/**
 * Renders html for editing all tblSettings field for current user
 *
 * @return nothing
 */
function editUserdataSettings($_userid = '')
{
    global $h;
    if (empty($_userid)) {
        $_userid = $h->session->id;
    }
    $list = readAllUserdata($_userid);
    if (!$list) {
        return;
    }
    echo '<div class="settings">';
    echo xhtmlForm('edit_settings_frm', '', 'post', 'multipart/form-data');
    echo xhtmlHidden('edit_settings_check', 1);
    echo '<table>';
    foreach ($list as $row) {
        if (!empty($_POST['edit_settings_check'])) {
            switch ($row['fieldType']) {
                case USERDATA_TYPE_IMAGE:
                    if (!empty($_POST['userdata_' . $row['fieldId'] . '_remove'])) {
                        $h->files->deleteFile($row['settingValue']);
                        $row['settingValue'] = 0;
                    } else {
                        if (isset($_FILES['userdata_' . $row['fieldId']])) {
                            // FIXME: Gör så att handleUpload klarar av att ta userId som parameter
                            $row['settingValue'] = $h->files->handleUpload($_FILES['userdata_' . $row['fieldId']], FILETYPE_USERDATA, $row['fieldId']);
                        }
                    }
                    break;
                case USERDATA_TYPE_EMAIL:
                    if (empty($_POST['userdata_' . $row['fieldId']])) {
                        break;
                    }
                    if (!is_email($_POST['userdata_' . $row['fieldId']])) {
                        echo '<div class="critical">' . t('The email entered is not valid!') . '</div>';
                    } else {
                        $chk = findUserByEmail($_POST['userdata_' . $row['fieldId']]);
                        if ($chk && $chk != $_userid) {
                            echo '<div class="critical">' . t('The email entered already taken!') . '</div>';
                        } else {
                            $row['settingValue'] = $_POST['userdata_' . $row['fieldId']];
                        }
                    }
                    break;
                case USERDATA_TYPE_BIRTHDATE:
                    if (empty($_POST['userdata_' . $row['fieldId'] . '_year'])) {
                        break;
                    }
                    $born = mktime(0, 0, 0, $_POST['userdata_' . $row['fieldId'] . '_month'], $_POST['userdata_' . $row['fieldId'] . '_day'], $_POST['userdata_' . $row['fieldId'] . '_year']);
                    $row['settingValue'] = sql_datetime($born);
                    break;
                case USERDATA_TYPE_BIRTHDATE_SWE:
                    if (empty($_POST['userdata_' . $row['fieldId'] . '_year'])) {
                        break;
                    }
                    $born = mktime(0, 0, 0, $_POST['userdata_' . $row['fieldId'] . '_month'], $_POST['userdata_' . $row['fieldId'] . '_day'], $_POST['userdata_' . $row['fieldId'] . '_year']);
                    if ($check = SsnValidateSwedishNum($_POST['userdata_' . $row['fieldId'] . '_year'], $_POST['userdata_' . $row['fieldId'] . '_month'], $_POST['userdata_' . $row['fieldId'] . '_day'], $_POST['userdata_' . $row['fieldId'] . '_chk']) === true) {
                        $row['settingValue'] = sql_datetime($born);
                    } else {
                        echo '<div class="critical">' . t('The Swedish SSN you entered is not valid!') . '</div>';
                    }
                    break;
                case USERDATA_TYPE_LOCATION_SWE:
                    if (empty($_POST['userdata_' . $row['fieldId']])) {
                        break;
                    }
                    if (!ZipLocation::isValid($_POST['userdata_' . $row['fieldId']])) {
                        echo '<div class="critical">' . t('The Swedish zipcode you entered is not valid!') . '</div>';
                        $h->session->log('User entered invalid swedish zipcode: ' . $_POST['userdata_' . $row['fieldId']], LOGLEVEL_WARNING);
                    } else {
                        saveSetting(SETTING_USERDATA, 0, $_userid, 'city', ZipLocation::cityId($_POST['userdata_' . $row['fieldId']]));
