engelsystem/includes/pages/user_settings.php

<?php
function user_settings() {
  global $enable_tshirt_size, $tshirt_sizes, $themes, $languages;
  global $user;

  $msg = "";
  $nick = $user['Nick'];
  $lastname = $user['Name'];
  $prename = $user['Vorname'];
  $age = $user['Alter'];
  $tel = $user['Telefon'];
  $dect = $user['DECT'];
  $mobile = $user['Handy'];
  $mail = $user['email'];
  $icq = $user['ICQ'];
  $jabber = $user['jabber'];
  $hometown = $user['Hometown'];
  $tshirt_size = $user['Size'];
  $password_hash = "";
  $selected_theme = $user['color'];
  $selected_language = $user['Sprache'];

  $selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']));
  $selected_angel_types = array ();
  foreach ($selected_angel_types_source as $selected_angel_type)
    $selected_angel_types[] = $selected_angel_type['angeltype_id'];

  $angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
  $angel_types = array ();
  foreach ($angel_types_source as $angel_type)
    $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");

  if (isset ($_REQUEST['submit'])) {
    $ok = true;

    if (isset ($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) {
      $nick = strip_request_item('nick');
      if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
        $ok = false;
        $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick3"), $nick), true);
      }
    } else {
      $ok = false;
      $msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick2"), strip_request_item('nick')), true);
    }

    if (isset ($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
      $mail = strip_request_item('mail');
      if (!check_email($mail)) {
        $ok = false;
        $msg .= error(Get_Text("makeuser_error_mail"), true);
      }
    } else {
      $ok = false;
      $msg .= error("Please enter your e-mail.", true);
    }

    if (isset ($_REQUEST['icq']))
      $icq = strip_request_item('icq');
    if (isset ($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {
      $jabber = strip_request_item('jabber');
      if (!check_email($jabber)) {
        $ok = false;
        $msg .= error("Please check your jabber.", true);
      }
    }

    if (isset ($_REQUEST['tshirt_size']) && isset ($tshirt_sizes[$_REQUEST['tshirt_size']]))
      $tshirt_size = $_REQUEST['tshirt_size'];
    elseif($enable_tshirt_size) {
      $ok = false;
    }

    $selected_angel_types = array ();
    foreach ($angel_types as $angel_type_id => $angel_type_name)
      if (isset ($_REQUEST['angel_types_' . $angel_type_id]))
      $selected_angel_types[] = $angel_type_id;

    // Trivia
    if (isset ($_REQUEST['lastname']))
      $lastname = strip_request_item('lastname');
    if (isset ($_REQUEST['prename']))
      $prename = strip_request_item('prename');
    if (isset ($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age']))
      $age = strip_request_item('age');
    if (isset ($_REQUEST['tel']))
      $tel = strip_request_item('tel');
    if (isset ($_REQUEST['dect']))
      $dect = strip_request_item('dect');
    if (isset ($_REQUEST['mobile']))
      $mobile = strip_request_item('mobile');
    if (isset ($_REQUEST['hometown']))
      $hometown = strip_request_item('hometown');

    if ($ok) {
      sql_query("UPDATE `User` SET `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) .
          "', `Alter`='" . sql_escape($age) . "', `Telefon`='" . sql_escape($tel) . "', `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) .
          "', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) .
          "', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID']));

      // Assign angel-types
      $user_angel_type_info = array();
      sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`='" . sql_escape($user['UID']) . "' AND `angeltype_id` IN (" . implode(",", array_diff(array_keys($angel_types), $selected_angel_types)) . ")");
      foreach ($angel_types_source as $angel_type)
        if (in_array($angel_type['id'], $selected_angel_types))
          $user_angel_type_info[] = $angel_type['name'];

      foreach ($selected_angel_types as $selected_angel_type_id) {
        if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0)
          sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
      }

      engelsystem_log("Own angel types set to: " . join(", ", $user_angel_type_info));
      success("Settings saved.");
      redirect(page_link_to('user_settings'));
    }
  }
  elseif (isset ($_REQUEST['submit_password'])) {
    $ok = true;

    if (!isset ($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))
      $msg .= error(Get_Text(30), true);
    elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH)
    $msg .= error(Get_Text("makeuser_error_password2"));
    elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2'])
    $msg .= error(Get_Text("makeuser_error_password1"), true);
    elseif(set_password($user['UID'], $_REQUEST['new_password']))
    success("Password saved.");
    else
      error("Failed setting password.");
    redirect(page_link_to('user_settings'));
  }
  elseif (isset ($_REQUEST['submit_theme'])) {
    $ok = true;

