X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fsettings.php;h=22dc794dc054ff9b31ab4993419a7e72fe4f6072;hb=c052d688284fda76c612325b237d8352f2abb5d4;hp=bd779ad4e50fe906baf0420a28f0a10d6442d77f;hpb=ba8da761e669b22e16e1075e0e1e79d8b458af3e;p=friendica.git diff --git a/mod/settings.php b/mod/settings.php index bd779ad4e5..22dc794dc0 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -2,40 +2,45 @@ function settings_init(&$a) { - - if(! local_user()) { - notice("Permission denied." . EOL); - $a->error = 404; - return; + if(local_user()) { + profile_load($a,$a->user['nickname']); } - require_once("mod/profile.php"); - profile_load($a,$a->user['nickname']); + } function settings_post(&$a) { if(! local_user()) { - notice( "Permission denied." . EOL); + notice( t('Permission denied.') . EOL); return; } - if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != $_SESSION['uid']) { - $_SESSION['sysmsg'] .= "Permission denied." . EOL; + + if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) { + notice( t('Permission denied.') . EOL); return; } - if((x($_POST,'password')) || (x($_POST,'confirm'))) { - $newpass = trim($_POST['password']); - $confirm = trim($_POST['confirm']); + if(($a->argc > 1) && ($a->argv[1] == 'addon')) { + call_hooks('plugin_settings_post', $_POST); + return; + } + + call_hooks('settings_post', $_POST); + + if((x($_POST,'npassword')) || (x($_POST,'confirm'))) { + + $newpass = $_POST['npassword']; + $confirm = $_POST['confirm']; $err = false; if($newpass != $confirm ) { - $_SESSION['sysmsg'] .= "Passwords do not match. Password unchanged." . EOL; + notice( t('Passwords do not match. Password unchanged.') . EOL); $err = true; } if((! x($newpass)) || (! x($confirm))) { - $_SESSION['sysmsg'] .= "Empty passwords are not allowed. Password unchanged." . EOL; + notice( t('Empty passwords are not allowed. Password unchanged.') . EOL); $err = true; } @@ -43,125 +48,452 @@ function settings_post(&$a) { $password = hash('whirlpool',$newpass); $r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d LIMIT 1", dbesc($password), - intval($_SESSION['uid'])); + intval(local_user()) + ); if($r) - $_SESSION['sysmsg'] .= "Password changed." . EOL; + notice( t('Password changed.') . EOL); else - $_SESSION['sysmsg'] .= "Password update failed. Please try again." . EOL; + notice( t('Password update failed. Please try again.') . EOL); + } + } + + $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : ''); + $username = ((x($_POST,'username')) ? notags(trim($_POST['username'])) : ''); + $email = ((x($_POST,'email')) ? notags(trim($_POST['email'])) : ''); + $timezone = ((x($_POST,'timezone')) ? notags(trim($_POST['timezone'])) : ''); + $defloc = ((x($_POST,'defloc')) ? notags(trim($_POST['defloc'])) : ''); + $openid = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : ''); + $maxreq = ((x($_POST,'maxreq')) ? intval($_POST['maxreq']) : 0); + $expire = ((x($_POST,'expire')) ? intval($_POST['expire']) : 0); + + $allow_location = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0); + $publish = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0); + $net_publish = (((x($_POST,'profile_in_netdirectory')) && (intval($_POST['profile_in_netdirectory']) == 1)) ? 1: 0); + $old_visibility = (((x($_POST,'visibility')) && (intval($_POST['visibility']) == 1)) ? 1 : 0); + $page_flags = (((x($_POST,'page-flags')) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0); + $blockwall = (((x($_POST,'blockwall')) && (intval($_POST['blockwall']) == 1)) ? 