0089c432ff2e8d9a5999c80489eba3e0da571643
[e-DoKo.git] / include / preferences.php
1 <?php
2 /* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arun Persaud <arun@nubati.net>
3  *
4  *   This file is part of e-DoKo.
5  *
6  *   e-DoKo is free software: you can redistribute it and/or modify
7  *   it under the terms of the GNU General Public License as published by
8  *   the Free Software Foundation, either version 3 of the License, or
9  *   (at your option) any later version.
10  *
11  *   e-DoKo is distributed in the hope that it will be useful,
12  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
13  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  *   GNU General Public License for more details.
15  *
16  *   You should have received a copy of the GNU General Public License
17  *   along with e-DoKo.  If not, see <http://www.gnu.org/licenses/>.
18  *
19  */
20
21 /* make sure that we are not called from outside the scripts,
22  * use a variable defined in config.php to check this
23  */
24 if(!isset($HOST))
25   exit;
26
27 include_once('openid.php');
28
29 $name  = $_SESSION["name"];
30 $email = DB_get_email('name',$name);
31 $myid  = DB_get_userid('email',$email);
32 if(!$myid)
33   return;
34
35 /* track what got changed */
36 $changed_notify       = 0;
37 $changed_password     = 0;
38 $changed_cards        = 0;
39 $changed_timezone     = 0;
40 $changed_autosetup    = 0;
41 $changed_sorting      = 0;
42 $changed_openforgames = 0;
43 $changed_vacation     = 0;
44 $changed_openid       = 0;
45 $changed_digest       = 0;
46 $changed_language     = 0;
47
48 display_user_menu($myid);
49
50 /* get old infos */
51 $PREF = DB_get_PREF($myid);
52 /* set language chosen in preferences, will become active on the next reload (see index.php)*/
53 $_SESSION['language'] = $PREF['language'];
54 set_language($PREF['language']);
55 $timezone =  DB_get_user_timezone($myid);
56
57 DB_update_user_timestamp($myid);
58
59 /* does the user want to change some preferences?
60  * update the database and track changes with a variable, so that
61  * we can later highlight the changed value
62  */
63
64 /* check for deleted openids */
65 foreach($_REQUEST as $key=>$value)
66 {
67   if(strstr($key,"delete-openid-"))
68     {
69       /* found and openid to delete */
70       $DelOpenID = substr(str_replace("_",".",$key),14);
71       DB_DetachOpenID($DelOpenID, $myid);
72       $changed_openid = 1;
73     }
74 }
75
76
77 if(myisset('vacation_start','vacation_stop','vacation_comment') &&
78    ($_REQUEST['vacation_start']!='' || $_REQUEST['vacation_stop']!='')
79    )
80   {
81     $vacation_start   = $_REQUEST['vacation_start'].' 00:00:00';
82     $vacation_stop    = $_REQUEST['vacation_stop'].' 23:59:59';
83     $vacation_comment = $_REQUEST['vacation_comment'];
84
85     /* check if everything is valid */
86     if(!strtotime($vacation_start))
87       $changed_vacation = -1;
88     if(!strtotime($vacation_stop))
89       $changed_vacation = -1;
90
91     /* test if we should delete the entry */
92     if($_REQUEST['vacation_start'] == $_REQUEST['vacation_stop'])
93       {
94         $result = DB_query("DELETE FROM User_Prefs".
95                            " WHERE user_id='$myid' AND pref_key='vacation start'" );
96         $result = DB_query("DELETE FROM User_Prefs".
97                            " WHERE user_id='$myid' AND pref_key='vacation stop'" );
98         $result = DB_query("DELETE FROM User_Prefs".
99                            " WHERE user_id='$myid' AND pref_key='vacation comment'" );
100         $changed_vacation = 1;
101       }
102     /* change in database if format is ok */
103     else if($changed_vacation>=0)
104       {
105         /* only change if different from current value */
106         if($vacation_start!=$PREF['vacation_start'])
107           {
108             $result = DB_query("SELECT * from User_Prefs".
109                                " WHERE user_id='$myid' AND pref_key='vacation start'" );
110             if( DB_fetch_array($result))
111               $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_start).
112                                  " WHERE user_id='$myid' AND pref_key='vacation start'" );
113             else
114               $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation start',".
115                                  DB_quote_smart($vacation_start).")");
116
117             $changed_vacation = 1;
118           }
119
120         /* same for the stop date */
121         if($vacation_stop!=$PREF['vacation_stop'])
122           {
123             $result = DB_query("SELECT * from User_Prefs".