    if (isset ($_REQUEST['theme']) && isset ($themes[$_REQUEST['theme']]))
      $selected_theme = $_REQUEST['theme'];
    else
      $ok = false;

    if ($ok) {
      sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID']));

      success("Theme changed.");
      redirect(page_link_to('user_settings'));
    }
  }
  elseif (isset ($_REQUEST['submit_language'])) {
    $ok = true;

    if (isset ($_REQUEST['language']) && isset ($languages[$_REQUEST['language']]))
      $selected_language = $_REQUEST['language'];
    else
      $ok = false;

    if ($ok) {
      sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID']));
      $_SESSION['Sprache'] = $selected_language;

      success("Language changed.");
      redirect(page_link_to('user_settings'));
    }
  }

  return page(array (
    sprintf(Get_Text("Hallo") . "%s,<br />" . Get_Text(13), $user['Nick']),
    $msg,
    msg(),
    form(array (
      form_info("", Get_Text("pub_einstellungen_Text_UserData")),
      form_text('nick', Get_Text("makeuser_Nickname") . "*", $nick),
      form_text('lastname', Get_Text("makeuser_Nachname"), $lastname),
      form_text('prename', Get_Text("makeuser_Vorname"), $prename),
      form_text('age', Get_Text("makeuser_Alter"), $age),
      form_text('tel', Get_Text("makeuser_Telefon"), $tel),
      form_text('dect', Get_Text("makeuser_DECT"), $dect),
      form_text('mobile', Get_Text("makeuser_Handy"), $mobile),
      form_text('mail', Get_Text("makeuser_E-Mail") . "*", $mail),
      form_text('icq', "ICQ", $icq),
      form_text('jabber', "Jabber", $jabber),
      form_text('hometown', Get_Text("makeuser_Hometown"), $hometown),
      $enable_tshirt_size ? form_select('tshirt_size', Get_Text("makeuser_T-Shirt"), $tshirt_sizes, $tshirt_size) : '',
      form_checkboxes('angel_types', "<span id=\"angel_types_anchor\">What do you want to do?</span><br>(<a href=\"https://events.ccc.de/congress/2012/wiki/Volunteers#What_kind_of_volunteers_are_needed.3F\">Description of job types</a>)", $angel_types, $selected_angel_types),
      form_submit('submit', Get_Text("save"))
    )),
    form(array (
      form_info("", Get_Text(14)),
      form_password('password', Get_Text(15)),
      form_password('new_password', Get_Text(16)),
      form_password('new_password2', Get_Text(17)),
      form_submit('submit_password', Get_Text("save"))
    )),
    form(array (
      form_info("", Get_Text(18)),
      form_select('theme', Get_Text(19), $themes, $selected_theme),
      form_submit('submit_theme', Get_Text("save"))
    )),
    form(array (
      form_info("", Get_Text(20)),
      form_select('language', Get_Text(21), $languages, $selected_language),
      form_submit('submit_language', Get_Text("save"))
    ))
  ));
}
?>
user settings 2011-06-02 20:18:01 +02:00			`<?php`
			`function user_settings() {`
#28 finnished logging 2012-12-26 19:53:27 +01:00			`global $enable_tshirt_size, $tshirt_sizes, $themes, $languages;`
			`global $user;`

			`$msg = "";`
			`$nick = $user['Nick'];`
			`$lastname = $user['Name'];`
			`$prename = $user['Vorname'];`
			`$age = $user['Alter'];`
			`$tel = $user['Telefon'];`
			`$dect = $user['DECT'];`
			`$mobile = $user['Handy'];`
			`$mail = $user['email'];`
			`$icq = $user['ICQ'];`
			`$jabber = $user['jabber'];`
			`$hometown = $user['Hometown'];`
			`$tshirt_size = $user['Size'];`
			`$password_hash = "";`
			`$selected_theme = $user['color'];`
			`$selected_language = $user['Sprache'];`

			$selected_angel_types_source = sql_select("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']));
			`$selected_angel_types = array ();`
			`foreach ($selected_angel_types_source as $selected_angel_type)`
			`$selected_angel_types[] = $selected_angel_type['angeltype_id'];`

			$angel_types_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`");
			`$angel_types = array ();`
			`foreach ($angel_types_source as $angel_type)`
			`$angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : "");`

