X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fsettings.php;h=32906d86e7c9017e9b31d91a081da06a94740f37;hb=33037754d80dce07e6d806b6cee6df56311bb954;hp=0d65bf9ba8fa2a1d44b75104259fb2ee5565cea0;hpb=30e3a65c0f15f2cbcc538b35c18b1f60490fda9b;p=friendica.git diff --git a/mod/settings.php b/mod/settings.php index 0d65bf9ba8..32906d86e7 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -2,32 +2,35 @@ function settings_init(&$a) { - - if(! local_user()) { - notice("Permission denied." . EOL); - $a->error = 404; - return; + if(local_user()) { + profile_load($a,$a->user['nickname']); } - require_once("mod/profile.php"); - profile_load($a,$a->user['nickname']); } function settings_post(&$a) { - if(! local_user()) { notice( t('Permission denied.') . EOL); return; } - if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != $_SESSION['uid']) { + + if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) { notice( t('Permission denied.') . EOL); return; } - if((x($_POST,'password')) || (x($_POST,'confirm'))) { - $newpass = trim($_POST['password']); - $confirm = trim($_POST['confirm']); + if(($a->argc > 1) && ($a->argv[1] == 'addon')) { + call_hooks('plugin_settings_post', $_POST); + return; + } + + call_hooks('settings_post', $_POST); + + if((x($_POST,'npassword')) || (x($_POST,'confirm'))) { + + $newpass = $_POST['npassword']; + $confirm = $_POST['confirm']; $err = false; if($newpass != $confirm ) { @@ -44,7 +47,8 @@ function settings_post(&$a) { $password = hash('whirlpool',$newpass); $r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d LIMIT 1", dbesc($password), - intval($_SESSION['uid'])); + intval(local_user()) + ); if($r) notice( t('Password changed.') . EOL); else @@ -52,100 +56,136 @@ function settings_post(&$a) { } } - $theme = notags(trim($_POST['theme'])); - $username = notags(trim($_POST['username'])); - $email = notags(trim($_POST['email'])); - $timezone = notags(trim($_POST['timezone'])); + $theme = ((x($_POST,'theme')) ? notags(trim($_POST['theme'])) : ''); + $username = ((x($_POST,'username')) ? notags(trim($_POST['username'])) : ''); + $email = ((x($_POST,'email')) ? notags(trim($_POST['email'])) : ''); + $timezone = ((x($_POST,'timezone')) ? notags(trim($_POST['timezone'])) : ''); + $defloc = ((x($_POST,'defloc')) ? notags(trim($_POST['defloc'])) : ''); + $openid = ((x($_POST,'openid_url')) ? notags(trim($_POST['openid_url'])) : ''); + $maxreq = ((x($_POST,'maxreq')) ? intval($_POST['maxreq']) : 0); + + $allow_location = (((x($_POST,'allow_location')) && (intval($_POST['allow_location']) == 1)) ? 1: 0); + $publish = (((x($_POST,'profile_in_directory')) && (intval($_POST['profile_in_directory']) == 1)) ? 1: 0); + $net_publish = (((x($_POST,'profile_in_netdirectory')) && (intval($_POST['profile_in_netdirectory']) == 1)) ? 1: 0); + $old_visibility = (((x($_POST,'visibility')) && (intval($_POST['visibility']) == 1)) ? 1 : 0); + $page_flags = (((x($_POST,'page-flags')) && (intval($_POST['page-flags']))) ? intval($_POST['page-flags']) : 0); $notify = 0; - if($_POST['notify1']) + if(x($_POST,'notify1')) $notify += intval($_POST['notify1']); - if($_POST['notify2']) + if(x($_POST,'notify2')) $notify += intval($_POST['notify2']); - if($_POST['notify3']) + if(x($_POST,'notify3')) $notify += intval($_POST['notify3']); - if($_POST['notify4']) + if(x($_POST,'notify4')) $notify += intval($_POST['notify4']); - if($_POST['notify5']) + if(x($_POST,'notify5')) $notify += intval($_POST['notify5']); - $username_changed = false; $email_changed = false; - $zone_changed = false; + $err = ''; + $name_change = false; + if($username != $a->user['username']) { - $username_changed = true; - if(strlen($username) > 40) - $err .= t(' Please use a shorter name.'); - if(strlen($username) < 3) - $err .