include/preferences.php

   1 <?php
   2 /* make sure that we are not called from outside the scripts,
   3  * use a variable defined in config.php to check this
   4  */
   5 if(!isset($HOST))
   6   exit;
   7
   8 $name  = $_SESSION["name"];
   9 $email = DB_get_email('name',$name);
  10 $myid = DB_get_userid('email',$email);
  11 if(!$myid)
  12   return;
  13
  14 /* track what got changed */
  15 $changed_notify    = 0;
  16 $changed_password  = 0;
  17 $changed_cards     = 0;
  18 $changed_timezone  = 0;
  19 $changed_autosetup = 0;
  20
  21 display_user_menu($myid);
  22
  23 /* get old infos */
  24 $PREF = DB_get_PREF($myid);
  25 $timezone =  DB_get_user_timezone($myid);
  26
  27 DB_update_user_timestamp($myid);
  28
  29 /* does the user want to change some preferences? */
  30 if(myisset("timezone"))
  31   {
  32     $newtimezone=$_REQUEST['timezone'];
  33     if($newtimezone != $timezone)
  34       {
  35         DB_query("UPDATE User SET timezone=".DB_quote_smart($newtimezone).
  36                  " WHERE id=".DB_quote_smart($myid));
  37         $changed_timezone = 1;
  38       }
  39   }
  40
  41 if(myisset("cards"))
  42   {
  43     $cards=$_REQUEST['cards'];
  44     if($cards != $PREF['cardset'])
  45       {
  46         /* check if we already have an entry for the user, if so change it, if not create new one */
  47         $result = DB_query("SELECT * from User_Prefs".
  48                            " WHERE user_id='$myid' AND pref_key='cardset'" );
  49         if( DB_fetch_array($result))
  50           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards).
  51                              " WHERE user_id='$myid' AND pref_key='cardset'" );
  52         else
  53           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
  54                              DB_quote_smart($cards).")");
  55         $changed_cards = 1;
  56       }
  57   }
  58
  59 if(myisset("notify"))
  60   {
  61     $notify=$_REQUEST['notify'];
  62     if($notify != $PREF['email'])
  63       {
  64         /* check if we already have an entry for the user, if so change it, if not create new one */
  65         $result = DB_query("SELECT * from User_Prefs".
  66                            " WHERE user_id='$myid' AND pref_key='email'" );
  67         if( DB_fetch_array($result))
  68           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify).
  69                              " WHERE user_id='$myid' AND pref_key='email'" );
  70         else
  71           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
  72                              DB_quote_smart($notify).")");
  73         $changed_notify=1;
  74       }
  75   }
  76
  77 if(myisset("autosetup"))
  78   {
  79     $autosetup = $_REQUEST['autosetup'];
  80     if($autosetup != $PREF['autosetup'])
  81       {
  82         /* check if we already have an entry for the user, if so change it, if not create new one */
  83         $result = DB_query("SELECT * from User_Prefs".
  84                            " WHERE user_id='$myid' AND pref_key='autosetup'" );
  85         if( DB_fetch_array($result))
  86           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($autosetup).
  87                              " WHERE user_id='$myid' AND pref_key='autosetup'" );
  88         else
  89           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','autosetup',".
  90                              DB_quote_smart($autosetup).")");
  91         $changed_autosetup=1;
  92       }
  93   }
  94
  95 if(myisset("sorting"))
  96   {
  97     $sorting = $_REQUEST['sorting'];
  98     if($sorting != $PREF['sorting'])
  99       {
 100         /* check if we already have an entry for the user, if so change it, if not create new one */
 101         $result = DB_query("SELECT * from User_Prefs".
 102                            " WHERE user_id='$myid' AND pref_key='sorting'" );
 103         if( DB_fetch_array($result))
 104           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($sorting).
 105                              " WHERE user_id='$myid' AND pref_key='sorting'" );
 106         else
 107           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','sorting',".
 108                              DB_quote_smart($sorting).")");
 109         $changed_sorting=1;
 110       }
 111   }
 112
 113 if(myisset("open_for_games"))
 114   {
 115     $openforgames = $_REQUEST['open_for_games'];
 116     if($openforgames != $PREF['open_for_games'])
 117       {
 118         /* check if we already have an entry for the user, if so change it, if not create new one */
 119         $result = DB_query("SELECT * from User_Prefs".
 120                            " WHERE user_id='$myid' AND pref_key='open for games'" );
 121         if( DB_fetch_array($result))
 122           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($openforgames).
 123                              " WHERE user_id='$myid' AND pref_key='open for games'" );
 124         else
 125           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','open for games',".
