NEW FEATURE: implement Lance's Schweinchen rule
[e-DoKo.git] / include / preferences.php
1 <?php
2 /* make sure that we are not called from outside the scripts,
3  * use a variable defined in config.php to check this
4  */
5 if(!isset($HOST))
6   exit;
7
8 $name  = $_SESSION["name"];
9 $email = DB_get_email('name',$name);
10 $myid = DB_get_userid('email',$email);
11 if(!$myid)
12   return;
13
14 /* track what got changed */
15 $changed_notify    = 0;
16 $changed_password  = 0;
17 $changed_cards     = 0;
18 $changed_timezone  = 0;
19 $changed_autosetup = 0;
20
21 display_user_menu();
22
23 /* get old infos */
24 $PREF = DB_get_PREF($myid);
25 $timezone =  DB_get_user_timezone($myid);
26
27 DB_update_user_timestamp($myid);
28
29 /* does the user want to change some preferences? */
30 if(myisset("timezone"))
31   {
32     $newtimezone=$_REQUEST['timezone'];
33     if($newtimezone != $timezone)
34       {
35         DB_query("UPDATE User SET timezone=".DB_quote_smart($newtimezone).
36                  " WHERE id=".DB_quote_smart($myid));
37         $changed_timezone = 1;
38       }
39   }
40
41 if(myisset("cards"))
42   {
43     $cards=$_REQUEST['cards'];
44     if($cards != $PREF['cardset'])
45       {
46         /* check if we already have an entry for the user, if so change it, if not create new one */
47         $result = DB_query("SELECT * from User_Prefs".
48                            " WHERE user_id='$myid' AND pref_key='cardset'" );
49         if( DB_fetch_array($result))
50           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards).
51                              " WHERE user_id='$myid' AND pref_key='cardset'" );
52         else
53           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
54                              DB_quote_smart($cards).")");
55         $changed_cards = 1;
56       }
57   }
58
59 if(myisset("notify"))
60   {
61     $notify=$_REQUEST['notify'];
62     if($notify != $PREF['email'])
63       {
64         /* check if we already have an entry for the user, if so change it, if not create new one */
65         $result = DB_query("SELECT * from User_Prefs".
66                            " WHERE user_id='$myid' AND pref_key='email'" );
67         if( DB_fetch_array($result))
68           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify).
69                              " WHERE user_id='$myid' AND pref_key='email'" );
70         else
71           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
72                              DB_quote_smart($notify).")");
73         $changed_notify=1;
74       }
75   }
76
77 if(myisset("autosetup"))
78   {
79     $autosetup = $_REQUEST['autosetup'];
80     if($autosetup != $PREF['autosetup'])
81       {
82         /* check if we already have an entry for the user, if so change it, if not create new one */
83         $result = DB_query("SELECT * from User_Prefs".
84                            " WHERE user_id='$myid' AND pref_key='autosetup'" );
85         if( DB_fetch_array($result))
86           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($autosetup).
87                              " WHERE user_id='$myid' AND pref_key='autosetup'" );
88         else
89           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','autosetup',".
