include/preferences.php

   1 <?php
   2 /* make sure that we are not called from outside the scripts,
   3  * use a variable defined in config.php to check this
   4  */
   5 if(!isset($HOST))
   6   exit;
   7
   8 $name  = $_SESSION["name"];
   9 $email = DB_get_email('name',$name);
  10 $myid  = DB_get_userid('email',$email);
  11 if(!$myid)
  12   return;
  13
  14 /* track what got changed */
  15 $changed_notify       = 0;
  16 $changed_password     = 0;
  17 $changed_cards        = 0;
  18 $changed_timezone     = 0;
  19 $changed_autosetup    = 0;
  20 $changed_sorting      = 0;
  21 $changed_openforgames = 0;
  22 $changed_vacation     = 0;
  23
  24 display_user_menu($myid);
  25
  26 /* get old infos */
  27 $PREF = DB_get_PREF($myid);
  28 $timezone =  DB_get_user_timezone($myid);
  29
  30 DB_update_user_timestamp($myid);
  31
  32 /* does the user want to change some preferences?
  33  * update the database and track changes with a variable, so that
  34  * we can later highlight the changed value
  35  */
  36 if(myisset('vacation_start','vacation_stop','vacation_comment') &&
  37    ($_REQUEST['vacation_start']!='' || $_REQUEST['vacation_stop']!='')
  38    )
  39   {
  40     $vacation_start   = $_REQUEST['vacation_start'].' 00:00:00';
  41     $vacation_stop    = $_REQUEST['vacation_stop'].' 23:59:59';
  42     $vacation_comment = $_REQUEST['vacation_comment'];
  43
  44     /* check if everything is valid */
  45     if(!strtotime($vacation_start))
  46       $changed_vacation = -1;
  47     if(!strtotime($vacation_stop))
  48       $changed_vacation = -1;
  49
  50     /* test if we should delete the entry */
  51     if($vacation_start == '- 00:00:00')
  52       {
  53         $result = DB_query("DELETE FROM User_Prefs".
  54                            " WHERE user_id='$myid' AND pref_key='vacation start'" );
  55         $result = DB_query("DELETE FROM User_Prefs".
  56                            " WHERE user_id='$myid' AND pref_key='vacation stop'" );
  57         $result = DB_query("DELETE FROM User_Prefs".
  58                            " WHERE user_id='$myid' AND pref_key='vacation comment'" );
  59         $changed_vacation = 1;
  60       }
  61     /* change in database if format is ok */
  62     else if($changed_vacation>=0)
  63       {
  64         /* only change if different from current value */
  65         if($vacation_start!=$PREF['vacation_start'])
  66           {
  67             $result = DB_query("SELECT * from User_Prefs".
  68                                " WHERE user_id='$myid' AND pref_key='vacation start'" );
  69             if( DB_fetch_array($result))
  70               $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_start).
  71                                  " WHERE user_id='$myid' AND pref_key='vacation start'" );
  72             else
  73               $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation start',".
  74                                  DB_quote_smart($vacation_start).")");
  75
  76             $changed_vacation = 1;
  77           }
  78
  79         /* same for the stop date */
  80         if($vacation_stop!=$PREF['vacation_stop'])
  81           {
  82             $result = DB_query("SELECT * from User_Prefs".
  83                                " WHERE user_id='$myid' AND pref_key='vacation stop'" );
  84             if( DB_fetch_array($result))
  85               $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_stop).
  86                                  " WHERE user_id='$myid' AND pref_key='vacation stop'" );
  87             else
  88               $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation stop',".
  89                                  DB_quote_smart($vacation_stop).")");
  90
  91             $changed_vacation = 1;
  92           }
  93
  94         /* does the user want to add a comment? */
  95         if($vacation_comment!=$PREF['vacation_comment'])
  96           {
  97             $result = DB_query("SELECT * from User_Prefs".
  98                                " WHERE user_id='$myid' AND pref_key='vacation comment'" );
  99             if( DB_fetch_array($result))
 100               $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_comment).
 101                                  " WHERE user_id='$myid' AND pref_key='vacation comment'" );
 102             else
 103               $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation comment',".