                        saveSetting(SETTING_USERDATA, 0, $_userid, 'region', ZipLocation::regionId($_POST['userdata_' . $row['fieldId']]));
                        $row['settingValue'] = $_POST['userdata_' . $row['fieldId']];
                    }
                    break;
                default:
                    if (!empty($_POST['userdata_' . $row['fieldId']])) {
                        $row['settingValue'] = $_POST['userdata_' . $row['fieldId']];
                    } else {
                        $row['settingValue'] = '';
                    }
                    break;
            }
            //Stores the setting
            saveSetting(SETTING_USERDATA, 0, $_userid, $row['fieldId'], $row['settingValue']);
        }
        echo '<tr>' . getUserdataInput($row) . '</tr>';
    }
    echo '</table>';
    echo xhtmlSubmit('Save');
    echo xhtmlFormClose();
    echo '</div>';
}
Beispiel #2
0
            }
            // Add this user to Super Admin group
            UserGroupHandler::addToGroup($user_id, $sadmin_id);
        }
        if ($session->login($_POST['register_usr'], $_POST['register_pwd'])) {
            $session->showStartPage();
        }
    }
    // after form submit failed, put focus back to the register form <div> to show error
    $header->embedJsOnload('show_reg_form();');
}
$header->embedCss('.register_box{' . 'font-size:14px;' . 'border:1px solid #aaa;' . 'min-width:280px;' . 'color:#000;' . 'background-color:#ddd;' . 'padding:10px;' . 'border-radius:15px 15px 15px 15px;' . '-moz-border-radius:15px 15px 15px 15px;' . '}');
echo '<div id="login_register_layer" class="register_box">';
echo '<b>Register new account</b><br/><br/>';
if ($superadmin_reg) {
    echo '<div class="critical">The account you create now will be the super administrator account.</div><br/>';
}
echo xhtmlForm('reg_frm', '', '', '', 'return validate_reg_form(this);');
echo '<table cellpadding="2">';
echo '<tr>' . '<td>' . t('Username') . ':</td>' . '<td>' . xhtmlInput('register_usr', !empty($_POST['register_usr']) ? $_POST['register_usr'] : '') . ' ' . xhtmlImage($page->getRelativeCoreDevUrl() . 'gfx/icon_user.png', t('Username')) . '</td>' . '</tr>';
echo '<tr><td>' . t('Password') . ':</td>' . '<td>' . xhtmlPassword('register_pwd') . ' ' . xhtmlImage($page->getRelativeCoreDevUrl() . 'gfx/icon_keys.png', t('Password')) . '</td>' . '</tr>';
echo '<tr><td>' . t('Again') . ':</td>' . '<td>' . xhtmlPassword('register_pwd2') . ' ' . xhtmlImage($page->getRelativeCoreDevUrl() . 'gfx/icon_keys.png', t('Repeat password')) . '</td>' . '</tr>';
echo '</table><br/>';
echo xhtmlSubmit('Register', 'button', 'font-weight:bold');
$x = new XhtmlComponentButton();
$x->text = t('Cancel');
$x->onClick('return show_login_form();');
//$x->style = 'font-weight:bold';
echo $x->render();
echo xhtmlFormClose();
echo '</div>';
Beispiel #3
0
<?php

require_once 'config.php';
require 'design_head.php';
echo '<h1>New issue</h1>';
if (isset($_POST['desc'])) {
    $issueId = addIssue($session->id, 0, $_POST['desc']);
    if ($issueId) {
        echo 'Thank you for the report!<br/>';
        echo 'The issue have been stored and will be overlooked as soon as possible!<br/><br/>';
        echo 'What do you want to do now?<br/><br/>';
        echo '* <a href="show_issue.php?id=' . $issueId . '">Go to issue report</a><br/>';
        echo '* <a href="' . $_SERVER['PHP_SELF'] . '">Report another issue</a><br/>';
    } else {
        echo 'Error adding the issue.';
    }
} else {
    echo 'From here you can submit bug reports or feature requests regarding the game or website.<br/>';
    echo 'Please leave as many details as possible.<br/><br/>';
    echo xhtmlForm();
    //FIXME categories dropdown
    echo 'Description:<br/>';
    echo xhtmlTextarea('desc', '', 60, 8) . '</td></tr>';
    echo '<tr><td><br>' . xhtmlSubmit('Submit issue') . '</td></tr>';
    echo xhtmlFormClose();
}
require 'design_foot.php';
function shareForumItem($itemId)
{
    global $h;
    if (!$h->session->id || !is_numeric($itemId)) {
        return false;
    }
