23 |
23 |
24 $userprefs_menu = Array(); |
24 $userprefs_menu = Array(); |
25 $userprefs_menu_links = Array(); |
25 $userprefs_menu_links = Array(); |
26 function userprefs_menu_add($section, $text, $link) |
26 function userprefs_menu_add($section, $text, $link) |
27 { |
27 { |
28 global $userprefs_menu; |
28 global $userprefs_menu; |
29 if ( isset($userprefs_menu[$section]) && is_array($userprefs_menu[$section]) ) |
29 if ( isset($userprefs_menu[$section]) && is_array($userprefs_menu[$section]) ) |
30 { |
30 { |
31 $userprefs_menu[$section][] = Array( |
31 $userprefs_menu[$section][] = Array( |
32 'text' => $text, |
32 'text' => $text, |
33 'link' => $link |
33 'link' => $link |
34 ); |
34 ); |
35 } |
35 } |
36 else |
36 else |
37 { |
37 { |
38 $userprefs_menu[$section] = Array(Array( |
38 $userprefs_menu[$section] = Array(Array( |
39 'text' => $text, |
39 'text' => $text, |
40 'link' => $link |
40 'link' => $link |
41 )); |
41 )); |
42 } |
42 } |
43 } |
43 } |
44 |
44 |
45 $plugins->attachHook('tpl_compile_sidebar', 'userprefs_jbox_setup($button, $tb, $menubtn);'); |
45 $plugins->attachHook('tpl_compile_sidebar', 'userprefs_jbox_setup($button, $tb, $menubtn);'); |
46 |
46 |
47 function userprefs_jbox_setup(&$button, &$tb, &$menubtn) |
47 function userprefs_jbox_setup(&$button, &$tb, &$menubtn) |
48 { |
48 { |
49 global $db, $session, $paths, $template, $plugins; // Common objects |
49 global $db, $session, $paths, $template, $plugins; // Common objects |
50 global $lang; |
50 global $lang; |
51 |
51 |
52 if ( $paths->namespace != 'Special' || $paths->page_id != 'Preferences' ) |
52 if ( $paths->namespace != 'Special' || $paths->page_id != 'Preferences' ) |
53 return false; |
53 return false; |
54 |
54 |
55 $tb .= "<ul>$template->toolbar_menu</ul>"; |
55 $tb .= "<ul>$template->toolbar_menu</ul>"; |
56 $template->toolbar_menu = ''; |
56 $template->toolbar_menu = ''; |
57 |
57 |
58 $button->assign_vars(array( |
58 $button->assign_vars(array( |
59 'TEXT' => $lang->get('usercp_btn_memberlist'), |
59 'TEXT' => $lang->get('usercp_btn_memberlist'), |
60 'FLAGS' => '', |
60 'FLAGS' => '', |
61 'PARENTFLAGS' => '', |
61 'PARENTFLAGS' => '', |
62 'HREF' => makeUrlNS('Special', 'Memberlist') |
62 'HREF' => makeUrlNS('Special', 'Memberlist') |
63 )); |
63 )); |
64 |
64 |
65 $tb .= $button->run(); |
65 $tb .= $button->run(); |
66 } |
66 } |
67 |
67 |
68 function userprefs_menu_html() |
68 function userprefs_menu_html() |
69 { |
69 { |
70 global $userprefs_menu; |
70 global $userprefs_menu; |
71 global $userprefs_menu_links; |
71 global $userprefs_menu_links; |
72 global $lang; |
72 global $lang; |
73 |
73 |
74 $html = ''; |
74 $html = ''; |
75 $quot = '"'; |
75 $quot = '"'; |
76 |
76 |
77 foreach ( $userprefs_menu as $section => $buttons ) |
77 foreach ( $userprefs_menu as $section => $buttons ) |
78 { |
78 { |
79 $section_name = $section; |
79 $section_name = $section; |
80 if ( preg_match('/^[a-z]+_[a-z_]+$/', $section) ) |
80 if ( preg_match('/^[a-z]+_[a-z_]+$/', $section) ) |
81 { |
81 { |
82 $section_name = $lang->get($section_name); |
82 $section_name = $lang->get($section_name); |
83 } |
83 } |
84 $html .= ( isset($userprefs_menu_links[$section]) ) ? "<a href={$quot}{$userprefs_menu_links[$section]}{$quot}>{$section_name}</a>\n " : "<a>{$section_name}</a>\n "; |
84 $html .= ( isset($userprefs_menu_links[$section]) ) ? "<a href={$quot}{$userprefs_menu_links[$section]}{$quot}>{$section_name}</a>\n " : "<a>{$section_name}</a>\n "; |
85 $html .= "<ul>\n "; |
85 $html .= "<ul>\n "; |
86 foreach ( $buttons as $button ) |
86 foreach ( $buttons as $button ) |
87 { |
87 { |
88 $buttontext = $button['text']; |
88 $buttontext = $button['text']; |
89 if ( preg_match('/^[a-z]+_[a-z_]+$/', $buttontext) ) |
89 if ( preg_match('/^[a-z]+_[a-z_]+$/', $buttontext) ) |
90 { |
90 { |
91 $buttontext = $lang->get($buttontext); |
91 $buttontext = $lang->get($buttontext); |
92 } |
92 } |
93 $html .= " <li><a href={$quot}{$button['link']}{$quot}>{$buttontext}</a></li>\n "; |
93 $html .= " <li><a href={$quot}{$button['link']}{$quot}>{$buttontext}</a></li>\n "; |
94 } |
94 } |
95 $html .= "</ul>\n "; |
95 $html .= "</ul>\n "; |
96 } |
96 } |
97 |
97 |
98 return $html; |
98 return $html; |
99 } |
99 } |
100 |
100 |
101 function userprefs_show_menu() |
101 function userprefs_show_menu() |
102 { |
102 { |
103 echo '<div class="menu_nojs"> |
103 echo '<div class="menu_nojs"> |
104 ' . userprefs_menu_html() . ' |
104 ' . userprefs_menu_html() . ' |
105 <span class="menuclear"></span> |
105 <span class="menuclear"></span> |
106 </div> |
106 </div> |
107 <br /> |
107 <br /> |
108 '; |
108 '; |
109 } |
109 } |
110 |
110 |
111 function userprefs_menu_init() |
111 function userprefs_menu_init() |
112 { |
112 { |
113 global $db, $session, $paths, $template, $plugins; // Common objects |
113 global $db, $session, $paths, $template, $plugins; // Common objects |
114 global $userprefs_menu_links; |
114 global $userprefs_menu_links; |
115 |
115 |
116 userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_emailpassword', makeUrlNS('Special', 'Preferences/EmailPassword') . '" onclick="ajaxLoginNavTo(\'Special\', \'Preferences/EmailPassword\', '.USER_LEVEL_CHPREF.'); return false;'); |
116 userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_emailpassword', makeUrlNS('Special', 'Preferences/EmailPassword') . '" onclick="ajaxLoginNavTo(\'Special\', \'Preferences/EmailPassword\', '.USER_LEVEL_CHPREF.'); return false;'); |
117 userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_signature', makeUrlNS('Special', 'Preferences/Signature')); |
117 userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_signature', makeUrlNS('Special', 'Preferences/Signature')); |
118 // userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_publicinfo', makeUrlNS('Special', 'Preferences/Profile')); |
118 // userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_publicinfo', makeUrlNS('Special', 'Preferences/Profile')); |
119 userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_usergroups', makeUrlNS('Special', 'Usergroups')); |
119 userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_usergroups', makeUrlNS('Special', 'Usergroups')); |
120 if ( getConfig('avatar_enable') == '1' ) |
120 if ( getConfig('avatar_enable') == '1' ) |
121 { |
121 { |
122 userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_avatar', makeUrlNS('Special', 'Preferences/Avatar')); |
122 userprefs_menu_add('usercp_sec_profile', 'usercp_sec_profile_avatar', makeUrlNS('Special', 'Preferences/Avatar')); |
123 } |
123 } |
124 userprefs_menu_add('usercp_sec_pm', 'usercp_sec_pm_inbox', makeUrlNS('Special', 'PrivateMessages/Folder/Inbox')); |
124 userprefs_menu_add('usercp_sec_pm', 'usercp_sec_pm_inbox', makeUrlNS('Special', 'PrivateMessages/Folder/Inbox')); |
125 userprefs_menu_add('usercp_sec_pm', 'usercp_sec_pm_outbox', makeUrlNS('Special', 'PrivateMessages/Folder/Outbox')); |
125 userprefs_menu_add('usercp_sec_pm', 'usercp_sec_pm_outbox', makeUrlNS('Special', 'PrivateMessages/Folder/Outbox')); |
126 userprefs_menu_add('usercp_sec_pm', 'usercp_sec_pm_sent', makeUrlNS('Special', 'PrivateMessages/Folder/Sent')); |
126 userprefs_menu_add('usercp_sec_pm', 'usercp_sec_pm_sent', makeUrlNS('Special', 'PrivateMessages/Folder/Sent')); |
127 userprefs_menu_add('usercp_sec_pm', 'usercp_sec_pm_drafts', makeUrlNS('Special', 'PrivateMessages/Folder/Drafts')); |
127 userprefs_menu_add('usercp_sec_pm', 'usercp_sec_pm_drafts', makeUrlNS('Special', 'PrivateMessages/Folder/Drafts')); |
128 userprefs_menu_add('usercp_sec_pm', 'usercp_sec_pm_archive', makeUrlNS('Special', 'PrivateMessages/Folder/Archive')); |
128 userprefs_menu_add('usercp_sec_pm', 'usercp_sec_pm_archive', makeUrlNS('Special', 'PrivateMessages/Folder/Archive')); |
129 |
129 |
130 /* |
130 /* |
131 // Reserved for Enano's Next Big Innovation.(TM) |
131 // Reserved for Enano's Next Big Innovation.(TM) |
132 userprefs_menu_add('Private messages', 'Inbox', makeUrlNS('Special', 'Private_Messages#folder:inbox')); |
132 userprefs_menu_add('Private messages', 'Inbox', makeUrlNS('Special', 'Private_Messages#folder:inbox')); |
133 userprefs_menu_add('Private messages', 'Starred', makeUrlNS('Special', 'Private_Messages#folder:starred')); |
133 userprefs_menu_add('Private messages', 'Starred', makeUrlNS('Special', 'Private_Messages#folder:starred')); |
134 userprefs_menu_add('Private messages', 'Sent items', makeUrlNS('Special', 'Private_Messages#folder:sent')); |
134 userprefs_menu_add('Private messages', 'Sent items', makeUrlNS('Special', 'Private_Messages#folder:sent')); |
135 userprefs_menu_add('Private messages', 'Drafts', makeUrlNS('Special', 'Private_Messages#folder:drafts')); |
135 userprefs_menu_add('Private messages', 'Drafts', makeUrlNS('Special', 'Private_Messages#folder:drafts')); |
136 userprefs_menu_add('Private messages', 'Archive', makeUrlNS('Special', 'Private_Messages#folder:archive')); |
136 userprefs_menu_add('Private messages', 'Archive', makeUrlNS('Special', 'Private_Messages#folder:archive')); |
137 userprefs_menu_add('Private messages', 'Trash', makeUrlNS('Special', 'Private_Messages#folder:trash')); |
137 userprefs_menu_add('Private messages', 'Trash', makeUrlNS('Special', 'Private_Messages#folder:trash')); |
138 */ |
138 */ |
139 |
139 |
140 $userprefs_menu_links['usercp_sec_profile'] = makeUrlNS('Special', 'Preferences'); |
140 $userprefs_menu_links['usercp_sec_profile'] = makeUrlNS('Special', 'Preferences'); |
141 $userprefs_menu_links['usercp_sec_pm'] = makeUrlNS('Special', 'PrivateMessages'); |
141 $userprefs_menu_links['usercp_sec_pm'] = makeUrlNS('Special', 'PrivateMessages'); |
142 |
142 |
143 $code = $plugins->setHook('userprefs_jbox'); |
143 $code = $plugins->setHook('userprefs_jbox'); |
144 foreach ( $code as $cmd ) |
144 foreach ( $code as $cmd ) |
145 { |
145 { |
146 eval($cmd); |
146 eval($cmd); |
147 } |
147 } |
148 } |
148 } |
149 |
149 |
150 $plugins->attachHook('common_post', 'userprefs_menu_init();'); |
150 $plugins->attachHook('common_post', 'userprefs_menu_init();'); |
151 |
151 |
152 function page_Special_Preferences() |
152 function page_Special_Preferences() |
153 { |
153 { |
154 global $db, $session, $paths, $template, $plugins; // Common objects |
154 global $db, $session, $paths, $template, $plugins; // Common objects |
155 global $lang; |
155 global $lang; |
156 global $timezone; |
156 global $timezone; |
157 global $cache; |
157 global $cache; |
158 |
158 |
159 // We need a login to continue |
159 // We need a login to continue |
160 if ( !$session->user_logged_in ) |
160 if ( !$session->user_logged_in ) |
161 redirect(makeUrlNS('Special', 'Login/' . $paths->page), 'Login required', 'You need to be logged in to access this page. Please wait while you are redirected to the login page.'); |
161 redirect(makeUrlNS('Special', 'Login/' . $paths->page), 'Login required', 'You need to be logged in to access this page. Please wait while you are redirected to the login page.'); |
162 |
162 |
163 // User ID - later this will be specified on the URL, but hardcoded for now |
163 // User ID - later this will be specified on the URL, but hardcoded for now |
164 $uid = intval($session->user_id); |
164 $uid = intval($session->user_id); |
165 |
165 |
166 // Instanciate the AES encryptor |
166 // Instanciate the AES encryptor |
