2 /* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arun Persaud <arun@nubati.net>
4 * This file is part of e-DoKo.
6 * e-DoKo is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * e-DoKo is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with e-DoKo. If not, see <http://www.gnu.org/licenses/>.
21 /* make sure that we are not called from outside the scripts,
22 * use a variable defined in config.php to check this
27 include_once('openid.php');
29 $name = $_SESSION["name"];
30 $email = DB_get_email('name',$name);
31 $myid = DB_get_userid('email',$email);
35 /* track what got changed */
37 $changed_password = 0;
39 $changed_timezone = 0;
40 $changed_autosetup = 0;
42 $changed_openforgames = 0;
43 $changed_vacation = 0;
46 $changed_language = 0;
48 display_user_menu($myid);
51 $PREF = DB_get_PREF($myid);
52 /* set language chosen in preferences, will become active on the next reload (see index.php)*/
53 $_SESSION['language'] = $PREF['language'];
54 set_language($PREF['language']);
55 $timezone = DB_get_user_timezone($myid);
57 DB_update_user_timestamp($myid);
59 /* does the user want to change some preferences?
60 * update the database and track changes with a variable, so that
61 * we can later highlight the changed value
64 /* check for deleted openids */
65 foreach($_REQUEST as $key=>$value)
67 if(strstr($key,"delete-openid-"))
69 /* found and openid to delete */
70 $DelOpenID = substr(str_replace("_",".",$key),14);
71 DB_DetachOpenID($DelOpenID, $myid);
77 if(myisset('vacation_start','vacation_stop','vacation_comment') &&
78 ($_REQUEST['vacation_start']!='' || $_REQUEST['vacation_stop']!='')
81 $vacation_start = $_REQUEST['vacation_start'].' 00:00:00';
82 $vacation_stop = $_REQUEST['vacation_stop'].' 23:59:59';
83 $vacation_comment = $_REQUEST['vacation_comment'];
85 /* check if everything is valid */
86 if(!strtotime($vacation_start))
87 $changed_vacation = -1;
88 if(!strtotime($vacation_stop))
89 $changed_vacation = -1;
91 /* test if we should delete the entry */
92 if($_REQUEST['vacation_start'] == $_REQUEST['vacation_stop'])
94 $result = DB_query("DELETE FROM User_Prefs".
95 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation start'" );
96 $result = DB_query("DELETE FROM User_Prefs".
97 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation stop'" );
98 $result = DB_query("DELETE FROM User_Prefs".
99 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation comment'" );
100 $changed_vacation = 1;
102 /* change in database if format is ok */
103 else if($changed_vacation>=0)
105 /* only change if different from current value */
106 if($vacation_start!=$PREF['vacation_start'])
108 $result = DB_query("SELECT * from User_Prefs".
109 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation start'" );
110 if( DB_fetch_array($result))
111 $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_start).
112 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation start'" );
114 $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'vacation start',".
115 DB_quote_smart($vacation_start).")");
117 $changed_vacation = 1;
120 /* same for the stop date */
121 if($vacation_stop!=$PREF['vacation_stop'])
123 $result = DB_query("SELECT * from User_Prefs".
124 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation stop'" );
125 if( DB_fetch_array($result))
126 $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_stop).
127 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation stop'" );
129 $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'vacation stop',".
130 DB_quote_smart($vacation_stop).")");
132 $changed_vacation = 1;
135 /* does the user want to add a comment? */
136 if($vacation_comment!=$PREF['vacation_comment'])
138 $result = DB_query("SELECT * from User_Prefs".
139 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation comment'" );
140 if( DB_fetch_array($result))
141 $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_comment).
142 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='vacation comment'" );
144 $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'vacation comment',".
145 DB_quote_smart($vacation_comment).")");
147 $changed_vacation = 1;
152 if(myisset("timezone"))
154 $newtimezone = $_REQUEST['timezone'];
155 if($newtimezone != $timezone)
157 DB_query("UPDATE User SET timezone=".DB_quote_smart($newtimezone).
158 " WHERE id=".DB_quote_smart($myid));
159 $changed_timezone = 1;
165 $cards=$_REQUEST['cards'];
166 if($cards != $PREF['cardset'])
168 /* check if we already have an entry for the user, if so change it, if not create new one */
169 $result = DB_query("SELECT * from User_Prefs".
170 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='cardset'" );
171 if( DB_fetch_array($result))
172 $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards).
