true; |
|
if(! preg_match("/^[a-zA-Z][a-zA-Z0-9\-\_]*$/",$nick)) |
|
$err .= " Nickname must start with a letter and contain only contain letters, numbers, dashes, and underscore."; |
|
$r = q("SELECT `uid` FROM `user` |
|
WHERE `nickname` = '%s' LIMIT 1", |
|
dbesc($nick) |
|
); |
|
if($r !== NULL && count($r)) |
|
$err .= " Nickname is already registered. Try another." . EOL; |
|
} |
|
else |
|
$nick = $a->user['nickname']; |
|
|
|
if(strlen($err)) { |
|
$_SESSION['sysmsg'] .= $err . EOL; |
|
return; |
|
} |
|
if($timezone != $a->user['timezone']) { |
|
$zone_changed = true; |
|
if(strlen($timezone)) |
|
date_default_timezone_set($timezone); |
|
} |
|
if($email_changed || $username_changed || $nick_changed || $zone_changed ) { |
|
$r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `nickname` = '%s', `timezone` = '%s' WHERE `uid` = %d LIMIT 1", |
|
dbesc($username), |
|
dbesc($email), |
|
dbesc($nick), |
|
dbesc($timezone), |
|
intval($_SESSION['uid'])); |
|
if($r) |
|
$_SESSION['sysmsg'] .= "Settings updated." . EOL; |
|
} |
|
if($email_changed && $a->config['register_policy'] == REGISTER_VERIFY) { |
|
|
|
// FIXME - set to un-verified, blocked and redirect to logout |
|
|
|
} |
|
if($nick_changed) { |
|
$r = q ("UPDATE `profile` SET `url` = '%s', `request` = '%s', `notify` = '%s', `poll` = '%s', `confirm` = '%s' |
|
WHERE `uid` = %d AND `self` = 1 LIMIT 1", |
|
dbesc( $a->get_baseurl() . '/profile/' . $nick ), |
|
dbesc( $a->get_baseurl() . '/dfrn_request/' . $nick ), |
|
dbesc( $a->get_baseurl() . '/dfrn_notify/' . $nick ), |
|
dbesc( $a->get_baseurl() . '/dfrn_poll/' . $nick ), |
|
dbesc( $a->get_baseurl() . '/dfrn_confirm/' . $nick ), |
|
intval($_SESSION['uid']) |
|
); |
|
} |
|
|
|
|
|
// Refresh the content display with new data |
|
|
|
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", |
|
intval($_SESSION['uid'])); |
|
if(count($r)) |
|
$a->user = $r[0]; |
|
} |
|
|
|
|
|
if(! function_exists('settings_content')) { |
|
function settings_content(&$a) { |
|
|
|
if((! x($_SESSION['authenticated'])) && (! (x($_SESSION,'uid')))) { |
|
$_SESSION['sysmsg'] .= "Permission denied." . EOL; |
|
return; |
|
} |
|
|
|
|
|
$username = $a->user['username']; |
|
$email = $a->user['email']; |
|
$nickname = $a->user['nickname']; |
|
$timezone = $a->user['timezone']; |
|
|
|
|
|
if(x($nickname)) |
|
$nickname_block = file_get_contents("view/settings_nick_set.tpl"); |
|
else |
|
$nickname_block = file_get_contents("view/settings_nick_unset.tpl"); |
|
|
|
$nickname_block = replace_macros($nickname_block,array( |
|
'$nickname' => $nickname, |
|
'$uid' => $_SESSION['uid'], |
|
'$basepath' => substr($a->get_baseurl(),strpos($a->get_baseurl(),'://') + 3), |
|
'$baseurl' => $a->get_baseurl())); |
|
|
|
$o = file_get_contents('view/settings.tpl'); |
|
|
|
$o = replace_macros($o,array( |
|
'$baseurl' => $a->get_baseurl(), |
|
'$uid' => $_SESSION['uid'], |
|
'$username' => $username, |
|
'$email' => $email, |
|
'$nickname_block' => $nickname_block, |
|
'$timezone' => $timezone, |
|
'$zoneselect' => select_timezone($timezone) |
|
)); |
|
|
|
return $o; |
|
|
|
}} |