167 $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE); |
167 $aes = AESCrypt::singleton(AES_BITS, AES_BLOCKSIZE); |
168 |
168 |
169 // Basic user info |
169 // Basic user info |
170 $q = $db->sql_query('SELECT username, password, email, real_name, signature, theme, style FROM '.table_prefix.'users WHERE user_id='.$uid.';'); |
170 $q = $db->sql_query('SELECT username, password, email, real_name, signature, theme, style FROM '.table_prefix.'users WHERE user_id='.$uid.';'); |
171 if ( !$q ) |
171 if ( !$q ) |
172 $db->_die(); |
172 $db->_die(); |
173 |
173 |
174 $row = $db->fetchrow(); |
174 $row = $db->fetchrow(); |
175 $db->free_result(); |
175 $db->free_result(); |
176 |
176 |
177 $section = $paths->getParam(0); |
177 $section = $paths->getParam(0); |
178 if ( !$section ) |
178 if ( !$section ) |
179 { |
179 { |
180 $section = 'Home'; |
180 $section = 'Home'; |
181 } |
181 } |
182 |
182 |
183 $errors = ''; |
183 $errors = ''; |
184 |
184 |
185 switch ( $section ) |
185 switch ( $section ) |
186 { |
186 { |
187 case 'Avatar': |
187 case 'Avatar': |
188 $template->preload_js('jquery'); |
188 $template->preload_js('jquery'); |
189 $template->preload_js('jquery-ui'); |
189 $template->preload_js('jquery-ui'); |
190 break; |
190 break; |
191 case 'EmailPassword': |
191 case 'EmailPassword': |
192 // Require elevated privileges (well sortof) |
192 // Require elevated privileges (well sortof) |
193 if ( $session->auth_level < USER_LEVEL_CHPREF ) |
193 if ( $session->auth_level < USER_LEVEL_CHPREF ) |
194 { |
194 { |
195 redirect(makeUrlNS('Special', 'Login/' . $paths->fullpage, 'level=' . USER_LEVEL_CHPREF, true), 'Authentication required', 'You need to re-authenticate to access this page.', 0); |
195 redirect(makeUrlNS('Special', 'Login/' . $paths->fullpage, 'level=' . USER_LEVEL_CHPREF, true), 'Authentication required', 'You need to re-authenticate to access this page.', 0); |
196 } |
196 } |
197 |
197 |
198 if ( isset($_POST['submit']) ) |
198 if ( isset($_POST['submit']) ) |
199 { |
199 { |
200 $email_changed = false; |
200 $email_changed = false; |
201 // First do the e-mail address |
201 // First do the e-mail address |
202 if ( strlen($_POST['newemail']) > 0 ) |
202 if ( strlen($_POST['newemail']) > 0 ) |
203 { |
203 { |
204 switch('foo') // Same reason as in the password code... |
204 switch('foo') // Same reason as in the password code... |
205 { |
205 { |
206 case 'foo': |
206 case 'foo': |
207 if ( $_POST['newemail'] != $_POST['newemail_conf'] ) |
207 if ( $_POST['newemail'] != $_POST['newemail_conf'] ) |
208 { |
208 { |
209 $errors .= '<div class="error-box">' . $lang->get('usercp_emailpassword_err_email_no_match') . '</div>'; |
209 $errors .= '<div class="error-box">' . $lang->get('usercp_emailpassword_err_email_no_match') . '</div>'; |
210 break; |
210 break; |
211 } |
211 } |
212 } |
212 } |
213 $q = $db->sql_query('SELECT password FROM '.table_prefix.'users WHERE user_id='.$session->user_id.';'); |
213 $q = $db->sql_query('SELECT password FROM '.table_prefix.'users WHERE user_id='.$session->user_id.';'); |
214 if ( !$q ) |
214 if ( !$q ) |
215 $db->_die(); |
215 $db->_die(); |
216 $row = $db->fetchrow(); |
216 $row = $db->fetchrow(); |
217 $db->free_result(); |
217 $db->free_result(); |
218 |
218 |
219 $new_email = $_POST['newemail']; |
219 $new_email = $_POST['newemail']; |
220 |
220 |
221 $result = $session->change_email($session->user_id, $new_email); |
221 $result = $session->change_email($session->user_id, $new_email); |
222 if ( $result != 'success' ) |
222 if ( $result != 'success' ) |
223 { |
223 { |
224 $message = '<p>' . $lang->get('usercp_emailpassword_err_list') . '</p>'; |
224 $message = '<p>' . $lang->get('usercp_emailpassword_err_list') . '</p>'; |
225 $message .= '<ul><li>' . implode("</li>\n<li>", $result) . '</li></ul>'; |
225 $message .= '<ul><li>' . implode("</li>\n<li>", $result) . '</li></ul>'; |
226 die_friendly($lang->get('usercp_emailpassword_err_title'), $message); |
226 die_friendly($lang->get('usercp_emailpassword_err_title'), $message); |
227 } |
227 } |
228 $email_changed = true; |
228 $email_changed = true; |
229 } |
229 } |
230 // Obtain password |
230 // Obtain password |
231 if ( !empty($_POST['crypt_data']) || !empty($_POST['newpass']) || $session->password_change_disabled ) |
231 if ( !empty($_POST['crypt_data']) || !empty($_POST['newpass']) || $session->password_change_disabled ) |
232 { |
232 { |
233 $newpass = $session->password_change_disabled ? '' : $session->get_aes_post('newpass'); |
233 $newpass = $session->password_change_disabled ? '' : $session->get_aes_post('newpass'); |
234 // At this point we know if we _want_ to change the password... |
234 // At this point we know if we _want_ to change the password... |
235 |
235 |
236 // We can't check the password to see if it matches the confirmation |
236 // We can't check the password to see if it matches the confirmation |
237 // because the confirmation was destroyed during the encryption. I figured |
237 // because the confirmation was destroyed during the encryption. I figured |
238 // this wasn't a big deal because if the encryption worked, then either |
238 // this wasn't a big deal because if the encryption worked, then either |
239 // the Javascript validated it or the user hacked the form. In the latter |
239 // the Javascript validated it or the user hacked the form. In the latter |
240 // case, if he's smart enough to hack the encryption code, he's probably |
240 // case, if he's smart enough to hack the encryption code, he's probably |
241 // smart enough to remember his password. |
241 // smart enough to remember his password. |
242 |
242 |
243 if ( strlen($newpass) > 0 ) |
243 if ( strlen($newpass) > 0 ) |
244 { |
244 { |
245 if ( defined('ENANO_DEMO_MODE') ) |
245 if ( defined('ENANO_DEMO_MODE') ) |
246 $errors .= '<div class="error-box" style="margin: 0 0 10px 0;">' . $lang->get('usercp_emailpassword_err_demo') . '</div>'; |
246 $errors .= '<div class="error-box" style="margin: 0 0 10px 0;">' . $lang->get('usercp_emailpassword_err_demo') . '</div>'; |
247 // Perform checks |
247 // Perform checks |
248 if ( strlen($newpass) < 6 ) |
248 if ( strlen($newpass) < 6 ) |
249 $errors .= '<div class="error-box" style="margin: 0 0 10px 0;">' . $lang->get('usercp_emailpassword_err_password_too_short') . '</div>'; |
249 $errors .= '<div class="error-box" style="margin: 0 0 10px 0;">' . $lang->get('usercp_emailpassword_err_password_too_short') . '</div>'; |
250 if ( getConfig('pw_strength_enable') == '1' ) |
250 if ( getConfig('pw_strength_enable') == '1' ) |
251 { |
251 { |
252 $score_inp = password_score($newpass); |
252 $score_inp = password_score($newpass); |
253 $score_min = getConfig('pw_strength_minimum', -10); |
253 $score_min = getConfig('pw_strength_minimum', -10); |
254 if ( $score_inp < $score_min ) |
254 if ( $score_inp < $score_min ) |
255 $errors .= '<div class="error-box" style="margin: 0 0 10px 0;">' . $lang->get('usercp_emailpassword_err_password_too_weak', array('score' => $score_inp)) . '</div>'; |
255 $errors .= '<div class="error-box" style="margin: 0 0 10px 0;">' . $lang->get('usercp_emailpassword_err_password_too_weak', array('score' => $score_inp)) . '</div>'; |
256 } |
256 } |
257 if ( $_POST['use_crypt'] == 'no' && $newpass != $_POST['newpass_confirm'] ) |
257 if ( $_POST['use_crypt'] == 'no' && $newpass != $_POST['newpass_confirm'] ) |
258 { |
258 { |
259 $errors .= '<div class="error-box">' . $lang->get('usercp_emailpassword_err_password_no_match') . '</div>'; |
259 $errors .= '<div class="error-box">' . $lang->get('usercp_emailpassword_err_password_no_match') . '</div>'; |
260 } |
260 } |
261 // Encrypt new password |
261 // Encrypt new password |
262 if ( empty($errors) ) |
262 if ( empty($errors) ) |
263 { |
263 { |
264 // Perform the swap |
264 // Perform the swap |
265 $session->set_password($session->username, $newpass); |
265 $session->set_password($session->username, $newpass); |
266 // Log out and back in |
266 // Log out and back in |
267 $username = $session->username; |
267 $username = $session->username; |
268 $session->logout(); |
268 $session->logout(); |
269 if ( $email_changed ) |
269 if ( $email_changed ) |
270 { |
270 { |
271 if ( getConfig('account_activation') == 'user' ) |
271 if ( getConfig('account_activation') == 'user' ) |
272 { |
272 { |
273 redirect(makeUrl(get_main_page()), $lang->get('usercp_emailpassword_msg_profile_success'), $lang->get('usercp_emailpassword_msg_need_activ_user'), 20); |
273 redirect(makeUrl(get_main_page()), $lang->get('usercp_emailpassword_msg_profile_success'), $lang->get('usercp_emailpassword_msg_need_activ_user'), 20); |
274 } |
274 } |
275 else if ( getConfig('account_activation') == 'admin' ) |
275 else if ( getConfig('account_activation') == 'admin' ) |
276 { |
276 { |
277 redirect(makeUrl(get_main_page()), $lang->get('usercp_emailpassword_msg_profile_success'), $lang->get('usercp_emailpassword_msg_need_activ_admin'), 20); |
277 redirect(makeUrl(get_main_page()), $lang->get('usercp_emailpassword_msg_profile_success'), $lang->get('usercp_emailpassword_msg_need_activ_admin'), 20); |
278 } |
278 } |
279 } |
279 } |
280 $session->login_without_crypto($username, $newpass); |
280 $session->login_without_crypto($username, $newpass); |
281 redirect(makeUrlNS('Special', 'Preferences'), $lang->get('usercp_emailpassword_msg_pass_success'), $lang->get('usercp_emailpassword_msg_password_changed'), 5); |
281 redirect(makeUrlNS('Special', 'Preferences'), $lang->get('usercp_emailpassword_msg_pass_success'), $lang->get('usercp_emailpassword_msg_password_changed'), 5); |
282 } |
282 } |
283 } |
283 } |
284 else if ( $email_changed ) |
284 else if ( $email_changed ) |
285 { |
285 { |
286 $session->logout(USER_LEVEL_CHPREF); |
286 $session->logout(USER_LEVEL_CHPREF); |
287 $activation = $session->user_level >= USER_LEVEL_MOD ? 'none' : getConfig('account_activation', 'none'); |
287 $activation = $session->user_level >= USER_LEVEL_MOD ? 'none' : getConfig('account_activation', 'none'); |
288 switch($activation) |
288 switch($activation) |
289 { |
289 { |
290 default: |
290 default: |
291 $message_body = $lang->get('usercp_emailpassword_msg_password_changed'); |
291 $message_body = $lang->get('usercp_emailpassword_msg_password_changed'); |
292 $timeout = 5; |
292 $timeout = 5; |
293 break; |
293 break; |
294 case 'admin': |
294 case 'admin': |
295 $message_body = $lang->get('usercp_emailpassword_msg_need_activ_user'); |
295 $message_body = $lang->get('usercp_emailpassword_msg_need_activ_user'); |
296 $timeout = 20; |
296 $timeout = 20; |
297 break; |
297 break; |
298 case 'user': |
298 case 'user': |
299 $message_body = $lang->get('usercp_emailpassword_msg_need_activ_admin'); |
299 $message_body = $lang->get('usercp_emailpassword_msg_need_activ_admin'); |
300 $timeout = 20; |
300 $timeout = 20; |
301 break; |
301 break; |
302 } |
302 } |
303 redirect(makeUrlNS('Special', 'Preferences'), $lang->get('usercp_emailpassword_msg_email_success'), $message_body, $timeout); |
303 redirect(makeUrlNS('Special', 'Preferences'), $lang->get('usercp_emailpassword_msg_email_success'), $message_body, $timeout); |
304 } |
304 } |
305 } |
305 } |
306 } |
306 } |
307 $template->tpl_strings['PAGE_NAME'] = $lang->get('usercp_emailpassword_title'); |