			`if (isset ($_REQUEST['submit'])) {`
			`$ok = true;`

			`if (isset ($_REQUEST['nick']) && strlen(strip_request_item('nick')) > 1) {`
			`$nick = strip_request_item('nick');`
			if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' AND NOT `UID`=" . sql_escape($user['UID']) . " LIMIT 1") > 0) {
			`$ok = false;`
			`$msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick3"), $nick), true);`
			`}`
			`} else {`
			`$ok = false;`
			`$msg .= error(sprintf(Get_Text("makeuser_error_nick1") . "%s" . Get_Text("makeuser_error_nick2"), strip_request_item('nick')), true);`
			`}`

			`if (isset ($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {`
			`$mail = strip_request_item('mail');`
			`if (!check_email($mail)) {`
			`$ok = false;`
			`$msg .= error(Get_Text("makeuser_error_mail"), true);`
			`}`
			`} else {`
			`$ok = false;`
			`$msg .= error("Please enter your e-mail.", true);`
			`}`

			`if (isset ($_REQUEST['icq']))`
			`$icq = strip_request_item('icq');`
			`if (isset ($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) {`
			`$jabber = strip_request_item('jabber');`
			`if (!check_email($jabber)) {`
			`$ok = false;`
			`$msg .= error("Please check your jabber.", true);`
			`}`
			`}`

			`if (isset ($_REQUEST['tshirt_size']) && isset ($tshirt_sizes[$_REQUEST['tshirt_size']]))`
			`$tshirt_size = $_REQUEST['tshirt_size'];`
optimizations and minor fixes for user_shifts and admin_user 2012-12-28 17:47:02 +01:00			`elseif($enable_tshirt_size) {`
#28 finnished logging 2012-12-26 19:53:27 +01:00			`$ok = false;`
			`}`

			`$selected_angel_types = array ();`
			`foreach ($angel_types as $angel_type_id => $angel_type_name)`
			`if (isset ($_REQUEST['angel_types_' . $angel_type_id]))`
			`$selected_angel_types[] = $angel_type_id;`

			`// Trivia`
			`if (isset ($_REQUEST['lastname']))`
			`$lastname = strip_request_item('lastname');`
			`if (isset ($_REQUEST['prename']))`
			`$prename = strip_request_item('prename');`
			`if (isset ($_REQUEST['age']) && preg_match("/^[0-9]{0,4}$/", $_REQUEST['age']))`
			`$age = strip_request_item('age');`
			`if (isset ($_REQUEST['tel']))`
			`$tel = strip_request_item('tel');`
			`if (isset ($_REQUEST['dect']))`
			`$dect = strip_request_item('dect');`
			`if (isset ($_REQUEST['mobile']))`
			`$mobile = strip_request_item('mobile');`
			`if (isset ($_REQUEST['hometown']))`
			`$hometown = strip_request_item('hometown');`

			`if ($ok) {`
			sql_query("UPDATE `User` SET `Nick`='" . sql_escape($nick) . "', `Vorname`='" . sql_escape($prename) . "', `Name`='" . sql_escape($lastname) .
			"', `Alter`='" . sql_escape($age) . "', `Telefon`='" . sql_escape($tel) . "', `DECT`='" . sql_escape($dect) . "', `Handy`='" . sql_escape($mobile) .
			"', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) .
			"', `Hometown`='" . sql_escape($hometown) . "' WHERE `UID`=" . sql_escape($user['UID']));

			`// Assign angel-types`
			`$user_angel_type_info = array();`
optimizations and minor fixes for user_shifts and admin_user 2012-12-28 17:47:02 +01:00			sql_query("DELETE FROM `UserAngelTypes` WHERE `user_id`='" . sql_escape($user['UID']) . "' AND `angeltype_id` IN (" . implode(",", array_diff(array_keys($angel_types), $selected_angel_types)) . ")");
			`foreach ($angel_types_source as $angel_type)`
			`if (in_array($angel_type['id'], $selected_angel_types))`
#28 finnished logging 2012-12-26 19:53:27 +01:00			`$user_angel_type_info[] = $angel_type['name'];`

			`foreach ($selected_angel_types as $selected_angel_type_id) {`
			if (sql_num_query("SELECT * FROM `UserAngelTypes` WHERE `user_id`=" . sql_escape($user['UID']) . " AND `angeltype_id`=" . sql_escape($selected_angel_type_id) . " LIMIT 1") == 0)
			sql_query("INSERT INTO `UserAngelTypes` SET `user_id`=" . sql_escape($user['UID']) . ", `angeltype_id`=" . sql_escape($selected_angel_type_id));
			`}`