0: 1); // this setting is inverted! + + $mail_server = ((x($_POST,'mail_server')) ? $_POST['mail_server'] : ''); + $mail_port = ((x($_POST,'mail_port')) ? $_POST['mail_port'] : ''); + $mail_ssl = ((x($_POST,'mail_ssl')) ? strtolower(trim($_POST['mail_ssl'])) : ''); + $mail_user = ((x($_POST,'mail_user')) ? $_POST['mail_user'] : ''); + $mail_pass = ((x($_POST,'mail_pass')) ? trim($_POST['mail_pass']) : ''); + $mail_replyto = ((x($_POST,'mail_replyto')) ? $_POST['mail_replyto'] : ''); + $mail_pubmail = ((x($_POST,'mail_pubmail')) ? $_POST['mail_pubmail'] : ''); + + + $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1); + + if(! $mail_disabled) { + $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", + intval(local_user()) + ); + if(! count($r)) { + q("INSERT INTO `mailacct` (`uid`) VALUES (%d)", + intval(local_user()) + ); } + if(strlen($mail_pass)) { + $pass = ''; + openssl_public_encrypt($mail_pass,$pass,$a->user['pubkey']); + q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d LIMIT 1", + dbesc(bin2hex($pass)), + intval(local_user()) + ); + } + $r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s', + `mailbox` = 'INBOX', `reply_to` = '%s', `pubmail` = %d WHERE `uid` = %d LIMIT 1", + dbesc($mail_server), + intval($mail_port), + dbesc($mail_ssl), + dbesc($mail_user), + dbesc($mail_replyto), + intval($mail_pubmail), + intval(local_user()) + ); } - $username = notags(trim($_POST['username'])); - $email = notags(trim($_POST['email'])); - $timezone = notags(trim($_POST['timezone'])); + $notify = 0; + + if(x($_POST,'notify1')) + $notify += intval($_POST['notify1']); + if(x($_POST,'notify2')) + $notify += intval($_POST['notify2']); + if(x($_POST,'notify3')) + $notify += intval($_POST['notify3']); + if(x($_POST,'notify4')) + $notify += intval($_POST['notify4']); + if(x($_POST,'notify5')) + $notify += intval($_POST['notify5']); - $username_changed = false; $email_changed = false; - $zone_changed = false; + $err = ''; + $name_change = false; + if($username != $a->user['username']) { - $username_changed = true; - if(strlen($username) > 40) - $err .= " Please use a shorter name."; - if(strlen($username) < 3) - $err .= " Name too short."; + $name_change = true; + if(strlen($username) > 40) + $err .= t(' Please use a shorter name.'); + if(strlen($username) < 3) + $err .= t(' Name too short.'); } + if($email != $a->user['email']) { $email_changed = true; - if(!eregi('[A-Za-z0-9._%-]+@[A-Za-z0-9._%-]+\.[A-Za-z]{2,6}',$email)) - $err .= " Not valid email."; - $r = q("SELECT `uid` FROM `user` - WHERE `email` = '%s' LIMIT 1", - dbesc($email) - ); - if($r !== NULL && count($r)) - $err .= " This email address is already registered." . EOL; - } - - if(strlen($err)) { - $_SESSION['sysmsg'] .= $err . EOL; - return; - } + if(! valid_email($email)) + $err .= t(' Not valid email.'); + if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0)) { + $err .= t(' Cannot change to that email.'); + $email = $a->user['email']; + } + } + + if(strlen($err)) { + notice($err . EOL); + return; + } + if($timezone != $a->user['timezone']) { - $zone_changed = true; if(strlen($timezone)) date_default_timezone_set($timezone); } - if($email_changed || $username_changed || $zone_changed ) { - $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `timezone` = '%s' WHERE `uid` = %d LIMIT 1", + + $str_group_allow = perms2str($_POST['group_allow']); + $str_contact_allow = perms2str($_POST['contact_allow']); + $str_group_deny = perms2str($_POST['group_deny']); + $str_contact_deny = perms2str($_POST['contact_deny']); + + $openidserver = $a->user['openidserver']; + + // If openid has changed or if there's an openid but no openidserver, try and discover it. + + if($openid != $a->user['openid'] || (strlen($openid) && (! strlen($openidserver)))) { + $tmp_str = $openid; + if(strlen($tmp_str) && validate_url($tmp_str)) { + logger('updating openidserver'); + require_once('library/openid.php'); + $open_id_obj = new LightOpenID; + $open_id_obj->identity = $openid; + $openidserver = $open_id_obj->discover($open_id_obj->identity); + } + else + $openidserver = ''; + } + + $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `theme` = '%s', `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `blockwall` = %d WHERE `uid` = %d LIMIT 1", dbesc($username), dbesc($email), + dbesc($openid), dbesc($timezone), - intval($_SESSION['uid'])); - if($r) - $_SESSION['sysmsg'] .