UserPrefs::set('discord_token', 'true', $user->id); Response::done(array('name' => $user->name, 'role' => $user->role)); } $ismember = Permission::sufficient('member', $currentUser->role); $isstaff = Permission::sufficient('staff', $currentUser->role); if (!$ismember || $isstaff) { UserPrefs::set('discord_token', ''); Response::fail(!$ismember ? 'You are not a club member' : 'Staff members cannot use this feature'); } $token = UserPrefs::get('discord_token'); if ($token === 'true') { Response::fail("You have already been verified using this automated method. If - for yome reason - you still don't have the Club Members role please ask for assistance in the <strong>#support</strong> channel."); } if (empty($token)) { $token = preg_replace(new RegExp('[^a-z\\d]', 'i'), '', base64_encode(random_bytes(12))); UserPrefs::set('discord_token', $token); } Response::done(array('token' => $token)); } CSRFProtection::protect(); if (empty($data)) { CoreUtils::notFound(); } if ($data === 'suggestion') { if (Permission::insufficient('member')) { Response::fail('You must be a club member to use this feature.'); } if (Users::reservationLimitExceeded(RETURN_AS_BOOL)) { Response::fail('You already have the maximum 4 reservations. Close this dialog to view or cancel them.', ['limithit' => true]); } $postIDs = $Database->rawQuery('SELECT id FROM requests
/** * User Information Fetching * ------------------------- * Fetch user info from dA upon request to nonexistant user * * @param string $username * @param string $dbcols * * @return User|null|false */ function fetch($username, $dbcols = null) { global $Database, $USERNAME_REGEX; if (!$USERNAME_REGEX->match($username)) { return null; } $oldName = $Database->where('old', $username)->getOne('log__da_namechange', 'id'); if (!empty($oldName)) { return self::get($oldName['id'], 'id', $dbcols); } try { $userdata = DeviantArt::request('user/whois', null, array('usernames[0]' => $username)); } catch (CURLRequestException $e) { return null; } if (empty($userdata['results'][0])) { return false; } $userdata = $userdata['results'][0]; $ID = strtolower($userdata['userid']); /** @var $DBUser User */ $DBUser = $Database->where('id', $ID)->getOne('users', 'name'); $userExists = !empty($DBUser); $insert = array('name' => $userdata['username'], 'avatar_url' => URL::makeHttps($userdata['usericon'])); if (!$userExists) { $insert['id'] = $ID; } if (!($userExists ? $Database->where('id', $ID)->update('users', $insert) : $Database->insert('users', $insert))) { throw new \Exception('Saving user data failed' . (Permission::sufficient('developer') ? ': ' . $Database->getLastError() : '')); } if (!$userExists) { Logs::action('userfetch', array('userid' => $insert['id'])); } $names = array($username); if ($userExists && $DBUser->name !== $username) { $names[] = $DBUser->name; } foreach ($names as $name) { if (strcasecmp($name, $insert['name']) !== 0) { if (UserPrefs::get('discord_token', $ID) === 'true') { UserPrefs::set('discord_token', '', $ID); } Logs::action('da_namechange', array('old' => $name, 'new' => $insert['name'], 'id' => $ID), Logs::FORCE_INITIATOR_WEBSERVER); } } return self::get($insert['name'], 'name', $dbcols); }
use App\Permission; use App\RegExp; use App\Response; use App\UserPrefs; /** @var $data string */ if (!Permission::sufficient('user') || !POST_REQUEST) { CoreUtils::notFound(); } CSRFProtection::protect(); if (!preg_match(new RegExp('^([gs]et)/([a-z_]+)$'), CoreUtils::trim($data), $_match)) { Response::fail('Preference key invalid'); } $getting = $_match[1] === 'get'; $key = $_match[2]; // TODO Support changing some preferences of other users by staff $currvalue = UserPrefs::get($key); if ($getting) { Response::done(array('value' => $currvalue)); } try { $newvalue = UserPrefs::process($key); } catch (Exception $e) { Response::fail('Preference value error: ' . $e->getMessage()); } if ($newvalue === $currvalue) { Response::done(array('value' => $newvalue)); } if (!UserPrefs::set($key, $newvalue)) { Response::dbError(); } Response::done(array('value' => $newvalue));