CLEANUP: better debugging option for DB querries
[e-DoKo.git] / include / preferences.php
1 <?php
2 /* make sure that we are not called from outside the scripts,
3  * use a variable defined in config.php to check this
4  */
5 if(!isset($HOST))
6   exit;
7
8 $name  = $_SESSION["name"];
9 $email = DB_get_email('name',$name);
10 $myid  = DB_get_userid('email',$email);
11 if(!$myid)
12   return;
13
14 /* track what got changed */
15 $changed_notify       = 0;
16 $changed_password     = 0;
17 $changed_cards        = 0;
18 $changed_timezone     = 0;
19 $changed_autosetup    = 0;
20 $changed_sorting      = 0;
21 $changed_openforgames = 0;
22 $changed_vacation     = 0;
23
24 display_user_menu($myid);
25
26 /* get old infos */
27 $PREF = DB_get_PREF($myid);
28 $timezone =  DB_get_user_timezone($myid);
29
30 DB_update_user_timestamp($myid);
31
32 /* does the user want to change some preferences?
33  * update the database and track changes with a variable, so that
34  * we can later highlight the changed value
35  */
36 if(myisset('vacation_start','vacation_stop','vacation_comment') &&
37    ($_REQUEST['vacation_start']!='' || $_REQUEST['vacation_stop']!='')
38    )
39   {
40     $vacation_start   = $_REQUEST['vacation_start'].' 00:00:00';
41     $vacation_stop    = $_REQUEST['vacation_stop'].' 23:59:59';
42     $vacation_comment = $_REQUEST['vacation_comment'];
43
44     /* check if everything is valid */
45     if(!strtotime($vacation_start))
46       $changed_vacation = -1;
47     if(!strtotime($vacation_stop))
48       $changed_vacation = -1;
49
50     /* test if we should delete the entry */
51     if($vacation_start == '- 00:00:00')
52       {
53         $result = DB_query("DELETE FROM User_Prefs".
54                            " WHERE user_id='$myid' AND pref_key='vacation start'" );
55         $result = DB_query("DELETE FROM User_Prefs".
56                            " WHERE user_id='$myid' AND pref_key='vacation stop'" );
57         $result = DB_query("DELETE FROM User_Prefs".
58                            " WHERE user_id='$myid' AND pref_key='vacation comment'" );
59         $changed_vacation = 1;
60       }
61     /* change in database if format is ok */
62     else if($changed_vacation>=0)
63       {
64         /* only change if different from current value */
65         if($vacation_start!=$PREF['vacation_start'])
66           {
67             $result = DB_query("SELECT * from User_Prefs".
68                                " WHERE user_id='$myid' AND pref_key='vacation start'" );
69             if( DB_fetch_array($result))
70               $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_start).
71                                  " WHERE user_id='$myid' AND pref_key='vacation start'" );
72             else
73               $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation start',".
74                                  DB_quote_smart($vacation_start).")");
75
76             $changed_vacation = 1;
77           }
78
79         /* same for the stop date */
80         if($vacation_stop!=$PREF['vacation_stop'])
81           {
82             $result = DB_query("SELECT * from User_Prefs".
83                                " WHERE user_id='$myid' AND pref_key='vacation stop'" );
84             if( DB_fetch_array($result))
85               $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_stop).
86                                  " WHERE user_id='$myid' AND pref_key='vacation stop'" );
87             else
88               $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation stop',".
89                                  DB_quote_smart($vacation_stop).")");
90
91             $changed_vacation = 1;
92           }
93
94         /* does the user want to add a comment? */
95         if($vacation_comment!=$PREF['vacation_comment'])
96           {
97             $result = DB_query("SELECT * from User_Prefs".
98                                " WHERE user_id='$myid' AND pref_key='vacation comment'" );
99             if( DB_fetch_array($result))
100               $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_comment).
