mod/settings.php

   1 <?php
   2
   3
   4 function settings_init(&$a) {
   5         if(local_user()) {
   6                 require_once("mod/profile.php");
   7                 profile_load($a,$a->user['nickname']);
   8         }
   9 }
  10
  11
  12 function settings_post(&$a) {
  13
  14         if(! local_user()) {
  15                 notice( t('Permission denied.') . EOL);
  16                 return;
  17         }
  18         if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != get_uid()) {
  19                 notice( t('Permission denied.') . EOL);
  20                 return;
  21         }
  22         if((x($_POST,'npassword')) || (x($_POST,'confirm'))) {
  23
  24                 $newpass = trim($_POST['npassword']);
  25                 $confirm = trim($_POST['confirm']);
  26
  27                 $err = false;
  28                 if($newpass != $confirm ) {
  29                         notice( t('Passwords do not match. Password unchanged.') . EOL);
  30                         $err = true;
  31                 }
  32
  33                 if((! x($newpass)) || (! x($confirm))) {
  34                         notice( t('Empty passwords are not allowed. Password unchanged.') . EOL);
  35                         $err = true;
  36                 }
  37
  38                 if(! $err) {
  39                         $password = hash('whirlpool',$newpass);
  40                         $r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d LIMIT 1",
  41                                 dbesc($password),
  42                                 intval(get_uid())
  43                         );
  44                         if($r)
  45                                 notice( t('Password changed.') . EOL);
  46                         else
  47                                 notice( t('Password update failed. Please try again.') . EOL);
  48                 }
  49         }
  50
  51         $theme            = notags(trim($_POST['theme']));
  52         $username         = notags(trim($_POST['username']));
  53         $email            = notags(trim($_POST['email']));
  54         $timezone         = notags(trim($_POST['timezone']));
  55         $defloc           = notags(trim($_POST['defloc']));
  56
  57         $publish          = (($_POST['profile_in_directory'] == 1) ? 1: 0);
  58         $net_publish      = (($_POST['profile_in_netdirectory'] == 1) ? 1: 0);
  59         $old_visibility   = ((intval($_POST['visibility']) == 1) ? 1 : 0);
  60
  61         $notify = 0;
  62
  63         if($_POST['notify1'])
  64                 $notify += intval($_POST['notify1']);
  65         if($_POST['notify2'])
  66                 $notify += intval($_POST['notify2']);
  67         if($_POST['notify3'])
  68                 $notify += intval($_POST['notify3']);
  69         if($_POST['notify4'])
  70                 $notify += intval($_POST['notify4']);
  71         if($_POST['notify5'])
  72                 $notify += intval($_POST['notify5']);
  73
  74         $email_changed = false;
  75
  76         $err = '';
  77
  78         if($username != $a->user['username']) {
  79                 if(strlen($username) > 40)
  80                         $err .= t(' Please use a shorter name.');
  81                 if(strlen($username) < 3)
  82                         $err .= t(' Name too short.');
  83         }
  84         if($email != $a->user['email']) {
  85                 $email_changed = true;
  86                 if(!eregi('[A-Za-z0-9._%-]+@[A-Za-z0-9._%-]+\.[A-Za-z]{2,6}',$email))
  87                         $err .= t(' Not valid email.');
  88                 $r = q("SELECT `uid` FROM `user`
  89                         WHERE `email` = '%s' LIMIT 1",
  90                         dbesc($email)
  91                         );
  92                 if($r !== NULL && count($r))
  93                         $err .= t(' This email address is already registered.');
  94         }
  95
  96         if(strlen($err)) {
  97                 notice($err . EOL);
  98                 return;
  99         }
 100         if($timezone != $a->user['timezone']) {
 101                 if(strlen($timezone))
 102                         date_default_timezone_set($timezone);
 103         }
 104
 105
 106         $str_group_allow   = perms2str($_POST['group_allow']);
 107         $str_contact_allow = perms2str($_POST['contact_allow']);
 108         $str_group_deny    = perms2str($_POST['group_deny']);
 109         $str_contact_deny  = perms2str($_POST['contact_deny']);
 110
 111         $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `timezone` = '%s',  `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `default-location` = '%s', `theme` = '%s'  WHERE `uid` = %d LIMIT 1",
 112                         dbesc($username),
 113                         dbesc($email),
 114                         dbesc($timezone),
 115                         dbesc($str_contact_allow),
 116                         dbesc($str_group_allow),
 117                         dbesc($str_contact_deny),
 118                         dbesc($str_group_deny),
 119                         intval($notify),
 120                         dbesc($defloc),
 121                         dbesc($theme),
 122                         intval(get_uid())
 123         );
 124         if($r)
 125                 notice( t('Settings updated.') . EOL);
 126
 127         $r = q("UPDATE `profile`
 128                 SET `publish` = %d, `net-publish` = %d
 129                 WHERE `is-default` = 1 AND `uid` = %d LIMIT 1",
 130                 intval($publish),
 131                 intval($net_publish),
 132                 intval(get_uid())
 133         );