124                                " WHERE user_id='$myid' AND pref_key='vacation stop'" );
125             if( DB_fetch_array($result))
126               $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_stop).
127                                  " WHERE user_id='$myid' AND pref_key='vacation stop'" );
128             else
129               $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation stop',".
130                                  DB_quote_smart($vacation_stop).")");
131
132             $changed_vacation = 1;
133           }
134
135         /* does the user want to add a comment? */
136         if($vacation_comment!=$PREF['vacation_comment'])
137           {
138             $result = DB_query("SELECT * from User_Prefs".
139                                " WHERE user_id='$myid' AND pref_key='vacation comment'" );
140             if( DB_fetch_array($result))
141               $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_comment).
142                                  " WHERE user_id='$myid' AND pref_key='vacation comment'" );
143             else
144               $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation comment',".
145                                  DB_quote_smart($vacation_comment).")");
146
147             $changed_vacation = 1;
148           }
149       }
150   }
151
152 if(myisset("timezone"))
153   {
154     $newtimezone = $_REQUEST['timezone'];
155     if($newtimezone != $timezone)
156       {
157         DB_query("UPDATE User SET timezone=".DB_quote_smart($newtimezone).
158                  " WHERE id=".DB_quote_smart($myid));
159         $changed_timezone = 1;
160       }
161   }
162
163 if(myisset("cards"))
164   {
165     $cards=$_REQUEST['cards'];
166     if($cards != $PREF['cardset'])
167       {
168         /* check if we already have an entry for the user, if so change it, if not create new one */
169         $result = DB_query("SELECT * from User_Prefs".
170                            " WHERE user_id='$myid' AND pref_key='cardset'" );
171         if( DB_fetch_array($result))
172           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards).
173                              " WHERE user_id='$myid' AND pref_key='cardset'" );
174         else
175           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
176                              DB_quote_smart($cards).")");
177         $changed_cards = 1;
178       }
179   }
180
181 if(myisset("notify"))
182   {
183     $notify=$_REQUEST['notify'];
184     if($notify != $PREF['email'])
185       {
186         /* check if we already have an entry for the user, if so change it, if not create new one */
187         $result = DB_query("SELECT * from User_Prefs".
188                            " WHERE user_id='$myid' AND pref_key='email'" );
189         if( DB_fetch_array($result))
190           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify).
191                              " WHERE user_id='$myid' AND pref_key='email'" );
192         else
193           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
194                              DB_quote_smart($notify).")");
195         $changed_notify=1;
196       }
197   }
198
199 if(myisset("digest"))
200   {
201     $digest=$_REQUEST['digest'];
202     if($digest != $PREF['digest'])
203       {
204         /* check if we already have an entry for the user, if so change it, if not create new one */
205         $result = DB_query("SELECT * from User_Prefs".
206                            " WHERE user_id='$myid' AND pref_key='digest'" );
207         if( DB_fetch_array($result))
208           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($digest).
209                              " WHERE user_id='$myid' AND pref_key='digest'" );
210         else
211           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','digest',".
212                              DB_quote_smart($digest).")");
213         $changed_digest=1;
214       }
215   }
216
217 if(myisset("autosetup"))
218   {
219     $autosetup = $_REQUEST['autosetup'];
220     if($autosetup != $PREF['autosetup'])
221       {
222         /* check if we already have an entry for the user, if so change it, if not create new one */
223         $result = DB_query("SELECT * from User_Prefs".
224                            " WHERE user_id='$myid' AND pref_key='autosetup'" );
225         if( DB_fetch_array($result))
226           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($autosetup).
227                              " WHERE user_id='$myid' AND pref_key='autosetup'" );
228         else
229           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','autosetup',".
230                              DB_quote_smart($autosetup).")");
231         $changed_autosetup=1;
232       }
233   }
234
235 if(myisset("sorting"))
236   {
237     $sorting = $_REQUEST['sorting'];
238     if($sorting != $PREF['sorting'])
239       {
240         /* check if we already have an entry for the user, if so change it, if not create new one */
241         $result = DB_query("SELECT * from User_Prefs".
242                            " WHERE user_id='$myid' AND pref_key='sorting'" );
243         if( DB_fetch_array($result))
244           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($sorting).
245                              " WHERE user_id='$myid' AND pref_key='sorting'" );
246         else
247           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','sorting',".
248                              DB_quote_smart($sorting).")");
249         $changed_sorting=1;
250       }
251   }
252
253 if(myisset("open_for_games"))
254   {
255     $openforgames = $_REQUEST['open_for_games'];
256     if($openforgames != $PREF['open_for_games'])
257       {
258         /* check if we already have an entry for the user, if so change it, if not create new one */
259         $result = DB_query("SELECT * from User_Prefs".