90                              DB_quote_smart($autosetup).")");
91         $changed_autosetup=1;
92       }
93   }
94
95
96 if(myisset("password0") &&  $_REQUEST["password0"]!="" )
97   {
98     $changed_password = 1;
99
100     /* check if old password matches */
101     $oldpasswd = md5($_REQUEST["password0"]);
102     $password  = DB_get_passwd_by_userid($myid);
103     if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
104       $changed_password = -1;
105
106     /* check if new password has been typed in correctly */
107     if($_REQUEST["password1"] != $_REQUEST["password2"] )
108       $changed_password = -2;
109
110     /* check if new password is long enough */
111     if(strlen($_REQUEST["password1"])<4)
112       $changed_password = -3;
113
114     if($changed_password==1)
115       {
116         DB_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
117                  "' WHERE id=".DB_quote_smart($myid));
118       }
119     /* error output below */
120   }
121
122 /* get infos again in case they have changed */
123 $PREF     = DB_get_PREF($myid);
124 $timezone = DB_get_user_timezone($myid);
125
126 /* output settings */
127
128 echo "<div class=\"user\">\n";
129 echo "  <form action=\"index.php?action=prefs\" method=\"post\">\n";
130 echo "  <h2>Your settings are</h2>\n";
131 echo "    <table>\n";
132 echo "    <tr><td>Email:                 </td><td> $email    </td></tr>\n";
133 echo "    <tr><td>Timezone:              </td><td>";
134 output_select_timezone("timezone",$timezone);
135 if($changed_timezone) echo "changed";
136 echo "</td></tr>\n";
137 echo "    <tr><td>Notification:          </td><td>";
138
139 echo "  <select id=\"notify\" name=\"notify\" size=\"1\">\n";
140       if($PREF['email']=="emailaddict")
141         {
142           echo "   <option value=\"emailaddict\" selected=\"selected\">less emails</option>\n";
143           echo "   <option value=\"emailnonaddict\">lots of emails</option>\n";
144         }
145       else
146         {
147           echo "   <option value=\"emailaddict\">less email</option>\n";
148           echo "   <option value=\"emailnonaddict\" selected=\"selected\">lots of email</option>\n";
149         }
150   echo "  </select>\n";
151 if($changed_notify) echo "changed";
152 echo " </td></tr>\n";
153 echo "    <tr><td>Autosetup:          </td><td>";
154
155 echo "  <select id=\"autosetup\" name=\"autosetup\" size=\"1\">\n";
156       if($PREF['autosetup']=="yes")
157         {
158           echo "   <option value=\"yes\" selected=\"selected\">accept every game</option>\n";
159           echo "   <option value=\"no\">ask for games</option>\n";
160         }
161       else
162         {
163           echo "   <option value=\"yes\">accept every game</option>\n";
164           echo "   <option value=\"no\" selected=\"selected\">ask for games</option>\n";
165         }
166   echo "  </select>\n";
167 if($changed_autosetup) echo "changed";
168 echo " </td></tr>\n";
169 echo "    <tr><td>Card set:              </td><td>";
170
171 echo "  <select id=\"cards\" name=\"cards\" size=\"1\">\n";
172       if($PREF['cardset']=="altenburg")
173         {
174           echo "   <option value=\"altenburg\" selected=\"selected\">German cards</option>\n";
175           echo "   <option value=\"english\">English cards</option>\n";
176         }
177       else
178         {
179           echo "   <option value=\"altenburg\">German cards</option>\n";
180           echo "   <option value=\"english\" selected=\"selected\">English cards</option>\n";
181         }
182   echo "  </select>\n";
183 if($changed_cards) echo "changed";
184 echo " </td></tr>\n";
185 echo "    <tr><td>Password(old):         </td><td>",
186   "<input type=\"password\" id=\"password0\" name=\"password0\" size=\"20\" maxlength=\"30\" />";
187 switch($changed_password)
188   {
189   case '-3':
190     echo "The new passwords is not long enough (you need at least 4 characters).";
191     break;
192   case '-2':
193     echo "The new passwords don't match.";
194     break;
195   case '-1':
196     echo "The old password is not correct.";
197     break;
198   case '1':
199     echo "changed";
200     break;
201   }
202 echo  " </td></tr>\n";
203 echo "    <tr><td>Password(new):         </td><td>",
204   "<input type=\"password\" id=\"password1\" name=\"password1\" size=\"20\" maxlength=\"30\" />",
205   " </td></tr>\n";
206 echo "    <tr><td>Password(new, retype): </td><td>",
207   "<input type=\"password\" id=\"password2\" name=\"password2\" size=\"20\" maxlength=\"30\" />",
208   " </td></tr>\n";
209 echo "    <tr><td><input type=\"submit\" class=\"submitbutton\" name=\"passwd\" value=\"set\" /></td>",
210   "<td></td></tr>\n";
211 echo "    </table>\n";
212 echo "  </form>\n";
213 echo "</div>\n";
214
215 return;
216 ?>