 104                                  DB_quote_smart($vacation_comment).")");
 105
 106             $changed_vacation = 1;
 107           }
 108       }
 109   }
 110
 111 if(myisset("timezone"))
 112   {
 113     $newtimezone = $_REQUEST['timezone'];
 114     if($newtimezone != $timezone)
 115       {
 116         DB_query("UPDATE User SET timezone=".DB_quote_smart($newtimezone).
 117                  " WHERE id=".DB_quote_smart($myid));
 118         $changed_timezone = 1;
 119       }
 120   }
 121
 122 if(myisset("cards"))
 123   {
 124     $cards=$_REQUEST['cards'];
 125     if($cards != $PREF['cardset'])
 126       {
 127         /* check if we already have an entry for the user, if so change it, if not create new one */
 128         $result = DB_query("SELECT * from User_Prefs".
 129                            " WHERE user_id='$myid' AND pref_key='cardset'" );
 130         if( DB_fetch_array($result))
 131           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards).
 132                              " WHERE user_id='$myid' AND pref_key='cardset'" );
 133         else
 134           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
 135                              DB_quote_smart($cards).")");
 136         $changed_cards = 1;
 137       }
 138   }
 139
 140 if(myisset("notify"))
 141   {
 142     $notify=$_REQUEST['notify'];
 143     if($notify != $PREF['email'])
 144       {
 145         /* check if we already have an entry for the user, if so change it, if not create new one */
 146         $result = DB_query("SELECT * from User_Prefs".
 147                            " WHERE user_id='$myid' AND pref_key='email'" );
 148         if( DB_fetch_array($result))
 149           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify).
 150                              " WHERE user_id='$myid' AND pref_key='email'" );
 151         else
 152           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
 153                              DB_quote_smart($notify).")");
 154         $changed_notify=1;
 155       }
 156   }
 157
 158 if(myisset("autosetup"))
 159   {
 160     $autosetup = $_REQUEST['autosetup'];
 161     if($autosetup != $PREF['autosetup'])
 162       {
 163         /* check if we already have an entry for the user, if so change it, if not create new one */
 164         $result = DB_query("SELECT * from User_Prefs".
 165                            " WHERE user_id='$myid' AND pref_key='autosetup'" );
 166         if( DB_fetch_array($result))
 167           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($autosetup).
 168                              " WHERE user_id='$myid' AND pref_key='autosetup'" );
 169         else
 170           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','autosetup',".
 171                              DB_quote_smart($autosetup).")");
 172         $changed_autosetup=1;
 173       }
 174   }
 175
 176 if(myisset("sorting"))
 177   {
 178     $sorting = $_REQUEST['sorting'];
 179     if($sorting != $PREF['sorting'])
 180       {
 181         /* check if we already have an entry for the user, if so change it, if not create new one */
 182         $result = DB_query("SELECT * from User_Prefs".
 183                            " WHERE user_id='$myid' AND pref_key='sorting'" );
 184         if( DB_fetch_array($result))
 185           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($sorting).
 186                              " WHERE user_id='$myid' AND pref_key='sorting'" );
 187         else
 188           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','sorting',".
 189                              DB_quote_smart($sorting).")");
 190         $changed_sorting=1;
 191       }
 192   }
 193
 194 if(myisset("open_for_games"))
 195   {
 196     $openforgames = $_REQUEST['open_for_games'];
 197     if($openforgames != $PREF['open_for_games'])
 198       {
 199         /* check if we already have an entry for the user, if so change it, if not create new one */
 200         $result = DB_query("SELECT * from User_Prefs".
 201                            " WHERE user_id='$myid' AND pref_key='open for games'" );
 202         if( DB_fetch_array($result))
 203           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($openforgames).
 204                              " WHERE user_id='$myid' AND pref_key='open for games'" );
 205         else
 206           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','open for games',".
