include/preferences.php

   1 <?php
   2 /* Copyright 2006, 2007, 2008, 2009, 2010 Arun Persaud <arun@nubati.net>
   3  *
   4  *   This file is part of e-DoKo.
   5  *
   6  *   e-DoKo is free software: you can redistribute it and/or modify
   7  *   it under the terms of the GNU General Public License as published by
   8  *   the Free Software Foundation, either version 3 of the License, or
   9  *   (at your option) any later version.
  10  *
  11  *   e-DoKo is distributed in the hope that it will be useful,
  12  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *   GNU General Public License for more details.
  15  *
  16  *   You should have received a copy of the GNU General Public License
  17  *   along with e-DoKo.  If not, see <http://www.gnu.org/licenses/>.
  18  *
  19  */
  20
  21 /* make sure that we are not called from outside the scripts,
  22  * use a variable defined in config.php to check this
  23  */
  24 if(!isset($HOST))
  25   exit;
  26
  27 include_once('openid.php');
  28
  29 $name  = $_SESSION["name"];
  30 $email = DB_get_email('name',$name);
  31 $myid  = DB_get_userid('email',$email);
  32 if(!$myid)
  33   return;
  34
  35 /* track what got changed */
  36 $changed_notify       = 0;
  37 $changed_password     = 0;
  38 $changed_cards        = 0;
  39 $changed_timezone     = 0;
  40 $changed_autosetup    = 0;
  41 $changed_sorting      = 0;
  42 $changed_openforgames = 0;
  43 $changed_vacation     = 0;
  44 $changed_openid       = 0;
  45 $changed_digest       = 0;
  46 $changed_language     = 0;
  47
  48 display_user_menu($myid);
  49
  50 /* get old infos */
  51 $PREF = DB_get_PREF($myid);
  52 $timezone =  DB_get_user_timezone($myid);
  53
  54 DB_update_user_timestamp($myid);
  55
  56 /* does the user want to change some preferences?
  57  * update the database and track changes with a variable, so that
  58  * we can later highlight the changed value
  59  */
  60
  61 /* check for deleted openids */
  62 foreach($_REQUEST as $key=>$value)
  63 {
  64   if(strstr($key,"delete-openid-"))
  65     {
  66       /* found and openid to delete */
  67       $DelOpenID = substr(str_replace("_",".",$key),14);
  68       DB_DetachOpenID($DelOpenID, $myid);
  69       $changed_openid = 1;
  70     }
  71 }
  72
  73
  74 if(myisset('vacation_start','vacation_stop','vacation_comment') &&
  75    ($_REQUEST['vacation_start']!='' || $_REQUEST['vacation_stop']!='')
  76    )
  77   {
  78     $vacation_start   = $_REQUEST['vacation_start'].' 00:00:00';
  79     $vacation_stop    = $_REQUEST['vacation_stop'].' 23:59:59';
  80     $vacation_comment = $_REQUEST['vacation_comment'];
  81
  82     /* check if everything is valid */
  83     if(!strtotime($vacation_start))
  84       $changed_vacation = -1;
  85     if(!strtotime($vacation_stop))
  86       $changed_vacation = -1;
  87
  88     /* test if we should delete the entry */
  89     if($vacation_start == '- 00:00:00')
  90       {
  91         $result = DB_query("DELETE FROM User_Prefs".
  92                            " WHERE user_id='$myid' AND pref_key='vacation start'" );
  93         $result = DB_query("DELETE FROM User_Prefs".
  94                            " WHERE user_id='$myid' AND pref_key='vacation stop'" );
  95         $result = DB_query("DELETE FROM User_Prefs".
  96                            " WHERE user_id='$myid' AND pref_key='vacation comment'" );
  97         $changed_vacation = 1;
  98       }
  99     /* change in database if format is ok */
 100     else if($changed_vacation>=0)
 101       {
 102         /* only change if different from current value */
 103         if($vacation_start!=$PREF['vacation_start'])
 104           {
 105             $result = DB_query("SELECT * from User_Prefs".
