diff options
Diffstat (limited to 'includes/pages/user_settings.php')
-rw-r--r-- | includes/pages/user_settings.php | 400 |
1 files changed, 203 insertions, 197 deletions
diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php index 14dcf96f..70033d18 100644 --- a/includes/pages/user_settings.php +++ b/includes/pages/user_settings.php @@ -1,201 +1,207 @@ <?php function user_settings() { - global $enable_tshirt_size, $tshirt_sizes, $themes, $languages; - global $user; - - $msg = ""; - $nick = $user['Nick']; - $lastname = $user['Name']; - $prename = $user['Vorname']; - $age = $user['Alter']; - $tel = $user['Telefon']; - $dect = $user['DECT']; - $mobile = $user['Handy']; - $mail = $user['email']; - $icq = $user['ICQ']; - $jabber = $user['jabber']; - $hometown = $user['Hometown']; - $tshirt_size = $user['Size']; - $password_hash = ""; - $selected_theme = $user['color']; - $selected_language = $user['Sprache']; - - $selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID'])); - $selected_angel_types = array (); - foreach ($selected_angel_types_source as $selected_angel_type) - $selected_angel_types[] = $selected_angel_type['angeltype_id']; - - $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); - $angel_types = array (); - foreach ($angel_types_source as $angel_type) - $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : ""); - - if (isset ($_REQUEST['submit'])) { - $ok = true; - - if (isset ($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) { - $nick = strip_request_item('nick'); - if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) { - $ok = false; - $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick3"), $nick), true); - } - } else { - $ok = false; - $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick2"), strip_request_item('nick')), true); - } - - if (isset ($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) { - $mail = strip_request_item('mail'); - if (!check_email($mail)) { - $ok = false; - $msg .= error(Get_Text("makeuser_error_mail"), true); - } - } else { - $ok = false; - $msg .= error("Please enter your e-mail.", true); - } - - if (isset ($_REQUEST['icq'])) - $icq = strip_request_item('icq'); - if (isset ($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) { - $jabber = strip_request_item('jabber'); - if (!check_email($jabber)) { - $ok = false; - $msg .= error("Please check your jabber.", true); - } - } - - if (isset ($_REQUEST['tshirt_size']) && isset ($tshirt_sizes[$_REQUEST['tshirt_size']])) - $tshirt_size = $_REQUEST['tshirt_size']; - else { - $ok = false; - } - - $selected_angel_types = array (); - foreach ($angel_types as $angel_type_id => $angel_type_name) - if (isset ($_REQUEST['angel_types_' . $angel_type_id])) - $selected_angel_types[] = $angel_type_id; - - // Trivia - if (isset ($_REQUEST['lastname'])) - $lastname = strip_request_item('lastname'); - if (isset ($_REQUEST['prename'])) - $prename = strip_request_item('prename'); - if (isset ($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age'])) - $age = strip_request_item('age'); - if (isset ($_REQUEST['tel'])) - $tel = strip_request_item('tel'); - if (isset ($_REQUEST['dect'])) - $dect = strip_request_item('dect'); - if (isset ($_REQUEST['mobile'])) - $mobile = strip_request_item('mobile'); - if (isset ($_REQUEST['hometown'])) - $hometown = strip_request_item('hometown'); - - if ($ok) { - sql_query("UPDATE `User` SET `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) . - "', `Alter`='" . sql_escape($age) . "', `Telefon`='" . sql_escape($tel) . "', `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) . - "', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) . - "', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID'])); - - // Assign angel-types - foreach ($angel_types_source as $angel_type) - if (!in_array($angel_type['id'], $selected_angel_types)) - sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1"); - - foreach ($selected_angel_types as $selected_angel_type_id) - if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0) - sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id)); - - success("Settings saved."); - redirect(page_link_to('user_settings')); - } - } - elseif (isset ($_REQUEST['submit_password'])) { - $ok = true; - - if (!isset ($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID'])) - $msg .= error(Get_Text(30), true); - elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH) - $msg .= error(Get_Text("makeuser_error_password2")); - elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) - $msg .