* * This file is part of e-DoKo. * * e-DoKo is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * e-DoKo is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with e-DoKo. If not, see . * */ /* make sure that we are not called from outside the scripts, * use a variable defined in config.php to check this */ if(!isset($HOST)) exit; include_once('openid.php'); $name = $_SESSION["name"]; $email = DB_get_email('name',$name); $myid = DB_get_userid('email',$email); if(!$myid) return; /* track what got changed */ $changed_notify = 0; $changed_password = 0; $changed_cards = 0; $changed_timezone = 0; $changed_autosetup = 0; $changed_sorting = 0; $changed_openforgames = 0; $changed_vacation = 0; $changed_openid = 0; $changed_digest = 0; $changed_language = 0; display_user_menu($myid); /* get old infos */ $PREF = DB_get_PREF($myid); /* set language chosen in preferences, will become active on the next reload (see index.php)*/ $_SESSION['language'] = $PREF['language']; $timezone = DB_get_user_timezone($myid); DB_update_user_timestamp($myid); /* does the user want to change some preferences? * update the database and track changes with a variable, so that * we can later highlight the changed value */ /* check for deleted openids */ foreach($_REQUEST as $key=>$value) { if(strstr($key,"delete-openid-")) { /* found and openid to delete */ $DelOpenID = substr(str_replace("_",".",$key),14); DB_DetachOpenID($DelOpenID, $myid); $changed_openid = 1; } } if(myisset('vacation_start','vacation_stop','vacation_comment') && ($_REQUEST['vacation_start']!='' || $_REQUEST['vacation_stop']!='') ) { $vacation_start = $_REQUEST['vacation_start'].' 00:00:00'; $vacation_stop = $_REQUEST['vacation_stop'].' 23:59:59'; $vacation_comment = $_REQUEST['vacation_comment']; /* check if everything is valid */ if(!strtotime($vacation_start)) $changed_vacation = -1; if(!strtotime($vacation_stop)) $changed_vacation = -1; /* test if we should delete the entry */ if($_REQUEST['vacation_start'] == $_REQUEST['vacation_stop']) { $result = DB_query("DELETE FROM User_Prefs". " WHERE user_id='$myid' AND pref_key='vacation start'" ); $result = DB_query("DELETE FROM User_Prefs". " WHERE user_id='$myid' AND pref_key='vacation stop'" ); $result = DB_query("DELETE FROM User_Prefs". " WHERE user_id='$myid' AND pref_key='vacation comment'" ); $changed_vacation = 1; } /* change in database if format is ok */ else if($changed_vacation>=0) { /* only change if different from current value */ if($vacation_start!=$PREF['vacation_start']) { $result = DB_query("SELECT * from User_Prefs". " WHERE user_id='$myid' AND pref_key='vacation start'" ); if( DB_fetch_array($result)) $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_start). " WHERE user_id='$myid' AND pref_key='vacation start'" ); else $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation start',". DB_quote_smart($vacation_start).")"); $changed_vacation = 1; } /* same for the stop date */ if($vacation_stop!=$PREF['vacation_stop']) { $result = DB_query("SELECT * from User_Prefs". " WHERE user_id='$myid' AND pref_key='vacation stop'" ); if( DB_fetch_array($result)) $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_stop). " WHERE user_id='$myid' AND pref_key='vacation stop'" ); else $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation stop',". DB_quote_smart($vacation_stop).")"); $changed_vacation = 1; } /* does the user want to add a comment? */ if($vacation_comment!=$PREF['vacation_comment']) { $result = DB_query("SELECT * from User_Prefs". " WHERE user_id='$myid' AND pref_key='vacation comment'" ); if( DB_fetch_array($result)) $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($vacation_comment). " WHERE user_id='$myid' AND pref_key='vacation comment'" ); else $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','vacation comment',". DB_quote_smart($vacation_comment).")"); $changed_vacation = 1; } } } if(myisset("timezone")) { $newtimezone = $_REQUEST['timezone']; if($newtimezone != $timezone) { DB_query("UPDATE User SET timezone=".DB_quote_smart($newtimezone). " WHERE id=".DB_quote_smart($myid)); $changed_timezone = 1; } } if(myisset("cards")) { $cards=$_REQUEST['cards']; if($cards != $PREF['cardset']) { /* check if we already have an entry for the user, if so change it, if not create new one */ $result = DB_query("SELECT * from User_Prefs". " WHERE user_id='$myid' AND pref_key='cardset'" ); if( DB_fetch_array($result)) $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($cards). " WHERE user_id='$myid' AND pref_key='cardset'" ); else $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','cardset',". DB_quote_smart($cards).")"); $changed_cards = 1; } } if(myisset("notify")) { $notify=$_REQUEST['notify']; if($notify != $PREF['email']) { /* check if we already have an entry for the user, if so change