 126                              DB_quote_smart($openforgames).")");
 127         $changed_openforgames=1;
 128       }
 129   }
 130
 131
 132 if(myisset("password0") &&  $_REQUEST["password0"]!="" )
 133   {
 134     $changed_password = 1;
 135
 136     /* check if old password matches */
 137     $oldpasswd = md5($_REQUEST["password0"]);
 138     $password  = DB_get_passwd_by_userid($myid);
 139     if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
 140       $changed_password = -1;
 141
 142     /* check if new password has been typed in correctly */
 143     if($_REQUEST["password1"] != $_REQUEST["password2"] )
 144       $changed_password = -2;
 145
 146     /* check if new password is long enough */
 147     if(strlen($_REQUEST["password1"])<4)
 148       $changed_password = -3;
 149
 150     if($changed_password==1)
 151       {
 152         DB_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
 153                  "' WHERE id=".DB_quote_smart($myid));
 154       }
 155     /* error output below */
 156   }
 157
 158 /* get infos again in case they have changed */
 159 $PREF     = DB_get_PREF($myid);
 160 $timezone = DB_get_user_timezone($myid);
 161
 162 /* output settings */
 163
 164 echo "<div class=\"user\">\n";
 165 echo "  <form action=\"index.php?action=prefs\" method=\"post\">\n";
 166 echo "  <h2>Your settings are</h2>\n";
 167 echo "    <table>\n";
 168 echo "    <tr><td>Email:                 </td><td> $email    </td></tr>\n";
 169 echo "    <tr><td>Timezone:              </td><td>";
 170 output_select_timezone("timezone",$timezone);
 171 if($changed_timezone) echo "changed";
 172 echo "</td></tr>\n";
 173 echo "    <tr><td>Notification:          </td><td>";
 174
 175 echo "  <select id=\"notify\" name=\"notify\" size=\"1\">\n";
 176       if($PREF['email']=="emailaddict")
 177         {
 178           echo "   <option value=\"emailaddict\" selected=\"selected\">less emails</option>\n";
 179           echo "   <option value=\"emailnonaddict\">lots of emails</option>\n";
 180         }
 181       else
 182         {
 183           echo "   <option value=\"emailaddict\">less email</option>\n";
 184           echo "   <option value=\"emailnonaddict\" selected=\"selected\">lots of email</option>\n";
 185         }
 186   echo "  </select>\n";
 187 if($changed_notify) echo "changed";
 188 echo " </td></tr>\n";
 189 echo "    <tr><td>Autosetup:          </td><td>";
 190
 191 echo "  <select id=\"autosetup\" name=\"autosetup\" size=\"1\">\n";
 192       if($PREF['autosetup']=="yes")
 193         {
 194           echo "   <option value=\"yes\" selected=\"selected\">accept every game</option>\n";
 195           echo "   <option value=\"no\">ask for games</option>\n";
 196         }
 197       else
 198         {
 199           echo "   <option value=\"yes\">accept every game</option>\n";
 200           echo "   <option value=\"no\" selected=\"selected\">ask for games</option>\n";
 201         }
 202   echo "  </select>\n";
 203 if($changed_autosetup) echo "changed";
 204 echo " </td></tr>\n";
 205 echo "    <tr><td>Sorting:          </td><td>";
 206
 207 echo "  <select id=\"sorting\" name=\"sorting\" size=\"1\">\n";
 208       if($PREF['sorting']=="high-low")
 209         {
 210           echo "   <option value=\"high-low\" selected=\"selected\">high to low</option>\n";
 211           echo "   <option value=\"low-high\">low to high</option>\n";
 212         }
 213       else
 214         {
 215           echo "   <option value=\"high-low\">high to low</option>\n";
 216           echo "   <option value=\"low-high\" selected=\"selected\">low to high</option>\n";
 217         }
 218   echo "  </select>\n";
 219 if($changed_sorting) echo "changed";
 220 echo " </td></tr>\n";
 221 echo "    <tr><td>Open for new games:          </td><td>";
 222
 223 echo "  <select id=\"open_for_games\" name=\"open_for_games\" size=\"1\">\n";
 224       if($PREF['open_for_games']=="no")
 225         {
 226           echo "   <option value=\"yes\">yes</option>\n";
 227           echo "   <option value=\"no\" selected=\"selected\">no</option>\n";
 228         }
 229       else /* default */
 230         {
 231           echo "   <option value=\"yes\" selected=\"selected\">yes</option>\n";
 232           echo "   <option value=\"no\">no</option>\n";
 233         }
 234   echo "  </select>\n";
 235 if($changed_openforgames) echo "changed";
 236 echo " </td></tr>\n";
 237 echo "    <tr><td>Card set:              </td><td>";
 238
 239 echo "  <select id=\"cards\" name=\"cards\" size=\"1\">\n";
 240       if($PREF['cardset']=="altenburg")
 241         {
 242           echo "   <option value=\"altenburg\" selected=\"selected\">German cards</option>\n";
 243           echo "   <option value=\"english\">English cards</option>\n";
 244         }
 245       else
 246         {
 247           echo "   <option value=\"altenburg\">German cards</option>\n";
 248           echo "   <option value=\"english\" selected=\"selected\">English cards</option>\n";
 249         }
 250   echo "  </select>\n";
 251 if($changed_cards) echo "changed";
 252 echo " </td></tr>\n";
 253 echo "    <tr><td>Password(old):         </td><td>",
 254   "<input type=\"password\" id=\"password0\" name=\"password0\" size=\"20\" maxlength=\"30\" />";
 255 switch($changed_password)
 256   {
 257   case '-3':
 258     echo "The new passwords is not long enough (you need at least 4 characters).";
 259     break;
 260   case '-2':
 261     echo "The new passwords don't match.";
 262     break;
 263   case '-1':
 264     echo "The old password is not correct.";
 265     break;
 266   case '1':
 267     echo "changed";
 268     break;
 269   }
 270 echo  " </td></tr>\n";
 271 echo "    <tr><td>Password(new):         </td><td>",
 272   "<input type=\"password\" id=\"password1\" name=\"password1\" size=\"20\" maxlength=\"30\" />",
 273   " </td></tr>\n";
 274 echo "    <tr><td>Password(new, retype): </td><td>",
 275   "<input type=\"password\" id=\"password2\" name=\"password2\" size=\"20\" maxlength=\"30\" />",
 276   " </td></tr>\n";
 277 echo "    <tr><td><input type=\"submit\"  name=\"passwd\" value=\"set\" /></td>",
 278   "<td></td></tr>\n";
 279 echo "    </table>\n";
 280 echo "  </form>\n";
 281 echo "</div>\n";
 282
 283 return;
 284 ?>