 106                                " WHERE user_id='$myid' AND pref_key='vacation start'" );
 107             if( DB_fetch_array($result))
 108               $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_start).
 109                                  " WHERE user_id='$myid' AND pref_key='vacation start'" );
 110             else
 111               $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation start',".
 112                                  DB_quote_smart($vacation_start).")");
 113
 114             $changed_vacation = 1;
 115           }
 116
 117         /* same for the stop date */
 118         if($vacation_stop!=$PREF['vacation_stop'])
 119           {
 120             $result = DB_query("SELECT * from User_Prefs".
 121                                " WHERE user_id='$myid' AND pref_key='vacation stop'" );
 122             if( DB_fetch_array($result))
 123               $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_stop).
 124                                  " WHERE user_id='$myid' AND pref_key='vacation stop'" );
 125             else
 126               $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation stop',".
 127                                  DB_quote_smart($vacation_stop).")");
 128
 129             $changed_vacation = 1;
 130           }
 131
 132         /* does the user want to add a comment? */
 133         if($vacation_comment!=$PREF['vacation_comment'])
 134           {
 135             $result = DB_query("SELECT * from User_Prefs".
 136                                " WHERE user_id='$myid' AND pref_key='vacation comment'" );
 137             if( DB_fetch_array($result))
 138               $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_comment).
 139                                  " WHERE user_id='$myid' AND pref_key='vacation comment'" );
 140             else
 141               $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation comment',".
 142                                  DB_quote_smart($vacation_comment).")");
 143
 144             $changed_vacation = 1;
 145           }
 146       }
 147   }
 148
 149 if(myisset("timezone"))
 150   {
 151     $newtimezone = $_REQUEST['timezone'];
 152     if($newtimezone != $timezone)
 153       {
 154         DB_query("UPDATE User SET timezone=".DB_quote_smart($newtimezone).
 155                  " WHERE id=".DB_quote_smart($myid));
 156         $changed_timezone = 1;
 157       }
 158   }
 159
 160 if(myisset("cards"))
 161   {
 162     $cards=$_REQUEST['cards'];
 163     if($cards != $PREF['cardset'])
 164       {
 165         /* check if we already have an entry for the user, if so change it, if not create new one */
 166         $result = DB_query("SELECT * from User_Prefs".
 167                            " WHERE user_id='$myid' AND pref_key='cardset'" );
 168         if( DB_fetch_array($result))
 169           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards).
 170                              " WHERE user_id='$myid' AND pref_key='cardset'" );
 171         else
 172           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
 173                              DB_quote_smart($cards).")");
 174         $changed_cards = 1;
 175       }
 176   }
 177
 178 if(myisset("notify"))
 179   {
 180     $notify=$_REQUEST['notify'];
 181     if($notify != $PREF['email'])
 182       {
 183         /* check if we already have an entry for the user, if so change it, if not create new one */
 184         $result = DB_query("SELECT * from User_Prefs".
 185                            " WHERE user_id='$myid' AND pref_key='email'" );
 186         if( DB_fetch_array($result))
 187           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify).
 188                              " WHERE user_id='$myid' AND pref_key='email'" );
 189         else
 190           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
 191                              DB_quote_smart($notify).")");
 192         $changed_notify=1;
 193       }
 194   }
 195
 196 if(myisset("digest"))
 197   {
 198     $digest=$_REQUEST['digest'];
 199     if($digest != $PREF['digest'])
 200       {
 201         /* check if we already have an entry for the user, if so change it, if not create new one */
 202         $result = DB_query("SELECT * from User_Prefs".
 203                            " WHERE user_id='$myid' AND pref_key='digest'" );
 204         if( DB_fetch_array($result))
 205           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($digest).