307 $template->tpl_strings['PAGE_NAME'] = $lang->get('usercp_emailpassword_title'); |
308 break; |
308 break; |
309 case 'Signature': |
309 case 'Signature': |
310 $template->tpl_strings['PAGE_NAME'] = $lang->get('usercp_signature_title'); |
310 $template->tpl_strings['PAGE_NAME'] = $lang->get('usercp_signature_title'); |
311 break; |
311 break; |
312 case 'Profile': |
312 case 'Profile': |
313 case 'Home': |
313 case 'Home': |
314 if ( isset($_POST['submit']) ) |
314 if ( isset($_POST['submit']) ) |
315 csrf_request_confirm(); |
315 csrf_request_confirm(); |
316 |
316 |
317 $template->tpl_strings['PAGE_NAME'] = $lang->get('usercp_publicinfo_title'); |
317 $template->tpl_strings['PAGE_NAME'] = $lang->get('usercp_publicinfo_title'); |
318 break; |
318 break; |
319 } |
319 } |
320 |
320 |
321 $template->header(); |
321 $template->header(); |
322 |
322 |
323 // Output the menu |
323 // Output the menu |
324 // This is not templatized because it conforms to the jBox menu standard. |
324 // This is not templatized because it conforms to the jBox menu standard. |
325 |
325 |
326 userprefs_show_menu(); |
326 userprefs_show_menu(); |
327 |
327 |
328 switch ( $section ) |
328 switch ( $section ) |
329 { |
329 { |
330 case 'EmailPassword': |
330 case 'EmailPassword': |
331 |
331 |
332 $errors = trim($errors); |
332 $errors = trim($errors); |
333 if ( !empty($errors) ) |
333 if ( !empty($errors) ) |
334 { |
334 { |
335 echo $errors; |
335 echo $errors; |
336 } |
336 } |
337 |
337 |
338 echo '<form action="' . makeUrlNS('Special', 'Preferences/EmailPassword') . '" method="post" onsubmit="return runEncryption();" name="empwform" >'; |
338 echo '<form action="' . makeUrlNS('Special', 'Preferences/EmailPassword') . '" method="post" onsubmit="return runEncryption();" name="empwform" >'; |
339 echo '<fieldset>'; |
339 echo '<fieldset>'; |
340 echo '<legend>' . $lang->get('usercp_emailpassword_grp_chpasswd') . '</legend>'; |
340 echo '<legend>' . $lang->get('usercp_emailpassword_grp_chpasswd') . '</legend>'; |
341 |
341 |
342 // Password change form |
342 // Password change form |
343 if ( $session->password_change_disabled ) |
343 if ( $session->password_change_disabled ) |
344 { |
344 { |
345 echo '<p>' . $lang->get('usercp_emailpassword_msg_change_disabled') . '</p>'; |
345 echo '<p>' . $lang->get('usercp_emailpassword_msg_change_disabled') . '</p>'; |
346 if ( $session->password_change_dest['url'] ) |
346 if ( $session->password_change_dest['url'] ) |
347 { |
347 { |
348 echo '<p>' . $lang->get('usercp_emailpassword_msg_change_disabled_url') . ' |
348 echo '<p>' . $lang->get('usercp_emailpassword_msg_change_disabled_url') . ' |
349 <a onclick="window.open(this.href); return false;" href="' . htmlspecialchars($session->password_change_dest['url']) . '">' . htmlspecialchars($session->password_change_dest['title']) . '</a></p>'; |
349 <a onclick="window.open(this.href); return false;" href="' . htmlspecialchars($session->password_change_dest['url']) . '">' . htmlspecialchars($session->password_change_dest['title']) . '</a></p>'; |
350 } |
350 } |
351 } |
351 } |
352 else |
352 else |
353 { |
353 { |
354 echo $lang->get('usercp_emailpassword_field_newpass') . '<br /> |
354 echo $lang->get('usercp_emailpassword_field_newpass') . '<br /> |
355 <input type="password" name="newpass" size="30" tabindex="1" ' . ( getConfig('pw_strength_enable') == '1' ? 'onkeyup="password_score_field(this);" ' : '' ) . '/>' . ( getConfig('pw_strength_enable') == '1' ? '<span class="password-checker" style="font-weight: bold; color: #aaaaaa;"> Loading...</span>' : '' ) . ' |
355 <input type="password" name="newpass" size="30" tabindex="1" ' . ( getConfig('pw_strength_enable') == '1' ? 'onkeyup="password_score_field(this);" ' : '' ) . '/>' . ( getConfig('pw_strength_enable') == '1' ? '<span class="password-checker" style="font-weight: bold; color: #aaaaaa;"> Loading...</span>' : '' ) . ' |
356 <br /> |
356 <br /> |
357 <br /> |
357 <br /> |
358 ' . $lang->get('usercp_emailpassword_field_newpass_confirm') . '<br /> |
358 ' . $lang->get('usercp_emailpassword_field_newpass_confirm') . '<br /> |
359 <input type="password" name="newpass_confirm" size="30" tabindex="2" /> |
359 <input type="password" name="newpass_confirm" size="30" tabindex="2" /> |
360 ' . ( getConfig('pw_strength_enable') == '1' ? '<br /><br /><div id="pwmeter"></div> |
360 ' . ( getConfig('pw_strength_enable') == '1' ? '<br /><br /><div id="pwmeter"></div> |
361 <small>' . $lang->get('usercp_emailpassword_msg_password_min_score') . '</small>' : '' ); |
361 <small>' . $lang->get('usercp_emailpassword_msg_password_min_score') . '</small>' : '' ); |
362 } |
362 } |
363 echo '</fieldset><br />'; |
363 echo '</fieldset><br />'; |
364 echo '<fieldset> |
364 echo '<fieldset> |
365 <legend>' . $lang->get('usercp_emailpassword_grp_chemail') . '</legend> |
365 <legend>' . $lang->get('usercp_emailpassword_grp_chemail') . '</legend> |
366 ' . $lang->get('usercp_emailpassword_field_newemail') . '<br /> |
366 ' . $lang->get('usercp_emailpassword_field_newemail') . '<br /> |
367 <input type="text" value="' . ( isset($_POST['newemail']) ? htmlspecialchars($_POST['newemail']) : '' ) . '" name="newemail" size="30" tabindex="3" /> |
367 <input type="text" value="' . ( isset($_POST['newemail']) ? htmlspecialchars($_POST['newemail']) : '' ) . '" name="newemail" size="30" tabindex="3" /> |
368 <br /> |
368 <br /> |
369 <br /> |
369 <br /> |
370 ' . $lang->get('usercp_emailpassword_field_newemail_confirm') . '<br /> |
370 ' . $lang->get('usercp_emailpassword_field_newemail_confirm') . '<br /> |
371 <input type="text" value="' . ( isset($_POST['newemail']) ? htmlspecialchars($_POST['newemail']) : '' ) . '" name="newemail_conf" size="30" tabindex="4" /> |
371 <input type="text" value="' . ( isset($_POST['newemail']) ? htmlspecialchars($_POST['newemail']) : '' ) . '" name="newemail_conf" size="30" tabindex="4" /> |
372 </fieldset> |
372 </fieldset> |
373 <br /> |
373 <br /> |
374 <div style="text-align: right;"><input type="submit" name="submit" value="' . $lang->get('etc_save_changes') . '" tabindex="5" /></div>'; |
374 <div style="text-align: right;"><input type="submit" name="submit" value="' . $lang->get('etc_save_changes') . '" tabindex="5" /></div>'; |
375 |
375 |
376 if ( !$session->password_change_disabled ) |
376 if ( !$session->password_change_disabled ) |
377 echo $session->generate_aes_form(); |
377 echo $session->generate_aes_form(); |
378 |
378 |
379 echo '</form>'; |
379 echo '</form>'; |
380 |
380 |
381 // ENCRYPTION CODE |
381 // ENCRYPTION CODE |
382 ?> |
382 ?> |
383 <?php if ( !$session->password_change_disabled && getConfig('pw_strength_enable') == '1' ): ?> |
383 <?php if ( !$session->password_change_disabled && getConfig('pw_strength_enable') == '1' ): ?> |
384 <script type="text/javascript"> |
384 <script type="text/javascript"> |
385 addOnloadHook(function() |
385 addOnloadHook(function() |
386 { |
386 { |
387 password_score_field(document.forms.empwform.newpass); |
387 password_score_field(document.forms.empwform.newpass); |
388 }); |
388 }); |
389 </script> |
389 </script> |
390 <?php endif; ?> |
390 <?php endif; ?> |
391 <?php |
391 <?php |
392 echo $session->aes_javascript('empwform', 'newpass'); |
392 echo $session->aes_javascript('empwform', 'newpass'); |
393 break; |
393 break; |
394 case 'Signature': |
394 case 'Signature': |
395 if ( isset($_POST['new_sig']) ) |
395 if ( isset($_POST['new_sig']) ) |
396 { |
396 { |
397 $sig = $_POST['new_sig']; |
397 $sig = $_POST['new_sig']; |
398 $sig = RenderMan::preprocess_text($sig, true, false); |
398 $sig = RenderMan::preprocess_text($sig, true, false); |
399 $sql_sig = $db->escape($sig); |
399 $sql_sig = $db->escape($sig); |
400 $q = $db->sql_query('UPDATE '.table_prefix.'users SET signature=\'' . $sql_sig . '\' WHERE user_id=' . $session->user_id . ';'); |
400 $q = $db->sql_query('UPDATE '.table_prefix.'users SET signature=\'' . $sql_sig . '\' WHERE user_id=' . $session->user_id . ';'); |
401 if ( !$q ) |
401 if ( !$q ) |
402 $db->_die(); |
402 $db->_die(); |
403 $session->signature = $sig; |
403 $session->signature = $sig; |
404 echo '<div class="info-box" style="margin: 0 0 10px 0;">' . $lang->get('usercp_signature_msg_saved') . '</div>'; |
404 echo '<div class="info-box" style="margin: 0 0 10px 0;">' . $lang->get('usercp_signature_msg_saved') . '</div>'; |
405 } |
405 } |
406 echo '<form action="'.makeUrl($paths->fullpage).'" method="post">'; |
406 echo '<form action="'.makeUrl($paths->fullpage).'" method="post">'; |
407 echo $template->tinymce_textarea('new_sig', htmlspecialchars($session->signature)); |
407 echo $template->tinymce_textarea('new_sig', htmlspecialchars($session->signature)); |
408 echo '<input type="submit" value="' . $lang->get('usercp_signature_btn_save') . '" />'; |
408 echo '<input type="submit" value="' . $lang->get('usercp_signature_btn_save') . '" />'; |
409 echo '</form>'; |
409 echo '</form>'; |
410 break; |
410 break; |
411 case "Profile": |
411 case "Profile": |
412 case 'Home': |
412 case 'Home': |
413 |
413 |
414 global $email; |
414 global $email; |
415 $userpage_id = $paths->nslist['User'] . sanitize_page_id($session->username); |
415 $userpage_id = $paths->nslist['User'] . sanitize_page_id($session->username); |
416 $userpage_exists = ( isPage($userpage_id) ) ? '' : ' class="wikilink-nonexistent"'; |
416 $userpage_exists = ( isPage($userpage_id) ) ? '' : ' class="wikilink-nonexistent"'; |
417 $user_page = makeUrlNS('User', sanitize_page_id($session->username)); |
417 $user_page = makeUrlNS('User', sanitize_page_id($session->username)); |
418 $site_admin = $email->encryptEmail(getConfig('contact_email'), '', '', $lang->get('usercp_intro_para3_admin_link')); |
418 $site_admin = $email->encryptEmail(getConfig('contact_email'), '', '', $lang->get('usercp_intro_para3_admin_link')); |
419 |
419 |
420 echo '<h3 style="margin-top: 0;">' . $lang->get('usercp_intro_heading_main', array('username' => $session->username)) . '</h3>'; |
420 echo '<h3 style="margin-top: 0;">' . $lang->get('usercp_intro_heading_main', array('username' => $session->username)) . '</h3>'; |
421 |
421 |
422 echo $lang->get('usercp_intro', array('userpage_link' => $user_page)); |
422 echo $lang->get('usercp_intro', array('userpage_link' => $user_page)); |
423 |
423 |
424 $available_ranks = $session->get_user_possible_ranks($session->user_id); |
424 $available_ranks = $session->get_user_possible_ranks($session->user_id); |
425 $current_rank = $session->get_user_rank($session->user_id); |
425 $current_rank = $session->get_user_rank($session->user_id); |
426 |
426 |
427 if ( isset($_POST['submit']) ) |
427 if ( isset($_POST['submit']) ) |
428 { |
428 { |
429 $real_name = htmlspecialchars($_POST['real_name']); |
429 $real_name = htmlspecialchars($_POST['real_name']); |
430 $real_name = $db->escape($real_name); |
430 $real_name = $db->escape($real_name); |
431 |
431 |
432 $timezone = intval($_POST['timezone']); |
432 $timezone = intval($_POST['timezone']); |
433 $tz_local = $timezone + 1440; |
433 $tz_local = $timezone + 1440; |
434 |
434 |
435 $dst = $db->escape($_POST['dst']); |
435 $dst = $db->escape($_POST['dst']); |
436 if ( !preg_match('/^[0-9]+;[0-9]+;[0-9]+;[0-9]+;[0-9]+$/', $dst) ) |
436 if ( !preg_match('/^[0-9]+;[0-9]+;[0-9]+;[0-9]+;[0-9]+$/', $dst) ) |