			`engelsystem_log("Own angel types set to: " . join(", ", $user_angel_type_info));`
			`success("Settings saved.");`
			`redirect(page_link_to('user_settings'));`
			`}`
			`}`
			`elseif (isset ($_REQUEST['submit_password'])) {`
			`$ok = true;`

			`if (!isset ($_REQUEST['password']) \|\| !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))`
			`$msg .= error(Get_Text(30), true);`
			`elseif (strlen($_REQUEST['new_password']) < MIN_PASSWORD_LENGTH)`
			`$msg .= error(Get_Text("makeuser_error_password2"));`
			`elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2'])`
			`$msg .= error(Get_Text("makeuser_error_password1"), true);`
			`elseif(set_password($user['UID'], $_REQUEST['new_password']))`
			`success("Password saved.");`
			`else`
			`error("Failed setting password.");`
			`redirect(page_link_to('user_settings'));`
			`}`
			`elseif (isset ($_REQUEST['submit_theme'])) {`
			`$ok = true;`

			`if (isset ($_REQUEST['theme']) && isset ($themes[$_REQUEST['theme']]))`
			`$selected_theme = $_REQUEST['theme'];`
			`else`
			`$ok = false;`

			`if ($ok) {`
			sql_query("UPDATE `User` SET `color`='" . sql_escape($selected_theme) . "' WHERE `UID`=" . sql_escape($user['UID']));

			`success("Theme changed.");`
			`redirect(page_link_to('user_settings'));`
			`}`
			`}`
			`elseif (isset ($_REQUEST['submit_language'])) {`
			`$ok = true;`

			`if (isset ($_REQUEST['language']) && isset ($languages[$_REQUEST['language']]))`
			`$selected_language = $_REQUEST['language'];`
			`else`
			`$ok = false;`

			`if ($ok) {`
			sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($selected_language) . "' WHERE `UID`=" . sql_escape($user['UID']));
			`$_SESSION['Sprache'] = $selected_language;`

			`success("Language changed.");`
			`redirect(page_link_to('user_settings'));`
			`}`
			`}`

			`return page(array (`
			`sprintf(Get_Text("Hallo") . "%s,<br />" . Get_Text(13), $user['Nick']),`
			`$msg,`
			`msg(),`
			`form(array (`
			`form_info("", Get_Text("pub_einstellungen_Text_UserData")),`
			`form_text('nick', Get_Text("makeuser_Nickname") . "*", $nick),`
			`form_text('lastname', Get_Text("makeuser_Nachname"), $lastname),`
			`form_text('prename', Get_Text("makeuser_Vorname"), $prename),`
			`form_text('age', Get_Text("makeuser_Alter"), $age),`
			`form_text('tel', Get_Text("makeuser_Telefon"), $tel),`
			`form_text('dect', Get_Text("makeuser_DECT"), $dect),`
			`form_text('mobile', Get_Text("makeuser_Handy"), $mobile),`
			`form_text('mail', Get_Text("makeuser_E-Mail") . "*", $mail),`
			`form_text('icq', "ICQ", $icq),`
			`form_text('jabber', "Jabber", $jabber),`
			`form_text('hometown', Get_Text("makeuser_Hometown"), $hometown),`
			`$enable_tshirt_size ? form_select('tshirt_size', Get_Text("makeuser_T-Shirt"), $tshirt_sizes, $tshirt_size) : '',`
simplified shift view 2012-12-27 16:34:41 +01:00			`form_checkboxes('angel_types', "<span id=\"angel_types_anchor\">What do you want to do?</span><br>(<a href=\"https://events.ccc.de/congress/2012/wiki/Volunteers#What_kind_of_volunteers_are_needed.3F\">Description of job types</a>)", $angel_types, $selected_angel_types),`
#28 finnished logging 2012-12-26 19:53:27 +01:00			`form_submit('submit', Get_Text("save"))`
			`)),`
			`form(array (`
			`form_info("", Get_Text(14)),`
			`form_password('password', Get_Text(15)),`
			`form_password('new_password', Get_Text(16)),`
			`form_password('new_password2', Get_Text(17)),`
			`form_submit('submit_password', Get_Text("save"))`
			`)),`
			`form(array (`
			`form_info("", Get_Text(18)),`
			`form_select('theme', Get_Text(19), $themes, $selected_theme),`
			`form_submit('submit_theme', Get_Text("save"))`
			`)),`
			`form(array (`
			`form_info("", Get_Text(20)),`
			`form_select('language', Get_Text(21), $languages, $selected_language),`
			`form_submit('submit_language', Get_Text("save"))`
			`))`
			`));`
user settings 2011-06-02 20:18:01 +02:00			`}`
			`?>`