173 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='cardset'" );
175 $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'cardset',".
176 DB_quote_smart($cards).")");
181 if(myisset("notify"))
183 $notify=$_REQUEST['notify'];
184 if($notify != $PREF['email'])
186 /* check if we already have an entry for the user, if so change it, if not create new one */
187 $result = DB_query("SELECT * from User_Prefs".
188 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='email'" );
189 if( DB_fetch_array($result))
190 $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify).
191 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='email'" );
193 $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'email',".
194 DB_quote_smart($notify).")");
199 if(myisset("digest"))
201 $digest=$_REQUEST['digest'];
202 if($digest != $PREF['digest'])
204 /* check if we already have an entry for the user, if so change it, if not create new one */
205 $result = DB_query("SELECT * from User_Prefs".
206 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='digest'" );
207 if( DB_fetch_array($result))
208 $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($digest).
209 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='digest'" );
211 $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'digest',".
212 DB_quote_smart($digest).")");
217 if(myisset("autosetup"))
219 $autosetup = $_REQUEST['autosetup'];
220 if($autosetup != $PREF['autosetup'])
222 /* check if we already have an entry for the user, if so change it, if not create new one */
223 $result = DB_query("SELECT * from User_Prefs".
224 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='autosetup'" );
225 if( DB_fetch_array($result))
226 $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($autosetup).
227 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='autosetup'" );
229 $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'autosetup',".
230 DB_quote_smart($autosetup).")");
231 $changed_autosetup=1;
235 if(myisset("sorting"))
237 $sorting = $_REQUEST['sorting'];
238 if($sorting != $PREF['sorting'])
240 /* check if we already have an entry for the user, if so change it, if not create new one */
241 $result = DB_query("SELECT * from User_Prefs".
242 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='sorting'" );
243 if( DB_fetch_array($result))
244 $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($sorting).
245 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='sorting'" );
247 $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'sorting',".
248 DB_quote_smart($sorting).")");
253 if(myisset("open_for_games"))
255 $openforgames = $_REQUEST['open_for_games'];
256 if($openforgames != $PREF['open_for_games'])
258 /* check if we already have an entry for the user, if so change it, if not create new one */
259 $result = DB_query("SELECT * from User_Prefs".
260 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='open for games'" );
261 if( DB_fetch_array($result))
262 $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($openforgames).
263 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='open for games'" );
265 $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'open for games',".
266 DB_quote_smart($openforgames).")");
267 $changed_openforgames=1;
272 if(myisset("password0","password1","password2") && $_REQUEST["password0"]!="" && $_REQUEST["password0"]!= $_REQUEST["password1"])
274 $changed_password = 1;
276 /* check if old password matches */
277 $result = verify_password($email, $_REQUEST["password0"]);
280 $changed_password = -1;
282 /* check if new password has been typed in correctly */
283 if($_REQUEST["password1"] != $_REQUEST["password2"] )
284 $changed_password = -2;
286 /* check if new password is long enough */
287 if(strlen($_REQUEST["password1"])<4)
288 $changed_password = -3;
290 if($changed_password==1)
292 // create a password hash using the crypt function, need php 5.3 for this
293 // create and random salt
294 $salt = substr(str_replace('+', '.', base64_encode(sha1(microtime(true), true))), 0, 22);
295 // hash incoming password using 12 rounds of blowfish
296 $hash = crypt($_REQUEST["password1"], '$2y$12$' . $salt);
298 DB_query("UPDATE User SET password='".$hash.
299 "' WHERE id=".DB_quote_smart($myid));
301 /* in case this was done using a recovery password delete that password */
302 $tmppasswd = md5($_REQUEST["password0"]);
303 if(DB_check_recovery_passwords($tmppasswd,$email))
304 DB_delete_recovery_passwords($myid);
306 /* error output below */
309 if(myisset("openid_url") && $_REQUEST['openid_url']!='')
311 $openid_url = OpenIDUrlEncode($_REQUEST['openid_url']);
312 DB_AttachOpenID($openid_url, $myid);
315 if(myisset("language"))
317 $language = $_REQUEST['language'];
318 if($language != $PREF['language'])
320 /* check if we already have an entry for the user, if so change it, if not create new one */
321 $result = DB_query("SELECT * from User_Prefs".
322 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='language'" );
323 if( DB_fetch_array($result))
324 $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($language).
325 " WHERE user_id=".DB_quote_smart($myid)." AND pref_key='language'" );
327 $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,".DB_quote_smart($myid).",'language',".
