X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fprofilesettings.php;h=ad4bb968ffb0a9deb5f3f12415a988f2a3ad1734;hb=9b5e6de1f4f897b7d83cd76480ed0f4bf2b1edf3;hp=f46045dde474d5b77293678ea8cccad04c642025;hpb=3b14b7901c65144835d74b712279d0492c267c0c;p=quix0rs-gnu-social.git diff --git a/actions/profilesettings.php b/actions/profilesettings.php index f46045dde4..ad4bb968ff 100644 --- a/actions/profilesettings.php +++ b/actions/profilesettings.php @@ -1,86 +1,205 @@ . */ if (!defined('LACONICA')) { exit(1); } +require_once(INSTALLDIR.'/lib/settingsaction.php'); + class ProfilesettingsAction extends SettingsAction { - + + function get_instructions() { + return _t('You can update your personal profile info here '. + 'so people know more about you.'); + } + function show_form($msg=NULL, $success=false) { - common_show_header(_t('Profile settings')); - $this->settings_menu(); - $this->message($msg, $success); - common_start_element('form', array('method' => 'POST', + $user = common_current_user(); + $profile = $user->getProfile(); + $this->form_header(_t('Profile settings'), $msg, $success); + + common_element_start('form', array('method' => 'post', 'id' => 'profilesettings', - 'action' => + 'action' => common_local_url('profilesettings'))); - common_input('nickname', _t('Nickname')); - common_input('fullname', _t('Full name')); - common_input('email', _t('Email address')); - common_input('homepage', _t('Homepage')); - common_input('bio', _t('Bio')); - common_input('location', _t('Location')); - common_element('input', array('name' => 'submit', - 'type' => 'submit', - 'id' => 'submit'), - _t('Login')); - common_element('input', array('name' => 'cancel', - 'type' => 'button', - 'id' => 'cancel'), - _t('Cancel')); + # too much common patterns here... abstractable? + common_input('nickname', _t('Nickname'), + ($this->arg('nickname')) ? $this->arg('nickname') : $profile->nickname, + _t('1-64 lowercase letters or numbers, no punctuation or spaces')); + common_input('fullname', _t('Full name'), + ($this->arg('fullname')) ? $this->arg('fullname') : $profile->fullname); + common_input('email', _t('Email address'), + ($this->arg('email')) ? $this->arg('email') : $user->email, + _t('Used only for updates, announcements, and password recovery')); + common_input('homepage', _t('Homepage'), + ($this->arg('homepage')) ? $this->arg('homepage') : $profile->homepage, + _t('URL of your homepage, blog, or profile on another site')); + common_textarea('bio', _t('Bio'), + ($this->arg('bio')) ? $this->arg('bio') : $profile->bio, + _t('Describe yourself and your interests in 140 chars')); + common_input('location', _t('Location'), + ($this->arg('location')) ? $this->arg('location') : $profile->location, + _t('Where you are, like "City, State (or Region), Country"')); + common_submit('submit', _t('Save')); + common_element_end('form'); common_show_footer(); } - + function handle_post() { - $nickname = $this->arg('nickname'); - $fullname = $this->arg('fullname'); - $email = $this->arg('email'); - $homepage = $this->arg('homepage'); - $bio = $this->arg('bio'); - $location = $this->arg('location'); - $user = common_current_user(); - assert(!is_null($user)); # should already be checked - - # FIXME: scrub input - # FIXME: transaction! - - $user->nickname = $this->arg('nickname'); - $user->email = $this->arg('email'); - - if (!$user->update()) { - common_server_error(_t('Couldnt update user.')); + $nickname = $this->trimmed('nickname'); + $fullname = $this->trimmed('fullname'); + $email = $this->trimmed('email'); + $homepage = $this->trimmed('homepage'); + $bio = $this->trimmed('bio'); + $location = $this->trimmed('location'); + + # Some validation + + if ($email && !Validate::email($email, true)) { + $this->show_form(_t('Not a valid email address.')); + return; + } else if (!Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { + $this->show_form(_t('Nickname must have only letters and numbers and no spaces.')); + return; + } else if (!User::allowed_nickname($nickname)) { + $this->show_form(_t('Not a valid nickname.')); + return; + } else if (!is_null($homepage) && (strlen($homepage) > 0) && + !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) { + $this->show_form(_t('Homepage is not a valid URL.')); + return; + } else if (!is_null($fullname) && strlen($fullname) > 255) { + $this->show_form(_t('Fullname is too long (max 255 chars).')); + return; + } else if (!is_null($bio) && strlen($bio) > 140) { + $this->show_form(_t('Bio is too long (max 140 chars).')); + return; + } else if (!is_null($location) && strlen($location) > 255) { + $this->show_form(_t('Location is too long (max 255 chars).')); + return; + } else if ($this->nickname_exists($nickname)) { + $this->show_form(_t('Nickname already exists.')); + return; + } else if ($this->email_exists($email)) { + $this->show_form(_t('Email address already exists.')); return; } + $user = common_current_user(); + + $user->query('BEGIN'); + + if ($user->nickname != $nickname) { + + common_debug('Updating user nickname from ' . $user->nickname . ' to ' . $nickname, + __FILE__); + + $original = clone($user); + + $user->nickname = $nickname; + + $result = $user->updateKeys($original); + + if ($result === FALSE) { + common_log_db_error($user, 'UPDATE', __FILE__); + common_server_error(_t('Couldnt update user.')); + return; + } + } + + if ($user->email != $email) { + + common_debug('Updating user email from ' . $user->email . ' to ' . $email, + __FILE__); + + # We don't update email directly; it gets done by confirmemail + + $confirm = new Confirm_address(); + + $confirm->code = common_confirmation_code(128); + $confirm->user_id = $user->id; + $confirm->address = $email; + $confirm->address_type = 'email'; + + $result = $confirm->insert(); + + if (!$result) { + common_log_db_error($confirm, 'INSERT', __FILE__); + common_server_error(_t('Couldnt confirm email.')); + return FALSE; + } + + # XXX: try not to do this in the middle of a transaction + + mail_confirm_address($confirm->code, + $profile->nickname, + $email); + } + $profile = $user->getProfile(); + $orig_profile = clone($profile); + $profile->nickname = $user->nickname; - $profile->fullname = $this->arg('fullname'); - $profile->homepage = $this->arg('homepage'); - $profile->bio = $this->arg('bio'); - $profile->location = $this->arg('location'); + $profile->fullname = $fullname; + $profile->homepage = $homepage; + $profile->bio = $bio; + $profile->location = $location; + $profile->profileurl = common_profile_url($nickname); - if (!$profile->update()) { + common_debug('Old profile: ' . common_log_objstring($orig_profile), __FILE__); + common_debug('New profile: ' . common_log_objstring($profile), __FILE__); + + $result = $profile->update($orig_profile); + + if (!$result) { + common_log_db_error($profile, 'UPDATE', __FILE__); common_server_error(_t('Couldnt save profile.')); return; } - + + $user->query('COMMIT'); + + common_broadcast_profile($profile); + $this->show_form(_t('Settings saved.'), TRUE); } -} \ No newline at end of file + + function nickname_exists($nickname) { + $user = common_current_user(); + $other = User::staticGet('nickname', $nickname); + if (!$other) { + return false; + } else { + return $other->id != $user->id; + } + } + + function email_exists($email) { + $user = common_current_user(); + $other = User::staticGet('email', $email); + if (!$other) { + return false; + } else { + return $other->id != $user->id; + } + } +}