it, if not create new one */ $result = DB_query("SELECT * from User_Prefs". " WHERE user_id='$myid' AND pref_key='email'" ); if( DB_fetch_array($result)) $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($notify). " WHERE user_id='$myid' AND pref_key='email'" ); else $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','email',". DB_quote_smart($notify).")"); $changed_notify=1; } } if(myisset("digest")) { $digest=$_REQUEST['digest']; if($digest != $PREF['digest']) { /* check if we already have an entry for the user, if so change it, if not create new one */ $result = DB_query("SELECT * from User_Prefs". " WHERE user_id='$myid' AND pref_key='digest'" ); if( DB_fetch_array($result)) $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($digest). " WHERE user_id='$myid' AND pref_key='digest'" ); else $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','digest',". DB_quote_smart($digest).")"); $changed_digest=1; } } if(myisset("autosetup")) { $autosetup = $_REQUEST['autosetup']; if($autosetup != $PREF['autosetup']) { /* check if we already have an entry for the user, if so change it, if not create new one */ $result = DB_query("SELECT * from User_Prefs". " WHERE user_id='$myid' AND pref_key='autosetup'" ); if( DB_fetch_array($result)) $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($autosetup). " WHERE user_id='$myid' AND pref_key='autosetup'" ); else $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','autosetup',". DB_quote_smart($autosetup).")"); $changed_autosetup=1; } } if(myisset("sorting")) { $sorting = $_REQUEST['sorting']; if($sorting != $PREF['sorting']) { /* check if we already have an entry for the user, if so change it, if not create new one */ $result = DB_query("SELECT * from User_Prefs". " WHERE user_id='$myid' AND pref_key='sorting'" ); if( DB_fetch_array($result)) $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($sorting). " WHERE user_id='$myid' AND pref_key='sorting'" ); else $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','sorting',". DB_quote_smart($sorting).")"); $changed_sorting=1; } } if(myisset("open_for_games")) { $openforgames = $_REQUEST['open_for_games']; if($openforgames != $PREF['open_for_games']) { /* check if we already have an entry for the user, if so change it, if not create new one */ $result = DB_query("SELECT * from User_Prefs". " WHERE user_id='$myid' AND pref_key='open for games'" ); if( DB_fetch_array($result)) $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($openforgames). " WHERE user_id='$myid' AND pref_key='open for games'" ); else $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','open for games',". DB_quote_smart($openforgames).")"); $changed_openforgames=1; } } if(myisset("password0","password1","password2") && $_REQUEST["password0"]!="" && $_REQUEST["password0"]!= $_REQUEST["password1"]) { $changed_password = 1; /* check if old password matches */ $result = verify_password($email, $_REQUEST["password0"]); if( $result!=0 ) $changed_password = -1; /* check if new password has been typed in correctly */ if($_REQUEST["password1"] != $_REQUEST["password2"] ) $changed_password = -2; /* check if new password is long enough */ if(strlen($_REQUEST["password1"])<4) $changed_password = -3; if($changed_password==1) { // create a password hash using the crypt function, need php 5.3 for this // create and random salt $salt = substr(str_replace('+', '.', base64_encode(sha1(microtime(true), true))), 0, 22); // hash incoming password using 12 rounds of blowfish $hash = crypt($_REQUEST["password1"], '$2y$12$' . $salt); DB_query("UPDATE User SET password='".$hash. "' WHERE id=".DB_quote_smart($myid)); /* in case this was done using a recovery password delete that password */ $tmppasswd = md5($_REQUEST["password0"]); if(DB_check_recovery_passwords($tmppasswd,$email)) DB_delete_recovery_passwords($myid); } /* error output below */ } if(myisset("openid_url") && $_REQUEST['openid_url']!='') { $openid_url = OpenIDUrlEncode($_REQUEST['openid_url']); DB_AttachOpenID($openid_url, $myid); } if(myisset("language")) { $language = $_REQUEST['language']; if($language != $PREF['language']) { /* check if we already have an entry for the user, if so change it, if not create new one */ $result = DB_query("SELECT * from User_Prefs". " WHERE user_id='$myid' AND pref_key='language'" ); if( DB_fetch_array($result)) $result = DB_query("UPDATE User_Prefs SET value=".DB_quote_smart($language). " WHERE user_id='$myid' AND pref_key='language'" ); else $result = DB_query("INSERT INTO User_Prefs VALUES(NULL,'$myid','language',". DB_quote_smart($language).")"); $changed_language = 1; } } /* get infos again in case they have changed */ $PREF = DB_get_PREF($myid); $timezone = DB_get_user_timezone($myid); /* * output settings */ echo "
\n"; echo "
\n"; echo '

'._('Your settings are')."

