X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=actions%2Fprofilesettings.php;h=ad4bb968ffb0a9deb5f3f12415a988f2a3ad1734;hb=9b5e6de1f4f897b7d83cd76480ed0f4bf2b1edf3;hp=58160a4060d720e48cfac3f55c298b5dc26abf40;hpb=c2a170da108a6645846aa2e60238974b49363b21;p=quix0rs-gnu-social.git

diff --git a/actions/profilesettings.php b/actions/profilesettings.php
index 58160a4060..ad4bb968ff 100644
--- a/actions/profilesettings.php
+++ b/actions/profilesettings.php
@@ -23,19 +23,17 @@ require_once(INSTALLDIR.'/lib/settingsaction.php');
 
 class ProfilesettingsAction extends SettingsAction {
 
+	function get_instructions() {
+		return _t('You can update your personal profile info here '.
+				  'so people know more about you.');
+	}
+
 	function show_form($msg=NULL, $success=false) {
 		$user = common_current_user();
 		$profile = $user->getProfile();
-		common_show_header(_t('Profile settings'), NULL, NULL, array($this, 'settings_menu'));
+		$this->form_header(_t('Profile settings'), $msg, $success);
 
-		if ($msg) {
-			$this->message($msg, $success);
-		} else {
-			common_element('div', 'instructions',
-						   _t('You can update your personal profile info here '.
-							  'so people know more about you. '));
-		}
-		common_element_start('form', array('method' => 'POST',
+		common_element_start('form', array('method' => 'post',
 										   'id' => 'profilesettings',
 										   'action' =>
 										   common_local_url('profilesettings')));
@@ -63,7 +61,7 @@ class ProfilesettingsAction extends SettingsAction {
 	}
 
 	function handle_post() {
-		
+
 		$nickname = $this->trimmed('nickname');
 		$fullname = $this->trimmed('fullname');
 		$email = $this->trimmed('email');
@@ -72,8 +70,8 @@ class ProfilesettingsAction extends SettingsAction {
 		$location = $this->trimmed('location');
 
 		# Some validation
-		
-		if (!Validate::email($email, true)) {
+
+		if ($email && !Validate::email($email, true)) {
 			$this->show_form(_t('Not a valid email address.'));
 			return;
 		} else if (!Validate::string($nickname, array('min_length' => 1,
@@ -81,6 +79,9 @@ class ProfilesettingsAction extends SettingsAction {
 													  'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
 			$this->show_form(_t('Nickname must have only letters and numbers and no spaces.'));
 			return;
+		} else if (!User::allowed_nickname($nickname)) {
+			$this->show_form(_t('Not a valid nickname.'));
+			return;
 		} else if (!is_null($homepage) && (strlen($homepage) > 0) &&
 				   !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) {
 			$this->show_form(_t('Homepage is not a valid URL.'));
@@ -101,20 +102,56 @@ class ProfilesettingsAction extends SettingsAction {
 			$this->show_form(_t('Email address already exists.'));
 			return;
 		}
-		
+
 		$user = common_current_user();
-		assert(!is_null($user)); # should already be checked
 
-		# FIXME: transaction!
+		$user->query('BEGIN');
 
-		$original = clone($user);
+		if ($user->nickname != $nickname) {
 
-		$user->nickname = $nickname;
-		$user->email = $email;
+			common_debug('Updating user nickname from ' . $user->nickname . ' to ' . $nickname,
+						 __FILE__);
 
-		if (!$user->update($original)) {
-			common_server_error(_t('Couldnt update user.'));
-			return;
+			$original = clone($user);
+
+			$user->nickname = $nickname;
+
+			$result = $user->updateKeys($original);
+
+			if ($result === FALSE) {
+				common_log_db_error($user, 'UPDATE', __FILE__);
+				common_server_error(_t('Couldnt update user.'));
+				return;
+			}
+		}
+
+		if ($user->email != $email) {
+
+			common_debug('Updating user email from ' . $user->email . ' to ' . $email,
+						 __FILE__);
+
+			# We don't update email directly; it gets done by confirmemail
+
+			$confirm = new Confirm_address();
+
+			$confirm->code = common_confirmation_code(128);
+			$confirm->user_id = $user->id;
+			$confirm->address = $email;
+			$confirm->address_type = 'email';
+
+			$result = $confirm->insert();
+
+			if (!$result) {
+				common_log_db_error($confirm, 'INSERT', __FILE__);
+				common_server_error(_t('Couldnt confirm email.'));
+				return FALSE;
+			}
+
+			# XXX: try not to do this in the middle of a transaction
+
+			mail_confirm_address($confirm->code,
+								 $profile->nickname,
+								 $email);
 		}
 
 		$profile = $user->getProfile();
@@ -128,16 +165,24 @@ class ProfilesettingsAction extends SettingsAction {
 		$profile->location = $location;
 		$profile->profileurl = common_profile_url($nickname);
 
-		if (FALSE === $profile->update($orig_profile)) {
+		common_debug('Old profile: ' . common_log_objstring($orig_profile), __FILE__);
+		common_debug('New profile: ' . common_log_objstring($profile), __FILE__);
+
+		$result = $profile->update($orig_profile);
+
+		if (!$result) {
+			common_log_db_error($profile, 'UPDATE', __FILE__);
 			common_server_error(_t('Couldnt save profile.'));
 			return;
 		}
 
+		$user->query('COMMIT');
+
 		common_broadcast_profile($profile);
-		
+
 		$this->show_form(_t('Settings saved.'), TRUE);
 	}
-	
+
 	function nickname_exists($nickname) {
 		$user = common_current_user();
 		$other = User::staticGet('nickname', $nickname);
@@ -147,7 +192,7 @@ class ProfilesettingsAction extends SettingsAction {
 			return $other->id != $user->id;
 		}
 	}
-	
+
 	function email_exists($email) {
 		$user = common_current_user();
 		$other = User::staticGet('email', $email);
@@ -157,4 +202,4 @@ class ProfilesettingsAction extends SettingsAction {
 			return $other->id != $user->id;
 		}
 	}
-}
\ No newline at end of file
+}