= "Settings updated." . EOL; + dbesc($str_contact_allow), + dbesc($str_group_allow), + dbesc($str_contact_deny), + dbesc($str_group_deny), + intval($notify), + intval($page_flags), + dbesc($defloc), + intval($allow_location), + dbesc($theme), + intval($maxreq), + intval($expire), + dbesc($openidserver), + intval($blockwall), + intval(local_user()) + ); + if($r) + notice( t('Settings updated.') . EOL); + + $r = q("UPDATE `profile` + SET `publish` = %d, `net-publish` = %d + WHERE `is-default` = 1 AND `uid` = %d LIMIT 1", + intval($publish), + intval($net_publish), + intval(local_user()) + ); + + + if($name_change) { + q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `self` = 1 LIMIT 1", + dbesc($username), + dbesc(datetime_convert()), + intval(local_user()) + ); + } + + if($old_visibility != $net_publish) { + // Update global directory in background + $url = $_SESSION['my_url']; + if($url && strlen(get_config('system','directory_submit_url'))) + proc_run('php',"include/directory.php","$url"); } + + $_SESSION['theme'] = $theme; if($email_changed && $a->config['register_policy'] == REGISTER_VERIFY) { // FIXME - set to un-verified, blocked and redirect to logout } - - // Refresh the content display with new data - - $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", - intval($_SESSION['uid'])); - if(count($r)) - $a->user = $r[0]; + goaway($a->get_baseurl() . '/settings' ); + return; // NOTREACHED } if(! function_exists('settings_content')) { function settings_content(&$a) { - if((! x($_SESSION['authenticated'])) && (! (x($_SESSION,'uid')))) { - $_SESSION['sysmsg'] .= "Permission denied." . EOL; + $o = ''; + $o .= ''; + + if(! local_user()) { + notice( t('Permission denied.') . EOL ); return; } + if(($a->argc > 1) && ($a->argv[1] === 'addon')) { + $o .= '

' . t('Plugin Settings') . '

'; + $o .= ''; + + $o .= '
'; + + $r = q("SELECT * FROM `hook` WHERE `hook` = 'plugin_settings' "); + if(! count($r)) + notice( t('No Plugin settings configured') . EOL); + + call_hooks('plugin_settings', $o); + $o .= '
'; + return $o; + } + + require_once('include/acl_selectors.php'); + + $p = q("SELECT * FROM `profile` WHERE `is-default` = 1 AND `uid` = %d LIMIT 1", + intval(local_user()) + ); + if(count($p)) + $profile = $p[0]; $username = $a->user['username']; $email = $a->user['email']; $nickname = $a->user['nickname']; $timezone = $a->user['timezone']; + $notify = $a->user['notify-flags']; + $defloc = $a->user['default-location']; + $openid = $a->user['openid']; + $maxreq = $a->user['maxreq']; + $expire = ((intval($a->user['expire'])) ? $a->user['expire'] : ''); + $blockwall = $a->user['blockwall']; + if(! strlen($a->user['timezone'])) + $timezone = date_default_timezone_get(); - $nickname_block = file_get_contents("view/settings_nick_set.tpl"); - + $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1); + + if(! $mail_disabled) { + $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", + local_user() + ); + } + else { + $r = null; + $imap_disabled = (($mail_disabled) ? ' disabled="disabled" ' : ''); + } + + $mail_server = ((count($r)) ? $r[0]['server'] : ''); + $mail_port = ((count($r) && intval($r[0]['port'])) ? intval($r[0]['port']) : ''); + $mail_ssl = ((count($r)) ? $r[0]['ssltype'] : ''); + $mail_user = ((count($r)) ? $r[0]['user'] : ''); + $mail_replyto = ((count($r)) ? $r[0]['reply_to'] : ''); + $mail_pubmail = ((count($r)) ? $r[0]['pubmail'] : 0); + + + $pageset_tpl = file_get_contents('view/pagetypes.tpl'); + $pagetype = replace_macros($pageset_tpl,array( + '$normal' => (($a->user['page-flags'] == PAGE_NORMAL) ? " checked=\"checked\" " : ""), + '$soapbox' => (($a->user['page-flags'] == PAGE_SOAPBOX) ? " checked=\"checked\" " : ""), + '$community' => (($a->user['page-flags'] == PAGE_COMMUNITY) ? " checked=\"checked\" " : ""), + '$freelove' => (($a->user['page-flags'] == PAGE_FREELOVE) ? " checked=\"checked\" " : ""), + '$page_normal' => PAGE_NORMAL, + '$page_soapbox' => PAGE_SOAPBOX, + '$page_community' => PAGE_COMMUNITY, + '$page_freelove' => PAGE_FREELOVE, + '$n_l' => t('Normal Account'), + '$n_d' => t('This account is a normal personal profile'), + '$s_l' => t('Soapbox Account'), + '$s_d' => t('Automatically approve all connection/friend requests as read-only fans'), + '$c_l' => t('Community/Celebrity Account'), + '$c_d' => t('Automatically approve all connection/friend requests as read-write fans'), + '$f_l' => t('Automatic Friend Account'), + '$f_d' => t('Automatically approve all connection/friend requests as friends') + )); + + $noid = get_config('system','no_openid'); + + if($noid) { + $oidhtml = ''; + } + else { + $oidhtml = '' . t(" \x28Optional\x29 Allow this OpenID to login to this account."); + } + - $nickname_subdir = ''; - if(strlen($a->get_path())) { - $subdir_tpl = file_get_contents('view/settings_nick_subdir.tpl'); - $nickname_subdir = replace_macros($subdir_tpl, array( - '$baseurl' => $a->get_baseurl(), - '$nickname' => $nickname, - '$hostname' => $a->get_hostname() + if(get_config('system','publish_all')) { + $profile_in_dir = ''; + } + else { + $opt_tpl = file_get_contents("view/profile-in-directory.tpl"); + $profile_in_dir = replace_macros($opt_tpl,array( + '$desc' => t('Publish your default profile in site directory?'), + '$yes_str' => t('Yes'), + '$no_str' => t('No'), + '$yes_selected' => (($profile['publish']) ? " checked=\"checked\" " : ""), + '$no_selected' => (($profile['publish'] == 0) ? " checked=\"checked\" " : "") )); } + if(strlen(get_config('system','directory_submit_url'))) { + $opt_tpl = file_get_contents("view/profile-in-netdir.tpl"); - $nickname_block = replace_macros($nickname_block,array( - '$nickname' => $nickname, - '$uid' => $_SESSION['uid'], - '$subdir' => $nickname_subdir, - '$basepath' => $a->get_hostname(), - '$baseurl' => $a->get_baseurl())); + $profile_in_net_dir = replace_macros($opt_tpl,array( + '$desc' => t('Publish your default profile in global social directory?'), + '$yes_str' => t('Yes'), + '$no_str' => t('No'), + '$yes_selected' => (($profile['net-publish']) ? " checked=\"checked\" " : ""), + '$no_selected' => (($profile['net-publish'] == 0) ? " checked=\"checked\" " : "") + )); + } + else + $profile_in_net_dir = ''; + + $loc_checked = (($a->user['allow_location'] == 1) ? " checked=\"checked\" " : ""); + + $invisible = (((! $profile['publish']) && (! $profile['net-publish'])) + ? true : false); + + if($invisible) + notice( t('Profile is not published.') . EOL ); + + + $theme_selector = ''; - $o = file_get_contents('view/settings.tpl'); + $subdir = ((strlen($a->get_path())) ? '