= error(Get_Text("makeuser_error_password1"), true); - elseif(set_password($user['UID'], $_REQUEST['new_password'])) - success("Password saved."); - else - error("Failed setting password."); - redirect(page_link_to('user_settings')); - } - elseif (isset ($_REQUEST['submit_theme'])) { - $ok = true; - - if (isset ($_REQUEST['theme']) && isset ($themes[$_REQUEST['theme']])) - $selected_theme = $_REQUEST['theme']; - else - $ok = false; - - if ($ok) { - sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID'])); - - success("Theme changed."); - redirect(page_link_to('user_settings')); - } - } - elseif (isset ($_REQUEST['submit_language'])) { - $ok = true; - - if (isset ($_REQUEST['language']) && isset ($languages[$_REQUEST['language']])) - $selected_language = $_REQUEST['language']; - else - $ok = false; - - if ($ok) { - sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID'])); - $_SESSION['Sprache'] = $selected_language; - - success("Language changed."); - redirect(page_link_to('user_settings')); - } - } - - return page(array ( - sprintf(Get_Text("Hallo") . "%s,<br />" . Get_Text(13), $user['Nick']), - $msg, - msg(), - form(array ( - form_info("", Get_Text("pub_einstellungen_Text_UserData")), - form_text('nick', Get_Text("makeuser_Nickname") . "*", $nick), - form_text('lastname', Get_Text("makeuser_Nachname"), $lastname), - form_text('prename', Get_Text("makeuser_Vorname"), $prename), - form_text('age', Get_Text("makeuser_Alter"), $age), - form_text('tel', Get_Text("makeuser_Telefon"), $tel), - form_text('dect', Get_Text("makeuser_DECT"), $dect), - form_text('mobile', Get_Text("makeuser_Handy"), $mobile), - form_text('mail', Get_Text("makeuser_E-Mail") . "*", $mail), - form_text('icq', "ICQ", $icq), - form_text('jabber', "Jabber", $jabber), - form_text('hometown', Get_Text("makeuser_Hometown"), $hometown), - $enable_tshirt_size ? form_select('tshirt_size', Get_Text("makeuser_T-Shirt"), $tshirt_sizes, $tshirt_size) : '', - form_checkboxes('angel_types', "What do you want to do?", $angel_types, $selected_angel_types), - form_submit('submit', Get_Text("save")) - )), - form(array ( - form_info("", Get_Text(14)), - form_password('password', Get_Text(15)), - form_password('new_password', Get_Text(16)), - form_password('new_password2', Get_Text(17)), - form_submit('submit_password', Get_Text("save")) - )), - form(array ( - form_info("", Get_Text(18)), - form_select('theme', Get_Text(19), $themes, $selected_theme), - form_submit('submit_theme', Get_Text("save")) - )), - form(array ( - form_info("", Get_Text(20)), - form_select('language', Get_Text(21), $languages, $selected_language), - form_submit('submit_language', Get_Text("save")) - )) - )); + global $enable_tshirt_size, $tshirt_sizes, $themes, $languages; + global $user; + + $msg = ""; + $nick = $user['Nick']; + $lastname = $user['Name']; + $prename = $user['Vorname']; + $age = $user['Alter']; + $tel = $user['Telefon']; + $dect = $user['DECT']; + $mobile = $user['Handy']; + $mail = $user['email']; + $icq = $user['ICQ']; + $jabber = $user['jabber']; + $hometown = $user['Hometown']; + $tshirt_size = $user['Size']; + $password_hash = ""; + $selected_theme = $user['color']; + $selected_language = $user['Sprache']; + + $selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID'])); + $selected_angel_types = array (); + foreach ($selected_angel_types_source as $selected_angel_type) + $selected_angel_types[] = $selected_angel_type['angeltype_id']; + + $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); + $angel_types = array (); + foreach ($angel_types_source as $angel_type) + $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : ""); + + if (isset ($_REQUEST['submit'])) { + $ok = true; + + if (isset ($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) { + $nick = strip_request_item('nick'); + if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) { + $ok = false; + $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick3"), $nick), true); + } + } else { + $ok = false; + $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick2"), strip_request_item('nick')), true); + } + + if (isset ($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) { + $mail = strip_request_item('mail'); + if (!check_email($mail)) { + $ok = false; + $msg .= error(Get_Text("makeuser_error_mail"), true); + } + } else { + $ok = false; + $msg .= error("Please enter your e-mail.", true); + } + + if (isset ($_REQUEST['icq'])) + $icq = strip_request_item('icq'); + if (isset ($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) { + $jabber = strip_request_item('jabber'); + if (!check_email($jabber)) { + $ok = false; + $msg .