 206                              " WHERE user_id='$myid' AND pref_key='digest'" );
 207         else
 208           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','digest',".
 209                              DB_quote_smart($digest).")");
 210         $changed_digest=1;
 211       }
 212   }
 213
 214 if(myisset("autosetup"))
 215   {
 216     $autosetup = $_REQUEST['autosetup'];
 217     if($autosetup != $PREF['autosetup'])
 218       {
 219         /* check if we already have an entry for the user, if so change it, if not create new one */
 220         $result = DB_query("SELECT * from User_Prefs".
 221                            " WHERE user_id='$myid' AND pref_key='autosetup'" );
 222         if( DB_fetch_array($result))
 223           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($autosetup).
 224                              " WHERE user_id='$myid' AND pref_key='autosetup'" );
 225         else
 226           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','autosetup',".
 227                              DB_quote_smart($autosetup).")");
 228         $changed_autosetup=1;
 229       }
 230   }
 231
 232 if(myisset("sorting"))
 233   {
 234     $sorting = $_REQUEST['sorting'];
 235     if($sorting != $PREF['sorting'])
 236       {
 237         /* check if we already have an entry for the user, if so change it, if not create new one */
 238         $result = DB_query("SELECT * from User_Prefs".
 239                            " WHERE user_id='$myid' AND pref_key='sorting'" );
 240         if( DB_fetch_array($result))
 241           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($sorting).
 242                              " WHERE user_id='$myid' AND pref_key='sorting'" );
 243         else
 244           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','sorting',".
 245                              DB_quote_smart($sorting).")");
 246         $changed_sorting=1;
 247       }
 248   }
 249
 250 if(myisset("open_for_games"))
 251   {
 252     $openforgames = $_REQUEST['open_for_games'];
 253     if($openforgames != $PREF['open_for_games'])
 254       {
 255         /* check if we already have an entry for the user, if so change it, if not create new one */
 256         $result = DB_query("SELECT * from User_Prefs".
 257                            " WHERE user_id='$myid' AND pref_key='open for games'" );
 258         if( DB_fetch_array($result))
 259           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($openforgames).
 260                              " WHERE user_id='$myid' AND pref_key='open for games'" );
 261         else
 262           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','open for games',".
 263                              DB_quote_smart($openforgames).")");
 264         $changed_openforgames=1;
 265       }
 266   }
 267
 268
 269 if(myisset("password0","password1","password2") &&  $_REQUEST["password0"]!="" &&  $_REQUEST["password0"]!= $_REQUEST["password1"])
 270   {
 271     $changed_password = 1;
 272
 273     /* check if old password matches */
 274     $oldpasswd = md5($_REQUEST["password0"]);
 275     $password  = DB_get_passwd_by_userid($myid);
 276     if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
 277       $changed_password = -1;
 278
 279     /* check if new password has been typed in correctly */
 280     if($_REQUEST["password1"] != $_REQUEST["password2"] )
 281       $changed_password = -2;
 282
 283     /* check if new password is long enough */
 284     if(strlen($_REQUEST["password1"])<4)
 285       $changed_password = -3;
 286
 287     if($changed_password==1)
 288       {
 289         DB_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
 290                  "' WHERE id=".DB_quote_smart($myid));
 291       }
 292     /* error output below */
 293   }
 294
 295 if(myisset("openid_url") && $_REQUEST['openid_url']!='')
 296   {
 297     $openid_url = OpenIDUrlEncode($_REQUEST['openid_url']);
 298     DB_AttachOpenID($openid_url, $myid);
 299   }
 300
 301 if(myisset("language"))
 302   {
 303     $language = $_REQUEST['language'];
 304     if($language != $PREF['language'])
 305       {
 306         /* check if we already have an entry for the user, if so change it, if not create new one */
 307         $result = DB_query("SELECT * from User_Prefs".
