mod/settings.php

   1 <?php
   2
   3
   4 function settings_init(&$a) {
   5         if(local_user()) {
   6                 profile_load($a,$a->user['nickname']);
   7         }
   8 }
   9
  10
  11 function settings_post(&$a) {
  12
  13         if(! local_user()) {
  14                 notice( t('Permission denied.') . EOL);
  15                 return;
  16         }
  17
  18         call_hooks('settings_post', $_POST);
  19
  20         if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) {
  21                 notice( t('Permission denied.') . EOL);
  22                 return;
  23         }
  24         if((x($_POST,'npassword')) || (x($_POST,'confirm'))) {
  25
  26                 $newpass = $_POST['npassword'];
  27                 $confirm = $_POST['confirm'];
  28
  29                 $err = false;
  30                 if($newpass != $confirm ) {
  31                         notice( t('Passwords do not match. Password unchanged.') . EOL);
  32                         $err = true;
  33                 }
  34
  35                 if((! x($newpass)) || (! x($confirm))) {
  36                         notice( t('Empty passwords are not allowed. Password unchanged.') . EOL);
  37                         $err = true;
  38                 }
  39
  40                 if(! $err) {
  41                         $password = hash('whirlpool',$newpass);
  42                         $r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d LIMIT 1",
  43                                 dbesc($password),
  44                                 intval(local_user())
  45                         );
  46                         if($r)
  47                                 notice( t('Password changed.') . EOL);
  48                         else
  49                                 notice( t('Password update failed. Please try again.') . EOL);
  50                 }
  51         }
  52
  53         $theme            = ((x($_POST,'theme'))      ? notags(trim($_POST['theme']))        : '');
  54         $username         = ((x($_POST,'username'))   ? notags(trim($_POST['username']))     : '');
  55         $email            = ((x($_POST,'email'))      ? notags(trim($_POST['email']))        : '');
  56         $timezone         = ((x($_POST,'timezone'))   ? notags(trim($_POST['timezone']))     : '');
  57         $defloc           = ((x($_POST,'defloc'))     ? notags(trim($_POST['defloc']))       : '');
  58         $openid           = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url']))   : '');
  59         $maxreq           = ((x($_POST,'maxreq'))     ? intval($_POST['maxreq'])             : 0);
  60
  61         $allow_location   = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0);
  62         $publish          = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0);
  63         $net_publish      = (((x($_POST,'profile_in_netdirectory')) && (intval($_POST['profile_in_netdirectory']) == 1)) ? 1: 0);
  64         $old_visibility   = (((x($_POST,'visibility')) && (intval($_POST['visibility']) == 1)) ? 1 : 0);
  65         $page_flags       = (((x($_POST,'page-flags')) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0);
  66
  67         $notify = 0;
  68
  69         if(x($_POST,'notify1'))
  70                 $notify += intval($_POST['notify1']);
  71         if(x($_POST,'notify2'))
  72                 $notify += intval($_POST['notify2']);
  73         if(x($_POST,'notify3'))
  74                 $notify += intval($_POST['notify3']);
  75         if(x($_POST,'notify4'))
  76                 $notify += intval($_POST['notify4']);
  77         if(x($_POST,'notify5'))
  78                 $notify += intval($_POST['notify5']);
  79
  80         $email_changed = false;
  81
  82         $err = '';
  83
  84         if($username != $a->user['username']) {
  85                 if(strlen($username) > 40)
  86                         $err .= t(' Please use a shorter name.');
  87                 if(strlen($username) < 3)
  88                         $err .= t(' Name too short.');
  89         }
  90
  91         if($email != $a->user['email']) {
  92                 $email_changed = true;
  93         if(! valid_email($email))
  94                         $err .= t(' Not valid email.');
  95         }
  96
  97         if(strlen($err)) {
  98                 notice($err . EOL);
  99                 return;
 100         }
 101
 102         if($timezone != $a->user['timezone']) {
 103                 if(strlen($timezone))
 104                         date_default_timezone_set($timezone);
 105         }
 106
 107         $str_group_allow   = perms2str($_POST['group_allow']);
 108         $str_contact_allow = perms2str($_POST['contact_allow']);
 109         $str_group_deny    = perms2str($_POST['group_deny']);
