include/preferences.php

   1 <?php
   2 /* make sure that we are not called from outside the scripts,
   3  * use a variable defined in config.php to check this
   4  */
   5 if(!isset($HOST))
   6   exit;
   7
   8 $name  = $_SESSION["name"];
   9 $email = DB_get_email('name',$name);
  10 $myid = DB_get_userid('email',$email);
  11 if(!$myid)
  12   return;
  13
  14 /* track what got changed */
  15 $changed_notify       = 0;
  16 $changed_password     = 0;
  17 $changed_cards        = 0;
  18 $changed_timezone     = 0;
  19 $changed_autosetup    = 0;
  20 $changed_sorting      = 0;
  21 $changed_openforgames = 0;
  22 $changed_vacation     = 0;
  23
  24 display_user_menu($myid);
  25
  26 /* get old infos */
  27 $PREF = DB_get_PREF($myid);
  28 $timezone =  DB_get_user_timezone($myid);
  29
  30 DB_update_user_timestamp($myid);
  31
  32 /* does the user want to change some preferences?
  33  * update the database and track changes with a variable, so that
  34  * we can later highlight the changed value
  35  */
  36 if(myisset("timezone"))
  37   {
  38     $newtimezone = $_REQUEST['timezone'];
  39     if($newtimezone != $timezone)
  40       {
  41         DB_query("UPDATE User SET timezone=".DB_quote_smart($newtimezone).
  42                  " WHERE id=".DB_quote_smart($myid));
  43         $changed_timezone = 1;
  44       }
  45   }
  46
  47 if(myisset("cards"))
  48   {
  49     $cards=$_REQUEST['cards'];
  50     if($cards != $PREF['cardset'])
  51       {
  52         /* check if we already have an entry for the user, if so change it, if not create new one */
  53         $result = DB_query("SELECT * from User_Prefs".
  54                            " WHERE user_id='$myid' AND pref_key='cardset'" );
  55         if( DB_fetch_array($result))
  56           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards).
  57                              " WHERE user_id='$myid' AND pref_key='cardset'" );
  58         else
  59           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',".
  60                              DB_quote_smart($cards).")");
  61         $changed_cards = 1;
  62       }
  63   }
  64
  65 if(myisset("notify"))
  66   {
  67     $notify=$_REQUEST['notify'];
  68     if($notify != $PREF['email'])
  69       {
  70         /* check if we already have an entry for the user, if so change it, if not create new one */
  71         $result = DB_query("SELECT * from User_Prefs".
  72                            " WHERE user_id='$myid' AND pref_key='email'" );
  73         if( DB_fetch_array($result))
  74           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify).
  75                              " WHERE user_id='$myid' AND pref_key='email'" );
  76         else
  77           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',".
  78                              DB_quote_smart($notify).")");
  79         $changed_notify=1;
  80       }
  81   }
  82
  83 if(myisset("autosetup"))
  84   {
  85     $autosetup = $_REQUEST['autosetup'];
  86     if($autosetup != $PREF['autosetup'])
  87       {
  88         /* check if we already have an entry for the user, if so change it, if not create new one */
  89         $result = DB_query("SELECT * from User_Prefs".
  90                            " WHERE user_id='$myid' AND pref_key='autosetup'" );
  91         if( DB_fetch_array($result))
  92           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($autosetup).
  93                              " WHERE user_id='$myid' AND pref_key='autosetup'" );
  94         else
  95           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','autosetup',".
  96                              DB_quote_smart($autosetup).")");
  97         $changed_autosetup=1;
  98       }
  99   }
 100
 101 if(myisset("sorting"))
 102   {
 103     $sorting = $_REQUEST['sorting'];
 104     if($sorting != $PREF['sorting'])
 105       {
 106         /* check if we already have an entry for the user, if so change it, if not create new one */
 107         $result = DB_query("SELECT * from User_Prefs".
 108                            " WHERE user_id='$myid' AND pref_key='sorting'" );
 109         if( DB_fetch_array($result))
 110           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($sorting).