260                            " WHERE user_id='$myid' AND pref_key='open for games'" );
261         if( DB_fetch_array($result))
262           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($openforgames).
263                              " WHERE user_id='$myid' AND pref_key='open for games'" );
264         else
265           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','open for games',".
266                              DB_quote_smart($openforgames).")");
267         $changed_openforgames=1;
268       }
269   }
270
271
272 if(myisset("password0","password1","password2") &&  $_REQUEST["password0"]!="" &&  $_REQUEST["password0"]!= $_REQUEST["password1"])
273   {
274     $changed_password = 1;
275
276     /* check if old password matches */
277     $result = verify_password($email, $_REQUEST["password0"]);
278
279     if( $result!=0 )
280       $changed_password = -1;
281
282     /* check if new password has been typed in correctly */
283     if($_REQUEST["password1"] != $_REQUEST["password2"] )
284       $changed_password = -2;
285
286     /* check if new password is long enough */
287     if(strlen($_REQUEST["password1"])<4)
288       $changed_password = -3;
289
290     if($changed_password==1)
291       {
292         // create a password hash using the crypt function, need php 5.3 for this
293         // create and random salt
294         $salt = substr(str_replace('+', '.', base64_encode(sha1(microtime(true), true))), 0, 22);
295         // hash incoming password using 12 rounds of blowfish
296         $hash = crypt($_REQUEST["password1"], '$2y$12$' . $salt);
297
298         DB_query("UPDATE User SET password='".$hash.
299                  "' WHERE id=".DB_quote_smart($myid));
300
301         /* in case this was done using a recovery password delete that password */
302         $tmppasswd = md5($_REQUEST["password0"]);
303         if(DB_check_recovery_passwords($tmppasswd,$email))
304           DB_delete_recovery_passwords($myid);
305       }
306     /* error output below */
307   }
308
309 if(myisset("openid_url") && $_REQUEST['openid_url']!='')
310   {
311     $openid_url = OpenIDUrlEncode($_REQUEST['openid_url']);
312     DB_AttachOpenID($openid_url, $myid);
313   }
314
315 if(myisset("language"))
316   {
317     $language = $_REQUEST['language'];
318     if($language != $PREF['language'])
319       {
320         /* check if we already have an entry for the user, if so change it, if not create new one */
321         $result = DB_query("SELECT * from User_Prefs".
322                            " WHERE user_id='$myid' AND pref_key='language'" );
323         if( DB_fetch_array($result))
324           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($language).
325                              " WHERE user_id='$myid' AND pref_key='language'" );
326         else
327           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','language',".
328                              DB_quote_smart($language).")");
329         $changed_language = 1;
330       }
331   }
332
333
334 /* get infos again in case they have changed */
335 $PREF     = DB_get_PREF($myid);
336 $timezone = DB_get_user_timezone($myid);
337
338 /*
339  * output settings
340  */
341
342 echo "<div class=\"user\">\n";
343 echo "  <form action=\"index.php?action=prefs\" method=\"post\">\n";
344 echo '  <h2>'._('Your settings')."</h2>\n";
345 echo "    <fieldset>\n";
346 echo '    <legend>'._('Game-related')."</legend>\n";
347 echo "      <table>\n";
348
349 echo '        <tr><td>'._('Vacation').":             </td>\n";
350 if($PREF['vacation_start'])
351   $value = substr($PREF['vacation_start'],0,10);
352  else
353    $value = '';
354 echo "            <td>"._('start').":<input type=\"date\" class=\"date\" name=\"vacation_start\" value=\"$value\" /></td>\n";
355 if($PREF['vacation_stop'])
356   $value = substr($PREF['vacation_stop'],0,10);
357  else
358    $value = '';
359 echo "            <td>"._('stop').":<input type=\"date\" class=\"date\" name=\"vacation_stop\" value=\"$value\" /></td>\n";
360 if($PREF['vacation_comment'])
361   $value = $PREF['vacation_comment'];
362 else
363   $value = '';
364 echo '            <td>'._('comment:')."<input type=\"text\" id=\"vacation_comment\" name=\"vacation_comment\" size=\"10\" maxlength=\"50\" value=\"$value\" />";