 110         $str_contact_deny  = perms2str($_POST['contact_deny']);
 111
 112         $openidserver="";
 113         if ($openid != $a->user['openid'] && isset($a->user['openidserver'])){
 114                 $openidserver = ", `openidserver` = ''";
 115         }
 116
 117         $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s',  `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `theme` = '%s', `maxreq` = %d".$openidserver."  WHERE `uid` = %d LIMIT 1",
 118                         dbesc($username),
 119                         dbesc($email),
 120                         dbesc($openid),
 121                         dbesc($timezone),
 122                         dbesc($str_contact_allow),
 123                         dbesc($str_group_allow),
 124                         dbesc($str_contact_deny),
 125                         dbesc($str_group_deny),
 126                         intval($notify),
 127                         intval($page_flags),
 128                         dbesc($defloc),
 129                         intval($allow_location),
 130                         dbesc($theme),
 131                         intval($maxreq),
 132                         intval(local_user())
 133         );
 134         if($r)
 135                 notice( t('Settings updated.') . EOL);
 136
 137         $r = q("UPDATE `profile`
 138                 SET `publish` = %d, `net-publish` = %d
 139                 WHERE `is-default` = 1 AND `uid` = %d LIMIT 1",
 140                 intval($publish),
 141                 intval($net_publish),
 142                 intval(local_user())
 143         );
 144
 145         if($old_visibility != $net_publish) {
 146                 // Update global directory in background
 147                 $php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
 148                 $url = $_SESSION['my_url'];
 149                 if($url && strlen(get_config('system','directory_submit_url')))
 150                         proc_close(proc_open("\"$php_path\" \"include/directory.php\" \"$url\" &",
 151                                 array(),$foo));
 152         }
 153
 154         $_SESSION['theme'] = $theme;
 155         if($email_changed && $a->config['register_policy'] == REGISTER_VERIFY) {
 156
 157                 // FIXME - set to un-verified, blocked and redirect to logout
 158
 159         }
 160
 161         goaway($a->get_baseurl() . '/settings' );
 162         return; // NOTREACHED
 163 }
 164
 165
 166 if(! function_exists('settings_content')) {
 167 function settings_content(&$a) {
 168
 169         $o = '';
 170         $o .= '<script> $(document).ready(function() { $(\'#nav-settings-link\').addClass(\'nav-selected\'); });</script>';
 171
 172         if(! local_user()) {
 173                 notice( t('Permission denied.') . EOL );
 174                 return;
 175         }
 176
 177         require_once('include/acl_selectors.php');
 178
 179         $p = q("SELECT * FROM `profile` WHERE `is-default` = 1 AND `uid` = %d LIMIT 1",
 180                 intval(local_user())
 181         );
 182         if(count($p))
 183                 $profile = $p[0];
 184
 185         $username = $a->user['username'];
 186         $email    = $a->user['email'];
 187         $nickname = $a->user['nickname'];
 188         $timezone = $a->user['timezone'];
 189         $notify   = $a->user['notify-flags'];
 190         $defloc   = $a->user['default-location'];
 191         $openid   = $a->user['openid'];
 192         $maxreq   = $a->user['maxreq'];
 193
 194         if(! strlen($a->user['timezone']))
 195                 $timezone = date_default_timezone_get();
 196
 197         $pageset_tpl = load_view_file('view/pagetypes.tpl');
 198         $pagetype = replace_macros($pageset_tpl,array(
 199                 '$normal'         => (($a->user['page-flags'] == PAGE_NORMAL)      ? " checked=\"checked\" " : ""),
 200                 '$soapbox'        => (($a->user['page-flags'] == PAGE_SOAPBOX)     ? " checked=\"checked\" " : ""),
 201                 '$community'      => (($a->user['page-flags'] == PAGE_COMMUNITY)   ? " checked=\"checked\" " : ""),
 202                 '$freelove'       => (($a->user['page-flags'] == PAGE_FREELOVE)    ? " checked=\"checked\" " : ""),
 203                 '$page_normal'    => PAGE_NORMAL,
 204                 '$page_soapbox'   => PAGE_SOAPBOX,
 205                 '$page_community' => PAGE_COMMUNITY,
 206                 '$page_freelove'  => PAGE_FREELOVE
 207         ));
 208
 209         $noid = get_config('system','no_openid');
 210
 211         if($noid) {
 212                 $oidhtml = '';
 213         }
 214         else {
 215                 $oidhtml = '<label id="settings-openid-label" for="settings-openid" >' . t('OpenID: ') . '</label><input type="text" id="settings-openid" class="openid" name="openid_url" value="$openid" />' . t("&nbsp;\x28Optional\x29 Allow this OpenID to login to this account.");
