X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=actions%2Fprofilesettings.php;h=fb847680b9c158e85dc319d89029933edddabc2d;hb=db4ffca5350a11835c2c990f8d77d7cabb365a43;hp=282152cca1a48017119e88e77228176390ec0a96;hpb=aa29ebf9f42518441e2078679bd6377ed55b6624;p=quix0rs-gnu-social.git diff --git a/actions/profilesettings.php b/actions/profilesettings.php index 282152cca1..fb847680b9 100644 --- a/actions/profilesettings.php +++ b/actions/profilesettings.php @@ -1,9 +1,12 @@ . + * + * @category Settings + * @package Laconica + * @author Evan Prodromou + * @author Zach Copley + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/accountsettingsaction.php'; + +/** + * Change profile settings + * + * @category Settings + * @package Laconica + * @author Evan Prodromou + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); - -class ProfilesettingsAction extends SettingsAction { - - function get_instructions() { - return _('You can update your personal profile info here '. - 'so people know more about you.'); - } - - function show_form($msg=NULL, $success=false) { - $this->form_header(_('Profile settings'), $msg, $success); - $this->show_settings_form(); - common_element('h2', NULL, _('Avatar')); - $this->show_avatar_form(); - common_element('h2', NULL, _('Change password')); - $this->show_password_form(); - common_element('h2', NULL, _('Delete my account')); - $this->show_delete_form(); - common_show_footer(); - } - - function handle_post() { - - # CSRF protection - - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_profile(); - } else if ($this->arg('upload')) { - $this->upload_avatar(); - } else if ($this->arg('changepass')) { - $this->change_password(); - } else if ($this->arg('deleteaccount')) { - $this->delete_account(); - } - - } - - function show_settings_form() { - - $user = common_current_user(); - $profile = $user->getProfile(); - - common_element_start('form', array('method' => 'POST', - 'id' => 'profilesettings', - 'action' => - common_local_url('profilesettings'))); - common_hidden('token', common_session_token()); - - # too much common patterns here... abstractable? - - common_input('nickname', _('Nickname'), - ($this->arg('nickname')) ? $this->arg('nickname') : $profile->nickname, - _('1-64 lowercase letters or numbers, no punctuation or spaces')); - common_input('fullname', _('Full name'), - ($this->arg('fullname')) ? $this->arg('fullname') : $profile->fullname); - common_input('homepage', _('Homepage'), - ($this->arg('homepage')) ? $this->arg('homepage') : $profile->homepage, - _('URL of your homepage, blog, or profile on another site')); - common_textarea('bio', _('Bio'), - ($this->arg('bio')) ? $this->arg('bio') : $profile->bio, - _('Describe yourself and your interests in 140 chars')); - common_input('location', _('Location'), - ($this->arg('location')) ? $this->arg('location') : $profile->location, - _('Where you are, like "City, State (or Region), Country"')); - common_input('tags', _('Tags'), - ($this->arg('tags')) ? $this->arg('tags') : implode(' ', $user->getSelfTags()), - _('Tags for yourself (letters, numbers, -, ., and _), comma- or space- separated')); - - $language = common_language(); - common_dropdown('language', _('Language'), get_nice_language_list(), _('Preferred language'), TRUE, $language); - $timezone = common_timezone(); - $timezones = array(); - foreach(DateTimeZone::listIdentifiers() as $k => $v) { - $timezones[$v] = $v; - } - common_dropdown('timezone', _('Timezone'), $timezones, _('What timezone are you normally in?'), TRUE, $timezone); - - common_checkbox('autosubscribe', _('Automatically subscribe to whoever subscribes to me (best for non-humans)'), - ($this->arg('autosubscribe')) ? $this->boolean('autosubscribe') : $user->autosubscribe); - - common_submit('save', _('Save')); - - common_element_end('form'); - - - } - - function show_avatar_form() { - - $user = common_current_user(); - $profile = $user->getProfile(); - - if (!