= t(' Name too short.'); + $name_change = true; + if(strlen($username) > 40) + $err .= t(' Please use a shorter name.'); + if(strlen($username) < 3) + $err .= t(' Name too short.'); } + if($email != $a->user['email']) { $email_changed = true; - if(!eregi('[A-Za-z0-9._%-]+@[A-Za-z0-9._%-]+\.[A-Za-z]{2,6}',$email)) - $err .= t(' Not valid email.'); - $r = q("SELECT `uid` FROM `user` - WHERE `email` = '%s' LIMIT 1", - dbesc($email) - ); - if($r !== NULL && count($r)) - $err .= t(' This email address is already registered.'); - } - - if(strlen($err)) { - notice($err . EOL); - return; - } + if(! valid_email($email)) + $err .= t(' Not valid email.'); + if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0)) { + $err .= t(' Cannot change to that email.'); + $email = $a->user['email']; + } + } + + if(strlen($err)) { + notice($err . EOL); + return; + } + if($timezone != $a->user['timezone']) { - $zone_changed = true; if(strlen($timezone)) date_default_timezone_set($timezone); } - $str_group_allow = ''; - $group_allow = $_POST['group_allow']; - if(is_array($group_allow)) { - array_walk($group_allow,'sanitise_acl'); - $str_group_allow = implode('',$group_allow); - } + $str_group_allow = perms2str($_POST['group_allow']); + $str_contact_allow = perms2str($_POST['contact_allow']); + $str_group_deny = perms2str($_POST['group_deny']); + $str_contact_deny = perms2str($_POST['contact_deny']); - $str_contact_allow = ''; - $contact_allow = $_POST['contact_allow']; - if(is_array($contact_allow)) { - array_walk($contact_allow,'sanitise_acl'); - $str_contact_allow = implode('',$contact_allow); - } + $openidserver = $a->user['openidserver']; - $str_group_deny = ''; - $group_deny = $_POST['group_deny']; - if(is_array($group_deny)) { - array_walk($group_deny,'sanitise_acl'); - $str_group_deny = implode('',$group_deny); - } + // If openid has changed or if there's an openid but no openidserver, try and discover it. - $str_contact_deny = ''; - $contact_deny = $_POST['contact_deny']; - if(is_array($contact_deny)) { - array_walk($contact_deny,'sanitise_acl'); - $str_contact_deny = implode('',$contact_deny); + if($openid != $a->user['openid'] || (strlen($openid) && (! strlen($openidserver)))) { + $tmp_str = $openid; + if(strlen($tmp_str) && validate_url($tmp_str)) { + logger('updating openidserver'); + require_once('library/openid.php'); + $open_id_obj = new LightOpenID; + $open_id_obj->identity = $openid; + $openidserver = $open_id_obj->discover($open_id_obj->identity); + } + else + $openidserver = ''; } - $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `theme` = '%s' WHERE `uid` = %d LIMIT 1", + $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `theme` = '%s', `maxreq` = %d, `openidserver` = '%s' WHERE `uid` = %d LIMIT 1", dbesc($username), dbesc($email), + dbesc($openid), dbesc($timezone), dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), intval($notify), + intval($page_flags), + dbesc($defloc), + intval($allow_location), dbesc($theme), - intval($_SESSION['uid']) + intval($maxreq), + dbesc($openidserver), + intval(local_user()) ); if($r) notice( t('Settings updated.') . EOL); + + $r = q("UPDATE `profile` + SET `publish` = %d, `net-publish` = %d + WHERE `is-default` = 1 AND `uid` = %d LIMIT 1", + intval($publish), + intval($net_publish), + intval(local_user()) + ); + + + if($name_change) { + q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `self` = 1 LIMIT 1", + dbesc($username), + dbesc(datetime_convert()), + intval(local_user()) + ); + } + + if($old_visibility != $net_publish) { + // Update global directory in background + $php_path = ((strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php'); + $url = $_SESSION['my_url']; + if($url && strlen(get_config('system','directory_submit_url'))) + proc_close(proc_open("\"$php_path\" \"include/directory.php\" \"$url\" &", + array(),$foo)); + } + $_SESSION['theme'] = $theme; if($email_changed && $a->config['register_policy'] == REGISTER_VERIFY) { @@ -154,34 +194,113 @@ function settings_post(&$a) { } goaway($a->get_baseurl() . '/settings' ); + return; // NOTREACHED } if(! function_exists('settings_content')) { function settings_content(&$a) { + $o = ''; + $o .