 308                            " WHERE user_id='$myid' AND pref_key='language'" );
 309         if( DB_fetch_array($result))
 310           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($language).
 311                              " WHERE user_id='$myid' AND pref_key='language'" );
 312         else
 313           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','language',".
 314                              DB_quote_smart($language).")");
 315         $changed_language = 1;
 316       }
 317   }
 318
 319
 320 /* get infos again in case they have changed */
 321 $PREF     = DB_get_PREF($myid);
 322 $timezone = DB_get_user_timezone($myid);
 323
 324 /*
 325  * output settings
 326  */
 327
 328 echo "<div class=\"user\">\n";
 329 echo "  <form action=\"index.php?action=prefs\" method=\"post\">\n";
 330 echo '  <h2>'._('Your settings are')."</h2>\n";
 331 echo "    <fieldset>\n";
 332 echo '    <legend>'._('Game-related')."</legend>\n";
 333 echo "      <table>\n";
 334
 335 echo '        <tr><td>'._('Vacation').":             </td>\n";
 336 if($PREF['vacation_start'])
 337   $value = substr($PREF['vacation_start'],0,10);
 338  else
 339    $value = '';
 340 echo "            <td>"._('start').":<input type=\"text\" id=\"vacation_start\" name=\"vacation_start\" size=\"10\" maxlength=\"10\" value=\"$value\" /></td>\n";
 341 if($PREF['vacation_stop'])
 342   $value = substr($PREF['vacation_stop'],0,10);
 343  else
 344    $value = '';
 345 echo "            <td>"._('stop').":<input type=\"text\" id=\"vacation_stop\" name=\"vacation_stop\" size=\"10\" maxlength=\"10\" value=\"$value\" /></td>\n";
 346 if($PREF['vacation_comment'])
 347   $value = $PREF['vacation_comment'];
 348 else
 349   $value = '';
 350 echo '            <td>'._('comment:')."<input type=\"text\" id=\"vacation_comment\" name=\"vacation_comment\" size=\"10\" maxlength=\"50\" value=\"$value\" />";
 351 if($changed_vacation == 1) echo _('changed');
 352 if($changed_vacation == -1) echo _('wrong date format');
 353 echo "</td></tr>\n";
 354 echo '<tr><td></td><td>'._('use YYYY-MM-DD').'</td><td>'._("use '-'  in start field to unset vacation")."</td></tr>\n";
 355 echo '        <tr><td>'._('Notification').":          </td><td>\n";
 356 echo "          <select id=\"notify\" name=\"notify\" size=\"1\">\n";
 357 if($PREF['email']=="emailaddict")
 358   {
 359     echo "            <option value=\"emailaddict\" selected=\"selected\">"._('less emails')."</option>\n";
 360     echo "            <option value=\"emailnonaddict\">"._('lots of emails')."</option>\n";
 361   }
 362 else
 363   {
 364     echo "            <option value=\"emailaddict\">"._('less emails')."</option>\n";
 365     echo "            <option value=\"emailnonaddict\" selected=\"selected\">"._('lots of emails')."</option>\n";
 366   }
 367 echo "          </select>";
 368 if($changed_notify) echo _('changed');
 369 echo " </td></tr>\n";
 370
 371 echo '        <tr><td>'._('Digest').":          </td><td>\n";
 372 echo "          <select id=\"digest\" name=\"digest\" size=\"1\">\n";
 373
 374 $selected = "selected=\"selected\"";
 375 echo "            <option value=\"digest-off\"";
 376 if($PREF['digest']=="digest-off") echo $selected;
 377 echo '>'._('digest off')."</option>\n";
 378
 379 echo "            <option value=\"digest-1h\" ";
 380 if($PREF['digest']=="digest-1h") echo $selected;
 381 echo ">"._('every hour')."</option>\n";