 134
 135         if($old_visibility != $net_publish) {
 136                 // Update global directory in background
 137                 $php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php');
 138                 $url = $_SESSION['my_url'];
 139                 if($url && strlen(get_config('system','directory_submit_url')))
 140                         proc_close(proc_open("\"$php_path\" \"include/directory.php\" \"$url\" &",
 141                                 array(),$foo));
 142         }
 143
 144         $_SESSION['theme'] = $theme;
 145         if($email_changed && $a->config['register_policy'] == REGISTER_VERIFY) {
 146
 147                 // FIXME - set to un-verified, blocked and redirect to logout
 148
 149         }
 150
 151         goaway($a->get_baseurl() . '/settings' );
 152         return; // NOTREACHED
 153 }
 154
 155
 156 if(! function_exists('settings_content')) {
 157 function settings_content(&$a) {
 158
 159         if(! local_user()) {
 160                 notice( t('Permission denied.') . EOL );
 161                 return;
 162         }
 163
 164         require_once('view/acl_selectors.php');
 165
 166         $p = q("SELECT * FROM `profile` WHERE `is-default` = 1 AND `uid` = %d LIMIT 1",
 167                 intval($_SESSION['uid'])
 168         );
 169         if(count($p))
 170                 $profile = $p[0];
 171
 172         $username = $a->user['username'];
 173         $email    = $a->user['email'];
 174         $nickname = $a->user['nickname'];
 175         $timezone = $a->user['timezone'];
 176         $notify   = $a->user['notify-flags'];
 177         $defloc   = $a->user['default-location'];
 178
 179         if(! strlen($a->user['timezone']))
 180                 $timezone = date_default_timezone_get();
 181
 182
 183         $opt_tpl = file_get_contents("view/profile-in-directory.tpl");
 184         $profile_in_dir = replace_macros($opt_tpl,array(
 185                 '$yes_selected' => (($profile['publish'])      ? " checked=\"checked\" " : ""),
 186                 '$no_selected'  => (($profile['publish'] == 0) ? " checked=\"checked\" " : "")
 187         ));
 188
 189         if(strlen(get_config('system','directory_submit_url'))) {
 190                 $opt_tpl = file_get_contents("view/profile-in-netdir.tpl");
 191
 192                 $profile_in_net_dir = replace_macros($opt_tpl,array(
 193                         '$yes_selected' => (($profile['net-publish'])      ? " checked=\"checked\" " : ""),
 194                         '$no_selected'  => (($profile['net-publish'] == 0) ? " checked=\"checked\" " : "")
 195                 ));
 196         }
 197         else
 198                 $profile_in_net_dir = '';
 199
 200         $nickname_block = file_get_contents("view/settings_nick_set.tpl");
 201
 202         $nickname_subdir = '';
 203         if(strlen($a->get_path())) {
 204                 $subdir_tpl = file_get_contents('view/settings_nick_subdir.tpl');
 205                 $nickname_subdir = replace_macros($subdir_tpl, array(
 206                         '$baseurl' => $a->get_baseurl(),
 207                         '$nickname' => $nickname,
 208                         '$hostname' => $a->get_hostname()
 209                 ));
 210         }
 211
 212         $theme_selector = '<select name="theme" id="theme-select" >';
 213         $files = glob('view/theme/*');
 214         if($files) {
 215                 foreach($files as $file) {
 216                         $f = basename($file);
 217                         $selected = (($f == $_SESSION['theme']) || ($f == 'default' && (! x($_SESSION,'theme')))
 218                                 ? ' selected="selected" ' : '' );
 219                         $theme_selector .= '<option val="' . basename($file) . '"' . $selected . '>' . basename($file) . '</option>';
 220                 }
 221         }
 222         $theme_selector .= '</select>';
 223
 224
 225         $nickname_block = replace_macros($nickname_block,array(
 226                 '$nickname' => $nickname,
 227                 '$uid' => $_SESSION['uid'],
 228                 '$subdir' => $nickname_subdir,
 229                 '$basepath' => $a->get_hostname(),
 230                 '$baseurl' => $a->get_baseurl()));
 231
 232         $o = file_get_contents('view/settings.tpl');
 233
 234         $o = replace_macros($o,array(
 235                 '$baseurl' => $a->get_baseurl(),
 236                 '$uid' => $_SESSION['uid'],
 237                 '$username' => $username,
 238                 '$email' => $email,
 239                 '$nickname_block' => $nickname_block,
 240                 '$timezone' => $timezone,
 241                 '$zoneselect' => select_timezone($timezone),
 242                 '$defloc' => $defloc,
 243                 '$profile_in_dir' => $profile_in_dir,
 244                 '$profile_in_net_dir' => $profile_in_net_dir,
 245                 '$permissions' => t('Default Post Permissions'),
 246                 '$visibility' => $profile['net-publish'],
 247                 '$aclselect' => populate_acl($a->user),
 248                 '$sel_notify1' => (($notify & NOTIFY_INTRO)   ? ' checked="checked" ' : ''),
 249                 '$sel_notify2' => (($notify & NOTIFY_CONFIRM) ? ' checked="checked" ' : ''),
 250                 '$sel_notify3' => (($notify & NOTIFY_WALL)    ? ' checked="checked" ' : ''),
 251                 '$sel_notify4' => (($notify & NOTIFY_COMMENT) ? ' checked="checked" ' : ''),
 252                 '$sel_notify5' => (($notify & NOTIFY_MAIL)    ? ' checked="checked" ' : ''),
 253                 '$theme' => $theme_selector
 254         ));
 255
 256         return $o;
 257
 258 }}