Twitter-integration - Twitter settings tab now saves Twitter credentials

[quix0rs-gnu-social.git] / actions / profilesettings.php

diff --git a/actions/profilesettings.php b/actions/profilesettings.php
index cfa4db0d77a87a520ca1009e17f78007039f31e6..14c725ff91364ea4f87abcf9cc20301b431e6636 100644 (file)
--- a/actions/profilesettings.php
+++ b/actions/profilesettings.php
@@ -37,6 +37,7 @@ class ProfilesettingsAction extends SettingsAction {
                                                                                   'id' => 'profilesettings',
                                                                                   'action' =>
                                                                                   common_local_url('profilesettings')));
+               common_hidden('token', common_session_token());
                # too much common patterns here... abstractable?
                common_input('nickname', _('Nickname'),
                                         ($this->arg('nickname')) ? $this->arg('nickname') : $profile->nickname,
@@ -52,6 +53,18 @@ class ProfilesettingsAction extends SettingsAction {
                common_input('location', _('Location'),
                                         ($this->arg('location')) ? $this->arg('location') : $profile->location,
                                         _('Where you are, like "City, State (or Region), Country"'));
+
+               $language = common_language();
+               common_dropdown('language', _('Language'), get_nice_language_list(), _('Preferred language'), TRUE, $language);
+               $timezone = common_timezone();
+               $timezones = array();
+               foreach(DateTimeZone::listIdentifiers() as $k => $v) {
+                       $timezones[$v] = $v;
+               }
+               common_dropdown('timezone', _('Timezone'), $timezones, _('What timezone are you normally in?'), TRUE, $timezone);
+
+               common_checkbox('autosubscribe', _('Automatically subscribe to whoever subscribes to me (best for non-humans)'),
+                                               ($this->arg('autosubscribe')) ? $this->boolean('autosubscribe') : $user->autosubscribe);
                common_submit('submit', _('Save'));
                common_element_end('form');
                common_show_footer();
@@ -64,6 +77,17 @@ class ProfilesettingsAction extends SettingsAction {
                $homepage = $this->trimmed('homepage');
                $bio = $this->trimmed('bio');
                $location = $this->trimmed('location');
+               $autosubscribe = $this->boolean('autosubscribe');
+               $language = $this->trimmed('language');
+               $timezone = $this->trimmed('timezone');
+
+               # CSRF protection
+
+               $token = $this->trimmed('token');
+               if (!$token || $token != common_session_token()) {
+                       $this->show_form(_('There was a problem with your session token. Try again, please.'));
+                       return;
+               }
 
                # Some validation
 
@@ -125,13 +149,16 @@ class ProfilesettingsAction extends SettingsAction {
                                common_log_db_error($user, 'UPDATE', __FILE__);
                                common_server_error(_('Couldn\'t update user.'));
                                return;
+                       } else {
+                               # Re-initialize language environment if it changed
+                               common_init_language();
                        }
                }
 
                # XXX: XOR
-               
+
                if ($user->autosubscribe ^ $autosubscribe) {
-                       
+
                        $original = clone($user);
 
                        $user->autosubscribe = $autosubscribe;
@@ -144,7 +171,7 @@ class ProfilesettingsAction extends SettingsAction {
                                return;
                        }
                }
-               
+
                $profile = $user->getProfile();
 
                $orig_profile = clone($profile);