summaryrefslogtreecommitdiff
path: root/includes/pages/user_settings.php
diff options
context:
space:
mode:
Diffstat (limited to 'includes/pages/user_settings.php')
-rw-r--r--includes/pages/user_settings.php400
1 files changed, 203 insertions, 197 deletions
diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php
index 14dcf96f..70033d18 100644
--- a/includes/pages/user_settings.php
+++ b/includes/pages/user_settings.php
@@ -1,201 +1,207 @@
<?php
function user_settings() {
- global $enable_tshirt_size, $tshirt_sizes, $themes, $languages;
- global $user;
-
- $msg = "";
- $nick = $user['Nick'];
- $lastname = $user['Name'];
- $prename = $user['Vorname'];
- $age = $user['Alter'];
- $tel = $user['Telefon'];
- $dect = $user['DECT'];
- $mobile = $user['Handy'];
- $mail = $user['email'];
- $icq = $user['ICQ'];
- $jabber = $user['jabber'];
- $hometown = $user['Hometown'];
- $tshirt_size = $user['Size'];
- $password_hash = "";
- $selected_theme = $user['color'];
- $selected_language = $user['Sprache'];
-
- $selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']));
- $selected_angel_types = array ();
- foreach ($selected_angel_types_source as $selected_angel_type)
- $selected_angel_types[] = $selected_angel_type['angeltype_id'];
-
- $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
- $angel_types = array ();
- foreach ($angel_types_source as $angel_type)
- $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
-
- if (isset ($_REQUEST['submit'])) {
- $ok = true;
-
- if (isset ($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) {
- $nick = strip_request_item('nick');
- if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
- $ok = false;
- $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick3"), $nick), true);
- }
- } else {
- $ok = false;
- $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick2"), strip_request_item('nick')), true);
- }
-
- if (isset ($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
- $mail = strip_request_item('mail');
- if (!check_email($mail)) {
- $ok = false;
- $msg .= error(Get_Text("makeuser_error_mail"), true);
- }
- } else {
- $ok = false;
- $msg .= error("Please enter your e-mail.", true);
- }
-
- if (isset ($_REQUEST['icq']))
- $icq = strip_request_item('icq');
- if (isset ($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
- $jabber = strip_request_item('jabber');
- if (!check_email($jabber)) {
- $ok = false;
- $msg .= error("Please check your jabber.", true);
- }
- }
-
- if (isset ($_REQUEST['tshirt_size']) && isset ($tshirt_sizes[$_REQUEST['tshirt_size']]))
- $tshirt_size = $_REQUEST['tshirt_size'];
- else {
- $ok = false;
- }
-
- $selected_angel_types = array ();
- foreach ($angel_types as $angel_type_id => $angel_type_name)
- if (isset ($_REQUEST['angel_types_' . $angel_type_id]))
- $selected_angel_types[] = $angel_type_id;
-
- // Trivia
- if (isset ($_REQUEST['lastname']))
- $lastname = strip_request_item('lastname');
- if (isset ($_REQUEST['prename']))
- $prename = strip_request_item('prename');
- if (isset ($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age']))
- $age = strip_request_item('age');
- if (isset ($_REQUEST['tel']))
- $tel = strip_request_item('tel');
- if (isset ($_REQUEST['dect']))
- $dect = strip_request_item('dect');
- if (isset ($_REQUEST['mobile']))
- $mobile = strip_request_item('mobile');
- if (isset ($_REQUEST['hometown']))
- $hometown = strip_request_item('hometown');
-
- if ($ok) {
- sql_query("UPDATE `User` SET `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) .
- "', `Alter`='" . sql_escape($age) . "', `Telefon`='" . sql_escape($tel) . "', `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) .
- "', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) .