437 $dst = '0;0;0;0;60'; |
437 $dst = '0;0;0;0;60'; |
438 |
438 |
439 $GLOBALS['dst_params'] = explode(';', $dst); |
439 $GLOBALS['dst_params'] = explode(';', $dst); |
440 |
440 |
441 $imaddr_aim = htmlspecialchars($_POST['imaddr_aim']); |
441 $imaddr_aim = htmlspecialchars($_POST['imaddr_aim']); |
442 $imaddr_aim = $db->escape($imaddr_aim); |
442 $imaddr_aim = $db->escape($imaddr_aim); |
443 |
443 |
444 $imaddr_msn = htmlspecialchars($_POST['imaddr_msn']); |
444 $imaddr_msn = htmlspecialchars($_POST['imaddr_msn']); |
445 $imaddr_msn = $db->escape($imaddr_msn); |
445 $imaddr_msn = $db->escape($imaddr_msn); |
446 |
446 |
447 $imaddr_yahoo = htmlspecialchars($_POST['imaddr_yahoo']); |
447 $imaddr_yahoo = htmlspecialchars($_POST['imaddr_yahoo']); |
448 $imaddr_yahoo = $db->escape($imaddr_yahoo); |
448 $imaddr_yahoo = $db->escape($imaddr_yahoo); |
449 |
449 |
450 $imaddr_xmpp = htmlspecialchars($_POST['imaddr_xmpp']); |
450 $imaddr_xmpp = htmlspecialchars($_POST['imaddr_xmpp']); |
451 $imaddr_xmpp = $db->escape($imaddr_xmpp); |
451 $imaddr_xmpp = $db->escape($imaddr_xmpp); |
452 |
452 |
453 $homepage = htmlspecialchars($_POST['homepage']); |
453 $homepage = htmlspecialchars($_POST['homepage']); |
454 $homepage = $db->escape($homepage); |
454 $homepage = $db->escape($homepage); |
455 |
455 |
456 $location = htmlspecialchars($_POST['location']); |
456 $location = htmlspecialchars($_POST['location']); |
457 $location = $db->escape($location); |
457 $location = $db->escape($location); |
458 |
458 |
459 $occupation = htmlspecialchars($_POST['occupation']); |
459 $occupation = htmlspecialchars($_POST['occupation']); |
460 $occupation = $db->escape($occupation); |
460 $occupation = $db->escape($occupation); |
461 |
461 |
462 $hobbies = htmlspecialchars($_POST['hobbies']); |
462 $hobbies = htmlspecialchars($_POST['hobbies']); |
463 $hobbies = $db->escape($hobbies); |
463 $hobbies = $db->escape($hobbies); |
464 |
464 |
465 $date_format = $db->escape(htmlspecialchars($_POST['date_format'])); |
465 $date_format = $db->escape(htmlspecialchars($_POST['date_format'])); |
466 $time_format = $db->escape(htmlspecialchars($_POST['time_format'])); |
466 $time_format = $db->escape(htmlspecialchars($_POST['time_format'])); |
467 |
467 |
468 $email_public = ( isset($_POST['email_public']) ) ? '1' : '0'; |
468 $email_public = ( isset($_POST['email_public']) ) ? '1' : '0'; |
469 $disable_js_fx = ( isset($_POST['disable_js_fx']) ) ? '1' : '0'; |
469 $disable_js_fx = ( isset($_POST['disable_js_fx']) ) ? '1' : '0'; |
470 |
470 |
471 $session->real_name = $real_name; |
471 $session->real_name = $real_name; |
472 |
472 |
473 if ( !preg_match('/@([a-z0-9-]+)(\.([a-z0-9-\.]+))?/', $imaddr_msn) && !empty($imaddr_msn) ) |
473 if ( !preg_match('/@([a-z0-9-]+)(\.([a-z0-9-\.]+))?/', $imaddr_msn) && !empty($imaddr_msn) ) |
474 { |
474 { |
475 $imaddr_msn = "$imaddr_msn@hotmail.com"; |
475 $imaddr_msn = "$imaddr_msn@hotmail.com"; |
476 } |
476 } |
477 |
477 |
478 if ( !preg_match('#^https?://#', $homepage) ) |
478 if ( !preg_match('#^https?://#', $homepage) ) |
479 { |
479 { |
480 $homepage = "http://$homepage"; |
480 $homepage = "http://$homepage"; |
481 } |
481 } |
482 |
482 |
483 if ( !preg_match('/^http:\/\/([a-z0-9-.]+)([A-z0-9@#\$%\&:;<>,\.\?=\+\(\)\[\]_\/\\\\]*?)$/i', $homepage) ) |
483 if ( !preg_match('/^http:\/\/([a-z0-9-.]+)([A-z0-9@#\$%\&:;<>,\.\?=\+\(\)\[\]_\/\\\\]*?)$/i', $homepage) ) |
484 { |
484 { |
485 $homepage = ''; |
485 $homepage = ''; |
486 } |
486 } |
487 |
487 |
488 $session->user_extra['user_aim'] = $imaddr_aim; |
488 $session->user_extra['user_aim'] = $imaddr_aim; |
489 $session->user_extra['user_msn'] = $imaddr_msn; |
489 $session->user_extra['user_msn'] = $imaddr_msn; |
490 $session->user_extra['user_xmpp'] = $imaddr_xmpp; |
490 $session->user_extra['user_xmpp'] = $imaddr_xmpp; |
491 $session->user_extra['user_yahoo'] = $imaddr_yahoo; |
491 $session->user_extra['user_yahoo'] = $imaddr_yahoo; |
492 $session->user_extra['user_homepage'] = $homepage; |
492 $session->user_extra['user_homepage'] = $homepage; |
493 $session->user_extra['user_location'] = $location; |
493 $session->user_extra['user_location'] = $location; |
494 $session->user_extra['user_job'] = $occupation; |
494 $session->user_extra['user_job'] = $occupation; |
495 $session->user_extra['user_hobbies'] = $hobbies; |
495 $session->user_extra['user_hobbies'] = $hobbies; |
496 $session->user_extra['email_public'] = intval($email_public); |
496 $session->user_extra['email_public'] = intval($email_public); |
497 $session->date_format = $date_format; |
497 $session->date_format = $date_format; |
498 $session->time_format = $time_format; |
498 $session->time_format = $time_format; |
499 |
499 |
500 // user title |
500 // user title |
501 $user_title_col = ''; |
501 $user_title_col = ''; |
502 if ( $session->get_permissions('custom_user_title') && isset($_POST['user_title']) ) |
502 if ( $session->get_permissions('custom_user_title') && isset($_POST['user_title']) ) |
503 { |
503 { |
504 $user_title = trim($_POST['user_title']); |
504 $user_title = trim($_POST['user_title']); |
505 if ( empty($user_title) ) |
505 if ( empty($user_title) ) |
506 { |
506 { |
507 $colval = 'NULL'; |
507 $colval = 'NULL'; |
508 $session->user_title = null; |
508 $session->user_title = null; |
509 } |
509 } |
510 else |
510 else |
511 { |
511 { |
512 $colval = "'" . $db->escape($user_title) . "'"; |
512 $colval = "'" . $db->escape($user_title) . "'"; |
513 $session->user_title = $user_title; |
513 $session->user_title = $user_title; |
514 } |
514 } |
515 $user_title_col = ", user_title = $colval"; |
515 $user_title_col = ", user_title = $colval"; |
516 } |
516 } |
517 $user_rank_col = ''; |
517 $user_rank_col = ''; |
518 if ( isset($_POST['user_rank']) && intval($_POST['user_rank']) != $current_rank['rank_id'] && count($available_ranks) > 1 ) |
518 if ( isset($_POST['user_rank']) && intval($_POST['user_rank']) != $current_rank['rank_id'] && count($available_ranks) > 1 ) |
519 { |
519 { |
520 if ( $_POST['user_rank'] == 'NULL' ) |
520 if ( $_POST['user_rank'] == 'NULL' ) |
521 { |
521 { |
522 $user_rank_col = ", user_rank = NULL, user_rank_userset = 0"; |
522 $user_rank_col = ", user_rank = NULL, user_rank_userset = 0"; |
523 } |
523 } |
524 else |
524 else |
525 { |
525 { |
526 $new_rank = intval($_POST['user_rank']); |
526 $new_rank = intval($_POST['user_rank']); |
527 $rank_allowed = false; |
527 $rank_allowed = false; |
528 foreach ( $available_ranks as $rank ) |
528 foreach ( $available_ranks as $rank ) |
529 { |
529 { |
530 if ( $rank['rank_id'] == $new_rank ) |
530 if ( $rank['rank_id'] == $new_rank ) |
531 { |
531 { |
532 $rank_allowed = true; |
532 $rank_allowed = true; |
533 break; |
533 break; |
534 } |
534 } |
535 } |
535 } |
536 if ( $rank_allowed ) |
536 if ( $rank_allowed ) |
537 { |
537 { |
538 $user_rank_col = ", user_rank = $new_rank, user_rank_userset = 1"; |
538 $user_rank_col = ", user_rank = $new_rank, user_rank_userset = 1"; |
539 // hack |
539 // hack |
540 $current_rank['rank_id'] = $new_rank; |
540 $current_rank['rank_id'] = $new_rank; |
541 $cache->purge('ranks'); |
541 $cache->purge('ranks'); |
542 } |
542 } |
543 } |
543 } |
544 } |
544 } |
545 |
545 |
546 $q = $db->sql_query('UPDATE '.table_prefix."users SET real_name='$real_name', user_timezone = {$tz_local}, user_dst = '$dst'{$user_title_col}{$user_rank_col} WHERE user_id=$session->user_id;"); |
546 $q = $db->sql_query('UPDATE '.table_prefix."users SET real_name='$real_name', user_timezone = {$tz_local}, user_dst = '$dst'{$user_title_col}{$user_rank_col} WHERE user_id=$session->user_id;"); |
547 if ( !$q ) |
547 if ( !$q ) |
548 $db->_die(); |
548 $db->_die(); |
549 |
549 |
550 $q = $db->sql_query('UPDATE '.table_prefix."users_extra SET user_aim='$imaddr_aim',user_yahoo='$imaddr_yahoo',user_msn='$imaddr_msn', |
550 $q = $db->sql_query('UPDATE '.table_prefix."users_extra SET user_aim='$imaddr_aim',user_yahoo='$imaddr_yahoo',user_msn='$imaddr_msn', |
551 user_xmpp='$imaddr_xmpp',user_homepage='$homepage',user_location='$location',user_job='$occupation', |
551 user_xmpp='$imaddr_xmpp',user_homepage='$homepage',user_location='$location',user_job='$occupation', |
552 user_hobbies='$hobbies',email_public=$email_public,disable_js_fx=$disable_js_fx,date_format='$date_format', |
552 user_hobbies='$hobbies',email_public=$email_public,disable_js_fx=$disable_js_fx,date_format='$date_format', |
553 time_format='$time_format' |
553 time_format='$time_format' |
554 WHERE user_id=$session->user_id;"); |
554 WHERE user_id=$session->user_id;"); |
555 |
555 |
556 if ( !$q ) |
556 if ( !$q ) |
557 $db->_die(); |
557 $db->_die(); |
558 |
558 |
559 // verify language id |
559 // verify language id |
560 $lang_id = strval(intval($_POST['lang_id'])); |
560 $lang_id = strval(intval($_POST['lang_id'])); |
561 $q = $db->sql_query('SELECT 1 FROM ' . table_prefix . 'language WHERE lang_id = ' . $lang_id . ';'); |
561 $q = $db->sql_query('SELECT 1 FROM ' . table_prefix . 'language WHERE lang_id = ' . $lang_id . ';'); |
562 if ( !$q ) |
562 if ( !$q ) |
563 $db->_die(); |
563 $db->_die(); |
564 |
564 |
565 if ( $db->numrows() > 0 ) |
565 if ( $db->numrows() > 0 ) |
566 { |
566 { |
567 $db->free_result(); |
567 $db->free_result(); |
568 |
568 |
569 // unload / reload $lang, this verifies that the selected language works |
569 // unload / reload $lang, this verifies that the selected language works |
570 // enano should die a violent death if the language fails to load |
570 // enano should die a violent death if the language fails to load |
571 unset($GLOBALS['lang']); |
571 unset($GLOBALS['lang']); |
572 unset($lang); |
572 unset($lang); |
573 $lang_id = intval($lang_id); |
573 $lang_id = intval($lang_id); |
574 $GLOBALS['lang'] = new Language($lang_id); |
574 $GLOBALS['lang'] = new Language($lang_id); |
575 global $lang; |
575 global $lang; |
576 |
576 |
577 $q = $db->sql_query('UPDATE ' . table_prefix . 'users SET user_lang = ' . $lang_id . " WHERE user_id = {$session->user_id};"); |
577 $q = $db->sql_query('UPDATE ' . table_prefix . 'users SET user_lang = ' . $lang_id . " WHERE user_id = {$session->user_id};"); |
578 if ( !$q ) |
578 if ( !$q ) |
579 $db->_die(); |
579 $db->_die(); |
580 } |
580 } |
581 else |
581 else |
582 { |
582 { |
583 $db->free_result(); |
583 $db->free_result(); |
584 } |
584 } |
585 |
585 |
586 generate_cache_userranks(); |
586 generate_cache_userranks(); |
587 |
587 |
588 echo '<div class="info-box" style="margin: 0 0 10px 0;">' . $lang->get('usercp_publicinfo_msg_save_success') . '</div>'; |
588 echo '<div class="info-box" style="margin: 0 0 10px 0;">' . $lang->get('usercp_publicinfo_msg_save_success') . '</div>'; |
589 } |
589 } |
590 |
590 |
591 $lang_box = '<select name="lang_id">'; |
591 $lang_box = '<select name="lang_id">'; |
592 $q = $db->sql_query('SELECT lang_id, lang_name_native FROM ' . table_prefix . "language;"); |
592 $q = $db->sql_query('SELECT lang_id, lang_name_native FROM ' . table_prefix . "language;"); |
593 if ( !$q ) |
593 if ( !$q ) |
594 $db->_die(); |
594 $db->_die(); |
595 |
595 |
596 while ( $row = $db->fetchrow_num() ) |
596 while ( $row = $db->fetchrow_num() ) |
597 { |
597 { |
598 list($lang_id, $lang_name) = $row; |
598 list($lang_id, $lang_name) = $row; |