365 if($changed_vacation == 1) echo _('changed');
366 if($changed_vacation == -1) echo _('wrong date format');
367 echo "</td></tr>\n";
368 echo '<tr><td></td><td colspan="2">'._("set both dates to the same day to end vacation")."</td></tr>\n";
369 echo '        <tr><td>'._('Notification').":          </td><td>\n";
370 echo "          <select id=\"notify\" name=\"notify\" size=\"1\">\n";
371 if($PREF['email']=="emailaddict")
372   {
373     echo "            <option value=\"emailaddict\" selected=\"selected\">"._('less emails')."</option>\n";
374     echo "            <option value=\"emailnonaddict\">"._('lots of emails')."</option>\n";
375   }
376 else
377   {
378     echo "            <option value=\"emailaddict\">"._('less emails')."</option>\n";
379     echo "            <option value=\"emailnonaddict\" selected=\"selected\">"._('lots of emails')."</option>\n";
380   }
381 echo "          </select>";
382 if($changed_notify) echo _('changed');
383 echo " </td></tr>\n";
384
385 echo '        <tr><td>'._('Digest').":          </td><td>\n";
386 echo "          <select id=\"digest\" name=\"digest\" size=\"1\">\n";
387
388 $selected = "selected=\"selected\"";
389 echo "            <option value=\"digest-off\"";
390 if($PREF['digest']=="digest-off") echo $selected;
391 echo '>'._('digest off')."</option>\n";
392
393 echo "            <option value=\"digest-1h\" ";
394 if($PREF['digest']=="digest-1h") echo $selected;
395 echo ">"._('every hour')."</option>\n";
396
397 echo "            <option value=\"digest-2h\" ";
398 if($PREF['digest']=="digest-2h") echo $selected;
399 echo ">"._('every 2h')."</option>\n";
400
401 echo "            <option value=\"digest-3h\" ";
402 if($PREF['digest']=="digest-3h") echo $selected;
403 echo ">"._('every 3h')."</option>\n";
404
405 echo "            <option value=\"digest-4h\" ";
406 if($PREF['digest']=="digest-4h") echo $selected;
407 echo ">"._('every 4h')."</option>\n";
408
409 echo "            <option value=\"digest-6h\" ";
410 if($PREF['digest']=="digest-6h") echo $selected;
411 echo ">"._('every 6h')."</option>\n";
412
413 echo "            <option value=\"digest-12h\"";
414 if($PREF['digest']=="digest-12h") echo $selected;
415 echo ">"._('every 12h')."</option>\n";
416
417 echo "            <option value=\"digest-24h\"";
418 if($PREF['digest']=="digest-24h") echo $selected;
419 echo ">"._('every 24h')."</option>\n";
420
421 echo "          </select>";
422 if($changed_digest) echo _('changed');
423 echo " </td></tr>\n";
424
425
426 echo '        <tr><td>'._('Autosetup').":          </td><td>\n";
427 echo "          <select id=\"autosetup\" name=\"autosetup\" size=\"1\">\n";
428 if($PREF['autosetup']=="yes")
429   {
430     echo "           <option value=\"yes\" selected=\"selected\">"._('accept every game')."</option>\n";
431     echo "           <option value=\"no\">"._('ask for games')."</option>\n";
432   }
433  else
434    {
435      echo "           <option value=\"yes\">"._('accept every game')."</option>\n";
436      echo "           <option value=\"no\" selected=\"selected\">"._('ask for games')."</option>\n";
437    }
438 echo "         </select>";
439 if($changed_autosetup) echo _('changed');
440 echo " </td></tr>\n";
441 echo '    <tr><td>'._('Sorting').":          </td><td>\n";
442
443 echo "         <select id=\"sorting\" name=\"sorting\" size=\"1\">\n";
444 if($PREF['sorting']=="high-low")
445   {
446     echo "           <option value=\"high-low\" selected=\"selected\">"._('high to low')."</option>\n";
447     echo "           <option value=\"low-high\">"._('low to high')."</option>\n";
448   }
449  else
450    {
451      echo "           <option value=\"high-low\">"._('high to low')."</option>\n";
452      echo "           <option value=\"low-high\" selected=\"selected\">"._('low to high')."</option>\n";
453    }
454 echo "         </select>";
455 if($changed_sorting) echo _('changed');
456 echo " </td></tr>\n";
457 echo '        <tr><td>'._('Open for new games').":          </td><td>\n";
458 echo "         <select id=\"open_for_games\" name=\"open_for_games\" size=\"1\">\n";
459 if($PREF['open_for_games']=="no")
460   {