 216         }
 217
 218
 219
 220
 221         $opt_tpl = load_view_file("view/profile-in-directory.tpl");
 222         $profile_in_dir = replace_macros($opt_tpl,array(
 223                 '$yes_selected' => (($profile['publish'])      ? " checked=\"checked\" " : ""),
 224                 '$no_selected'  => (($profile['publish'] == 0) ? " checked=\"checked\" " : "")
 225         ));
 226
 227         if(strlen(get_config('system','directory_submit_url'))) {
 228                 $opt_tpl = load_view_file("view/profile-in-netdir.tpl");
 229
 230                 $profile_in_net_dir = replace_macros($opt_tpl,array(
 231                         '$yes_selected' => (($profile['net-publish'])      ? " checked=\"checked\" " : ""),
 232                         '$no_selected'  => (($profile['net-publish'] == 0) ? " checked=\"checked\" " : "")
 233                 ));
 234         }
 235         else
 236                 $profile_in_net_dir = '';
 237
 238         $loc_checked = (($a->user['allow_location'] == 1)      ? " checked=\"checked\" " : "");
 239
 240         $invisible = (((! $profile['publish']) && (! $profile['net-publish']))
 241                 ? true : false);
 242
 243         if($invisible)
 244                 notice( t('Profile is <strong>not published</strong>.') . EOL );
 245
 246         $nickname_block = load_view_file("view/settings_nick_set.tpl");
 247
 248         $nickname_subdir = '';
 249         if(strlen($a->get_path())) {
 250                 $subdir_tpl = load_view_file('view/settings_nick_subdir.tpl');
 251                 $nickname_subdir = replace_macros($subdir_tpl, array(
 252                         '$baseurl' => $a->get_baseurl(),
 253                         '$nickname' => $nickname,
 254                         '$hostname' => $a->get_hostname()
 255                 ));
 256         }
 257
 258         $theme_selector = '<select name="theme" id="theme-select" >';
 259         $files = glob('view/theme/*');
 260         if($files) {
 261                 foreach($files as $file) {
 262                         $f = basename($file);
 263                         $selected = (($f == $_SESSION['theme']) || ($f === 'default' && (! x($_SESSION,'theme')))
 264                                 ? ' selected="selected" ' : '' );
 265                         $theme_selector .= '<option val="' . basename($file) . '"' . $selected . '>' . basename($file) . '</option>';
 266                 }
 267         }
 268         $theme_selector .= '</select>';
 269
 270
 271         $nickname_block = replace_macros($nickname_block,array(
 272                 '$nickname' => $nickname,
 273                 '$uid' => local_user(),
 274                 '$subdir' => $nickname_subdir,
 275                 '$basepath' => $a->get_hostname(),
 276                 '$baseurl' => $a->get_baseurl()));
 277
 278         $stpl = load_view_file('view/settings.tpl');
 279
 280         $celeb = ((($a->user['page-flags'] == PAGE_SOAPBOX) || ($a->user['page-flags'] == PAGE_COMMUNITY)) ? true : false);
 281
 282         $o .= replace_macros($stpl,array(
 283                 '$baseurl' => $a->get_baseurl(),
 284                 '$oidhtml' => $oidhtml,
 285                 '$uid' => local_user(),
 286                 '$username' => $username,
 287                 '$openid' => $openid,
 288                 '$email' => $email,
 289                 '$nickname_block' => $nickname_block,
 290                 '$timezone' => $timezone,
 291                 '$zoneselect' => select_timezone($timezone),
 292                 '$defloc' => $defloc,
 293                 '$loc_checked' => $loc_checked,
 294                 '$profile_in_dir' => $profile_in_dir,
 295                 '$profile_in_net_dir' => $profile_in_net_dir,
 296                 '$permissions' => t('Default Post Permissions'),
 297                 '$visibility' => $profile['net-publish'],
 298                 '$aclselect' => populate_acl($a->user,$celeb),
 299                 '$sel_notify1' => (($notify & NOTIFY_INTRO)   ? ' checked="checked" ' : ''),
 300                 '$sel_notify2' => (($notify & NOTIFY_CONFIRM) ? ' checked="checked" ' : ''),
 301                 '$sel_notify3' => (($notify & NOTIFY_WALL)    ? ' checked="checked" ' : ''),
 302                 '$sel_notify4' => (($notify & NOTIFY_COMMENT) ? ' checked="checked" ' : ''),
 303                 '$sel_notify5' => (($notify & NOTIFY_MAIL)    ? ' checked="checked" ' : ''),
 304                 '$maxreq' => $maxreq,
 305                 '$theme' => $theme_selector,
 306                 '$pagetype' => $pagetype
 307         ));
 308
 309         call_hooks('settings_page',$o);
 310
 311         return $o;
 312
 313 }}
 314