summaryrefslogtreecommitdiffstats
path: root/include/preferences.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/preferences.php')
-rw-r--r--include/preferences.php177
1 files changed, 177 insertions, 0 deletions
diff --git a/include/preferences.php b/include/preferences.php
new file mode 100644
index 0000000..fdb6a19
--- /dev/null
+++ b/include/preferences.php
@@ -0,0 +1,177 @@
+<?php
+/* make sure that we are not called from outside the scripts,
+ * use a variable defined in config.php to check this
+ */
+if(!isset($HOST))
+ exit;
+
+$name = $_SESSION["name"];
+$email = DB_get_email('name',$name);
+$myid = DB_get_userid('email',$email);
+if(!$myid)
+ return;
+
+/* track what got changed */
+$changed_notify = 0;
+$changed_password = 0;
+$changed_cards = 0;
+$changed_timezone = 0;
+
+output_status();
+display_user_menu();
+
+/* get old infos */
+$PREF = DB_get_PREF($myid);
+$timezone = DB_get_user_timezone($myid);
+
+DB_update_user_timestamp($myid);
+
+/* does the user want to change some preferences? */
+if(myisset("timezone"))
+ {
+ $newtimezone=$_REQUEST['timezone'];
+ if($newtimezone != $timezone)
+ {
+ DB_query("UPDATE User SET timezone=".DB_quote_smart($newtimezone).
+ " WHERE id=".DB_quote_smart($myid));
+ $changed_timezone = 1;
+ }
+ }
+
+if(myisset("cards"))
+ {
+ $cards=$_REQUEST['cards'];
+ if($cards != $PREF['cardset'])
+ {
+ /* check if we already have an entry for the user, if so change it, if not create new one */
+ $result = DB_query("SELECT * from User_Prefs".
+ " WHERE user_id='$myid' AND pref_key='cardset'" );
+ if( DB_fetch_array($result))
+ $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards).
+ " WHERE user_id='$myid' AND pref_key='cardset'" );
+ else
+ $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
+ DB_quote_smart($cards).")");
+ $changed_cards = 1;
+ }
+ }
+
+if(myisset("notify"))
+ {
+ $notify=$_REQUEST['notify'];
+ if($notify != $PREF['email'])
+ {
+ /* check if we already have an entry for the user, if so change it, if not create new one */
+ $result = DB_query("SELECT * from User_Prefs".
+ " WHERE user_id='$myid' AND pref_key='email'" );
+ if( DB_fetch_array($result))
+ $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify).
+ " WHERE user_id='$myid' AND pref_key='email'" );
+ else
+ $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
+ DB_quote_smart($notify).")");
+ $changed_notify=1;
+ }
+ }
+
+if(myisset("password0") && $_REQUEST["password0"]!="" )
+ {
+ $changed_password = 1;
+
+ /* check if old password matches */
+ $oldpasswd = md5($_REQUEST["password0"]);
+ $password = DB_get_passwd_by_userid($myid);
+ if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
+ $changed_password = -1;
+
+ /* check if new passwords are types the same twice */
+ if($_REQUEST["password1"] != $_REQUEST["password2"] )
+ $changed_password = -2;
+
+ if($changed_password==1)
+ {
+ DB_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
+ "' WHERE id=".DB_quote_smart($myid));
+ }
+ /* error output below */
+ }
+
+/* get infos again in case they have changed */
+$PREF = DB_get_PREF($myid);
+$timezone = DB_get_user_timezone($myid);
+
+/* output settings */
+
+echo "<div class=\"user\">\n";
+echo " <form action=\"index.php?action=prefs\" method=\"post\">\n";
+echo " <h2>Your settings are</h2>\n";
+echo " <table>\n";
+echo " <tr><td>Email: </td><td> $email </td></tr>\n";
+echo " <tr><td>Timezone: </td><td>";
+output_select_timezone("timezone",$timezone);
+if($changed_timezone) echo "changed";
+echo "</td></tr>\n";
+echo " <tr><td>Notification: </td><td>";
+
+echo " <select id=\"notify\" name=\"notify\" size=\"1\">\n";
+ if($PREF['email']=="emailaddict")
+ {
+ echo " <option value=\"emailaddict\" selected=\"selected\">lots of emails</option>\n";
+ echo " <option value=\"emailnonaddict\">less emails</option>\n";
+ }
+ else
+ {
+ echo " <option value=\"emailaddict\">lots of email</option>\n";
+ echo " <option value=\"emailnonaddict\" selected=\"selected\">less email</option>\n";
+ }
+ echo " </select>\n";
+if($changed_notify) echo "changed";
+echo " </td></tr>\n";
+echo " <tr><td>Card set: </td><td>";
+
+echo " <select id=\"cards\" name=\"cards\" size=\"1\">\n";
+ if($PREF['cardset']=="altenburg")
+ {
+ echo " <option value=\"altenburg\" selected=\"selected\">German cards</option>\n";
+ echo " <option value=\"english\">English cards</option>\n";
+ }
+ else
+ {
+ echo " <option value=\"altenburg\">German cards</option>\n";
+ echo " <option value=\"english\" selected=\"selected\">English cards</option>\n";
+ }
+ echo " </select>\n";
+if($changed_cards) echo "changed";
+echo " </td></tr>\n";
+echo " <tr><td>Password(old): </td><td>",
+ "<input type=\"password\" id=\"password0\" name=\"password0\" size=\"20\" maxlength=\"30\" />";
+switch($changed_password)
+ {
+ case '-2':
+ echo "The new passwords don't match.";
+ break;
+ case '-1':
+ echo "The old password is not correct.";
+ break;
+ case '1':
+ echo "changed";
+ break;
+ }
+echo " </td></tr>\n";
+echo " <tr><td>Password(new): </td><td>",
+ "<input type=\"password\" id=\"password1\" name=\"password1\" size=\"20\" maxlength=\"30\" />",
+ " </td></tr>\n";
+echo " <tr><td>Password(new, retype): </td><td>",
+ "<input type=\"password\" id=\"password2\" name=\"password2\" size=\"20\" maxlength=\"30\" />",
+ " </td></tr>\n";
+echo " <tr><td><input type=\"submit\" class=\"submitbutton\" name=\"passwd\" value=\"set\" /></td>",
+ "<td></td></tr>\n";
+echo " </table>\n";
+echo " </form>\n";
+echo "</div>\n";
+
+output_footer();
+DB_close();
+exit();
+
+?> \ No newline at end of file