101                                  " WHERE user_id='$myid' AND pref_key='vacation comment'" );
102             else
103               $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation comment',".
104                                  DB_quote_smart($vacation_comment).")");
105
106             $changed_vacation = 1;
107           }
108       }
109   }
110
111 if(myisset("timezone"))
112   {
113     $newtimezone = $_REQUEST['timezone'];
114     if($newtimezone != $timezone)
115       {
116         DB_query("UPDATE User SET timezone=".DB_quote_smart($newtimezone).
117                  " WHERE id=".DB_quote_smart($myid));
118         $changed_timezone = 1;
119       }
120   }
121
122 if(myisset("cards"))
123   {
124     $cards=$_REQUEST['cards'];
125     if($cards != $PREF['cardset'])
126       {
127         /* check if we already have an entry for the user, if so change it, if not create new one */
128         $result = DB_query("SELECT * from User_Prefs".
129                            " WHERE user_id='$myid' AND pref_key='cardset'" );
130         if( DB_fetch_array($result))
131           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards).
132                              " WHERE user_id='$myid' AND pref_key='cardset'" );
133         else
134           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
135                              DB_quote_smart($cards).")");
136         $changed_cards = 1;
137       }
138   }
139
140 if(myisset("notify"))
141   {
142     $notify=$_REQUEST['notify'];
143     if($notify != $PREF['email'])
144       {
145         /* check if we already have an entry for the user, if so change it, if not create new one */
146         $result = DB_query("SELECT * from User_Prefs".
147                            " WHERE user_id='$myid' AND pref_key='email'" );
148         if( DB_fetch_array($result))
149           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify).
150                              " WHERE user_id='$myid' AND pref_key='email'" );
151         else
152           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
153                              DB_quote_smart($notify).")");
154         $changed_notify=1;
155       }
156   }
157
158 if(myisset("autosetup"))
159   {
160     $autosetup = $_REQUEST['autosetup'];
161     if($autosetup != $PREF['autosetup'])
162       {
163         /* check if we already have an entry for the user, if so change it, if not create new one */
164         $result = DB_query("SELECT * from User_Prefs".
165                            " WHERE user_id='$myid' AND pref_key='autosetup'" );
166         if( DB_fetch_array($result))
167           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($autosetup).
168                              " WHERE user_id='$myid' AND pref_key='autosetup'" );
169         else
170           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','autosetup',".
171                              DB_quote_smart($autosetup).")");
172         $changed_autosetup=1;
173       }
174   }
175
176 if(myisset("sorting"))
177   {
178     $sorting = $_REQUEST['sorting'];
179     if($sorting != $PREF['sorting'])
180       {
181         /* check if we already have an entry for the user, if so change it, if not create new one */
182         $result = DB_query("SELECT * from User_Prefs".
183                            " WHERE user_id='$myid' AND pref_key='sorting'" );
184         if( DB_fetch_array($result))
185           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($sorting).
186                              " WHERE user_id='$myid' AND pref_key='sorting'" );
187         else
188           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','sorting',".
189                              DB_quote_smart($sorting).")");
190         $changed_sorting=1;
191       }
192   }
193
194 if(myisset("open_for_games"))
195   {
196     $openforgames = $_REQUEST['open_for_games'];
197     if($openforgames != $PREF['open_for_games'])
198       {
199         /* check if we already have an entry for the user, if so change it, if not create new one */
200         $result = DB_query("SELECT * from User_Prefs".
201                            " WHERE user_id='$myid' AND pref_key='open for games'" );
202         if( DB_fetch_array($result))
203           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($openforgames).
204                              " WHERE user_id='$myid' AND pref_key='open for games'" );
205         else
206           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','open for games',".