\n"; echo "
\n"; echo ' '._('Game-related')."\n"; echo " \n"; echo ' \n"; if($PREF['vacation_start']) $value = substr($PREF['vacation_start'],0,10); else $value = ''; echo " \n"; if($PREF['vacation_stop']) $value = substr($PREF['vacation_stop'],0,10); else $value = ''; echo " \n"; if($PREF['vacation_comment']) $value = $PREF['vacation_comment']; else $value = ''; echo ' \n"; echo '\n"; echo ' \n"; echo ' \n"; echo ' \n"; echo ' \n"; echo ' \n"; echo ' \n"; echo "
'._('Vacation').": "._('start').":"._('stop').":'._('comment:').""; if($changed_vacation == 1) echo _('changed'); if($changed_vacation == -1) echo _('wrong date format'); echo "
'._("set both dates to the same day to end vacation")."
'._('Notification').": \n"; echo " "; if($changed_notify) echo _('changed'); echo "
'._('Digest').": \n"; echo " "; if($changed_digest) echo _('changed'); echo "
'._('Autosetup').": \n"; echo " "; if($changed_autosetup) echo _('changed'); echo "
'._('Sorting').": \n"; echo " "; if($changed_sorting) echo _('changed'); echo "
'._('Open for new games').": \n"; echo " "; if($changed_openforgames) echo _('changed'); echo "
'.('Card set').": \n"; echo " "; if($changed_cards) echo _('changed'); echo "
\n"; echo "
\n"; echo "
\n"; echo ' '._('Personal')."\n"; echo " \n"; echo ' \n"; echo ' \n"; echo ' \n"; echo ' \n"; echo ' \n"; echo ' \n"; echo "
'._('Email').": $email
'._('Timezone').": \n"; output_select_timezone("timezone",$timezone); if($changed_timezone) echo _('changed'); echo "
'._('Language').": \n"; output_select_language("language",$PREF['language']); if($changed_language == 1) echo _('changed'); echo "
'._('Password(old)').": ", ""; switch($changed_password) { case '-3': echo _('The new passwords is not long enough (you need at least 4 characters).'); break; case '-2': echo _('The new passwords don\'t match.'); break; case '-1': echo _('The old password is not correct.'); break; case '1': echo _('changed'); break; } echo "
'._('Password(new)').": ", "", "
'._('Password(new, retype)').": ", "", "
\n"; echo "
\n"; echo "
\n"; echo ' '._('OpenID')."\n"; $openids = array(); $openids = DB_GetOpenIDsByUser($myid); if(sizeof($openids)) { echo " \n"; echo ' \n"; echo " \n"; foreach ($openids as $ids) { $id=($ids[0]); echo " \n"; } echo " \n"; echo "
'._('Delete')."?OpenId
",$id, "
\n"; } echo ' '._('add OpenID').': ', ""; if($changed_openid) echo ' '._('Deleted some OpenIDs!')."
\n"; echo "
\n"; echo '
'._('Submit')."
\n"; echo "
\n"; echo '

'._('E-DoKo uses gravatars as icons.').'

'; echo "
\n"; // add jquery date picker if html5 is not available ?>