include/preferences.php

   1 <?php
   2 /* make sure that we are not called from outside the scripts,
   3  * use a variable defined in config.php to check this
   4  */
   5 if(!isset($HOST))
   6   exit;
   7
   8 $name  = $_SESSION["name"];
   9 $email = DB_get_email('name',$name);
  10 $myid = DB_get_userid('email',$email);
  11 if(!$myid)
  12   return;
  13
  14 /* track what got changed */
  15 $changed_notify       = 0;
  16 $changed_password     = 0;
  17 $changed_cards        = 0;
  18 $changed_timezone     = 0;
  19 $changed_autosetup    = 0;
  20 $changed_sorting      = 0;
  21 $changed_openforgames = 0;
  22
  23 display_user_menu($myid);
  24
  25 /* get old infos */
  26 $PREF = DB_get_PREF($myid);
  27 $timezone =  DB_get_user_timezone($myid);
  28
  29 DB_update_user_timestamp($myid);
  30
  31 /* does the user want to change some preferences? */
  32 if(myisset("timezone"))
  33   {
  34     $newtimezone=$_REQUEST['timezone'];
  35     if($newtimezone != $timezone)
  36       {
  37         DB_query("UPDATE User SET timezone=".DB_quote_smart($newtimezone).
  38                  " WHERE id=".DB_quote_smart($myid));
  39         $changed_timezone = 1;
  40       }
  41   }
  42
  43 if(myisset("cards"))
  44   {
  45     $cards=$_REQUEST['cards'];
  46     if($cards != $PREF['cardset'])
  47       {
  48         /* check if we already have an entry for the user, if so change it, if not create new one */
  49         $result = DB_query("SELECT * from User_Prefs".
  50                            " WHERE user_id='$myid' AND pref_key='cardset'" );
  51         if( DB_fetch_array($result))
  52           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards).
  53                              " WHERE user_id='$myid' AND pref_key='cardset'" );
  54         else
  55           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
  56                              DB_quote_smart($cards).")");
  57         $changed_cards = 1;
  58       }
  59   }
  60
  61 if(myisset("notify"))
  62   {
  63     $notify=$_REQUEST['notify'];
  64     if($notify != $PREF['email'])
  65       {
  66         /* check if we already have an entry for the user, if so change it, if not create new one */
  67         $result = DB_query("SELECT * from User_Prefs".
  68                            " WHERE user_id='$myid' AND pref_key='email'" );
  69         if( DB_fetch_array($result))
  70           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify).
  71                              " WHERE user_id='$myid' AND pref_key='email'" );
  72         else
  73           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
  74                              DB_quote_smart($notify).")");
  75         $changed_notify=1;
  76       }
  77   }
  78
  79 if(myisset("autosetup"))
  80   {
  81     $autosetup = $_REQUEST['autosetup'];
  82     if($autosetup != $PREF['autosetup'])
  83       {
  84         /* check if we already have an entry for the user, if so change it, if not create new one */
  85         $result = DB_query("SELECT * from User_Prefs".
  86                            " WHERE user_id='$myid' AND pref_key='autosetup'" );
  87         if( DB_fetch_array($result))
  88           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($autosetup).
  89                              " WHERE user_id='$myid' AND pref_key='autosetup'" );
  90         else
  91           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','autosetup',".
  92                              DB_quote_smart($autosetup).")");
  93         $changed_autosetup=1;
  94       }
  95   }
  96
  97 if(myisset("sorting"))
  98   {
  99     $sorting = $_REQUEST['sorting'];
 100     if($sorting != $PREF['sorting'])
 101       {
 102         /* check if we already have an entry for the user, if so change it, if not create new one */
 103         $result = DB_query("SELECT * from User_Prefs".
 104                            " WHERE user_id='$myid' AND pref_key='sorting'" );
 105         if( DB_fetch_array($result))
 106           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($sorting).
 107                              " WHERE user_id='$myid' AND pref_key='sorting'" );
 108         else
 109           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','sorting',".
 110                              DB_quote_smart($sorting).")");
 111         $changed_sorting=1;
 112       }
 113   }
 114
 115 if(myisset("open_for_games"))
 116   {
 117     $openforgames = $_REQUEST['open_for_games'];
 118     if($openforgames != $PREF['open_for_games'])
 119       {
 120         /* check if we already have an entry for the user, if so change it, if not create new one */
 121         $result = DB_query("SELECT * from User_Prefs".
 122                            " WHERE user_id='$myid' AND pref_key='open for games'" );
 123         if( DB_fetch_array($result))
 124           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($openforgames).
 125                              " WHERE user_id='$myid' AND pref_key='open for games'" );
 126         else
 127           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','open for games',".