 207                              DB_quote_smart($openforgames).")");
 208         $changed_openforgames=1;
 209       }
 210   }
 211
 212
 213 if(myisset("password0") &&  $_REQUEST["password0"]!="" )
 214   {
 215     $changed_password = 1;
 216
 217     /* check if old password matches */
 218     $oldpasswd = md5($_REQUEST["password0"]);
 219     $password  = DB_get_passwd_by_userid($myid);
 220     if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
 221       $changed_password = -1;
 222
 223     /* check if new password has been typed in correctly */
 224     if($_REQUEST["password1"] != $_REQUEST["password2"] )
 225       $changed_password = -2;
 226
 227     /* check if new password is long enough */
 228     if(strlen($_REQUEST["password1"])<4)
 229       $changed_password = -3;
 230
 231     if($changed_password==1)
 232       {
 233         DB_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
 234                  "' WHERE id=".DB_quote_smart($myid));
 235       }
 236     /* error output below */
 237   }
 238
 239 /* get infos again in case they have changed */
 240 $PREF     = DB_get_PREF($myid);
 241 $timezone = DB_get_user_timezone($myid);
 242
 243 /*
 244  * output settings
 245  */
 246
 247 echo "<div class=\"user\">\n";
 248 echo "  <form action=\"index.php?action=prefs\" method=\"post\">\n";
 249 echo "  <h2>Your settings are</h2>\n";
 250 echo "    <fieldset>\n";
 251 echo "    <legend>Game-related</legend>\n";
 252 echo "      <table>\n";
 253
 254 echo "        <tr><td>Vacation:             </td>\n";
 255 if($PREF['vacation_start'])
 256   $value = substr($PREF['vacation_start'],0,10);
 257  else
 258    $value = '';
 259 echo "            <td>start:<input type=\"text\" id=\"vacation_start\" name=\"vacation_start\" size=\"10\" maxlength=\"10\" value=\"$value\" /></td>\n";
 260 if($PREF['vacation_stop'])
 261   $value = substr($PREF['vacation_stop'],0,10);
 262  else
 263    $value = '';
 264 echo "            <td>stop:<input type=\"text\" id=\"vacation_stop\" name=\"vacation_stop\" size=\"10\" maxlength=\"10\" value=\"$value\" /></td>\n";
 265 if($PREF['vacation_comment'])
 266   $value = $PREF['vacation_comment'];
 267 else
 268   $value = '';
 269 echo "            <td>comment:<input type=\"text\" id=\"vacation_comment\" name=\"vacation_comment\" size=\"10\" maxlength=\"50\" value=\"$value\" />";
 270 if($changed_vacation == 1) echo "changed";
 271 if($changed_vacation == -1) echo "wrong date format";
 272 echo "</td></tr>\n";
 273 echo "<tr><td></td><td>use YYYY-MM-DD</td><td>use '-'  in start field to unset vacation</td></tr>\n";
 274 echo "        <tr><td>Notification:          </td><td>\n";
 275 echo "          <select id=\"notify\" name=\"notify\" size=\"1\">\n";
 276 if($PREF['email']=="emailaddict")
 277   {
 278     echo "            <option value=\"emailaddict\" selected=\"selected\">less emails</option>\n";
 279     echo "            <option value=\"emailnonaddict\">lots of emails</option>\n";
 280   }
 281  else
 282    {
 283      echo "            <option value=\"emailaddict\">less email</option>\n";
 284      echo "            <option value=\"emailnonaddict\" selected=\"selected\">lots of email</option>\n";
 285    }
 286 echo "          </select>";
 287 if($changed_notify) echo "changed";
 288 echo " </td></tr>\n";
 289
 290 echo "        <tr><td>Autosetup:          </td><td>\n";
 291 echo "          <select id=\"autosetup\" name=\"autosetup\" size=\"1\">\n";
 292 if($PREF['autosetup']=="yes")
 293   {
 294     echo "           <option value=\"yes\" selected=\"selected\">accept every game</option>\n";
 295     echo "           <option value=\"no\">ask for games</option>\n";
 296   }
 297  else
 298    {
 299      echo "           <option value=\"yes\">accept every game</option>\n";
 300      echo "           <option value=\"no\" selected=\"selected\">ask for games</option>\n";