207                              DB_quote_smart($openforgames).")");
208         $changed_openforgames=1;
209       }
210   }
211
212
213 if(myisset("password0") &&  $_REQUEST["password0"]!="" )
214   {
215     $changed_password = 1;
216
217     /* check if old password matches */
218     $oldpasswd = md5($_REQUEST["password0"]);
219     $password  = DB_get_passwd_by_userid($myid);
220     if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
221       $changed_password = -1;
222
223     /* check if new password has been typed in correctly */
224     if($_REQUEST["password1"] != $_REQUEST["password2"] )
225       $changed_password = -2;
226
227     /* check if new password is long enough */
228     if(strlen($_REQUEST["password1"])<4)
229       $changed_password = -3;
230
231     if($changed_password==1)
232       {
233         DB_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
234                  "' WHERE id=".DB_quote_smart($myid));
235       }
236     /* error output below */
237   }
238
239 /* get infos again in case they have changed */
240 $PREF     = DB_get_PREF($myid);
241 $timezone = DB_get_user_timezone($myid);
242
243 /*
244  * output settings
245  */
246
247 echo "<div class=\"user\">\n";
248 echo "  <form action=\"index.php?action=prefs\" method=\"post\">\n";
249 echo "  <h2>Your settings are</h2>\n";
250 echo "    <fieldset>\n";
251 echo "    <legend>Game-related</legend>\n";
252 echo "      <table>\n";
253
254 echo "        <tr><td>Vacation:             </td>\n";
255 if($PREF['vacation_start'])
256   $value = substr($PREF['vacation_start'],0,10);
257  else
258    $value = '';
259 echo "            <td>start:<input type=\"text\" id=\"vacation_start\" name=\"vacation_start\" size=\"10\" maxlength=\"10\" value=\"$value\" /></td>\n";
260 if($PREF['vacation_stop'])
261   $value = substr($PREF['vacation_stop'],0,10);
262  else
263    $value = '';
264 echo "            <td>stop:<input type=\"text\" id=\"vacation_stop\" name=\"vacation_stop\" size=\"10\" maxlength=\"10\" value=\"$value\" /></td>\n";
265 if($PREF['vacation_comment'])
266   $value = $PREF['vacation_comment'];
267 else
268   $value = '';
269 echo "            <td>comment:<input type=\"text\" id=\"vacation_comment\" name=\"vacation_comment\" size=\"10\" maxlength=\"50\" value=\"$value\" />";
270 if($changed_vacation == 1) echo "changed";
271 if($changed_vacation == -1) echo "wrong date format";
272 echo "</td></tr>\n";
273 echo "<tr><td></td><td>use YYYY-MM-DD</td><td>use '-'  in start field to unset vacation</td></tr>\n";
274 echo "        <tr><td>Notification:          </td><td>\n";
275 echo "          <select id=\"notify\" name=\"notify\" size=\"1\">\n";
276 if($PREF['email']=="emailaddict")
277   {
278     echo "            <option value=\"emailaddict\" selected=\"selected\">less emails</option>\n";
279     echo "            <option value=\"emailnonaddict\">lots of emails</option>\n";
280   }
281  else
282    {
283      echo "            <option value=\"emailaddict\">less email</option>\n";
284      echo "            <option value=\"emailnonaddict\" selected=\"selected\">lots of email</option>\n";
285    }
286 echo "          </select>";
287 if($changed_notify) echo "changed";
288 echo " </td></tr>\n";
289
290 echo "        <tr><td>Autosetup:          </td><td>\n";
291 echo "          <select id=\"autosetup\" name=\"autosetup\" size=\"1\">\n";
292 if($PREF['autosetup']=="yes")
293   {
294     echo "           <option value=\"yes\" selected=\"selected\">accept every game</option>\n";
295     echo "           <option value=\"no\">ask for games</option>\n";
296   }
297  else
298    {
299      echo "           <option value=\"yes\">accept every game</option>\n";
300      echo "           <option value=\"no\" selected=\"selected\">ask for games</option>\n";
