fdb6a1965875a769b621e2a70cdaa94a51e2d376
[e-DoKo.git] / include / preferences.php
1 <?php
2 /* make sure that we are not called from outside the scripts, 
3  * use a variable defined in config.php to check this
4  */
5 if(!isset($HOST))
6   exit;
7
8 $name  = $_SESSION["name"];
9 $email = DB_get_email('name',$name);
10 $myid = DB_get_userid('email',$email);
11 if(!$myid)
12   return;
13
14 /* track what got changed */
15 $changed_notify   = 0;
16 $changed_password = 0;
17 $changed_cards    = 0;
18 $changed_timezone = 0;
19
20 output_status();
21 display_user_menu();
22
23 /* get old infos */
24 $PREF = DB_get_PREF($myid);
25 $timezone =  DB_get_user_timezone($myid);
26
27 DB_update_user_timestamp($myid);
28
29 /* does the user want to change some preferences? */
30 if(myisset("timezone"))
31   {
32     $newtimezone=$_REQUEST['timezone'];
33     if($newtimezone != $timezone)
34       {
35         DB_query("UPDATE User SET timezone=".DB_quote_smart($newtimezone).
36                  " WHERE id=".DB_quote_smart($myid));
37         $changed_timezone = 1;
38       }
39   }
40
41 if(myisset("cards"))
42   {
43     $cards=$_REQUEST['cards'];
44     if($cards != $PREF['cardset'])
45       {
46         /* check if we already have an entry for the user, if so change it, if not create new one */
47         $result = DB_query("SELECT * from User_Prefs".
48                            " WHERE user_id='$myid' AND pref_key='cardset'" );
49         if( DB_fetch_array($result))
50           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards).
51                              " WHERE user_id='$myid' AND pref_key='cardset'" );
52         else
53           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
54                              DB_quote_smart($cards).")");
55         $changed_cards = 1;
56       }
57   }
58
59 if(myisset("notify"))
60   {
61     $notify=$_REQUEST['notify'];
62     if($notify != $PREF['email'])
63       {
64         /* check if we already have an entry for the user, if so change it, if not create new one */
65         $result = DB_query("SELECT * from User_Prefs".
66                            " WHERE user_id='$myid' AND pref_key='email'" );
67         if( DB_fetch_array($result))
68           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify).
69                              " WHERE user_id='$myid' AND pref_key='email'" );
70         else
71           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
72                              DB_quote_smart($notify).")");
73         $changed_notify=1;
74       }
75   }
76
77 if(myisset("password0") &&  $_REQUEST["password0"]!="" )
78   {
79     $changed_password = 1;
80
81     /* check if old password matches */
82     $oldpasswd = md5($_REQUEST["password0"]);
83     $password  = DB_get_passwd_by_userid($myid);
84     if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
85       $changed_password = -1;
86
87     /* check if new passwords are types the same twice */
88     if($_REQUEST["password1"] != $_REQUEST["password2"] )
89       $changed_password = -2;
90     
91     if($changed_password==1)
92       {
93         DB_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
94                  "' WHERE id=".DB_quote_smart($myid));
95       }
96     /* error output below */
97   }
98
99 /* get infos again in case they have changed */
100 $PREF     = DB_get_PREF($myid);
101 $timezone = DB_get_user_timezone($myid);
102
103 /* output settings */
104
105 echo "<div class=\"user\">\n";
106 echo "  <form action=\"index.php?action=prefs\" method=\"post\">\n";
107 echo "  <h2>Your settings are</h2>\n";
108 echo "    <table>\n";
109 echo "    <tr><td>Email:                 </td><td> $email    </td></tr>\n";
110 echo "    <tr><td>Timezone:              </td><td>";
111 output_select_timezone("timezone",$timezone);
112 if($changed_timezone) echo "changed";
113 echo "</td></tr>\n";
114 echo "    <tr><td>Notification:          </td><td>";
115
116 echo "  <select id=\"notify\" name=\"notify\" size=\"1\">\n";
117       if($PREF['email']=="emailaddict")
118         {
119           echo "   <option value=\"emailaddict\" selected=\"selected\">lots of emails</option>\n";
120           echo "   <option value=\"emailnonaddict\">less emails</option>\n";
121         }
122       else
123         {
124           echo "   <option value=\"emailaddict\">lots of email</option>\n";
125           echo "   <option value=\"emailnonaddict\" selected=\"selected\">less email</option>\n";
126         }
127   echo "  </select>\n";
128 if($changed_notify) echo "changed";
129 echo " </td></tr>\n";    
130 echo "    <tr><td>Card set:              </td><td>";
131
132 echo "  <select id=\"cards\" name=\"cards\" size=\"1\">\n";
133       if($PREF['cardset']=="altenburg")
134         {
135           echo "   <option value=\"altenburg\" selected=\"selected\">German cards</option>\n";
136           echo "   <option value=\"english\">English cards</option>\n";
137         }
138       else
139         {
140           echo "   <option value=\"altenburg\">German cards</option>\n";
141           echo "   <option value=\"english\" selected=\"selected\">English cards</option>\n";
142         }
143   echo "  </select>\n";
144 if($changed_cards) echo "changed";
145 echo " </td></tr>\n";    
146 echo "    <tr><td>Password(old):         </td><td>",
147   "<input type=\"password\" id=\"password0\" name=\"password0\" size=\"20\" maxlength=\"30\" />";
148 switch($changed_password)
149   {
150   case '-2':
151     echo "The new passwords don't match.";
152     break;
153   case '-1':
154     echo "The old password is not correct.";
155     break;
156   case '1':
157     echo "changed";
158     break;
159   }
160 echo  " </td></tr>\n";
161 echo "    <tr><td>Password(new):         </td><td>",
162   "<input type=\"password\" id=\"password1\" name=\"password1\" size=\"20\" maxlength=\"30\" />",
163   " </td></tr>\n";
164 echo "    <tr><td>Password(new, retype): </td><td>",
165   "<input type=\"password\" id=\"password2\" name=\"password2\" size=\"20\" maxlength=\"30\" />",
166   " </td></tr>\n";
167 echo "    <tr><td><input type=\"submit\" class=\"submitbutton\" name=\"passwd\" value=\"set\" /></td>",
168   "<td></td></tr>\n";
169 echo "    </table>\n";
170 echo "  </form>\n";
171 echo "</div>\n";    
172
173 output_footer();
174 DB_close();
175 exit();
176
177 ?>