599 $lang_name = htmlspecialchars($lang_name); |
599 $lang_name = htmlspecialchars($lang_name); |
600 $selected = ( $lang->lang_id == $lang_id ) ? ' selected="selected"' : ''; |
600 $selected = ( $lang->lang_id == $lang_id ) ? ' selected="selected"' : ''; |
601 $lang_box .= "<option value=\"$lang_id\"$selected>$lang_name</option>"; |
601 $lang_box .= "<option value=\"$lang_id\"$selected>$lang_name</option>"; |
602 } |
602 } |
603 |
603 |
604 $lang_box .= '</select>'; |
604 $lang_box .= '</select>'; |
605 |
605 |
606 $tz_select = '<select name="timezone">'; |
606 $tz_select = '<select name="timezone">'; |
607 $tz_list = $lang->get('tz_list'); |
607 $tz_list = $lang->get('tz_list'); |
608 try |
608 try |
609 { |
609 { |
610 $tz_list = enano_json_decode($tz_list); |
610 $tz_list = enano_json_decode($tz_list); |
611 } |
611 } |
612 catch(Exception $e) |
612 catch(Exception $e) |
613 { |
613 { |
614 die("Caught exception decoding timezone data: <pre>$e</pre>"); |
614 die("Caught exception decoding timezone data: <pre>$e</pre>"); |
615 } |
615 } |
616 foreach ( $tz_list as $key => $i ) |
616 foreach ( $tz_list as $key => $i ) |
617 { |
617 { |
618 $i = ($i * 60); |
618 $i = ($i * 60); |
619 $title = $lang->get("tz_title_{$key}"); |
619 $title = $lang->get("tz_title_{$key}"); |
620 $hrs = $lang->get("tz_hrs_{$key}"); |
620 $hrs = $lang->get("tz_hrs_{$key}"); |
621 $selected = ( $i == $timezone ) ? ' selected="selected"' : ''; |
621 $selected = ( $i == $timezone ) ? ' selected="selected"' : ''; |
622 $tz_select .= "<option value=\"$i\"$selected>$title</option>"; |
622 $tz_select .= "<option value=\"$i\"$selected>$title</option>"; |
623 } |
623 } |
624 $tz_select .= '</select>'; |
624 $tz_select .= '</select>'; |
625 |
625 |
626 echo '<form action="'.makeUrl($paths->fullpage).'" method="post">'; |
626 echo '<form action="'.makeUrl($paths->fullpage).'" method="post">'; |
627 ?> |
627 ?> |
628 <div class="tblholder"> |
628 <div class="tblholder"> |
629 <table border="0" cellspacing="1" cellpadding="4"> |
629 <table border="0" cellspacing="1" cellpadding="4"> |
630 <tr> |
630 <tr> |
631 <th colspan="2"><?php echo $lang->get('usercp_publicinfo_heading_main'); ?></th> |
631 <th colspan="2"><?php echo $lang->get('usercp_publicinfo_heading_main'); ?></th> |
632 </tr> |
632 </tr> |
633 <tr> |
633 <tr> |
634 <td colspan="2" class="row3"><?php echo $lang->get('usercp_publicinfo_note_optional'); ?></td> |
634 <td colspan="2" class="row3"><?php echo $lang->get('usercp_publicinfo_note_optional'); ?></td> |
635 </tr> |
635 </tr> |
636 <tr> |
636 <tr> |
637 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_realname'); ?></td> |
637 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_realname'); ?></td> |
638 <td class="row1" style="width: 50%;"><input type="text" name="real_name" value="<?php echo $session->real_name; ?>" size="30" /></td> |
638 <td class="row1" style="width: 50%;"><input type="text" name="real_name" value="<?php echo $session->real_name; ?>" size="30" /></td> |
639 </tr> |
639 </tr> |
640 <tr> |
640 <tr> |
641 <td class="row2"><?php echo $lang->get('usercp_publicinfo_field_language') . '<br /><small>' . $lang->get('usercp_publicinfo_field_language_hint') . '</small>'; ?></td> |
641 <td class="row2"><?php echo $lang->get('usercp_publicinfo_field_language') . '<br /><small>' . $lang->get('usercp_publicinfo_field_language_hint') . '</small>'; ?></td> |
642 <td class="row1"><?php echo $lang_box; ?></td> |
642 <td class="row1"><?php echo $lang_box; ?></td> |
643 </tr> |
643 </tr> |
644 <tr> |
644 <tr> |
645 <td class="row2"><?php echo $lang->get('usercp_publicinfo_field_changetheme_title'); ?></td> |
645 <td class="row2"><?php echo $lang->get('usercp_publicinfo_field_changetheme_title'); ?></td> |
646 <td class="row1"><?php echo $lang->get('usercp_publicinfo_field_changetheme_hint'); ?> <a href="<?php echo makeUrlNS('Special', 'ChangeStyle/' . $paths->page); ?>" onclick="ajaxChangeStyle(); return false;"><?php echo $lang->get('usercp_publicinfo_field_changetheme'); ?></a></td> |
646 <td class="row1"><?php echo $lang->get('usercp_publicinfo_field_changetheme_hint'); ?> <a href="<?php echo makeUrlNS('Special', 'ChangeStyle/' . $paths->page); ?>" onclick="ajaxChangeStyle(); return false;"><?php echo $lang->get('usercp_publicinfo_field_changetheme'); ?></a></td> |
647 </tr> |
647 </tr> |
648 <tr> |
648 <tr> |
649 <td class="row2"><?php echo $lang->get('usercp_publicinfo_field_dateformat'); ?></td> |
649 <td class="row2"><?php echo $lang->get('usercp_publicinfo_field_dateformat'); ?></td> |
650 <td class="row1"> |
650 <td class="row1"> |
651 <select name="date_format"> |
651 <select name="date_format"> |
652 <?php |
652 <?php |
653 foreach ( array(DATE_1, DATE_2, DATE_3, DATE_4) as $format ) |
653 foreach ( array(DATE_1, DATE_2, DATE_3, DATE_4) as $format ) |
654 { |
654 { |
655 $selected = $format === $session->date_format ? ' selected="selected"' : ''; |
655 $selected = $format === $session->date_format ? ' selected="selected"' : ''; |
656 echo '<option value="' . $format . '"' . $selected . '>' . enano_date($format) . '</option>'; |
656 echo '<option value="' . $format . '"' . $selected . '>' . enano_date($format) . '</option>'; |
657 } |
657 } |
658 ?> |
658 ?> |
659 </select> |
659 </select> |
660 </td> |
660 </td> |
661 </tr> |
661 </tr> |
662 <tr> |
662 <tr> |
663 <td class="row2"><?php echo $lang->get('usercp_publicinfo_field_timeformat'); ?></td> |
663 <td class="row2"><?php echo $lang->get('usercp_publicinfo_field_timeformat'); ?></td> |
664 <td class="row1"> |
664 <td class="row1"> |
665 <select name="time_format"> |
665 <select name="time_format"> |
666 <?php |
666 <?php |
667 foreach ( array(TIME_12_NS, TIME_12_S, TIME_24_NS, TIME_24_S) as $format ) |
667 foreach ( array(TIME_12_NS, TIME_12_S, TIME_24_NS, TIME_24_S) as $format ) |
668 { |
668 { |
669 $selected = $format === $session->time_format ? ' selected="selected"' : ''; |
669 $selected = $format === $session->time_format ? ' selected="selected"' : ''; |
670 echo '<option value="' . $format . '"' . $selected . '>' . enano_date($format) . '</option>'; |
670 echo '<option value="' . $format . '"' . $selected . '>' . enano_date($format) . '</option>'; |
671 } |
671 } |
672 ?> |
672 ?> |
673 </select> |
673 </select> |
674 </td> |
674 </td> |
675 </tr> |
675 </tr> |
676 <tr> |
676 <tr> |
677 <td class="row3" colspan="2"><?php echo $lang->get('usercp_publicinfo_field_timezone'); ?> <?php echo $tz_select; ?><br /><small><?php echo $lang->get('usercp_publicinfo_field_timezone_hint'); ?></small></td> |
677 <td class="row3" colspan="2"><?php echo $lang->get('usercp_publicinfo_field_timezone'); ?> <?php echo $tz_select; ?><br /><small><?php echo $lang->get('usercp_publicinfo_field_timezone_hint'); ?></small></td> |
678 </tr> |
678 </tr> |
679 <tr> |
679 <tr> |
680 <td class="row2"><?php echo $lang->get('usercp_publicinfo_field_dst'); ?></td> |
680 <td class="row2"><?php echo $lang->get('usercp_publicinfo_field_dst'); ?></td> |
681 <td class="row1"> |
681 <td class="row1"> |
682 <select name="dst"> |
682 <select name="dst"> |
683 <?php |
683 <?php |
684 global $dst_profiles, $dst_params; |
684 global $dst_profiles, $dst_params; |
685 $user_dst = implode(';', $dst_params); |
685 $user_dst = implode(';', $dst_params); |
686 foreach ( $dst_profiles as $region => $data ) |
686 foreach ( $dst_profiles as $region => $data ) |
687 { |
687 { |
688 $selected = ( $data === $user_dst ) ? ' selected="selected"' : ''; |
688 $selected = ( $data === $user_dst ) ? ' selected="selected"' : ''; |
689 echo '<option value="' . $data . '"' . $selected . '>' . $lang->get("tz_dst_$region") . '</option>'; |
689 echo '<option value="' . $data . '"' . $selected . '>' . $lang->get("tz_dst_$region") . '</option>'; |
690 } |
690 } |
691 ?> |
691 ?> |
692 </select> |
692 </select> |
693 </td> |
693 </td> |
694 </tr> |
694 </tr> |
695 <?php |
695 <?php |
696 if ( $session->get_permissions('custom_user_title') ): |
696 if ( $session->get_permissions('custom_user_title') ): |
697 ?> |
697 ?> |
698 <tr> |
698 <tr> |
699 <td class="row2"> |
699 <td class="row2"> |
700 <?php echo $lang->get('usercp_publicinfo_field_usertitle_title'); ?><br /> |
700 <?php echo $lang->get('usercp_publicinfo_field_usertitle_title'); ?><br /> |
701 <small><?php echo $lang->get('usercp_publicinfo_field_usertitle_hint'); ?></small> |
701 <small><?php echo $lang->get('usercp_publicinfo_field_usertitle_hint'); ?></small> |
702 </td> |
702 </td> |
703 <td class="row1"> |
703 <td class="row1"> |
704 <input type="text" name="user_title" value="<?php echo htmlspecialchars($session->user_title); ?>" /> |
704 <input type="text" name="user_title" value="<?php echo htmlspecialchars($session->user_title); ?>" /> |
705 </td> |
705 </td> |
706 </tr> |
706 </tr> |
707 <?php |
707 <?php |
708 endif; |
708 endif; |
709 if ( count($available_ranks) > 1 ): |
709 if ( count($available_ranks) > 1 ): |
710 ?> |
710 ?> |
711 <tr> |
711 <tr> |
712 <td class="row2"> |
712 <td class="row2"> |
713 <?php echo $lang->get('usercp_publicinfo_field_rank_title'); ?><br /> |
713 <?php echo $lang->get('usercp_publicinfo_field_rank_title'); ?><br /> |
714 <small><?php echo $lang->get('usercp_publicinfo_field_rank_hint'); ?></small> |
714 <small><?php echo $lang->get('usercp_publicinfo_field_rank_hint'); ?></small> |
715 </td> |
715 </td> |
716 <td class="row1"> |
716 <td class="row1"> |
717 <select name="user_rank"> |
717 <select name="user_rank"> |
718 <?php |
718 <?php |
719 foreach ( $available_ranks as $rank ) |
719 foreach ( $available_ranks as $rank ) |
720 { |
720 { |
721 $sel = ( $rank['rank_id'] == $current_rank['rank_id'] ) ? ' selected="selected"' : ''; |
721 $sel = ( $rank['rank_id'] == $current_rank['rank_id'] ) ? ' selected="selected"' : ''; |
722 echo '<option' . $sel . ' value="' . $rank['rank_id'] . '" style="' . htmlspecialchars($rank['rank_style']) . '">'; |
722 echo '<option' . $sel . ' value="' . $rank['rank_id'] . '" style="' . htmlspecialchars($rank['rank_style']) . '">'; |
723 echo htmlspecialchars($lang->get($rank['rank_title'])); |
723 echo htmlspecialchars($lang->get($rank['rank_title'])); |
724 echo '</option>'; |
724 echo '</option>'; |
725 } |
725 } |
726 ?> |
726 ?> |
727 </select> |
727 </select> |
728 </td> |
728 </td> |
729 </tr> |
729 </tr> |
730 <?php |
730 <?php |
731 endif; |
731 endif; |
732 ?> |
732 ?> |
733 <tr> |
733 <tr> |
734 <th class="subhead" colspan="2"> |
734 <th class="subhead" colspan="2"> |
735 <?php echo $lang->get('usercp_publicinfo_th_im'); ?> |
735 <?php echo $lang->get('usercp_publicinfo_th_im'); ?> |
736 </th> |
736 </th> |
737 <tr> |
737 <tr> |
738 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_aim'); ?></td> |
738 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_aim'); ?></td> |
739 <td class="row1" style="width: 50%;"><input type="text" name="imaddr_aim" value="<?php echo $session->user_extra['user_aim']; ?>" size="30" /></td> |
739 <td class="row1" style="width: 50%;"><input type="text" name="imaddr_aim" value="<?php echo $session->user_extra['user_aim']; ?>" size="30" /></td> |
740 </tr> |
740 </tr> |
741 <tr> |
741 <tr> |
742 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_wlm'); ?></td> |
742 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_wlm'); ?></td> |