 301    }
 302 echo "         </select>";
 303 if($changed_autosetup) echo "changed";
 304 echo " </td></tr>\n";
 305 echo "    <tr><td>Sorting:          </td><td>\n";
 306
 307 echo "         <select id=\"sorting\" name=\"sorting\" size=\"1\">\n";
 308 if($PREF['sorting']=="high-low")
 309   {
 310     echo "           <option value=\"high-low\" selected=\"selected\">high to low</option>\n";
 311     echo "           <option value=\"low-high\">low to high</option>\n";
 312   }
 313  else
 314    {
 315      echo "           <option value=\"high-low\">high to low</option>\n";
 316      echo "           <option value=\"low-high\" selected=\"selected\">low to high</option>\n";
 317    }
 318 echo "         </select>";
 319 if($changed_sorting) echo "changed";
 320 echo " </td></tr>\n";
 321 echo "        <tr><td>Open for new games:          </td><td>\n";
 322 echo "         <select id=\"open_for_games\" name=\"open_for_games\" size=\"1\">\n";
 323 if($PREF['open_for_games']=="no")
 324   {
 325     echo "           <option value=\"yes\">yes</option>\n";
 326     echo "           <option value=\"no\" selected=\"selected\">no</option>\n";
 327   }
 328  else /* default */
 329    {
 330      echo "           <option value=\"yes\" selected=\"selected\">yes</option>\n";
 331      echo "           <option value=\"no\">no</option>\n";
 332    }
 333 echo "         </select>";
 334 if($changed_openforgames) echo "changed";
 335 echo " </td></tr>\n";
 336
 337 echo "    <tr><td>Card set:              </td><td>\n";
 338 echo "         <select id=\"cards\" name=\"cards\" size=\"1\">\n";
 339 if($PREF['cardset']=="altenburg")
 340   {
 341     echo "           <option value=\"altenburg\" selected=\"selected\">German cards</option>\n";
 342     echo "           <option value=\"english\">English cards</option>\n";
 343   }
 344  else
 345    {
 346      echo "           <option value=\"altenburg\">German cards</option>\n";
 347      echo "           <option value=\"english\" selected=\"selected\">English cards</option>\n";
 348    }
 349 echo "         </select>";
 350 if($changed_cards) echo "changed";
 351 echo " </td></tr>\n";
 352 echo "      </table>\n";
 353 echo "    </fieldset>\n";
 354 echo "    <fieldset>\n";
 355 echo "      <legend>Personal</legend>\n";
 356 echo "      <table>\n";
 357 echo "        <tr><td>Email:                 </td><td> $email    </td></tr>\n";
 358 echo "        <tr><td>Timezone:              </td><td>\n";
 359 output_select_timezone("timezone",$timezone);
 360 if($changed_timezone) echo "changed";
 361 echo "</td></tr>\n";
 362
 363 echo "        <tr><td>Password(old):         </td><td>",
 364   "<input type=\"password\" id=\"password0\" name=\"password0\" size=\"20\" maxlength=\"30\" />";
 365 switch($changed_password)
 366   {
 367   case '-3':
 368     echo "The new passwords is not long enough (you need at least 4 characters).";
 369     break;
 370   case '-2':
 371     echo "The new passwords don't match.";
 372     break;
 373   case '-1':
 374     echo "The old password is not correct.";
 375     break;
 376   case '1':
 377     echo "changed";
 378     break;
 379   }
 380 echo " </td></tr>\n";
 381 echo "        <tr><td>Password(new):         </td><td>",
 382   "<input type=\"password\" id=\"password1\" name=\"password1\" size=\"20\" maxlength=\"30\" />",
 383   " </td></tr>\n";
 384 echo "        <tr><td>Password(new, retype): </td><td>",
 385   "<input type=\"password\" id=\"password2\" name=\"password2\" size=\"20\" maxlength=\"30\" />",
 386   " </td></tr>\n";
 387 echo "      </table>\n";
 388 echo "    </fieldset>\n";
 389 echo "    <fieldset><legend>Submit</legend><input type=\"submit\"  name=\"passwd\" value=\"set\" /></fieldset>\n";
 390 echo "  </form>\n";
 391 echo "</div>\n";
 392
 393 return;
 394 ?>