- "', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID']));
-
- // Assign angel-types
- foreach ($angel_types_source as $angel_type)
- if (!in_array($angel_type['id'], $selected_angel_types))
- sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1");
-
- foreach ($selected_angel_types as $selected_angel_type_id)
- if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0)
- sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
-
- success("Settings saved.");
- redirect(page_link_to('user_settings'));
- }
- }
- elseif (isset ($_REQUEST['submit_password'])) {
- $ok = true;
-
- if (!isset ($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))
- $msg .= error(Get_Text(30), true);
- elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH)
- $msg .= error(Get_Text("makeuser_error_password2"));
- elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2'])
- $msg .= error(Get_Text("makeuser_error_password1"), true);
- elseif(set_password($user['UID'], $_REQUEST['new_password']))
- success("Password saved.");
- else
- error("Failed setting password.");
- redirect(page_link_to('user_settings'));
- }
- elseif (isset ($_REQUEST['submit_theme'])) {
- $ok = true;
-
- if (isset ($_REQUEST['theme']) && isset ($themes[$_REQUEST['theme']]))
- $selected_theme = $_REQUEST['theme'];
- else
- $ok = false;
-
- if ($ok) {
- sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID']));
-
- success("Theme changed.");
- redirect(page_link_to('user_settings'));
- }
- }
- elseif (isset ($_REQUEST['submit_language'])) {
- $ok = true;
-
- if (isset ($_REQUEST['language']) && isset ($languages[$_REQUEST['language']]))
- $selected_language = $_REQUEST['language'];
- else
- $ok = false;
-
- if ($ok) {
- sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID']));
- $_SESSION['Sprache'] = $selected_language;
-
- success("Language changed.");
- redirect(page_link_to('user_settings'));
- }
- }
-
- return page(array (
- sprintf(Get_Text("Hallo") . "%s,<br />" . Get_Text(13), $user['Nick']),
- $msg,
- msg(),
- form(array (
- form_info("", Get_Text("pub_einstellungen_Text_UserData")),
- form_text('nick', Get_Text("makeuser_Nickname") . "*", $nick),
- form_text('lastname', Get_Text("makeuser_Nachname"), $lastname),
- form_text('prename', Get_Text("makeuser_Vorname"), $prename),
- form_text('age', Get_Text("makeuser_Alter"), $age),
- form_text('tel', Get_Text("makeuser_Telefon"), $tel),
- form_text('dect', Get_Text("makeuser_DECT"), $dect),
- form_text('mobile', Get_Text("makeuser_Handy"), $mobile),
- form_text('mail', Get_Text("makeuser_E-Mail") . "*", $mail),
- form_text('icq', "ICQ", $icq),
- form_text('jabber', "Jabber", $jabber),
- form_text('hometown', Get_Text("makeuser_Hometown"), $hometown),
- $enable_tshirt_size ? form_select('tshirt_size', Get_Text("makeuser_T-Shirt"), $tshirt_sizes, $tshirt_size) : '',
- form_checkboxes('angel_types', "What do you want to do?", $angel_types, $selected_angel_types),
- form_submit('submit', Get_Text("save"))
- )),
- form(array (
- form_info("", Get_Text(14)),
- form_password('password', Get_Text(15)),
- form_password('new_password', Get_Text(16)),
- form_password('new_password2', Get_Text(17)),
- form_submit('submit_password', Get_Text("save"))
- )),
- form(array (
- form_info("", Get_Text(18)),
- form_select('theme', Get_Text(19), $themes, $selected_theme),
- form_submit('submit_theme', Get_Text("save"))
- )),
- form(array (
- form_info("", Get_Text(20)),
- form_select('language', Get_Text(21), $languages, $selected_language),
- form_submit('submit_language', Get_Text("save"))
- ))
- ));
+ global $enable_tshirt_size, $tshirt_sizes, $themes, $languages;
+ global $user;
+
+ $msg = "";
+ $nick = $user['Nick'];
+ $lastname = $user['Name'];
+ $prename = $user['Vorname'];
+ $age = $user['Alter'];
+ $tel = $user['Telefon'];
+ $dect = $user['DECT'];
+ $mobile = $user['Handy'];
+ $mail = $user['email'];
+ $icq = $user['ICQ'];
+ $jabber = $user['jabber'];
+ $hometown = $user['Hometown'];
+ $tshirt_size = $user['Size'];
+ $password_hash = "";
+ $selected_theme = $user['color'];
+ $selected_language = $user['Sprache'];
+
+ $selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']));
+ $selected_angel_types = array ();
+ foreach ($selected_angel_types_source as $selected_angel_type)
+ $selected_angel_types[] = $selected_angel_type['angeltype_id'];
+
+ $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
+ $angel_types = array ();
+ foreach ($angel_types_source as $angel_type)
+ $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");
+
+ if (isset ($_REQUEST['submit'])) {
+ $ok = true;
+
+ if (isset ($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) {
+ $nick = strip_request_item('nick');
+ if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
+ $ok = false;
+ $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick3"), $nick), true);
+ }
+ } else {
+ $ok = false;
+ $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick2"), strip_request_item('nick')), true);
+ }
+
+ if (isset ($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
+ $mail = strip_request_item('mail');
+ if (!check_email($mail)) {
+ $ok = false;
+ $msg .= error(Get_Text("makeuser_error_mail"), true);
+ }
+ } else {
+ $ok = false;
+ $msg .= error("Please enter your e-mail.", true);
+ }
+
+ if (isset ($_REQUEST['icq']))
+ $icq = strip_request_item('icq');
+ if (isset ($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
+ $jabber = strip_request_item('jabber');
+ if (!check_email($jabber)) {
+ $ok = false;
+ $msg .= error("Please check your jabber.", true);
+ }
+ }
+
+ if (isset ($_REQUEST['tshirt_size']) && isset ($tshirt_sizes[$_REQUEST['tshirt_size']]))
+ $tshirt_size = $_REQUEST['tshirt_size'];
+ else {
+ $ok = false;
+ }
+
+ $selected_angel_types = array ();
+ foreach ($angel_types as $angel_type_id => $angel_type_name)
+ if (isset ($_REQUEST['angel_types_' . $angel_type_id]))
+ $selected_angel_types[] = $angel_type_id;
+
+ // Trivia
+ if (isset ($_REQUEST['lastname']))
+ $lastname = strip_request_item('lastname');
+ if (isset ($_REQUEST['prename']))
+ $prename = strip_request_item('prename');
+ if (isset ($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age']))
+ $age = strip_request_item('age');
+ if (isset ($_REQUEST['tel']))
+ $tel = strip_request_item('tel');
+ if (isset ($_REQUEST['dect']))
+ $dect = strip_request_item('dect');
+ if (isset ($_REQUEST['mobile']))
+ $mobile = strip_request_item('mobile');
+ if (isset ($_REQUEST['hometown']))
+ $hometown = strip_request_item('hometown');
+
+ if ($ok) {
+ sql_query("UPDATE `User` SET `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) .