743 <td class="row1" style="width: 50%;"><input type="text" name="imaddr_msn" value="<?php echo $session->user_extra['user_msn']; ?>" size="30" /></td> |
743 <td class="row1" style="width: 50%;"><input type="text" name="imaddr_msn" value="<?php echo $session->user_extra['user_msn']; ?>" size="30" /></td> |
744 </tr> |
744 </tr> |
745 <tr> |
745 <tr> |
746 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_yim'); ?></td> |
746 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_yim'); ?></td> |
747 <td class="row1" style="width: 50%;"><input type="text" name="imaddr_yahoo" value="<?php echo $session->user_extra['user_yahoo']; ?>" size="30" /></td> |
747 <td class="row1" style="width: 50%;"><input type="text" name="imaddr_yahoo" value="<?php echo $session->user_extra['user_yahoo']; ?>" size="30" /></td> |
748 </tr> |
748 </tr> |
749 <tr> |
749 <tr> |
750 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_xmpp'); ?></td> |
750 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_xmpp'); ?></td> |
751 <td class="row1" style="width: 50%;"><input type="text" name="imaddr_xmpp" value="<?php echo $session->user_extra['user_xmpp']; ?>" size="30" /></td> |
751 <td class="row1" style="width: 50%;"><input type="text" name="imaddr_xmpp" value="<?php echo $session->user_extra['user_xmpp']; ?>" size="30" /></td> |
752 </tr> |
752 </tr> |
753 <tr> |
753 <tr> |
754 <th class="subhead" colspan="2"> |
754 <th class="subhead" colspan="2"> |
755 <?php echo $lang->get('usercp_publicinfo_th_contact'); ?> |
755 <?php echo $lang->get('usercp_publicinfo_th_contact'); ?> |
756 </th> |
756 </th> |
757 </tr> |
757 </tr> |
758 <tr> |
758 <tr> |
759 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_homepage'); ?></td> |
759 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_homepage'); ?></td> |
760 <td class="row1" style="width: 50%;"><input type="text" name="homepage" value="<?php echo $session->user_extra['user_homepage']; ?>" size="30" /></td> |
760 <td class="row1" style="width: 50%;"><input type="text" name="homepage" value="<?php echo $session->user_extra['user_homepage']; ?>" size="30" /></td> |
761 </tr> |
761 </tr> |
762 <tr> |
762 <tr> |
763 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_location'); ?></td> |
763 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_location'); ?></td> |
764 <td class="row1" style="width: 50%;"><input type="text" name="location" value="<?php echo $session->user_extra['user_location']; ?>" size="30" /></td> |
764 <td class="row1" style="width: 50%;"><input type="text" name="location" value="<?php echo $session->user_extra['user_location']; ?>" size="30" /></td> |
765 </tr> |
765 </tr> |
766 <tr> |
766 <tr> |
767 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_job'); ?></td> |
767 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_job'); ?></td> |
768 <td class="row1" style="width: 50%;"><input type="text" name="occupation" value="<?php echo $session->user_extra['user_job']; ?>" size="30" /></td> |
768 <td class="row1" style="width: 50%;"><input type="text" name="occupation" value="<?php echo $session->user_extra['user_job']; ?>" size="30" /></td> |
769 </tr> |
769 </tr> |
770 <tr> |
770 <tr> |
771 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_hobbies'); ?></td> |
771 <td class="row2" style="width: 50%;"><?php echo $lang->get('usercp_publicinfo_field_hobbies'); ?></td> |
772 <td class="row1" style="width: 50%;"><input type="text" name="hobbies" value="<?php echo $session->user_extra['user_hobbies']; ?>" size="30" /></td> |
772 <td class="row1" style="width: 50%;"><input type="text" name="hobbies" value="<?php echo $session->user_extra['user_hobbies']; ?>" size="30" /></td> |
773 </tr> |
773 </tr> |
774 <tr> |
774 <tr> |
775 <td class="row2" style="width: 50%;"><label for="chk_email_public"><?php echo $lang->get('usercp_publicinfo_field_email_public'); ?></label></td> |
775 <td class="row2" style="width: 50%;"><label for="chk_email_public"><?php echo $lang->get('usercp_publicinfo_field_email_public'); ?></label></td> |
776 <td class="row1" style="width: 50%;"><label><input type="checkbox" id="chk_email_public" name="email_public" <?php if ($session->user_extra['email_public'] == 1) echo 'checked="checked"'; ?> size="30" /> <small><?php echo $lang->get('usercp_publicinfo_field_email_public_hint'); ?></small></label></td> |
776 <td class="row1" style="width: 50%;"><label><input type="checkbox" id="chk_email_public" name="email_public" <?php if ($session->user_extra['email_public'] == 1) echo 'checked="checked"'; ?> size="30" /> <small><?php echo $lang->get('usercp_publicinfo_field_email_public_hint'); ?></small></label></td> |
777 </tr> |
777 </tr> |
778 <tr> |
778 <tr> |
779 <td class="row2" style="width: 50%;"><label for="chk_jsfx"><?php echo $lang->get('usercp_publicinfo_field_jsfx'); ?></label></td> |
779 <td class="row2" style="width: 50%;"><label for="chk_jsfx"><?php echo $lang->get('usercp_publicinfo_field_jsfx'); ?></label></td> |
780 <td class="row1" style="width: 50%;"><label><input type="checkbox" id="chk_jsfx" name="disable_js_fx" <?php if ($session->user_extra['disable_js_fx'] == 1) echo 'checked="checked"'; ?> size="30" /> <small><?php echo $lang->get('usercp_publicinfo_field_jsfx_hint'); ?></small></label></td> |
780 <td class="row1" style="width: 50%;"><label><input type="checkbox" id="chk_jsfx" name="disable_js_fx" <?php if ($session->user_extra['disable_js_fx'] == 1) echo 'checked="checked"'; ?> size="30" /> <small><?php echo $lang->get('usercp_publicinfo_field_jsfx_hint'); ?></small></label></td> |
781 </tr> |
781 </tr> |
782 <tr> |
782 <tr> |
783 <th class="subhead" colspan="2"> |
783 <th class="subhead" colspan="2"> |
784 <input type="submit" name="submit" value="<?php echo $lang->get('usercp_publicinfo_btn_save'); ?>" /> |
784 <input type="submit" name="submit" value="<?php echo $lang->get('usercp_publicinfo_btn_save'); ?>" /> |
785 </th> |
785 </th> |
786 </tr> |
786 </tr> |
787 </table> |
787 </table> |
788 </div> |
788 </div> |
789 <?php |
789 <?php |
790 // CSRF protection |
790 // CSRF protection |
791 echo '<input type="hidden" name="cstok" value="' . $session->csrf_token . '" />'; |
791 echo '<input type="hidden" name="cstok" value="' . $session->csrf_token . '" />'; |
792 echo '</form>'; |
792 echo '</form>'; |
793 break; |
793 break; |
794 case 'Avatar': |
794 case 'Avatar': |
795 if ( getConfig('avatar_enable', 0) !== 1 ) |
795 if ( getConfig('avatar_enable', 0) !== 1 ) |
796 { |
796 { |
797 echo '<div class="error-box"><b>' . $lang->get('usercp_avatar_err_disabled_title') . '</b><br />' . $lang->get('usercp_avatar_err_disabled_body') . '</div>'; |
797 echo '<div class="error-box"><b>' . $lang->get('usercp_avatar_err_disabled_title') . '</b><br />' . $lang->get('usercp_avatar_err_disabled_body') . '</div>'; |
798 break; |
798 break; |
799 } |
799 } |
800 |
800 |
801 if ( isset($_POST['submit']) ) |
801 if ( isset($_POST['submit']) ) |
802 { |
802 { |
803 list($has_avi, $avi_type) = avatar_post($session->user_id); |
803 list($has_avi, $avi_type) = avatar_post($session->user_id); |
804 } |
804 } |
805 else |
805 else |
806 { |
806 { |
807 // Determine current avatar |
807 // Determine current avatar |
808 $q = $db->sql_query('SELECT user_has_avatar, avatar_type FROM ' . table_prefix . 'users WHERE user_id = ' . $session->user_id . ';'); |
808 $q = $db->sql_query('SELECT user_has_avatar, avatar_type FROM ' . table_prefix . 'users WHERE user_id = ' . $session->user_id . ';'); |
809 if ( !$q ) |
809 if ( !$q ) |
810 $db->_die('Avatar CP selecting user\'s avatar data'); |
810 $db->_die('Avatar CP selecting user\'s avatar data'); |
811 |
811 |
812 list($has_avi, $avi_type) = $db->fetchrow_num(); |
812 list($has_avi, $avi_type) = $db->fetchrow_num(); |
813 } |
813 } |
814 |
814 |
815 ?> |
815 ?> |
816 <script type="text/javascript"> |
816 <script type="text/javascript"> |
817 |
817 |
818 function avatar_select_field(elParent) |
818 function avatar_select_field(elParent) |
819 { |
819 { |
820 $('td#avatar_upload_btns > div:visible').hide('blind'); |
820 $('td#avatar_upload_btns > div:visible').hide('blind'); |
821 switch(elParent.value) |
821 switch(elParent.value) |
822 { |
822 { |
823 case 'set_http': |
823 case 'set_http': |
824 $('#avatar_upload_http').show('blind'); |
824 $('#avatar_upload_http').show('blind'); |
825 break; |
825 break; |
826 case 'set_file': |
826 case 'set_file': |
827 $('#avatar_upload_file').show('blind'); |
827 $('#avatar_upload_file').show('blind'); |
828 break; |
828 break; |
829 case 'set_gravatar': |
829 case 'set_gravatar': |
830 $('#avatar_upload_gravatar').show('blind'); |
830 $('#avatar_upload_gravatar').show('blind'); |
831 break; |
831 break; |
832 } |
832 } |
833 } |
833 } |
834 |
834 |
835 </script> |
835 </script> |
836 <?php |
836 <?php |
837 |
837 |
838 echo '<form action="' . makeUrl($paths->fullpage) . '" method="post" enctype="multipart/form-data">'; |
838 echo '<form action="' . makeUrl($paths->fullpage) . '" method="post" enctype="multipart/form-data">'; |
839 echo '<div class="tblholder">'; |
839 echo '<div class="tblholder">'; |
840 echo '<table border="0" cellspacing="1" cellpadding="4">'; |
840 echo '<table border="0" cellspacing="1" cellpadding="4">'; |
841 echo '<tr> |
841 echo '<tr> |
842 <th colspan="2"> |
842 <th colspan="2"> |
843 ' . $lang->get('usercp_avatar_table_title') . ' |
843 ' . $lang->get('usercp_avatar_table_title') . ' |
844 </th> |
844 </th> |
845 </tr>'; |
845 </tr>'; |
846 |
846 |
847 echo '<tr> |
847 echo '<tr> |
848 <td class="row2" style="width: 150px;"> |
848 <td class="row2" style="width: 150px;"> |
849 ' . $lang->get('usercp_avatar_label_current') . ' |
849 ' . $lang->get('usercp_avatar_label_current') . ' |
850 </td> |
850 </td> |
851 <td class="row1" style="text-align: center;">'; |
851 <td class="row1" style="text-align: center;">'; |
852 |
852 |
853 if ( $has_avi == 1 ) |
853 if ( $has_avi == 1 ) |
854 { |
854 { |
855 echo '<img alt="' . $lang->get('usercp_avatar_image_alt', array('username' => $session->username)) . '" src="' . make_avatar_url($session->user_id, $avi_type, $session->email) . '" />'; |
855 echo '<img alt="' . $lang->get('usercp_avatar_image_alt', array('username' => $session->username)) . '" src="' . make_avatar_url($session->user_id, $avi_type, $session->email) . '" />'; |
856 } |
856 } |
857 else |
857 else |
858 { |
858 { |
859 echo $lang->get('usercp_avatar_image_none'); |
859 echo $lang->get('usercp_avatar_image_none'); |
860 } |
860 } |
861 |
861 |
862 echo ' </td> |
862 echo ' </td> |
863 </tr>'; |
863 </tr>'; |
864 |
864 |
865 echo ' <tr> |
865 echo ' <tr> |
866 <td class="row2"> |
866 <td class="row2"> |
867 ' . $lang->get('usercp_avatar_lbl_change') . ' |
867 ' . $lang->get('usercp_avatar_lbl_change') . ' |
868 </td> |
868 </td> |
869 <td class="row1" id="avatar_upload_btns"> |
869 <td class="row1" id="avatar_upload_btns"> |
870 <label><input type="radio" name="avatar_action" value="keep" onclick="avatar_select_field(this);" checked="checked" /> ' . $lang->get('usercp_avatar_lbl_keep') . '</label><br /> |
870 <label><input type="radio" name="avatar_action" value="keep" onclick="avatar_select_field(this);" checked="checked" /> ' . $lang->get('usercp_avatar_lbl_keep') . '</label><br /> |
871 <label><input type="radio" name="avatar_action" value="remove" onclick="avatar_select_field(this);" /> ' . $lang->get('usercp_avatar_lbl_remove') . '</label><br />'; |