301    }
302 echo "         </select>";
303 if($changed_autosetup) echo "changed";
304 echo " </td></tr>\n";
305 echo "    <tr><td>Sorting:          </td><td>\n";
306
307 echo "         <select id=\"sorting\" name=\"sorting\" size=\"1\">\n";
308 if($PREF['sorting']=="high-low")
309   {
310     echo "           <option value=\"high-low\" selected=\"selected\">high to low</option>\n";
311     echo "           <option value=\"low-high\">low to high</option>\n";
312   }
313  else
314    {
315      echo "           <option value=\"high-low\">high to low</option>\n";
316      echo "           <option value=\"low-high\" selected=\"selected\">low to high</option>\n";
317    }
318 echo "         </select>";
319 if($changed_sorting) echo "changed";
320 echo " </td></tr>\n";
321 echo "        <tr><td>Open for new games:          </td><td>\n";
322 echo "         <select id=\"open_for_games\" name=\"open_for_games\" size=\"1\">\n";
323 if($PREF['open_for_games']=="no")
324   {
325     echo "           <option value=\"yes\">yes</option>\n";
326     echo "           <option value=\"no\" selected=\"selected\">no</option>\n";
327   }
328  else /* default */
329    {
330      echo "           <option value=\"yes\" selected=\"selected\">yes</option>\n";
331      echo "           <option value=\"no\">no</option>\n";
332    }
333 echo "         </select>";
334 if($changed_openforgames) echo "changed";
335 echo " </td></tr>\n";
336
337 echo "    <tr><td>Card set:              </td><td>\n";
338 echo "         <select id=\"cards\" name=\"cards\" size=\"1\">\n";
339 if($PREF['cardset']=="altenburg")
340   {
341     echo "           <option value=\"altenburg\" selected=\"selected\">German cards</option>\n";
342     echo "           <option value=\"english\">English cards</option>\n";
343   }
344  else
345    {
346      echo "           <option value=\"altenburg\">German cards</option>\n";
347      echo "           <option value=\"english\" selected=\"selected\">English cards</option>\n";
348    }
349 echo "         </select>";
350 if($changed_cards) echo "changed";
351 echo " </td></tr>\n";
352 echo "      </table>\n";
353 echo "    </fieldset>\n";
354 echo "    <fieldset>\n";
355 echo "      <legend>Personal</legend>\n";
356 echo "      <table>\n";
357 echo "        <tr><td>Email:                 </td><td> $email    </td></tr>\n";
358 echo "        <tr><td>Timezone:              </td><td>\n";
359 output_select_timezone("timezone",$timezone);
360 if($changed_timezone) echo "changed";
361 echo "</td></tr>\n";
362
363 echo "        <tr><td>Password(old):         </td><td>",
364   "<input type=\"password\" id=\"password0\" name=\"password0\" size=\"20\" maxlength=\"30\" />";
365 switch($changed_password)
366   {
367   case '-3':
368     echo "The new passwords is not long enough (you need at least 4 characters).";
369     break;
370   case '-2':
371     echo "The new passwords don't match.";
372     break;
373   case '-1':
374     echo "The old password is not correct.";
375     break;
376   case '1':
377     echo "changed";
378     break;
379   }
380 echo " </td></tr>\n";
381 echo "        <tr><td>Password(new):         </td><td>",
382   "<input type=\"password\" id=\"password1\" name=\"password1\" size=\"20\" maxlength=\"30\" />",
383   " </td></tr>\n";
384 echo "        <tr><td>Password(new, retype): </td><td>",
385   "<input type=\"password\" id=\"password2\" name=\"password2\" size=\"20\" maxlength=\"30\" />",
386   " </td></tr>\n";
387 echo "      </table>\n";
388 echo "    </fieldset>\n";
389 echo "    <fieldset><legend>Submit</legend><input type=\"submit\"  name=\"passwd\" value=\"set\" /></fieldset>\n";
390 echo "  </form>\n";
391 echo "</div>\n";
392
393 return;
394 ?>