328 DB_quote_smart($language).")");
329 $changed_language = 1;
334 /* get infos again in case they have changed */
335 $PREF = DB_get_PREF($myid);
336 $timezone = DB_get_user_timezone($myid);
342 echo "<div class=\"user\">\n";
343 echo " <form action=\"index.php?action=prefs\" method=\"post\">\n";
344 echo ' <h2>'._('Your settings')."</h2>\n";
345 echo " <fieldset>\n";
346 echo ' <legend>'._('Game-related')."</legend>\n";
349 echo ' <tr><td>'._('Vacation').": </td>\n";
350 if($PREF['vacation_start'])
351 $value = substr($PREF['vacation_start'],0,10);
354 echo " <td>"._('start').":<input type=\"date\" class=\"date\" name=\"vacation_start\" value=\"$value\" /></td>\n";
355 if($PREF['vacation_stop'])
356 $value = substr($PREF['vacation_stop'],0,10);
359 echo " <td>"._('stop').":<input type=\"date\" class=\"date\" name=\"vacation_stop\" value=\"$value\" /></td>\n";
360 if($PREF['vacation_comment'])
361 $value = $PREF['vacation_comment'];
364 echo ' <td>'._('comment:')."<input type=\"text\" id=\"vacation_comment\" name=\"vacation_comment\" size=\"10\" maxlength=\"50\" value=\"$value\" />";
365 if($changed_vacation == 1) echo _('changed');
366 if($changed_vacation == -1) echo _('wrong date format');
368 echo '<tr><td></td><td colspan="2">'._("set both dates to the same day to end vacation")."</td></tr>\n";
369 echo ' <tr><td>'._('Notification').": </td><td>\n";
370 echo " <select id=\"notify\" name=\"notify\" size=\"1\">\n";
371 if($PREF['email']=="emailaddict")
373 echo " <option value=\"emailaddict\" selected=\"selected\">"._('less emails')."</option>\n";
374 echo " <option value=\"emailnonaddict\">"._('lots of emails')."</option>\n";
378 echo " <option value=\"emailaddict\">"._('less emails')."</option>\n";
379 echo " <option value=\"emailnonaddict\" selected=\"selected\">"._('lots of emails')."</option>\n";
382 if($changed_notify) echo _('changed');
383 echo " </td></tr>\n";
385 echo ' <tr><td>'._('Digest').": </td><td>\n";
386 echo " <select id=\"digest\" name=\"digest\" size=\"1\">\n";
388 $selected = "selected=\"selected\"";
389 echo " <option value=\"digest-off\"";
390 if($PREF['digest']=="digest-off") echo $selected;
391 echo '>'._('digest off')."</option>\n";
393 echo " <option value=\"digest-1h\" ";
394 if($PREF['digest']=="digest-1h") echo $selected;
395 echo ">"._('every hour')."</option>\n";
397 echo " <option value=\"digest-2h\" ";
398 if($PREF['digest']=="digest-2h") echo $selected;
399 echo ">"._('every 2h')."</option>\n";
401 echo " <option value=\"digest-3h\" ";
402 if($PREF['digest']=="digest-3h") echo $selected;
403 echo ">"._('every 3h')."</option>\n";
405 echo " <option value=\"digest-4h\" ";
406 if($PREF['digest']=="digest-4h") echo $selected;
407 echo ">"._('every 4h')."</option>\n";
409 echo " <option value=\"digest-6h\" ";
410 if($PREF['digest']=="digest-6h") echo $selected;
411 echo ">"._('every 6h')."</option>\n";
413 echo " <option value=\"digest-12h\"";
414 if($PREF['digest']=="digest-12h") echo $selected;
415 echo ">"._('every 12h')."</option>\n";
417 echo " <option value=\"digest-24h\"";
418 if($PREF['digest']=="digest-24h") echo $selected;
419 echo ">"._('every 24h')."</option>\n";
422 if($changed_digest) echo _('changed');
423 echo " </td></tr>\n";
426 echo ' <tr><td>'._('Autosetup').": </td><td>\n";
427 echo " <select id=\"autosetup\" name=\"autosetup\" size=\"1\">\n";
428 if($PREF['autosetup']=="yes")
430 echo " <option value=\"yes\" selected=\"selected\">"._('accept every game')."</option>\n";
431 echo " <option value=\"no\">"._('ask for games')."</option>\n";
435 echo " <option value=\"yes\">"._('accept every game')."</option>\n";