871 <label><input type="radio" name="avatar_action" value="remove" onclick="avatar_select_field(this);" /> ' . $lang->get('usercp_avatar_lbl_remove') . '</label><br />'; |
872 if ( getConfig('avatar_upload_http') == '1' ) |
872 if ( getConfig('avatar_upload_http') == '1' ) |
873 { |
873 { |
874 echo ' <label><input type="radio" name="avatar_action" value="set_http" onclick="avatar_select_field(this);" /> ' . $lang->get('usercp_avatar_lbl_set_http') . '</label><br /> |
874 echo ' <label><input type="radio" name="avatar_action" value="set_http" onclick="avatar_select_field(this);" /> ' . $lang->get('usercp_avatar_lbl_set_http') . '</label><br /> |
875 <div id="avatar_upload_http" style="display: none; margin: 10px 0 0 2.2em;"> |
875 <div id="avatar_upload_http" style="display: none; margin: 10px 0 0 2.2em;"> |
876 ' . $lang->get('usercp_avatar_lbl_url') . ' <input type="text" name="avatar_http_url" size="40" value="http://" /><br /> |
876 ' . $lang->get('usercp_avatar_lbl_url') . ' <input type="text" name="avatar_http_url" size="40" value="http://" /><br /> |
877 <small>' . $lang->get('usercp_avatar_lbl_url_desc') . ' ' . $lang->get('usercp_avatar_limits') . '</small> |
877 <small>' . $lang->get('usercp_avatar_lbl_url_desc') . ' ' . $lang->get('usercp_avatar_limits') . '</small> |
878 </div>'; |
878 </div>'; |
879 } |
879 } |
880 if ( getConfig('avatar_upload_file') == '1' ) |
880 if ( getConfig('avatar_upload_file') == '1' ) |
881 { |
881 { |
882 echo ' <label><input type="radio" name="avatar_action" value="set_file" onclick="avatar_select_field(this);" /> ' . $lang->get('usercp_avatar_lbl_set_file') . '</label><br /> |
882 echo ' <label><input type="radio" name="avatar_action" value="set_file" onclick="avatar_select_field(this);" /> ' . $lang->get('usercp_avatar_lbl_set_file') . '</label><br /> |
883 <div id="avatar_upload_file" style="display: none; margin: 10px 0 0 2.2em;"> |
883 <div id="avatar_upload_file" style="display: none; margin: 10px 0 0 2.2em;"> |
884 ' . $lang->get('usercp_avatar_lbl_file') . ' <input type="file" name="avatar_file" size="40" /><br /> |
884 ' . $lang->get('usercp_avatar_lbl_file') . ' <input type="file" name="avatar_file" size="40" /><br /> |
885 <small>' . $lang->get('usercp_avatar_lbl_file_desc') . ' ' . $lang->get('usercp_avatar_limits') . '</small> |
885 <small>' . $lang->get('usercp_avatar_lbl_file_desc') . ' ' . $lang->get('usercp_avatar_limits') . '</small> |
886 </div>'; |
886 </div>'; |
887 } |
887 } |
888 if ( getConfig('avatar_upload_gravatar') == '1' ) |
888 if ( getConfig('avatar_upload_gravatar') == '1' ) |
889 { |
889 { |
890 $rating_images = array('g' => '0', 'pg' => '1', 'r' => '2', 'x' => '3'); |
890 $rating_images = array('g' => '0', 'pg' => '1', 'r' => '2', 'x' => '3'); |
891 $rating_id = $rating_images[ getConfig('gravatar_rating', 'g') ]; |
891 $rating_id = $rating_images[ getConfig('gravatar_rating', 'g') ]; |
892 $rating_image = "http://s.gravatar.com/images/gravatars/ratings/$rating_id.gif"; |
892 $rating_image = "http://s.gravatar.com/images/gravatars/ratings/$rating_id.gif"; |
893 $max_rating = getConfig('gravatar_rating', 'g'); |
893 $max_rating = getConfig('gravatar_rating', 'g'); |
894 echo ' <label><input type="radio" name="avatar_action" value="set_gravatar" onclick="avatar_select_field(this);" /> ' . $lang->get('usercp_avatar_lbl_set_gravatar') . ' <img alt=" " src="' . make_gravatar_url($session->email, 16) . '" /></label> (<a href="http://www.gravatar.com/" onclick="window.open(this); return false;">' . $lang->get('usercp_avatar_link_gravatar_info') . '</a>) |
894 echo ' <label><input type="radio" name="avatar_action" value="set_gravatar" onclick="avatar_select_field(this);" /> ' . $lang->get('usercp_avatar_lbl_set_gravatar') . ' <img alt=" " src="' . make_gravatar_url($session->email, 16) . '" /></label> (<a href="http://www.gravatar.com/" onclick="window.open(this); return false;">' . $lang->get('usercp_avatar_link_gravatar_info') . '</a>) |
895 <div id="avatar_upload_gravatar" style="display: none; margin: 10px 0 0 2.2em;"> |
895 <div id="avatar_upload_gravatar" style="display: none; margin: 10px 0 0 2.2em;"> |
896 <div style="float: left; margin-right: 5px; margin-bottom: 20px;"> |
896 <div style="float: left; margin-right: 5px; margin-bottom: 20px;"> |
897 <img alt=" " src="' . $rating_image . '" /> |
897 <img alt=" " src="' . $rating_image . '" /> |
898 </div> |
898 </div> |
899 ' . $lang->get("usercp_avatar_gravatar_rating_$max_rating") . ' |
899 ' . $lang->get("usercp_avatar_gravatar_rating_$max_rating") . ' |
900 </div>'; |
900 </div>'; |
901 } |
901 } |
902 echo ' </td> |
902 echo ' </td> |
903 </tr>'; |
903 </tr>'; |
904 |
904 |
905 echo ' <tr> |
905 echo ' <tr> |
906 <th class="subhead" colspan="2"> |
906 <th class="subhead" colspan="2"> |
907 <input type="submit" name="submit" value="' . $lang->get('etc_save_changes') . '" /> |
907 <input type="submit" name="submit" value="' . $lang->get('etc_save_changes') . '" /> |
908 </th> |
908 </th> |
909 </tr>'; |
909 </tr>'; |
910 |
910 |
911 echo '</table> |
911 echo '</table> |
912 </div>'; |
912 </div>'; |
913 |
913 |
914 break; |
914 break; |
915 default: |
915 default: |
916 $good = false; |
916 $good = false; |
917 $code = $plugins->setHook('userprefs_body', true); |
917 $code = $plugins->setHook('userprefs_body', true); |
918 foreach ( $code as $cmd ) |
918 foreach ( $code as $cmd ) |
919 { |
919 { |
920 if ( eval($cmd) ) |
920 if ( eval($cmd) ) |
921 $good = true; |
921 $good = true; |
922 } |
922 } |
923 if ( !$good ) |
923 if ( !$good ) |
924 { |
924 { |
925 echo '<h3>Invalid module</h3> |
925 echo '<h3>Invalid module</h3> |
926 <p>Userprefs module "'.$section.'" not found.</p>'; |
926 <p>Userprefs module "'.$section.'" not found.</p>'; |
927 } |
927 } |
928 break; |
928 break; |
929 } |
929 } |
930 |
930 |
931 $template->footer(); |
931 $template->footer(); |
932 } |
932 } |
933 |
933 |
934 // Avatar POST processor |
934 // Avatar POST processor |
935 function avatar_post($user_id, $quiet = false) |
935 function avatar_post($user_id, $quiet = false) |
936 { |
936 { |
937 global $db, $session, $paths, $template, $plugins; // Common objects |
937 global $db, $session, $paths, $template, $plugins; // Common objects |
938 global $lang; |
938 global $lang; |
939 |
939 |
940 $had_a_boo_boo = true; |
940 $had_a_boo_boo = true; |
941 |
941 |
942 // Determine current avatar |
942 // Determine current avatar |
943 $q = $db->sql_query('SELECT user_has_avatar, avatar_type FROM ' . table_prefix . 'users WHERE user_id = ' . $session->user_id . ';'); |
943 $q = $db->sql_query('SELECT user_has_avatar, avatar_type FROM ' . table_prefix . 'users WHERE user_id = ' . $session->user_id . ';'); |
944 if ( !$q ) |
944 if ( !$q ) |
945 $db->_die('Avatar CP selecting user\'s avatar data'); |
945 $db->_die('Avatar CP selecting user\'s avatar data'); |
946 |
946 |
947 list($has_avi, $avi_type) = $db->fetchrow_num(); |
947 list($has_avi, $avi_type) = $db->fetchrow_num(); |
948 |
948 |
949 $action = ( isset($_POST['avatar_action']) ) ? $_POST['avatar_action'] : 'keep'; |
949 $action = ( isset($_POST['avatar_action']) ) ? $_POST['avatar_action'] : 'keep'; |
950 $avi_path = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $user_id . '.' . $avi_type; |
950 $avi_path = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $user_id . '.' . $avi_type; |
951 switch($action) |
951 switch($action) |
952 { |
952 { |
953 case 'keep': |
953 case 'keep': |
954 default: |
954 default: |
955 $had_a_boo_boo = false; |
955 $had_a_boo_boo = false; |
956 break; |
956 break; |
957 case 'remove': |
957 case 'remove': |
958 if ( $has_avi ) |
958 if ( $has_avi ) |
959 { |
959 { |
960 // First switch the avatar off |
960 // First switch the avatar off |
961 $q = $db->sql_query('UPDATE ' . table_prefix . 'users SET user_has_avatar = 0 WHERE user_id = ' . $user_id . ';'); |
961 $q = $db->sql_query('UPDATE ' . table_prefix . 'users SET user_has_avatar = 0 WHERE user_id = ' . $user_id . ';'); |
962 if ( !$q ) |
962 if ( !$q ) |
963 $db->_die('Avatar CP switching user avatar off'); |
963 $db->_die('Avatar CP switching user avatar off'); |
964 |
964 |
965 if ( @unlink($avi_path) ) |
965 if ( @unlink($avi_path) ) |
966 { |
966 { |
967 $quiet || print '<div class="info-box">' . $lang->get('usercp_avatar_delete_success') . '</div>'; |
967 $quiet || print '<div class="info-box">' . $lang->get('usercp_avatar_delete_success') . '</div>'; |
968 } |
968 } |
969 $has_avi = 0; |
969 $has_avi = 0; |
970 } |
970 } |
971 $had_a_boo_boo = false; |
971 $had_a_boo_boo = false; |
972 break; |
972 break; |
973 case 'set_http': |
973 case 'set_http': |
974 case 'set_file': |
974 case 'set_file': |
975 // Hackish way to preserve the UNIX philosophy of reusing as much code as possible |
975 // Hackish way to preserve the UNIX philosophy of reusing as much code as possible |
976 if ( $action == 'set_http' ) |
976 if ( $action == 'set_http' ) |
977 { |
977 { |
978 // Check if this action is enabled |
978 // Check if this action is enabled |
979 if ( getConfig('avatar_upload_http', 1) !== 1 ) |
979 if ( getConfig('avatar_upload_http', 1) !== 1 ) |
980 { |
980 { |
981 // non-localized, only appears on hack attempt |
981 // non-localized, only appears on hack attempt |
982 echo '<div class="error-box">Uploads over HTTP are disabled.</div>'; |
982 echo '<div class="error-box">Uploads over HTTP are disabled.</div>'; |
983 break; |
983 break; |
984 } |
984 } |
985 // Download the file |
985 // Download the file |
986 require_once( ENANO_ROOT . '/includes/http.php' ); |
986 require_once( ENANO_ROOT . '/includes/http.php' ); |
987 |
987 |
988 if ( !preg_match('/^http:\/\/((?:[a-z0-9-\.]+|\[[a-f0-9:]+\]))(:([0-9]+))?\/(.+)$/', $_POST['avatar_http_url'], $match) ) |
988 if ( !preg_match('/^http:\/\/((?:[a-z0-9-\.]+|\[[a-f0-9:]+\]))(:([0-9]+))?\/(.+)$/', $_POST['avatar_http_url'], $match) ) |
989 { |
989 { |
990 echo '<div class="error-box">' . $lang->get('usercp_avatar_invalid_url') . '</div>'; |
990 echo '<div class="error-box">' . $lang->get('usercp_avatar_invalid_url') . '</div>'; |
991 break; |
991 break; |
992 } |
992 } |
993 |
993 |
994 $hostname = $match[1]; |
994 $hostname = $match[1]; |
995 $uri = '/' . $match[4]; |
995 $uri = '/' . $match[4]; |
996 $port = ( $match[3] ) ? intval($match[3]) : 80; |
996 $port = ( $match[3] ) ? intval($match[3]) : 80; |
997 $max_size = intval(getConfig('avatar_max_size')); |
997 $max_size = intval(getConfig('avatar_max_size')); |
998 |
998 |
999 // Get temporary file |
999 // Get temporary file |
1000 $tempfile = tempnam(false, "enanoavatar_{$user_id}"); |
1000 $tempfile = tempnam(false, "enanoavatar_{$user_id}"); |
1001 if ( !$tempfile ) |
1001 if ( !$tempfile ) |
1002 echo '<div class="error-box">Error getting temp file.</div>'; |
1002 echo '<div class="error-box">Error getting temp file.</div>'; |
1003 |
1003 |
1004 @unlink($tempfile); |
1004 @unlink($tempfile); |
1005 $request = new Request_HTTP($hostname, $uri, 'GET', $port); |
1005 $request = new Request_HTTP($hostname, $uri, 'GET', $port); |
1006 // max download size: 2MB, keeps things reasonable |
1006 // max download size: 2MB, keeps things reasonable |
1007 // note: we'll try to scale the image down before checking filesize |