= ''; + if(! local_user()) { notice( t('Permission denied.') . EOL ); return; } - require_once('view/acl_selectors.php'); + if(($a->argc > 1) && ($a->argv[1] === 'addon')) { + $o .= '

' . t('Plugin Settings') . '

'; + $o .= ''; + + $o .= '
'; + + $r = q("SELECT * FROM `hook` WHERE `hook` = 'plugin_settings' "); + if(! count($r)) + notice( t('No Plugin settings configured') . EOL); + + call_hooks('plugin_settings', $o); + $o .= '
'; + return $o; + } + + require_once('include/acl_selectors.php'); + + $p = q("SELECT * FROM `profile` WHERE `is-default` = 1 AND `uid` = %d LIMIT 1", + intval(local_user()) + ); + if(count($p)) + $profile = $p[0]; $username = $a->user['username']; $email = $a->user['email']; $nickname = $a->user['nickname']; $timezone = $a->user['timezone']; $notify = $a->user['notify-flags']; + $defloc = $a->user['default-location']; + $openid = $a->user['openid']; + $maxreq = $a->user['maxreq']; if(! strlen($a->user['timezone'])) $timezone = date_default_timezone_get(); - $nickname_block = file_get_contents("view/settings_nick_set.tpl"); - + $pageset_tpl = load_view_file('view/pagetypes.tpl'); + $pagetype = replace_macros($pageset_tpl,array( + '$normal' => (($a->user['page-flags'] == PAGE_NORMAL) ? " checked=\"checked\" " : ""), + '$soapbox' => (($a->user['page-flags'] == PAGE_SOAPBOX) ? " checked=\"checked\" " : ""), + '$community' => (($a->user['page-flags'] == PAGE_COMMUNITY) ? " checked=\"checked\" " : ""), + '$freelove' => (($a->user['page-flags'] == PAGE_FREELOVE) ? " checked=\"checked\" " : ""), + '$page_normal' => PAGE_NORMAL, + '$page_soapbox' => PAGE_SOAPBOX, + '$page_community' => PAGE_COMMUNITY, + '$page_freelove' => PAGE_FREELOVE + )); + + $noid = get_config('system','no_openid'); + + if($noid) { + $oidhtml = ''; + } + else { + $oidhtml = '' . t(" \x28Optional\x29 Allow this OpenID to login to this account."); + } + + + if(get_config('system','publish_all')) { + $profile_in_dir = ''; + } + else { + $opt_tpl = load_view_file("view/profile-in-directory.tpl"); + $profile_in_dir = replace_macros($opt_tpl,array( + '$yes_selected' => (($profile['publish']) ? " checked=\"checked\" " : ""), + '$no_selected' => (($profile['publish'] == 0) ? " checked=\"checked\" " : "") + )); + } + + if(strlen(get_config('system','directory_submit_url'))) { + $opt_tpl = load_view_file("view/profile-in-netdir.tpl"); + + $profile_in_net_dir = replace_macros($opt_tpl,array( + '$yes_selected' => (($profile['net-publish']) ? " checked=\"checked\" " : ""), + '$no_selected' => (($profile['net-publish'] == 0) ? " checked=\"checked\" " : "") + )); + } + else + $profile_in_net_dir = ''; + + $loc_checked = (($a->user['allow_location'] == 1) ? " checked=\"checked\" " : ""); + + $invisible = (((! $profile['publish']) && (! $profile['net-publish'])) + ? true : false); + if($invisible) + notice( t('Profile is not published.') . EOL ); + + $nickname_block = load_view_file("view/settings_nick_set.tpl"); + $nickname_subdir = ''; if(strlen($a->get_path())) { - $subdir_tpl = file_get_contents('view/settings_nick_subdir.tpl'); + $subdir_tpl = load_view_file('view/settings_nick_subdir.tpl'); $nickname_subdir = replace_macros($subdir_tpl, array( '$baseurl' => $a->get_baseurl(), '$nickname' => $nickname, @@ -191,10 +310,15 @@ function settings_content(&$a) { $theme_selector = '