 111                              " WHERE user_id='$myid' AND pref_key='sorting'" );
 112         else
 113           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','sorting',".
 114                              DB_quote_smart($sorting).")");
 115         $changed_sorting=1;
 116       }
 117   }
 118
 119 if(myisset("open_for_games"))
 120   {
 121     $openforgames = $_REQUEST['open_for_games'];
 122     if($openforgames != $PREF['open_for_games'])
 123       {
 124         /* check if we already have an entry for the user, if so change it, if not create new one */
 125         $result = DB_query("SELECT * from User_Prefs".
 126                            " WHERE user_id='$myid' AND pref_key='open for games'" );
 127         if( DB_fetch_array($result))
 128           $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($openforgames).
 129                              " WHERE user_id='$myid' AND pref_key='open for games'" );
 130         else
 131           $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','open for games',".
 132                              DB_quote_smart($openforgames).")");
 133         $changed_openforgames=1;
 134       }
 135   }
 136
 137
 138 if(myisset("password0") &&  $_REQUEST["password0"]!="" )
 139   {
 140     $changed_password = 1;
 141
 142     /* check if old password matches */
 143     $oldpasswd = md5($_REQUEST["password0"]);
 144     $password  = DB_get_passwd_by_userid($myid);
 145     if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
 146       $changed_password = -1;
 147
 148     /* check if new password has been typed in correctly */
 149     if($_REQUEST["password1"] != $_REQUEST["password2"] )
 150       $changed_password = -2;
 151
 152     /* check if new password is long enough */
 153     if(strlen($_REQUEST["password1"])<4)
 154       $changed_password = -3;
 155
 156     if($changed_password==1)
 157       {
 158         DB_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
 159                  "' WHERE id=".DB_quote_smart($myid));
 160       }
 161     /* error output below */
 162   }
 163
 164 /* get infos again in case they have changed */
 165 $PREF     = DB_get_PREF($myid);
 166 $timezone = DB_get_user_timezone($myid);
 167
 168 /*
 169  * output settings
 170  */
 171
 172 echo "<div class=\"user\">\n";
 173 echo "  <form action=\"index.php?action=prefs\" method=\"post\">\n";
 174 echo "  <h2>Your settings are</h2>\n";
 175 echo "    <fieldset>\n";
 176 echo "    <legend>Game-related</legend>\n";
 177
 178 echo "      <table>\n";
 179 echo "        <tr><td>Notification:          </td><td>\n";
 180 echo "          <select id=\"notify\" name=\"notify\" size=\"1\">\n";
 181 if($PREF['email']=="emailaddict")
 182   {
 183     echo "            <option value=\"emailaddict\" selected=\"selected\">less emails</option>\n";
 184     echo "            <option value=\"emailnonaddict\">lots of emails</option>\n";
 185   }
 186  else
 187    {
 188      echo "            <option value=\"emailaddict\">less email</option>\n";
 189      echo "            <option value=\"emailnonaddict\" selected=\"selected\">lots of email</option>\n";
 190    }
 191 echo "          </select>";
 192 if($changed_notify) echo "changed";
 193 echo " </td></tr>\n";
 194
 195 echo "        <tr><td>Autosetup:          </td><td>\n";
 196 echo "          <select id=\"autosetup\" name=\"autosetup\" size=\"1\">\n";
 197 if($PREF['autosetup']=="yes")
 198   {
 199     echo "           <option value=\"yes\" selected=\"selected\">accept every game</option>\n";
 200     echo "           <option value=\"no\">ask for games</option>\n";
 201   }
 202  else
 203    {
 204      echo "           <option value=\"yes\">accept every game</option>\n";
 205      echo "           <option value=\"no\" selected=\"selected\">ask for games</option>\n";