 382
 383 echo "            <option value=\"digest-2h\" ";
 384 if($PREF['digest']=="digest-2h") echo $selected;
 385 echo ">"._('every 2h')."</option>\n";
 386
 387 echo "            <option value=\"digest-3h\" ";
 388 if($PREF['digest']=="digest-3h") echo $selected;
 389 echo ">"._('every 3h')."</option>\n";
 390
 391 echo "            <option value=\"digest-4h\" ";
 392 if($PREF['digest']=="digest-4h") echo $selected;
 393 echo ">"._('every 4h')."</option>\n";
 394
 395 echo "            <option value=\"digest-6h\" ";
 396 if($PREF['digest']=="digest-6h") echo $selected;
 397 echo ">"._('every 6h')."</option>\n";
 398
 399 echo "            <option value=\"digest-12h\"";
 400 if($PREF['digest']=="digest-12h") echo $selected;
 401 echo ">"._('every 12h')."</option>\n";
 402
 403 echo "            <option value=\"digest-24h\"";
 404 if($PREF['digest']=="digest-24h") echo $selected;
 405 echo ">"._('every 24h')."</option>\n";
 406
 407 echo "          </select>";
 408 if($changed_digest) echo _('changed');
 409 echo " </td></tr>\n";
 410
 411
 412 echo '        <tr><td>'._('Autosetup').":          </td><td>\n";
 413 echo "          <select id=\"autosetup\" name=\"autosetup\" size=\"1\">\n";
 414 if($PREF['autosetup']=="yes")
 415   {
 416     echo "           <option value=\"yes\" selected=\"selected\">"._('accept every game')."</option>\n";
 417     echo "           <option value=\"no\">"._('ask for games')."</option>\n";
 418   }
 419  else
 420    {
 421      echo "           <option value=\"yes\">"._('accept every game')."</option>\n";
 422      echo "           <option value=\"no\" selected=\"selected\">"._('ask for games')."</option>\n";
 423    }
 424 echo "         </select>";
 425 if($changed_autosetup) echo _('changed');
 426 echo " </td></tr>\n";
 427 echo "    <tr><td>Sorting:          </td><td>\n";
 428
 429 echo "         <select id=\"sorting\" name=\"sorting\" size=\"1\">\n";
 430 if($PREF['sorting']=="high-low")
 431   {
 432     echo "           <option value=\"high-low\" selected=\"selected\">high to low</option>\n";
 433     echo "           <option value=\"low-high\">low to high</option>\n";
 434   }
 435  else
 436    {
 437      echo "           <option value=\"high-low\">high to low</option>\n";
 438      echo "           <option value=\"low-high\" selected=\"selected\">low to high</option>\n";
 439    }
 440 echo "         </select>";
 441 if($changed_sorting) echo _('changed');
 442 echo " </td></tr>\n";
 443 echo '        <tr><td>'._('Open for new games').":          </td><td>\n";
 444 echo "         <select id=\"open_for_games\" name=\"open_for_games\" size=\"1\">\n";
 445 if($PREF['open_for_games']=="no")
 446   {
 447     echo "           <option value=\"yes\">"._('yes')."</option>\n";
 448     echo "           <option value=\"no\" selected=\"selected\">no</option>\n";
 449   }
 450  else /* default */
 451    {
 452      echo "           <option value=\"yes\" selected=\"selected\">yes</option>\n";
 453      echo "           <option value=\"no\">"._('no')."</option>\n";
 454    }
 455 echo "         </select>";
 456 if($changed_openforgames) echo _('changed');
 457 echo " </td></tr>\n";
 458
 459 echo '    <tr><td>'.('Card set').":              </td><td>\n";
 460 echo "         <select id=\"cards\" name=\"cards\" size=\"1\">\n";
 461 if($PREF['cardset']=="altenburg")
 462   {
 463     echo "           <option value=\"altenburg\" selected=\"selected\">"._('German cards')."</option>\n";