' . t('or') . ' ' . $a->get_baseurl() . '/profile/' . $nickname : ''); - $o = replace_macros($o,array( + $tpl_addr = file_get_contents("view/settings_nick_set.tpl"); + + $prof_addr = replace_macros($tpl_addr,array( + '$desc' => t('Your Identity Address is'), + '$nickname' => $nickname, + '$subdir' => $subdir, + '$basepath' => $a->get_hostname() + )); + + $stpl = file_get_contents('view/settings.tpl'); + + $celeb = ((($a->user['page-flags'] == PAGE_SOAPBOX) || ($a->user['page-flags'] == PAGE_COMMUNITY)) ? true : false); + + $uexport = ''; + + + $o .= replace_macros($stpl,array( + '$ptitle' => t('Account Settings'), + '$lbl_plug' => t('Plugin Settings'), + '$lbl_basic' => t('Basic Settings'), + '$lbl_fn' => t('Full Name:'), + '$lbl_email' => t('Email Address:'), + '$lbl_tz' => t('Your Timezone:'), + '$lbl_loc1' => t('Default Post Location:'), + '$lbl_loc2' => t('Use Browser Location:'), + '$lbl_theme' => t('Display Theme:'), + '$submit' => t('Submit'), + '$lbl_prv' => t('Security and Privacy Settings'), + '$lbl_maxreq' => t('Maximum Friend Requests/Day:'), + '$lbl_maxrdesc' => t("\x28to prevent spam abuse\x29"), + '$lbl_rempost' => t('Allow friends to post to your profile page:'), + '$lbl_exp1' => t("Automatically expire \x28delete\x29 posts older than"), + '$lbl_exp2' => t('days'), + '$lbl_not1' => t('Notification Settings'), + '$lbl_not2' => t('Send a notification email when:'), + '$lbl_not3' => t('You receive an introduction'), + '$lbl_not4' => t('Your introductions are confirmed'), + '$lbl_not5' => t('Someone writes on your profile wall'), + '$lbl_not6' => t('Someone writes a followup comment'), + '$lbl_not7' => t('You receive a private message'), + '$lbl_pass1' => t('Password Settings'), + '$lbl_pass2' => t('Leave password fields blank unless changing'), + '$lbl_pass3' => t('New Password:'), + '$lbl_pass4' => t('Confirm:'), + '$lbl_advn' => t('Advanced Page Settings'), '$baseurl' => $a->get_baseurl(), - '$uid' => $_SESSION['uid'], + '$oidhtml' => $oidhtml, + '$uexport' => $uexport, + '$uid' => local_user(), '$username' => $username, + '$openid' => $openid, '$email' => $email, - '$nickname_block' => $nickname_block, + '$nickname_block' => $prof_addr, '$timezone' => $timezone, - '$zoneselect' => select_timezone($timezone) - )); + '$zoneselect' => select_timezone($timezone), + '$defloc' => $defloc, + '$loc_checked' => $loc_checked, + '$profile_in_dir' => $profile_in_dir, + '$profile_in_net_dir' => $profile_in_net_dir, + '$permissions' => t('Default Post Permissions'), + '$permdesc' => t("\x28click to open/close\x29"), + '$visibility' => $profile['net-publish'], + '$aclselect' => populate_acl($a->user,$celeb), + '$sel_notify1' => (($notify & NOTIFY_INTRO) ? ' checked="checked" ' : ''), + '$sel_notify2' => (($notify & NOTIFY_CONFIRM) ? ' checked="checked" ' : ''), + '$sel_notify3' => (($notify & NOTIFY_WALL) ? ' checked="checked" ' : ''), + '$sel_notify4' => (($notify & NOTIFY_COMMENT) ? ' checked="checked" ' : ''), + '$sel_notify5' => (($notify & NOTIFY_MAIL) ? ' checked="checked" ' : ''), + '$maxreq' => $maxreq, + '$expire' => $expire, + '$blockw_checked' => (($blockwall) ? '' : ' checked="checked" ' ), + '$theme' => $theme_selector, + '$pagetype' => $pagetype, + '$lbl_imap0' => t('Email/Mailbox Setup'), + '$imap_desc' => t("If you wish to communicate with email contacts using this service \x28optional\x29, please specify how to connect to your mailbox."), + '$lbl_imap1' => t('IMAP server name:'), + '$imap_server' => $mail_server, + '$lbl_imap2' => t('IMAP port:'), + '$imap_port' => $mail_port, + '$lbl_imap3' => t("Security \x28TLS or SSL\x29:"), + '$imap_ssl' => $mail_ssl, + '$lbl_imap4' => t('Email login name:'), + '$imap_user' => $mail_user, + '$lbl_imap5' => t('Email password:'), + '$lbl_imap6' => t("Reply-to address \x28Optional\x29:"), + '$imap_replyto' => $mail_replyto, + '$lbl_imap7' => t('Send public posts to all email contacts:'), + '$pubmail_checked' => (($mail_pubmail) ? ' checked="checked" ' : ''), + '$mail_disabled' => (($mail_disabled) ? '
' . t('Email access is disabled on this site.') . '
' : ''), + '$imap_disabled' => $imap_disabled + )); + + call_hooks('settings_form',$o); + + $o .= '' . "\r\n"; return $o; -}} \ No newline at end of file +}} +