 206    }
 207 echo "         </select>";
 208 if($changed_autosetup) echo "changed";
 209 echo " </td></tr>\n";
 210 echo "    <tr><td>Sorting:          </td><td>\n";
 211
 212 echo "         <select id=\"sorting\" name=\"sorting\" size=\"1\">\n";
 213 if($PREF['sorting']=="high-low")
 214   {
 215     echo "           <option value=\"high-low\" selected=\"selected\">high to low</option>\n";
 216     echo "           <option value=\"low-high\">low to high</option>\n";
 217   }
 218  else
 219    {
 220      echo "           <option value=\"high-low\">high to low</option>\n";
 221      echo "           <option value=\"low-high\" selected=\"selected\">low to high</option>\n";
 222    }
 223 echo "         </select>";
 224 if($changed_sorting) echo "changed";
 225 echo " </td></tr>\n";
 226 echo "        <tr><td>Open for new games:          </td><td>\n";
 227 echo "         <select id=\"open_for_games\" name=\"open_for_games\" size=\"1\">\n";
 228 if($PREF['open_for_games']=="no")
 229   {
 230     echo "           <option value=\"yes\">yes</option>\n";
 231     echo "           <option value=\"no\" selected=\"selected\">no</option>\n";
 232   }
 233  else /* default */
 234    {
 235      echo "           <option value=\"yes\" selected=\"selected\">yes</option>\n";
 236      echo "           <option value=\"no\">no</option>\n";
 237    }
 238 echo "         </select>";
 239 if($changed_openforgames) echo "changed";
 240 echo " </td></tr>\n";
 241
 242 echo "    <tr><td>Card set:              </td><td>\n";
 243 echo "         <select id=\"cards\" name=\"cards\" size=\"1\">\n";
 244 if($PREF['cardset']=="altenburg")
 245   {
 246     echo "           <option value=\"altenburg\" selected=\"selected\">German cards</option>\n";
 247     echo "           <option value=\"english\">English cards</option>\n";
 248   }
 249  else
 250    {
 251      echo "           <option value=\"altenburg\">German cards</option>\n";
 252      echo "           <option value=\"english\" selected=\"selected\">English cards</option>\n";
 253    }
 254 echo "         </select>";
 255 if($changed_cards) echo "changed";
 256 echo " </td></tr>\n";
 257 echo "      </table>\n";
 258 echo "    </fieldset>\n";
 259 echo "    <fieldset>\n";
 260 echo "      <legend>Personal</legend>\n";
 261 echo "      <table>\n";
 262 echo "        <tr><td>Email:                 </td><td> $email    </td></tr>\n";
 263 echo "        <tr><td>Timezone:              </td><td>\n";
 264 output_select_timezone("timezone",$timezone);
 265 if($changed_timezone) echo "changed";
 266 echo "</td></tr>\n";
 267
 268 echo "        <tr><td>Password(old):         </td><td>",
 269   "<input type=\"password\" id=\"password0\" name=\"password0\" size=\"20\" maxlength=\"30\" />";
 270 switch($changed_password)
 271   {
 272   case '-3':
 273     echo "The new passwords is not long enough (you need at least 4 characters).";
 274     break;
 275   case '-2':
 276     echo "The new passwords don't match.";
 277     break;
 278   case '-1':
 279     echo "The old password is not correct.";
 280     break;
 281   case '1':
 282     echo "changed";
 283     break;
 284   }
 285 echo " </td></tr>\n";
 286 echo "        <tr><td>Password(new):         </td><td>",
 287   "<input type=\"password\" id=\"password1\" name=\"password1\" size=\"20\" maxlength=\"30\" />",
 288   " </td></tr>\n";
 289 echo "        <tr><td>Password(new, retype): </td><td>",
 290   "<input type=\"password\" id=\"password2\" name=\"password2\" size=\"20\" maxlength=\"30\" />",
 291   " </td></tr>\n";
 292 echo "      </table>\n";
 293 echo "    </fieldset>\n";
 294 echo "    <fieldset><legend>Submit</legend><input type=\"submit\"  name=\"passwd\" value=\"set\" /></fieldset>\n";
 295 echo "  </form>\n";
 296 echo "</div>\n";
 297
 298 return;
 299 ?>