    if (!empty($_POST['fshare_mail'])) {
        if (is_email($_POST['fshare_mail'])) {
            $item = getForumItem($itemId);
            if (!empty($_POST['fshare_name'])) {
                $mail = "Hej " . $_POST['fshare_name'] . "!\n\n";
            } else {
                $mail = "Hej!\n\n";
            }
            $mail .= $h->session->username . " har skickat dig den här länken till dig från communityt\n";
            $mail .= "på vår sajt, " . xhtmlGetUrl('/') . ".\n\n";
            if ($item['authorId']) {
                $mail .= $item['itemSubject'] . ' av ' . $item['authorName'] . ', ' . formatTime($item['timeCreated']) . ":\n";
            } else {
                $mail .= $item['itemSubject'] . ' av gäst, ' . formatTime($item['timeCreated']) . "\n";
            }
            $mail .= "För att läsa inlägget i sin helhet, klicka på länken nedan:\n";
            $mail .= xhtmlGetUrl('forum.php?id=' . $itemId . '#' . $itemId) . "\n\n";
            if (!empty($_POST['fshare_comment'])) {
                $mail .= "\n";
                $mail .= "Din kompis lämnade även följande hälsning:\n";
                $mail .= $_POST['fshare_comment'] . "\n\n";
            }
            $subject = 'Meddelande från communityt';
            if (smtp_mail($_POST['fshare_mail'], $subject, $mail) == true) {
                echo 'Tipset ivägskickat<br/>';
            } else {
                echo 'Problem med utskicket<br/>';
            }
        } else {
            echo 'Ogiltig mailaddress!';
        }
        return;
    }
    $data = getForumItem($itemId);
    echo showForumPost($data) . '<br/>';
    echo xhtmlForm('forum_share', $_SERVER['PHP_SELF'] . '?id=' . $itemId);
    echo 'Din kompis namn: ' . xhtmlInput('fshare_name', '', 20, 30) . '<br/>';
    echo t('E-mail') . ': ' . xhtmlInput('fshare_mail', '', 40, 50) . '<br/>';
    echo '<br/>';
    echo 'Hälsning:<br/>';
    echo xhtmlTextarea('fshare_comment', '', 40, 6) . '<br/>';
    echo xhtmlSubmit('Share');
    echo xhtmlFormClose();
}
/**
 * XXX
 */
function openidLogin($site_url)
{
    //FIXME php maps GET parameter with . in it to _, example: "openid.ns" => $_GET['openid_ns'], can this be disabled??
    /*
     http://projects.localhost/openid.php
             ?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
            &openid.mode=id_res
            &openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud
            &openid.response_nonce=2008-11-25T13%3A07%3A28ZyUCwx4n3gmUeYw
            &openid.return_to=http%3A%2F%2Fprojects.localhost%2Fopenid.php
            &openid.assoc_handle=AOQobUctv7u8lBNS9czmmriBnnyuKsKCaO-cCSm5K3trwFcShQoTZ2xM
            &openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle
            &openid.sig=wedYQY22Kh%2FhGKSkFhlkJtk%2BQS0%3D
            &openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3DAItOawnqet4MjcGaTLcdu5wONrN_e4sRqpd3mNc
            &openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3DAItOawnqet4MjcGaTLcdu5wONrN_e4sRqpd3mNc
    */
    //XXX A relying party application should be prepared to accept responses as both GETs and as POSTs.
    if (!empty($_GET['openid_mode'])) {
        if ($_GET['openid_mode'] == 'id_res') {
            echo "google openid succeeded!\n\n";
            echo "get:\n\n";
            print_r($_GET);
            echo "\n\npost:\n\n";
            print_r($_POST);
            echo "claimed openid  : " . $_GET['openid_claimed_id'] . "\n";
            if (!empty($_GET['openid_ext1_value_email'])) {
                echo "email address is: " . $_GET['openid_ext1_value_email'] . "\n";
            }
            return true;
        } else {
            echo "openid auth failed!\n\n";
            return false;
        }
    }
    if (!empty($_POST['core_openid_url'])) {
        $p = parse_url($site_url);
        $realm = $p['scheme'] . '://' . $p['host'] . (!empty($p['port']) ? ':' . $p['port'] : '');