 128                              DB_quote_smart($openforgames).")");
 129         $changed_openforgames=1;
 130       }
 131   }
 132
 133
 134 if(myisset("password0") &&  $_REQUEST["password0"]!="" )
 135   {
 136     $changed_password = 1;
 137
 138     /* check if old password matches */
 139     $oldpasswd = md5($_REQUEST["password0"]);
 140     $password  = DB_get_passwd_by_userid($myid);
 141     if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
 142       $changed_password = -1;
 143
 144     /* check if new password has been typed in correctly */
 145     if($_REQUEST["password1"] != $_REQUEST["password2"] )
 146       $changed_password = -2;
 147
 148     /* check if new password is long enough */
 149     if(strlen($_REQUEST["password1"])<4)
 150       $changed_password = -3;
 151
 152     if($changed_password==1)
 153       {
 154         DB_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
 155                  "' WHERE id=".DB_quote_smart($myid));
 156       }
 157     /* error output below */
 158   }
 159
 160 /* get infos again in case they have changed */
 161 $PREF     = DB_get_PREF($myid);
 162 $timezone = DB_get_user_timezone($myid);
 163
 164 /* output settings */
 165
 166 echo "<div class=\"user\">\n";
 167 echo "  <form action=\"index.php?action=prefs\" method=\"post\">\n";
 168 echo "  <h2>Your settings are</h2>\n";
 169 echo "    <table>\n";
 170 echo "    <tr><td>Email:                 </td><td> $email    </td></tr>\n";
 171 echo "    <tr><td>Timezone:              </td><td>";
 172 output_select_timezone("timezone",$timezone);
 173 if($changed_timezone) echo "changed";
 174 echo "</td></tr>\n";
 175 echo "    <tr><td>Notification:          </td><td>";
 176
 177 echo "  <select id=\"notify\" name=\"notify\" size=\"1\">\n";
 178       if($PREF['email']=="emailaddict")
 179         {
 180           echo "   <option value=\"emailaddict\" selected=\"selected\">less emails</option>\n";
 181           echo "   <option value=\"emailnonaddict\">lots of emails</option>\n";
 182         }
 183       else
 184         {
 185           echo "   <option value=\"emailaddict\">less email</option>\n";
 186           echo "   <option value=\"emailnonaddict\" selected=\"selected\">lots of email</option>\n";
 187         }
 188   echo "  </select>\n";
 189 if($changed_notify) echo "changed";
 190 echo " </td></tr>\n";
 191 echo "    <tr><td>Autosetup:          </td><td>";
 192
 193 echo "  <select id=\"autosetup\" name=\"autosetup\" size=\"1\">\n";
 194       if($PREF['autosetup']=="yes")
 195         {
 196           echo "   <option value=\"yes\" selected=\"selected\">accept every game</option>\n";
 197           echo "   <option value=\"no\">ask for games</option>\n";
 198         }
 199       else
 200         {
 201           echo "   <option value=\"yes\">accept every game</option>\n";
 202           echo "   <option value=\"no\" selected=\"selected\">ask for games</option>\n";
 203         }
 204   echo "  </select>\n";
 205 if($changed_autosetup) echo "changed";
 206 echo " </td></tr>\n";
 207 echo "    <tr><td>Sorting:          </td><td>";
 208
 209 echo "  <select id=\"sorting\" name=\"sorting\" size=\"1\">\n";
 210       if($PREF['sorting']=="high-low")
 211         {
 212           echo "   <option value=\"high-low\" selected=\"selected\">high to low</option>\n";
 213           echo "   <option value=\"low-high\">low to high</option>\n";
 214         }
 215       else
 216         {
 217           echo "   <option value=\"high-low\">high to low</option>\n";
 218           echo "   <option value=\"low-high\" selected=\"selected\">low to high</option>\n";
 219         }
 220   echo "  </select>\n";
 221 if($changed_sorting) echo "changed";
 222 echo " </td></tr>\n";
 223 echo "    <tr><td>Open for new games:          </td><td>";
 224
 225 echo "  <select id=\"open_for_games\" name=\"open_for_games\" size=\"1\">\n";
 226       if($PREF['open_for_games']=="no")
 227         {
 228           echo "   <option value=\"yes\">yes</option>\n";
 229           echo "   <option value=\"no\" selected=\"selected\">no</option>\n";
 230         }
 231       else /* default */
 232         {
 233           echo "   <option value=\"yes\" selected=\"selected\">yes</option>\n";
 234           echo "   <option value=\"no\">no</option>\n";
 235         }
 236   echo "  </select>\n";
 237 if($changed_openforgames) echo "changed";
 238 echo " </td></tr>\n";
 239 echo "    <tr><td>Card set:              </td><td>";
 240
 241 echo "  <select id=\"cards\" name=\"cards\" size=\"1\">\n";
 242       if($PREF['cardset']=="altenburg")
 243         {
 244           echo "   <option value=\"altenburg\" selected=\"selected\">German cards</option>\n";
 245           echo "   <option value=\"english\">English cards</option>\n";
 246         }
 247       else
 248         {
 249           echo "   <option value=\"altenburg\">German cards</option>\n";
 250           echo "   <option value=\"english\" selected=\"selected\">English cards</option>\n";
 251         }
 252   echo "  </select>\n";
 253 if($changed_cards) echo "changed";
 254 echo " </td></tr>\n";
 255 echo "    <tr><td>Password(old):         </td><td>",
 256   "<input type=\"password\" id=\"password0\" name=\"password0\" size=\"20\" maxlength=\"30\" />";
 257 switch($changed_password)
 258   {
 259   case '-3':
 260     echo "The new passwords is not long enough (you need at least 4 characters).";
 261     break;
 262   case '-2':
 263     echo "The new passwords don't match.";
 264     break;
 265   case '-1':
 266     echo "The old password is not correct.";
 267     break;
 268   case '1':
 269     echo "changed";
 270     break;
 271   }
 272 echo  " </td></tr>\n";
 273 echo "    <tr><td>Password(new):         </td><td>",
 274   "<input type=\"password\" id=\"password1\" name=\"password1\" size=\"20\" maxlength=\"30\" />",
 275   " </td></tr>\n";
 276 echo "    <tr><td>Password(new, retype): </td><td>",
 277   "<input type=\"password\" id=\"password2\" name=\"password2\" size=\"20\" maxlength=\"30\" />",
 278   " </td></tr>\n";
 279 echo "    <tr><td><input type=\"submit\"  name=\"passwd\" value=\"set\" /></td>",
 280   "<td></td></tr>\n";
 281 echo "    </table>\n";
 282 echo "  </form>\n";
 283 echo "</div>\n";
 284
 285 return;
 286 ?>