<?php
-/* Copyright 2006, 2007, 2008, 2009, 2010 Arun Persaud <arun@nubati.net>
+/* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arun Persaud <arun@nubati.net>
*
* This file is part of e-DoKo.
*
/* get old infos */
$PREF = DB_get_PREF($myid);
+/* set language chosen in preferences, will become active on the next reload (see index.php)*/
+$_SESSION['language'] = $PREF['language'];
+set_language($PREF['language']);
$timezone = DB_get_user_timezone($myid);
DB_update_user_timestamp($myid);
$changed_vacation = -1;
/* test if we should delete the entry */
- if($vacation_start == '- 00:00:00')
+ if($_REQUEST['vacation_start'] == $_REQUEST['vacation_stop'])
{
$result = DB_query("DELETE FROM User_Prefs".
" WHERE user_id='$myid' AND pref_key='vacation start'" );
$changed_password = 1;
/* check if old password matches */
- $oldpasswd = md5($_REQUEST["password0"]);
- $password = DB_get_passwd_by_userid($myid);
- if(!( ($password == $oldpasswd) || DB_check_recovery_passwords($oldpasswd,$email) ))
+ $result = verify_password($email, $_REQUEST["password0"]);
+
+ if( $result!=0 )
$changed_password = -1;
/* check if new password has been typed in correctly */
if($changed_password==1)
{
- DB_query("UPDATE User SET password='".md5($_REQUEST["password1"]).
+ // create a password hash using the crypt function, need php 5.3 for this
+ // create and random salt
+ $salt = substr(str_replace('+', '.', base64_encode(sha1(microtime(true), true))), 0, 22);
+ // hash incoming password using 12 rounds of blowfish
+ $hash = crypt($_REQUEST["password1"], '$2y$12$' . $salt);
+
+ DB_query("UPDATE User SET password='".$hash.
"' WHERE id=".DB_quote_smart($myid));
+
+ /* in case this was done using a recovery password delete that password */
+ $tmppasswd = md5($_REQUEST["password0"]);
+ if(DB_check_recovery_passwords($tmppasswd,$email))
+ DB_delete_recovery_passwords($myid);
}
/* error output below */
}
$value = substr($PREF['vacation_start'],0,10);
else
$value = '';
-echo " <td>"._('start').":<input type=\"text\" id=\"vacation_start\" name=\"vacation_start\" size=\"10\" maxlength=\"10\" value=\"$value\" /></td>\n";
+echo " <td>"._('start').":<input type=\"date\" class=\"date\" name=\"vacation_start\" value=\"$value\" /></td>\n";
if($PREF['vacation_stop'])
$value = substr($PREF['vacation_stop'],0,10);
else
$value = '';
-echo " <td>"._('stop').":<input type=\"text\" id=\"vacation_stop\" name=\"vacation_stop\" size=\"10\" maxlength=\"10\" value=\"$value\" /></td>\n";
+echo " <td>"._('stop').":<input type=\"date\" class=\"date\" name=\"vacation_stop\" value=\"$value\" /></td>\n";
if($PREF['vacation_comment'])
$value = $PREF['vacation_comment'];
else
if($changed_vacation == 1) echo _('changed');
if($changed_vacation == -1) echo _('wrong date format');
echo "</td></tr>\n";
-echo '<tr><td></td><td>'._('use YYYY-MM-DD').'</td><td>'._("use '-' in start field to unset vacation")."</td></tr>\n";
+echo '<tr><td></td><td colspan="2">'._("set both dates to the same day to end vacation")."</td></tr>\n";
echo ' <tr><td>'._('Notification').": </td><td>\n";
echo " <select id=\"notify\" name=\"notify\" size=\"1\">\n";
if($PREF['email']=="emailaddict")
echo " </select>";
if($changed_autosetup) echo _('changed');
echo " </td></tr>\n";
-echo " <tr><td>Sorting: </td><td>\n";
+echo ' <tr><td>'._('Sorting').": </td><td>\n";
echo " <select id=\"sorting\" name=\"sorting\" size=\"1\">\n";
if($PREF['sorting']=="high-low")
{
- echo " <option value=\"high-low\" selected=\"selected\">high to low</option>\n";
- echo " <option value=\"low-high\">low to high</option>\n";
+ echo " <option value=\"high-low\" selected=\"selected\">"._('high to low')."</option>\n";
+ echo " <option value=\"low-high\">"._('low to high')."</option>\n";
}
else
{
- echo " <option value=\"high-low\">high to low</option>\n";
- echo " <option value=\"low-high\" selected=\"selected\">low to high</option>\n";
+ echo " <option value=\"high-low\">"._('high to low')."</option>\n";
+ echo " <option value=\"low-high\" selected=\"selected\">"._('low to high')."</option>\n";
}
echo " </select>";
if($changed_sorting) echo _('changed');
echo " <select id=\"open_for_games\" name=\"open_for_games\" size=\"1\">\n";
if($PREF['open_for_games']=="no")
{
- echo " <option value=\"yes\">"._('yes')."</option>\n";
- echo " <option value=\"no\" selected=\"selected\">no</option>\n";
+ echo ' <option value="yes">'._('yes')."</option>\n";
+ echo ' <option value="no" selected="selected">'._('no')."</option>\n";
}
else /* default */
{
- echo " <option value=\"yes\" selected=\"selected\">yes</option>\n";
- echo " <option value=\"no\">"._('no')."</option>\n";
+ echo ' <option value="yes" selected="selected">'._('yes')."</option>\n";
+ echo ' <option value="no">'._('no')."</option>\n";
}
echo " </select>";
if($changed_openforgames) echo _('changed');
if(sizeof($openids))
{
echo " <table class=\"openid\">\n";
- echo " <thead><tr><th>Delete?</th><th>OpenId</th></tr></thead>\n";
+ echo ' <thead><tr><th>'._('Delete')."?</th><th>OpenId</th></tr></thead>\n";
echo " <tbody>\n";
foreach ($openids as $ids)
{
echo " </fieldset>\n";
echo ' <fieldset><legend>'._('Submit')."</legend><input type=\"submit\" name=\"passwd\" value=\"set\" /></fieldset>\n";
echo " </form>\n";
-echo ' <p>'._('E-DoKo uses <a href=\"http://www.gravatar.org\">gravatars</a> as icons.').'</p>';
+echo ' <p>'._('E-DoKo uses <a href="http://www.gravatar.org">gravatars</a> as icons.').'</p>';
echo "</div>\n";
+// add jquery date picker if html5 is not available
+?>
+<script>
+ $(".date").dateinput({ format: 'yyyy-mm-dd' });
+</script>
+<?php
+
+
return;
?>
\ No newline at end of file