$profile) { - common_log_db_error($user, 'SELECT', __FILE__); - $this->server_error(_('User without matching profile')); - return; - } - - $original = $profile->getOriginalAvatar(); - - - common_element_start('form', array('enctype' => 'multipart/form-data', - 'method' => 'POST', - 'id' => 'avatar', - 'action' => - common_local_url('profilesettings'))); - common_hidden('token', common_session_token()); - - if ($original) { - common_element('img', array('src' => $original->url, - 'class' => 'avatar original', - 'width' => $original->width, - 'height' => $original->height, - 'alt' => $user->nickname)); - } - - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - - if ($avatar) { - common_element('img', array('src' => $avatar->url, - 'class' => 'avatar profile', - 'width' => AVATAR_PROFILE_SIZE, - 'height' => AVATAR_PROFILE_SIZE, - 'alt' => $user->nickname)); - } - - - common_element('input', array('name' => 'MAX_FILE_SIZE', - 'type' => 'hidden', - 'id' => 'MAX_FILE_SIZE', - 'value' => MAX_AVATAR_SIZE)); - - common_element_start('p'); - - - common_element('input', array('name' => 'avatarfile', - 'type' => 'file', - 'id' => 'avatarfile')); - common_element_end('p'); - - common_submit('upload', _('Upload')); - common_element_end('form'); - - } - - function show_password_form() { - - $user = common_current_user(); - common_element_start('form', array('method' => 'POST', - 'id' => 'password', - 'action' => - common_local_url('profilesettings'))); - - common_hidden('token', common_session_token()); - - # Users who logged in with OpenID won't have a pwd - if ($user->password) { - common_password('oldpassword', _('Old password')); - } - common_password('newpassword', _('New password'), - _('6 or more characters')); - common_password('confirm', _('Confirm'), - _('same as password above')); - common_submit('changepass', _('Change')); - common_element_end('form'); - } +class ProfilesettingsAction extends AccountSettingsAction +{ + /** + * Title of the page + * + * @return string Title of the page + */ + + function title() + { + return _('Profile settings'); + } + + /** + * Instructions for use + * + * @return instructions for use + */ + function getInstructions() + { + return _('You can update your personal profile info here '. + 'so people know more about you.'); + } - function show_feeds_list($feeds) { - common_element_start('div', array('class' => 'feedsdel')); - common_element('p', null, 'Feeds:'); - common_element_start('ul', array('class' => 'xoxo')); + /** + * Content area of the page + * + * Shows a form for uploading an avatar. + * + * @return void + */ - foreach ($feeds as $key => $value) { - $this->common_feed_item($feeds[$key]); - } - common_element_end('ul'); - common_element_end('div'); - } + function showContent() + { + $user = common_current_user(); + $profile = $user->getProfile(); + + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_profile', + 'class' => 'form_settings', + 'action' => common_local_url('profilesettings'))); + $this->elementStart('fieldset'); + $this->element('legend', null, _('Profile information')); + $this->hidden('token', common_session_token()); + + // too much common patterns here... abstractable? + $this->elementStart('ul', 'form_data'); + if (Event::handle('StartProfileFormData', array($this))) { + $this->elementStart('li'); + $this->input('nickname', _('Nickname'), + ($this->arg('nickname')) ? $this->arg('nickname') : $profile->nickname, + _('1-64 lowercase letters or numbers, no punctuation or spaces')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->input('fullname', _('Full name'), + ($this->arg('fullname')) ? $this->arg('fullname') : $profile->fullname); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->input('homepage', _('Homepage'), + ($this->arg('homepage')) ? $this->arg('homepage') : $profile->homepage, + _('URL of your homepage, blog, or profile on another site')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->textarea('bio', _('Bio'), + ($this->arg('bio')) ? $this->arg('bio') : $profile->bio, + _('Describe yourself and your interests in 140 chars')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->input('location', _('Location'), + ($this->arg('location')) ? $this->arg('location') : $profile->location, + _('Where you are, like "City, State (or Region), Country"')); + $this->elementEnd('li'); + Event::handle('EndProfileFormData', array($this)); + $this->elementStart('li'); + $this->input('tags', _('Tags'), + ($this->arg('tags')) ? $this->arg('tags') : implode(' ', $user->getSelfTags()), + _('Tags for yourself (letters, numbers, -, ., and _), comma- or space- separated')); + $this->elementEnd('li'); + $this->elementStart('li'); + $language = common_language(); + $this->dropdown('language', _('Language'), + get_nice_language_list(), _('Preferred language'), + false, $language); + $this->elementEnd('li'); + $timezone = common_timezone(); + $timezones = array(); + foreach(DateTimeZone::listIdentifiers() as $k => $v) { + $timezones[$v] = $v; + } + $this->elementStart('li'); + $this->dropdown('timezone', _('Timezone'), + $timezones, _('What timezone