        $params = array('openid.ns' => 'http://specs.openid.net/auth/2.0', 'openid.claimed_id' => 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.identity' => 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.return_to' => $site_url, 'openid.mode' => 'checkid_setup', 'openid.realm' => $realm, 'openid.ns.ext1' => 'http://openid.net/srv/ax/1.0', 'openid.ext1.mode' => 'fetch_request', 'openid.ext1.type.email' => 'http://axschema.org/contact/email', 'openid.ext1.required' => 'email');
        header('Location: ' . OPENID_GOOGLE_LOGIN . '?' . http_encode_params($params));
        die;
    }
    echo xhtmlForm();
    echo xhtmlInput('core_openid_url', 'http://google.com') . '<br/>';
    //XXX click image to select that OpenID supplier, as in http://sourceforge.net/account/login.php
    echo xhtmlImage('http://google.com/favicon.ico', 'Sign in with Google');
    //echo xhtmlImage('http://blogger.com/favicon.ico', 'Sign in with Blogger');
    //echo xhtmlImage('http://yahoo.com/favicon.ico', 'Sign in with Yahoo');
    echo '<br/><br/>';
    echo xhtmlSubmit('Log in');
    echo xhtmlFormClose();
    return false;
}
Beispiel #6
0
/**
 * This is the user manager
 */
//TODO: fix up row coloring with YuiDatatable
namespace cd;

$session->requireAdmin();
echo '<h1>Manage users</h1>';
echo 'All users: ' . ahref('a/users/', UserList::getCount()) . '<br/>';
echo 'Users online: ' . ahref('a/users/?online', UserList::onlineCount()) . '<br/>';
$filter = '';
if (!empty($_POST['usearch'])) {
    $filter = $_POST['usearch'];
}
echo '<br/>';
echo xhtmlForm('usearch_frm');
echo 'Username filter: ' . xhtmlInput('usearch');
echo xhtmlSubmit('Search');
echo xhtmlFormClose();
echo '<br/>';
if (isset($_GET['online'])) {
    $list = UserList::getUsersOnline($filter);
    echo '<h2>Showing all users online';
} else {
    $list = UserList::getUsers($filter);
    echo '<h2>Showing all users';
}
if ($filter) {
    echo ', matching <u>' . $filter . '</u>';
}
echo ' (' . count($list) . ' hits)</h2>';
Beispiel #7
0
echo xhtmlForm('edit_setting');
echo '<table>';
echo '<tr><th>Name</th><th>Value</th><th>Delete</th></tr>';
//XXX use editable YuiDataTable
foreach ($settings as $set) {
    echo '<tr>';
    echo '<td>' . xhtmlInput('setting_name_' . $set['id'], $set['name']) . '</td>';
    echo '<td>' . xhtmlInput('setting_val_' . $set['id'], $set['value']) . '</td>';
    echo '<td><a href="' . relurl_add(array('remove_setting' => $set['name'])) . '">Remove</a></td>';
    echo '</tr>';
}
echo '</table>';
echo xhtmlSubmit('Save changes');
echo xhtmlFormClose() . '<br/><br/>';
echo '<h3>Add new user setting</h3>';
echo xhtmlForm('new_setting');
echo 'Name: ' . xhtmlInput('setting_name') . ' ';
echo 'Value: ' . xhtmlInput('setting_val') . ' ';
echo xhtmlSubmit('Add');
echo xhtmlFormClose() . '<br/><br/>';
echo '<h2>Login history</h2>';
$dt = new YuiDatatable();
$dt->addColumn('timeCreated', 'Timestamp');
$dt->addColumn('IP', 'IP');
$dt->addColumn('userAgent', 'User agent');
$dt->setSortOrder('timeCreated', 'desc');
$dt->setDataSource(LoginEntry::getHistory($user->id));
$dt->setRowsPerPage(10);
echo $dt->render();
if ($session->id != $this->owner) {
    echo '&raquo; <a href="' . relurl_add(array('remove' => 1)) . '">Remove user</a><br/><br/>';
Beispiel #8
0
        $username = trim($_POST['u_name']);
        $pwd = trim($_POST['u_pwd']);
        $user_id = UserHandler::create($username, $pwd);
        if (!$user_id) {
            $error->add('Failed to create user');
        }
        if ($error->getErrorCount()) {
            echo $error->render(true);
            return;
        }
        UserSetting::setEmail($user_id, $_POST['u_email']);
        if (!empty($_POST['u_grp'])) {
            UserGroupHandler::addToGroup($user_id, $_POST['u_grp']);
        }
        echo '<div class="good">New user created. ' . ahref('a/user/' . $user_id, $username) . '</div>';
    }
}
echo xhtmlForm('add_user');
echo '<h1>Create new user</h1>';
echo 'Username: '******'u_name') . '<br/>';
echo 'Password: '******'u_pwd') . '<br/>';
echo 'E-mail: ' . xhtmlInput('u_email') . '<br/>';
echo '<br/>';
echo 'User group: ';
$x = new XhtmlComponentDropdown();
$x->name = 'u_grp';
$x->setOptions(UserGroup::getIndexedList());
echo $x->render();
echo '<br/>';
echo xhtmlSubmit('Create');
echo '</form>';