461     echo '           <option value="yes">'._('yes')."</option>\n";
462     echo '           <option value="no" selected="selected">'._('no')."</option>\n";
463   }
464  else /* default */
465    {
466      echo '           <option value="yes" selected="selected">'._('yes')."</option>\n";
467      echo '           <option value="no">'._('no')."</option>\n";
468    }
469 echo "         </select>";
470 if($changed_openforgames) echo _('changed');
471 echo " </td></tr>\n";
472
473 echo '    <tr><td>'.('Card set').":              </td><td>\n";
474 echo "         <select id=\"cards\" name=\"cards\" size=\"1\">\n";
475 if($PREF['cardset']=="altenburg")
476   {
477     echo "           <option value=\"altenburg\" selected=\"selected\">"._('German cards')."</option>\n";
478     echo "           <option value=\"english\">"._('English cards')."</option>\n";
479   }
480  else
481    {
482      echo "           <option value=\"altenburg\">"._('German cards')."</option>\n";
483      echo "           <option value=\"english\" selected=\"selected\">"._('English cards')."</option>\n";
484    }
485 echo "         </select>";
486 if($changed_cards) echo _('changed');
487 echo " </td></tr>\n";
488 echo "      </table>\n";
489 echo "    </fieldset>\n";
490 echo "    <fieldset>\n";
491 echo '      <legend>'._('Personal')."</legend>\n";
492 echo "      <table>\n";
493 echo '        <tr><td>'._('Email').":                 </td><td> $email    </td></tr>\n";
494 echo '        <tr><td>'._('Timezone').":              </td><td>\n";
495 output_select_timezone("timezone",$timezone);
496 if($changed_timezone) echo _('changed');
497 echo "</td></tr>\n";
498 echo '        <tr><td>'._('Language').":              </td><td>\n";
499 output_select_language("language",$PREF['language']);
500 if($changed_language == 1) echo _('changed');
501 echo "</td></tr>\n";
502 echo '        <tr><td>'._('Password(old)').":         </td><td>",
503   "<input type=\"password\" id=\"password0\" name=\"password0\" size=\"20\" maxlength=\"30\" />";
504 switch($changed_password)
505   {
506   case '-3':
507     echo _('The new passwords is not long enough (you need at least 4 characters).');
508     break;
509   case '-2':
510     echo _('The new passwords don\'t match.');
511     break;
512   case '-1':
513     echo _('The old password is not correct.');
514     break;
515   case '1':
516     echo _('changed');
517     break;
518   }
519 echo " </td></tr>\n";
520 echo '        <tr><td>'._('Password(new)').":         </td><td>",
521   "<input type=\"password\" id=\"password1\" name=\"password1\" size=\"20\" maxlength=\"30\" />",
522   " </td></tr>\n";
523 echo '        <tr><td>'._('Password(new, retype)').": </td><td>",
524   "<input type=\"password\" id=\"password2\" name=\"password2\" size=\"20\" maxlength=\"30\" />",
525   " </td></tr>\n";
526 echo "      </table>\n";
527 echo "    </fieldset>\n";
528 echo "    <fieldset>\n";
529 echo '      <legend>'._('OpenID')."</legend>\n";
530
531 $openids = array();
532 $openids = DB_GetOpenIDsByUser($myid);
533
534 if(sizeof($openids))
535   {
536     echo "     <table class=\"openid\">\n";
537     echo '     <thead><tr><th>'._('Delete')."?</th><th>OpenId</th></tr></thead>\n";
538     echo "     <tbody>\n";
539     foreach ($openids as $ids)
540       {
541         $id=($ids[0]);
542         echo "        <tr><td><input type=\"checkbox\" name=\"delete-openid-$id\" /></td><td>",$id, "</td></tr>\n";
543       }
544     echo "     </tbody>\n";
545     echo "     </table>\n";
546   }
547
548 echo '        '._('add OpenID').': ',
549   "<input type=\"text\" id=\"openid_url\" name=\"openid_url\" size=\"20\" maxlength=\"50\" />";
550 if($changed_openid)
551   echo '   '._('Deleted some OpenIDs!')." <br />\n";
552 echo "    </fieldset>\n";
553 echo '    <fieldset><legend>'._('Submit')."</legend><input type=\"submit\"  name=\"passwd\" value=\"set\" /></fieldset>\n";
554 echo "  </form>\n";
555 echo ' <p>'._('E-DoKo uses <a href="http://www.gravatar.org">gravatars</a> as icons.').'</p>';
556 echo "</div>\n";
557
558 // add jquery date picker if html5 is not available
559 ?>
560 <script>
561   $(".date").dateinput({  format: 'yyyy-mm-dd'  });
562 </script>
563 <?php
564
565
566 return;
567 ?>