are you normally in?'), + true, $timezone); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('autosubscribe', + _('Automatically subscribe to whoever '. + 'subscribes to me (best for non-humans)'), + ($this->arg('autosubscribe')) ? + $this->boolean('autosubscribe') : $user->autosubscribe); + $this->elementEnd('li'); + } + $this->elementEnd('ul'); + $this->submit('save', _('Save')); + + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + /** + * Handle a post + * + * Validate input and save changes. Reload the form with a success + * or error message. + * + * @return void + */ + + function handlePost() + { + // CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + if (Event::handle('StartProfileSaveForm', array($this))) { + + $nickname = $this->trimmed('nickname'); + $fullname = $this->trimmed('fullname'); + $homepage = $this->trimmed('homepage'); + $bio = $this->trimmed('bio'); + $location = $this->trimmed('location'); + $autosubscribe = $this->boolean('autosubscribe'); + $language = $this->trimmed('language'); + $timezone = $this->trimmed('timezone'); + $tagstring = $this->trimmed('tags'); + + // Some validation + if (!Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { + $this->showForm(_('Nickname must have only lowercase letters and numbers and no spaces.')); + return; + } else if (!User::allowed_nickname($nickname)) { + $this->showForm(_('Not a valid nickname.')); + return; + } else if (!is_null($homepage) && (strlen($homepage) > 0) && + !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) { + $this->showForm(_('Homepage is not a valid URL.')); + return; + } else if (!is_null($fullname) && mb_strlen($fullname) > 255) { + $this->showForm(_('Full name is too long (max 255 chars).')); + return; + } else if (!is_null($bio) && mb_strlen($bio) > 140) { + $this->showForm(_('Bio is too long (max 140 chars).')); + return; + } else if (!is_null($location) && mb_strlen($location) > 255) { + $this->showForm(_('Location is too long (max 255 chars).')); + return; + } else if (is_null($timezone) || !in_array($timezone, DateTimeZone::listIdentifiers())) { + $this->showForm(_('Timezone not selected.')); + return; + } else if ($this->nicknameExists($nickname)) { + $this->showForm(_('Nickname already in use. Try another one.')); + return; + } else if (!is_null($language) && strlen($language) > 50) { + $this->showForm(_('Language is too long (max 50 chars).')); + return; + } + + if ($tagstring) { + $tags = array_map('common_canonical_tag', preg_split('/[\s,]+/', $tagstring)); + } else { + $tags = array(); + } + + foreach ($tags as $tag) { + if (!common_valid_profile_tag($tag)) { + $this->showForm(sprintf(_('Invalid tag: "%s"'), $tag)); + return; + } + } + + $user = common_current_user(); + + $user->query('BEGIN'); + + if ($user->nickname != $nickname || + $user->language != $language || + $user->timezone != $timezone) { + + common_debug('Updating user nickname from ' . $user->nickname . ' to ' . $nickname, + __FILE__); + common_debug('Updating user language from ' . $user->language . ' to ' . $language, + __FILE__); + common_debug('Updating user timezone from ' . $user->timezone . ' to ' . $timezone, + __FILE__); + + $original = clone($user); + + $user->nickname = $nickname; + $user->language = $language; + $user->timezone = $timezone; + + $result = $user->updateKeys($original); + + if ($result === false) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t update user.')); + return; + } else { + // Re-initialize language environment if it changed + common_init_language(); + } + } + +// XXX: XOR + if ($user->autosubscribe ^ $autosubscribe) { + + $original = clone($user); + + $user->autosubscribe = $autosubscribe; + + $result = $user->update($original); + + if ($result === false) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t update user for autosubscribe.')); + return; + } + } + + $profile = $user->getProfile(); + + $orig_profile = clone($profile); + + $profile->nickname = $user->nickname; + $profile->fullname = $fullname; + $profile->homepage = $homepage; + $profile->bio = $bio; + $profile->location = $location; + $profile->profileurl = common_profile_url($nickname); + + common_debug('Old profile: ' . common_log_objstring($orig_profile), __FILE__); + common_debug('New profile: ' . common_log_objstring($profile), __FILE__); + + $result = $profile->update($orig_profile); + + if (!$result) { + common_log_db_error($profile, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t save profile.')); + return; + } + + // Set the user tags + $result = $user->setSelfTags($tags); + + if (!