 464     echo "           <option value=\"english\">"._('English cards')."</option>\n";
 465   }
 466  else
 467    {
 468      echo "           <option value=\"altenburg\">"._('German cards')."</option>\n";
 469      echo "           <option value=\"english\" selected=\"selected\">"._('English cards')."</option>\n";
 470    }
 471 echo "         </select>";
 472 if($changed_cards) echo _('changed');
 473 echo " </td></tr>\n";
 474 echo "      </table>\n";
 475 echo "    </fieldset>\n";
 476 echo "    <fieldset>\n";
 477 echo '      <legend>'._('Personal')."</legend>\n";
 478 echo "      <table>\n";
 479 echo '        <tr><td>'._('Email').":                 </td><td> $email    </td></tr>\n";
 480 echo '        <tr><td>'._('Timezone').":              </td><td>\n";
 481 output_select_timezone("timezone",$timezone);
 482 if($changed_timezone) echo _('changed');
 483 echo "</td></tr>\n";
 484 echo '        <tr><td>'._('Language').":              </td><td>\n";
 485 output_select_language("language",$PREF['language']);
 486 if($changed_language == 1) echo _('changed');
 487 echo "</td></tr>\n";
 488 echo '        <tr><td>'._('Password(old)').":         </td><td>",
 489   "<input type=\"password\" id=\"password0\" name=\"password0\" size=\"20\" maxlength=\"30\" />";
 490 switch($changed_password)
 491   {
 492   case '-3':
 493     echo _('The new passwords is not long enough (you need at least 4 characters).');
 494     break;
 495   case '-2':
 496     echo _('The new passwords don\'t match.');
 497     break;
 498   case '-1':
 499     echo _('The old password is not correct.');
 500     break;
 501   case '1':
 502     echo _('changed');
 503     break;
 504   }
 505 echo " </td></tr>\n";
 506 echo '        <tr><td>'._('Password(new)').":         </td><td>",
 507   "<input type=\"password\" id=\"password1\" name=\"password1\" size=\"20\" maxlength=\"30\" />",
 508   " </td></tr>\n";
 509 echo '        <tr><td>'._('Password(new, retype)').": </td><td>",
 510   "<input type=\"password\" id=\"password2\" name=\"password2\" size=\"20\" maxlength=\"30\" />",
 511   " </td></tr>\n";
 512 echo "      </table>\n";
 513 echo "    </fieldset>\n";
 514 echo "    <fieldset>\n";
 515 echo '      <legend>'._('OpenID')."</legend>\n";
 516
 517 $openids = array();
 518 $openids = DB_GetOpenIDsByUser($myid);
 519
 520 if(sizeof($openids))
 521   {
 522     echo "     <table class=\"openid\">\n";
 523     echo "     <thead><tr><th>Delete?</th><th>OpenId</th></tr></thead>\n";
 524     echo "     <tbody>\n";
 525     foreach ($openids as $ids)
 526       {
 527         $id=($ids[0]);
 528         echo "        <tr><td><input type=\"checkbox\" name=\"delete-openid-$id\" /></td><td>",$id, "</td></tr>\n";
 529       }
 530     echo "     </tbody>\n";
 531     echo "     </table>\n";
 532   }
 533
 534 echo '        '._('add OpenID').': ',
 535   "<input type=\"text\" id=\"openid_url\" name=\"openid_url\" size=\"20\" maxlength=\"50\" />";
 536 if($changed_openid)
 537   echo '   '._('Deleted some OpenIDs!')." <br />\n";
 538 echo "    </fieldset>\n";
 539 echo '    <fieldset><legend>'._('Submit')."</legend><input type=\"submit\"  name=\"passwd\" value=\"set\" /></fieldset>\n";
 540 echo "  </form>\n";
 541 echo ' <p>'._('E-DoKo uses <a href=\"http://www.gravatar.org\">gravatars</a> as icons.').'</p>';
 542 echo "</div>\n";
 543
 544 return;
 545 ?>