= error("Please check your jabber.", true); + } + } + + if (isset ($_REQUEST['tshirt_size']) && isset ($tshirt_sizes[$_REQUEST['tshirt_size']])) + $tshirt_size = $_REQUEST['tshirt_size']; + else { + $ok = false; + } + + $selected_angel_types = array (); + foreach ($angel_types as $angel_type_id => $angel_type_name) + if (isset ($_REQUEST['angel_types_' . $angel_type_id])) + $selected_angel_types[] = $angel_type_id; + + // Trivia + if (isset ($_REQUEST['lastname'])) + $lastname = strip_request_item('lastname'); + if (isset ($_REQUEST['prename'])) + $prename = strip_request_item('prename'); + if (isset ($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age'])) + $age = strip_request_item('age'); + if (isset ($_REQUEST['tel'])) + $tel = strip_request_item('tel'); + if (isset ($_REQUEST['dect'])) + $dect = strip_request_item('dect'); + if (isset ($_REQUEST['mobile'])) + $mobile = strip_request_item('mobile'); + if (isset ($_REQUEST['hometown'])) + $hometown = strip_request_item('hometown'); + + if ($ok) { + sql_query("UPDATE `User` SET `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) . + "', `Alter`='" . sql_escape($age) . "', `Telefon`='" . sql_escape($tel) . "', `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) . + "', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) . + "', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID'])); + + // Assign angel-types + $user_angel_type_info = array(); + foreach ($angel_types_source as $angel_type) { + if (!in_array($angel_type['id'], $selected_angel_types)) + sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1"); + else + $user_angel_type_info[] = $angel_type['name']; + } + + foreach ($selected_angel_types as $selected_angel_type_id) { + if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0) + sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id)); + } + + engelsystem_log("Own angel types set to: " . join(", ", $user_angel_type_info)); + success("Settings saved."); + redirect(page_link_to('user_settings')); + } + } + elseif (isset ($_REQUEST['submit_password'])) { + $ok = true; + + if (!isset ($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID'])) + $msg .= error(Get_Text(30), true); + elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH) + $msg .= error(Get_Text("makeuser_error_password2")); + elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2']) + $msg .= error(Get_Text("makeuser_error_password1"), true); + elseif(set_password($user['UID'], $_REQUEST['new_password'])) + success("Password saved."); + else + error("Failed setting password."); + redirect(page_link_to('user_settings')); + } + elseif (isset ($_REQUEST['submit_theme'])) { + $ok = true; + + if (isset ($_REQUEST['theme']) && isset ($themes[$_REQUEST['theme']])) + $selected_theme = $_REQUEST['theme']; + else + $ok = false; + + if ($ok) { + sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID'])); + + success("Theme changed."); + redirect(page_link_to('user_settings')); + } + } + elseif (isset ($_REQUEST['submit_language'])) { + $ok = true; + + if (isset ($_REQUEST['language']) && isset ($languages[$_REQUEST['language']])) + $selected_language = $_REQUEST['language']; + else + $ok = false; + + if ($ok) { + sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID'])); + $_SESSION['Sprache'] = $selected_language; + + success("Language changed."); + redirect(page_link_to('user_settings')); + } + } + + return page(array ( + sprintf(Get_Text("Hallo") . "%s,<br />" . Get_Text(13), $user['Nick']), + $msg, + msg(), + form(array ( + form_info("", Get_Text("pub_einstellungen_Text_UserData")), + form_text('nick', Get_Text("makeuser_Nickname") . "*", $nick), + form_text('lastname', Get_Text("makeuser_Nachname"), $lastname), + form_text('prename', Get_Text("makeuser_Vorname"), $prename), + form_text('age', Get_Text("makeuser_Alter"), $age), + form_text('tel', Get_Text("makeuser_Telefon"), $tel), + form_text('dect', Get_Text("makeuser_DECT"), $dect), + form_text('mobile', Get_Text("makeuser_Handy"), $mobile), + form_text('mail', Get_Text("makeuser_E-Mail") . "*", $mail), + form_text('icq', "ICQ", $icq), + form_text('jabber', "Jabber", $jabber), + form_text('hometown', Get_Text("makeuser_Hometown"), $hometown), + $enable_tshirt_size ? form_select('tshirt_size', Get_Text("makeuser_T-Shirt"), $tshirt_sizes, $tshirt_size) : '', + form_checkboxes('angel_types', "What do you want to do?", $angel_types, $selected_angel_types), + form_submit('submit', Get_Text("save")) + )), + form(array ( + form_info("", Get_Text(14)), + form_password('password', Get_Text(15)), + form_password('new_password', Get_Text(16)), + form_password('new_password2', Get_Text(17)), + form_submit('submit_password', Get_Text("save")) + )), + form(array ( + form_info("", Get_Text(18)), + form_select('theme', Get_Text(19), $themes, $selected_theme), + form_submit('submit_theme', Get_Text("save")) + )), + form(array ( + form_info("", Get_Text(20)), + form_select('language', Get_Text(21), $languages, $selected_language), + form_submit('submit_language', Get_Text("save")) + )) + )); } ?> |