$result) { + $this->serverError(_('Couldn\'t save tags.')); + return; + } + + $user->query('COMMIT'); + Event::handle('EndProfileSaveForm', array($this)); + common_broadcast_profile($profile); + + $this->showForm(_('Settings saved.'), true); + + } + } - function common_feed_item($feed) { + function nicknameExists($nickname) + { $user = common_current_user(); - $nickname = $user->nickname; - - switch($feed['item']) { - case 'notices': default: - $feed_classname = $feed['type']; - $feed_mimetype = "application/".$feed['type']."+xml"; - $feed_title = "$nickname's ".$feed['version']." notice feed"; - $feed['textContent'] = "RSS"; - break; - - case 'foaf': - $feed_classname = "foaf"; - $feed_mimetype = "application/".$feed['type']."+xml"; - $feed_title = "$nickname's FOAF file"; - $feed['textContent'] = "FOAF"; - break; - } - common_element_start('li'); - common_element('a', array('href' => $feed['href'], - 'class' => $feed_classname, - 'type' => $feed_mimetype, - 'title' => $feed_title), - $feed['textContent']); - common_element_end('li'); - } - - function show_delete_form() { - $user = common_current_user(); - $notices = DB_DataObject::factory('notice'); - $notices->profile_id = $user->id; - $notice_count = (int) $notices->count(); - - common_element_start('form', array('method' => 'POST', - 'id' => 'delete', - 'action' => - common_local_url('profilesettings'))); - - common_hidden('token', common_session_token()); - common_element('p', null, "You can copy your notices and contacts by saving the two links belowxbefore deleting your account. Be careful, this operation cannot be undone."); - - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('userrss', array('limit' => $notice_count, 'nickname' => $user->nickname)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'notices'), - 1=>array('href'=>common_local_url('foaf',array('nickname' => $user->nickname)), - 'type' => 'rdf', - 'version' => 'FOAF', - 'item' => 'foaf'))); - - common_submit('deleteaccount', _('Delete my account')); - common_element_end('form'); - } - - function save_profile() { - $nickname = $this->trimmed('nickname'); - $fullname = $this->trimmed('fullname'); - $homepage = $this->trimmed('homepage'); - $bio = $this->trimmed('bio'); - $location = $this->trimmed('location'); - $autosubscribe = $this->boolean('autosubscribe'); - $language = $this->trimmed('language'); - $timezone = $this->trimmed('timezone'); - $tagstring = $this->trimmed('tags'); - - # Some validation - - if (!Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.')); - return; - } else if (!User::allowed_nickname($nickname)) { - $this->show_form(_('Not a valid nickname.')); - return; - } else if (!is_null($homepage) && (strlen($homepage) > 0) && - !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) { - $this->show_form(_('Homepage is not a valid URL.')); - return; - } else if (!is_null($fullname) && strlen($fullname) > 255) { - $this->show_form(_('Full name is too long (max 255 chars).')); - return; - } else if (!is_null($bio) && strlen($bio) > 140) { - $this->show_form(_('Bio is too long (max 140 chars).')); - return; - } else if (!is_null($location) && strlen($location) > 255) { - $this->show_form(_('Location is too long (max 255 chars).')); - return; - } else if (is_null($timezone) || !in_array($timezone, DateTimeZone::listIdentifiers())) { - $this->show_form(_('Timezone not selected.')); - return; - } else if ($this->nickname_exists($nickname)) { - $this->show_form(_('Nickname already in use. Try another one.')); - return; - } else if (!is_null($language) && strlen($language) > 50) { - $this->show_form(_('Language is too long (max 50 chars).')); - return; - } - - if ($tagstring) { - $tags = array_map('common_canonical_tag', preg_split('/[\s,]+/', $tagstring)); - } else { - $tags = array(); - } - - foreach ($tags as $tag) { - if (!common_valid_profile_tag($tag)) { - $this->show_form(sprintf(_('Invalid tag: "%s"'), $tag)); - return; - } - } - - $user = common_current_user(); - - $user->query('BEGIN'); - - if ($user->nickname != $nickname || - $user->language != $language || - $user->timezone != $timezone) { - - common_debug('Updating user nickname from ' . $user->nickname . ' to ' . $nickname, - __FILE__); - common_debug('Updating user language from ' . $user->language . ' to ' . $language, - __FILE__); - common_debug('Updating user timezone from ' . $user->timezone . ' to ' . $timezone, - __FILE__); - - $original = clone($user); - - $user->nickname = $nickname; - $user->language = $language; - $user->timezone = $timezone; - - $result = $user->updateKeys($original); - - if ($result === FALSE) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } else { - # Re-initialize language environment if it changed - common_init_language(); - } - } - - # XXX: XOR - - if ($user->autosubscribe ^ $autosubscribe) { - - $original = clone($user); - - $user->autosubscribe = $autosubscribe; - - $result = $user->update($original); - - if ($result === FALSE) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user for autosubscribe.')); - return; - } - } - - $profile = $user->getProfile(); - - $orig_profile = clone($profile); - - $profile->nickname = $user->nickname; - $profile->fullname = $fullname; - $profile->homepage = $homepage; - $profile->bio = $bio; - $profile->location = $location; - $profile->profileurl = common_profile_url($nickname); - - common_debug('Old profile: ' . common_log_objstring($orig_profile), __FILE__); - common_debug('New profile: ' . common_log_objstring($profile), __FILE__); - - $result = $profile->update($orig_profile); - - if (!$result) { - common_log_db_error($profile, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t save profile.')); - return; - } - - # Set the user tags - - $result = $user->setSelfTags($tags); - - if (!$result) { - common_server_error(_('Couldn\'t save tags.')); - return; - } - - $user->query('COMMIT'); - - common_broadcast_profile($profile); - - $this->show_form(_('Settings saved.'), TRUE); - } - - - function upload_avatar() { - switch ($_FILES['avatarfile']['error']) { - case UPLOAD_ERR_OK: # success, jump out - break; - case UPLOAD_ERR_INI_SIZE: - case UPLOAD_ERR_FORM_SIZE: - $this->show_form(_('That file is too big.')); - return; - case UPLOAD_ERR_PARTIAL: - @unlink($_FILES['avatarfile']['tmp_name']); - $this->show_form(_('Partial upload.')); - return; - default: - $this->show_form(_('System error uploading file.')); - return; - } - - $info = @getimagesize($_FILES['avatarfile']['tmp_name']); - - if (!$info) { - @unlink($_FILES['avatarfile']['tmp_name']); - $this->show_form(_('Not an image or corrupt file.')); - return; - } - - switch ($info[2]) { - case IMAGETYPE_GIF: - case IMAGETYPE_JPEG: - case IMAGETYPE_PNG: - break; - default: - $this->show_form(_('Unsupported image file format.')); - return; - } - - $user = common_current_user(); - $profile = $user->getProfile(); - - if ($profile->setOriginal($_FILES['avatarfile']['tmp_name'])) { - $this->show_form(_('Avatar updated.'), true); - } else { - $this->show_form(_('Failed updating avatar.')); - } - - @unlink($_FILES['avatarfile']['tmp_name']); - } - - function nickname_exists($nickname) { - $user = common_current_user(); - $other = User::staticGet('nickname', $nickname); - if (!$other) { - return false; - } else { - return $other->id != $user->id; - } - } - - function change_password() { - - $user = common_current_user(); - assert(!is_null($user)); # should already be checked - - # FIXME: scrub input - - $newpassword = $this->arg('newpassword'); - $confirm = $this->arg('confirm'); - $token = $this->arg('token'); - - if (0 != strcmp($newpassword, $confirm)) { - $this->show_form(_('Passwords don\'t match.')); - return; - } - - if ($user->password) { - $oldpassword = $this->arg('oldpassword'); - - if (!common_check_user($user->nickname, $oldpassword)) { - $this->show_form(_('Incorrect old password')); - return; - } - } - - $original = clone($user); - - $user->password = common_munge_password($newpassword, $user->id); - - $val = $user->validate(); - if ($val !== TRUE) { - $this->show_form(_('Error saving user; invalid.')); - return; - } - - if (!$user->update($original)) { - common_server_error(_('Can\'t save new password.')); - return; - } - - $this->show_form(_('Password saved.'), true); - } - - function delete_account() { - - $user = common_current_user(); - assert(!is_null($user)); # should already be checked - - // delete avatar (profile_id and filename) - // delete fave (user_id) - // delete message (from_profile, to_profile) - // delete notice (profile_id) (also delete from notice_source and notice_tag) - // delete notice_inbox (user_id) - // delete subscription (subscriber, subscribed) - // delete user (id) - // delete user_openid (user_id) - // delete profile (id) - // - // delete all the users notices - - $this->show_form(_('Your account has been deleted.'), true); + $other = User::staticGet('nickname', $nickname); + if (!$other) { + return false; + } else { + return $other->id != $user->id; + } } }