436 echo " <option value=\"no\" selected=\"selected\">"._('ask for games')."</option>\n";
439 if($changed_autosetup) echo _('changed');
440 echo " </td></tr>\n";
441 echo ' <tr><td>'._('Sorting').": </td><td>\n";
443 echo " <select id=\"sorting\" name=\"sorting\" size=\"1\">\n";
444 if($PREF['sorting']=="high-low")
446 echo " <option value=\"high-low\" selected=\"selected\">"._('high to low')."</option>\n";
447 echo " <option value=\"low-high\">"._('low to high')."</option>\n";
451 echo " <option value=\"high-low\">"._('high to low')."</option>\n";
452 echo " <option value=\"low-high\" selected=\"selected\">"._('low to high')."</option>\n";
455 if($changed_sorting) echo _('changed');
456 echo " </td></tr>\n";
457 echo ' <tr><td>'._('Open for new games').": </td><td>\n";
458 echo " <select id=\"open_for_games\" name=\"open_for_games\" size=\"1\">\n";
459 if($PREF['open_for_games']=="no")
461 echo ' <option value="yes">'._('yes')."</option>\n";
462 echo ' <option value="no" selected="selected">'._('no')."</option>\n";
466 echo ' <option value="yes" selected="selected">'._('yes')."</option>\n";
467 echo ' <option value="no">'._('no')."</option>\n";
470 if($changed_openforgames) echo _('changed');
471 echo " </td></tr>\n";
473 echo ' <tr><td>'.('Card set').": </td><td>\n";
474 echo " <select id=\"cards\" name=\"cards\" size=\"1\">\n";
475 echo " <option value=\"english\" selected=\"selected\">"._('English cards')."</option>\n";
477 if($changed_cards) echo _('changed');
478 echo " </td></tr>\n";
480 echo " </fieldset>\n";
481 echo " <fieldset>\n";
482 echo ' <legend>'._('Personal')."</legend>\n";
484 echo ' <tr><td>'._('Email').": </td><td> $email </td></tr>\n";
485 echo ' <tr><td>'._('Timezone').": </td><td>\n";
486 output_select_timezone("timezone",$timezone);
487 if($changed_timezone) echo _('changed');
489 echo ' <tr><td>'._('Language').": </td><td>\n";
490 output_select_language("language",$PREF['language']);
491 if($changed_language == 1) echo _('changed');
493 echo ' <tr><td>'._('Password(old)').": </td><td>",
494 "<input type=\"password\" id=\"password0\" name=\"password0\" size=\"20\" maxlength=\"30\" />";
495 switch($changed_password)
498 echo _('The new passwords is not long enough (you need at least 4 characters).');
501 echo _('The new passwords don\'t match.');
504 echo _('The old password is not correct.');
510 echo " </td></tr>\n";
511 echo ' <tr><td>'._('Password(new)').": </td><td>",
512 "<input type=\"password\" id=\"password1\" name=\"password1\" size=\"20\" maxlength=\"30\" />",
514 echo ' <tr><td>'._('Password(new, retype)').": </td><td>",
515 "<input type=\"password\" id=\"password2\" name=\"password2\" size=\"20\" maxlength=\"30\" />",
518 echo " </fieldset>\n";
519 echo " <fieldset>\n";
520 echo ' <legend>'._('OpenID')."</legend>\n";
523 $openids = DB_GetOpenIDsByUser($myid);
527 echo " <table class=\"openid\">\n";
528 echo ' <thead><tr><th>'._('Delete')."?</th><th>OpenId</th></tr></thead>\n";
530 foreach ($openids as $ids)
533 echo " <tr><td><input type=\"checkbox\" name=\"delete-openid-$id\" /></td><td>",$id, "</td></tr>\n";
539 echo ' '._('add OpenID').': ',
540 "<input type=\"text\" id=\"openid_url\" name=\"openid_url\" size=\"20\" maxlength=\"50\" />";
542 echo ' '._('Deleted some OpenIDs!')." <br />\n";
543 echo " </fieldset>\n";
544 echo ' <fieldset><legend>'._('Submit')."</legend><input type=\"submit\" name=\"passwd\" value=\"set\" /></fieldset>\n";
546 echo ' <p>'._('E-DoKo uses <a href="http://www.gravatar.org">gravatars</a> as icons.').'</p>';
549 // add jquery date picker if html5 is not available
552 $(".date").dateinput({ format: 'yyyy-mm-dd' });