+ "', `Alter`='" . sql_escape($age) . "', `Telefon`='" . sql_escape($tel) . "', `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) .
+ "', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) .
+ "', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID']));
+
+ // Assign angel-types
+ $user_angel_type_info = array();
+ foreach ($angel_types_source as $angel_type) {
+ if (!in_array($angel_type['id'], $selected_angel_types))
+ sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($angel_type['id']) . " LIMIT 1");
+ else
+ $user_angel_type_info[] = $angel_type['name'];
+ }
+
+ foreach ($selected_angel_types as $selected_angel_type_id) {
+ if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0)
+ sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
+ }
+
+ engelsystem_log("Own angel types set to: " . join(", ", $user_angel_type_info));
+ success("Settings saved.");
+ redirect(page_link_to('user_settings'));
+ }
+ }
+ elseif (isset ($_REQUEST['submit_password'])) {
+ $ok = true;
+
+ if (!isset ($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))
+ $msg .= error(Get_Text(30), true);
+ elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH)
+ $msg .= error(Get_Text("makeuser_error_password2"));
+ elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2'])
+ $msg .= error(Get_Text("makeuser_error_password1"), true);
+ elseif(set_password($user['UID'], $_REQUEST['new_password']))
+ success("Password saved.");
+ else
+ error("Failed setting password.");
+ redirect(page_link_to('user_settings'));
+ }
+ elseif (isset ($_REQUEST['submit_theme'])) {
+ $ok = true;
+
+ if (isset ($_REQUEST['theme']) && isset ($themes[$_REQUEST['theme']]))
+ $selected_theme = $_REQUEST['theme'];
+ else
+ $ok = false;
+
+ if ($ok) {
+ sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID']));
+
+ success("Theme changed.");
+ redirect(page_link_to('user_settings'));
+ }
+ }
+ elseif (isset ($_REQUEST['submit_language'])) {
+ $ok = true;
+
+ if (isset ($_REQUEST['language']) && isset ($languages[$_REQUEST['language']]))
+ $selected_language = $_REQUEST['language'];
+ else
+ $ok = false;
+
+ if ($ok) {
+ sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID']));
+ $_SESSION['Sprache'] = $selected_language;
+
+ success("Language changed.");
+ redirect(page_link_to('user_settings'));
+ }
+ }
+
+ return page(array (
+ sprintf(Get_Text("Hallo") . "%s,<br />" . Get_Text(13), $user['Nick']),
+ $msg,
+ msg(),
+ form(array (
+ form_info("", Get_Text("pub_einstellungen_Text_UserData")),
+ form_text('nick', Get_Text("makeuser_Nickname") . "*", $nick),
+ form_text('lastname', Get_Text("makeuser_Nachname"), $lastname),
+ form_text('prename', Get_Text("makeuser_Vorname"), $prename),
+ form_text('age', Get_Text("makeuser_Alter"), $age),
+ form_text('tel', Get_Text("makeuser_Telefon"), $tel),
+ form_text('dect', Get_Text("makeuser_DECT"), $dect),
+ form_text('mobile', Get_Text("makeuser_Handy"), $mobile),
+ form_text('mail', Get_Text("makeuser_E-Mail") . "*", $mail),
+ form_text('icq', "ICQ", $icq),
+ form_text('jabber', "Jabber", $jabber),
+ form_text('hometown', Get_Text("makeuser_Hometown"), $hometown),
+ $enable_tshirt_size ? form_select('tshirt_size', Get_Text("makeuser_T-Shirt"), $tshirt_sizes, $tshirt_size) : '',
+ form_checkboxes('angel_types', "What do you want to do?", $angel_types, $selected_angel_types),
+ form_submit('submit', Get_Text("save"))
+ )),
+ form(array (
+ form_info("", Get_Text(14)),
+ form_password('password', Get_Text(15)),
+ form_password('new_password', Get_Text(16)),
+ form_password('new_password2', Get_Text(17)),
+ form_submit('submit_password', Get_Text("save"))
+ )),
+ form(array (
+ form_info("", Get_Text(18)),
+ form_select('theme', Get_Text(19), $themes, $selected_theme),
+ form_submit('submit_theme', Get_Text("save"))
+ )),
+ form(array (
+ form_info("", Get_Text(20)),
+ form_select('language', Get_Text(21), $languages, $selected_language),
+ form_submit('submit_language', Get_Text("save"))
+ ))
+ ));
}
?>