1007 // note: we'll try to scale the image down before checking filesize |
1008 $result = $request->write_response_to_file($tempfile, 1160, 2097152); |
1008 $result = $request->write_response_to_file($tempfile, 1160, 2097152); |
1009 if ( !$result || $request->response_code != HTTP_OK ) |
1009 if ( !$result || $request->response_code != HTTP_OK ) |
1010 { |
1010 { |
1011 @unlink($tempfile); |
1011 @unlink($tempfile); |
1012 echo '<div class="error-box">' . $lang->get('usercp_avatar_bad_write') . '</div>'; |
1012 echo '<div class="error-box">' . $lang->get('usercp_avatar_bad_write') . '</div>'; |
1013 break; |
1013 break; |
1014 } |
1014 } |
1015 |
1015 |
1016 // Response written. Proceed to validation... |
1016 // Response written. Proceed to validation... |
1017 } |
1017 } |
1018 else |
1018 else |
1019 { |
1019 { |
1020 // Check if this action is enabled |
1020 // Check if this action is enabled |
1021 if ( getConfig('avatar_upload_file', 1) !== 1 ) |
1021 if ( getConfig('avatar_upload_file', 1) !== 1 ) |
1022 { |
1022 { |
1023 // non-localized, only appears on hack attempt |
1023 // non-localized, only appears on hack attempt |
1024 echo '<div class="error-box">Uploads from the browser are disabled.</div>'; |
1024 echo '<div class="error-box">Uploads from the browser are disabled.</div>'; |
1025 break; |
1025 break; |
1026 } |
1026 } |
1027 |
1027 |
1028 $max_size = intval(getConfig('avatar_max_size')); |
1028 $max_size = intval(getConfig('avatar_max_size')); |
1029 |
1029 |
1030 $file =& $_FILES['avatar_file']; |
1030 $file =& $_FILES['avatar_file']; |
1031 $tempfile =& $file['tmp_name']; |
1031 $tempfile =& $file['tmp_name']; |
1032 } |
1032 } |
1033 $file_type = get_image_filetype($tempfile); |
1033 $file_type = get_image_filetype($tempfile); |
1034 if ( !$file_type ) |
1034 if ( !$file_type ) |
1035 { |
1035 { |
1036 @unlink($tempfile); |
1036 @unlink($tempfile); |
1037 echo '<div class="error-box">' . $lang->get('usercp_avatar_bad_filetype') . '</div>'; |
1037 echo '<div class="error-box">' . $lang->get('usercp_avatar_bad_filetype') . '</div>'; |
1038 break; |
1038 break; |
1039 } |
1039 } |
1040 |
1040 |
1041 $avi_path_new = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $user_id . '.' . $file_type; |
1041 $avi_path_new = ENANO_ROOT . '/' . getConfig('avatar_directory') . '/' . $user_id . '.' . $file_type; |
1042 |
1042 |
1043 // The file type is good - validate dimensions and animation |
1043 // The file type is good - validate dimensions and animation |
1044 switch($file_type) |
1044 switch($file_type) |
1045 { |
1045 { |
1046 case 'png': |
1046 case 'png': |
1047 $is_animated = is_png_animated($tempfile); |
1047 $is_animated = is_png_animated($tempfile); |
1048 $dimensions = png_get_dimensions($tempfile); |
1048 $dimensions = png_get_dimensions($tempfile); |
1049 break; |
1049 break; |
1050 case 'gif': |
1050 case 'gif': |
1051 $is_animated = is_gif_animated($tempfile); |
1051 $is_animated = is_gif_animated($tempfile); |
1052 $dimensions = gif_get_dimensions($tempfile); |
1052 $dimensions = gif_get_dimensions($tempfile); |
1053 break; |
1053 break; |
1054 case 'jpg': |
1054 case 'jpg': |
1055 $is_animated = false; |
1055 $is_animated = false; |
1056 $dimensions = jpg_get_dimensions($tempfile); |
1056 $dimensions = jpg_get_dimensions($tempfile); |
1057 break; |
1057 break; |
1058 default: |
1058 default: |
1059 echo '<div class="error-box">API mismatch</div>'; |
1059 echo '<div class="error-box">API mismatch</div>'; |
1060 break 2; |
1060 break 2; |
1061 } |
1061 } |
1062 // Did we get invalid size data? If so the image is probably corrupt. |
1062 // Did we get invalid size data? If so the image is probably corrupt. |
1063 if ( !$dimensions ) |
1063 if ( !$dimensions ) |
1064 { |
1064 { |
1065 @unlink($tempfile); |
1065 @unlink($tempfile); |
1066 echo '<div class="error-box">' . $lang->get('usercp_avatar_corrupt_image') . '</div>'; |
1066 echo '<div class="error-box">' . $lang->get('usercp_avatar_corrupt_image') . '</div>'; |
1067 break; |
1067 break; |
1068 } |
1068 } |
1069 // Is the image animated? |
1069 // Is the image animated? |
1070 if ( $is_animated && getConfig('avatar_enable_anim', 0) !== 1 ) |
1070 if ( $is_animated && getConfig('avatar_enable_anim', 0) !== 1 ) |
1071 { |
1071 { |
1072 @unlink($tempfile); |
1072 @unlink($tempfile); |
1073 echo '<div class="error-box">' . $lang->get('usercp_avatar_disallowed_animation') . '</div>'; |
1073 echo '<div class="error-box">' . $lang->get('usercp_avatar_disallowed_animation') . '</div>'; |
1074 break; |
1074 break; |
1075 } |
1075 } |
1076 // Check image dimensions |
1076 // Check image dimensions |
1077 list($image_x, $image_y) = $dimensions; |
1077 list($image_x, $image_y) = $dimensions; |
1078 $max_x = intval(getConfig('avatar_max_width')); |
1078 $max_x = intval(getConfig('avatar_max_width')); |
1079 $max_y = intval(getConfig('avatar_max_height')); |
1079 $max_y = intval(getConfig('avatar_max_height')); |
1080 if ( $image_x > $max_x || $image_y > $max_y ) |
1080 if ( $image_x > $max_x || $image_y > $max_y ) |
1081 { |
1081 { |
1082 // try to scale the image |
1082 // try to scale the image |
1083 try |
1083 try |
1084 { |
1084 { |
1085 @rename($tempfile, "$tempfile-unscaled.$file_type"); |
1085 @rename($tempfile, "$tempfile-unscaled.$file_type"); |
1086 $scale_result = scale_image("$tempfile-unscaled.$file_type", "$tempfile.$file_type", $max_x, $max_y, true); |
1086 $scale_result = scale_image("$tempfile-unscaled.$file_type", "$tempfile.$file_type", $max_x, $max_y, true); |
1087 if ( $scale_result ) |
1087 if ( $scale_result ) |
1088 { |
1088 { |
1089 if ( !(@unlink("$tempfile-unscaled.$file_type") && @rename("$tempfile.$file_type", $tempfile)) ) |
1089 if ( !(@unlink("$tempfile-unscaled.$file_type") && @rename("$tempfile.$file_type", $tempfile)) ) |
1090 { |
1090 { |
1091 // scale failed |
1091 // scale failed |
1092 @unlink("$tempfile-scale.$file_type"); |
1092 @unlink("$tempfile-scale.$file_type"); |
1093 echo '<div class="error-box">Rename failure: ' . $lang->get('usercp_avatar_too_large') . '</div>'; |
1093 echo '<div class="error-box">Rename failure: ' . $lang->get('usercp_avatar_too_large') . '</div>'; |
1094 break; |
1094 break; |
1095 } |
1095 } |
1096 } |
1096 } |
1097 else |
1097 else |
1098 { |
1098 { |
1099 @unlink($tempfile); |
1099 @unlink($tempfile); |
1100 @unlink("$tempfile-unscaled.$file_type"); |
1100 @unlink("$tempfile-unscaled.$file_type"); |
1101 echo '<div class="error-box">Scale failure: ' . $lang->get('usercp_avatar_too_large') . '</div>'; |
1101 echo '<div class="error-box">Scale failure: ' . $lang->get('usercp_avatar_too_large') . '</div>'; |
1102 break; |
1102 break; |
1103 } |
1103 } |
1104 } |
1104 } |
1105 catch ( Exception $e ) |
1105 catch ( Exception $e ) |
1106 { |
1106 { |
1107 // If we get here, the scaling process most definitely failed. |
1107 // If we get here, the scaling process most definitely failed. |
1108 echo '<div class="error-box">EXCEPTION: ' . $lang->get('usercp_avatar_too_large') . '</div>'; |
1108 echo '<div class="error-box">EXCEPTION: ' . $lang->get('usercp_avatar_too_large') . '</div>'; |
1109 break; |
1109 break; |
1110 } |
1110 } |
1111 } |
1111 } |
1112 // Check file size last, so that the scale operation is considered |
1112 // Check file size last, so that the scale operation is considered |
1113 if ( filesize($tempfile) > $max_size ) |
1113 if ( filesize($tempfile) > $max_size ) |
1114 { |
1114 { |
1115 @unlink($tempfile); |
1115 @unlink($tempfile); |
1116 echo '<div class="error-box">' . $lang->get('usercp_avatar_file_too_large') . '</div>'; |
1116 echo '<div class="error-box">' . $lang->get('usercp_avatar_file_too_large') . '</div>'; |
1117 break; |
1117 break; |
1118 } |
1118 } |
1119 // All good! |
1119 // All good! |
1120 @unlink($avi_path); |
1120 @unlink($avi_path); |
1121 if ( rename($tempfile, $avi_path_new) ) |
1121 if ( rename($tempfile, $avi_path_new) ) |
1122 { |
1122 { |
1123 $q = $db->sql_query('UPDATE ' . table_prefix . "users SET user_has_avatar = 1, avatar_type = '$file_type' WHERE user_id = {$user_id};"); |
1123 $q = $db->sql_query('UPDATE ' . table_prefix . "users SET user_has_avatar = 1, avatar_type = '$file_type' WHERE user_id = {$user_id};"); |
1124 if ( !$q ) |
1124 if ( !$q ) |
1125 $db->_die('Avatar CP updating users table after successful avatar upload'); |
1125 $db->_die('Avatar CP updating users table after successful avatar upload'); |
1126 $has_avi = 1; |
1126 $has_avi = 1; |
1127 $avi_type = $file_type; |
1127 $avi_type = $file_type; |
1128 $quiet || print '<div class="info-box">' . $lang->get('usercp_avatar_upload_success') . '</div>'; |
1128 $quiet || print '<div class="info-box">' . $lang->get('usercp_avatar_upload_success') . '</div>'; |
1129 } |
1129 } |
1130 else |
1130 else |
1131 { |
1131 { |
1132 echo '<div class="error-box">' . $lang->get('usercp_avatar_move_failed') . '</div>'; |
1132 echo '<div class="error-box">' . $lang->get('usercp_avatar_move_failed') . '</div>'; |
1133 } |
1133 } |
1134 $had_a_boo_boo = false; |
1134 $had_a_boo_boo = false; |
1135 break; |
1135 break; |
1136 case 'set_gravatar': |
1136 case 'set_gravatar': |
1137 // set avatar to use Gravatar |
1137 // set avatar to use Gravatar |
1138 // make sure we're allowed to do this |
1138 // make sure we're allowed to do this |
1139 if ( getConfig('avatar_upload_gravatar') != '1' ) |
1139 if ( getConfig('avatar_upload_gravatar') != '1' ) |
1140 { |
1140 { |
1141 // access denied |
1141 // access denied |
1142 break; |
1142 break; |
1143 } |
1143 } |
1144 // first, remove old image |
1144 // first, remove old image |
1145 if ( $has_avi ) |
1145 if ( $has_avi ) |
1146 { |
1146 { |
1147 // First switch the avatar off |
1147 // First switch the avatar off |
1148 $q = $db->sql_query('UPDATE ' . table_prefix . 'users SET user_has_avatar = 0 WHERE user_id = ' . $user_id . ';'); |
1148 $q = $db->sql_query('UPDATE ' . table_prefix . 'users SET user_has_avatar = 0 WHERE user_id = ' . $user_id . ';'); |
1149 if ( !$q ) |
1149 if ( !$q ) |
1150 $db->_die('Avatar CP switching user avatar off'); |
1150 $db->_die('Avatar CP switching user avatar off'); |
1151 |
1151 |
1152 @unlink($avi_path); |
1152 @unlink($avi_path); |
1153 } |
1153 } |
1154 // set to gravatar mode |
1154 // set to gravatar mode |
1155 $q = $db->sql_query('UPDATE ' . table_prefix . 'users SET user_has_avatar = 1, avatar_type = \'grv\' WHERE user_id = ' . $user_id . ';'); |
1155 $q = $db->sql_query('UPDATE ' . table_prefix . 'users SET user_has_avatar = 1, avatar_type = \'grv\' WHERE user_id = ' . $user_id . ';'); |
1156 if ( !$q ) |
1156 if ( !$q ) |
1157 $db->_die('Avatar CP switching user avatar off'); |
1157 $db->_die('Avatar CP switching user avatar off'); |
1158 |
1158 |
1159 $has_avi = 1; |
1159 $has_avi = 1; |
1160 $quiet || print '<div class="info-box">' . $lang->get('usercp_avatar_gravatar_success') . '</div>'; |
1160 $quiet || print '<div class="info-box">' . $lang->get('usercp_avatar_gravatar_success') . '</div>'; |
1161 $had_a_boo_boo = false; |
1161 $had_a_boo_boo = false; |
1162 break; |
1162 break; |
1163 } |
1163 } |
1164 return array($has_avi, $avi_type, $had_a_boo_boo); |
1164 return array($has_avi, $avi_type, $had_a_boo_boo); |
1165 } |
1165 } |
1166 |
1166 |
1167 ?> |
1167 ?> |