/
settings.php
126 lines (114 loc) · 5.63 KB
/
settings.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
<?php
//Bootstrap SPF
require 'includes/master.inc.php';
$mustauth=true;
require 'includes/user.inc.php';
// Static vars
$inputValue = array('', '');
$dateOptions = array();
$dmy = array('_day', '_month', '_year');
$title="Settings, <small>control this online world</small>";
$changes = false;
$u = new User($Auth->userId($user));
$userId = $u->id;
$inputValue[0] = $u->email; // UserEmail
$inputValue[1] = 'password'; // Default password
// Loop through the posted vars
if (isset($_POST))
{
foreach($_POST as $key=>$value)
{
/*echo $key . " : " . $value . "<br />";*/
// Loop through the posts and check for a vallue with appended _day, _month or _year then add the variable for further processing
foreach($dmy as $type)
{
// Does it exist in the variable?
if (strstr($key, $type))
{
// Good, check if the value is not alread in the array and then add it
$option = str_replace($type, '', $key);
if(!in_array($option, $dateOptions))
{
$dateOptions[].= $option;
}
}
}
// Check if the option exists
if (Options::exists($key))
{
// Compare the posted value to the value in the DB and update it if neccesarry
if (htmlspecialchars(Options::userGet($userId, $key)) !== htmlspecialchars($value))
{
Options::userSet($userId, $key, $value);
$changes = true;
}
}
}
// We previously detected all the date fields, so lets build a timestamp and complare it to what is currently set
foreach($dateOptions as $dateOption)
{
// Check if date details are being passed through correctly or not
if (isset($_POST[$dateOption . $dmy[0]])) { $dd = $_POST[$dateOption . $dmy[0]]; } else { $dd = 1; }
if (isset($_POST[$dateOption . $dmy[1]])) { $mm = $_POST[$dateOption . $dmy[1]]; } else { $mm = 1; }
if (isset($_POST[$dateOption . $dmy[2]])) { $yyyy = $_POST[$dateOption . $dmy[2]]; } else { $yyyy = date('Y', time()); }
//echo $dd . "/" . $mm . "/" . $yyyy;
$timestamp = mktime(0, 0, 0, $mm, $dd, $yyyy);
//echo date('r', $timestamp);
// Check if the options exists, then if the value compares otherwise update it.
if (Options::exists($dateOption))
{
// Compare the posted value to the value in the DB and update it if neccesarry
if (htmlspecialchars(Options::userGet($userId, $dateOption)) !== htmlspecialchars($timestamp))
{
// Set the option to the new value
Options::userSet($userId, $dateOption, $timestamp);
$changes = true;
}
}
}
if ((isset($_POST['action']))
&& ($_POST['action'] == 'Save Changes'))
{
// These are the 2 static things in your account a password and a email address
if ((isset($_POST['user-email']))
&& ($Error->email($_POST['user-email'], false))
&& ($_POST['user-email'] !== $u->email))
{
$u->email = $_POST['user-email'];
$u->update();
Activation::remove($userId);
$link = full_url_to_script('activate.php') . "?action=activate&code=" . Activation::generate($userId) . "&id=" . $userId;
Emailtemplate::setBaseDir('./assets/email_templates');
$html = Emailtemplate::loadTemplate('reactivate', array('title'=>'Reactivation Email',
'prettyName'=>Options::get('prettyName'),
'name'=>$u->username,
'siteName'=>Options::get('emailName'),
'activationLink'=>$link,
'footerLink'=>Options::get('siteName'),
'footerEmail'=>Options::get('emailInfo')));
send_html_mail(array($u->username=>$u->email),
'Reactivation Email',
$html,
array(Options::get('siteName')=>Options::get('emailAdmin')));
$Error->add('info', '<strong>Logged Out</strong><br />We have sent you a reactivation email to the new email address in order to verify it. Please check your email and follow the link within.');
$Auth->logout();
}
// These are the 2 static things in your account a password and a email address
if ((isset($_POST['user-password']))
&& ($_POST['user-password'] !== $inputValue[1])
&& ($_POST['user-password'] !== ''))
{
Auth::changePassword($u->id, $_POST['user-password']);
$Error->add('info', '<strong>Logged Out</strong><br />Password updated, you may login with your new password');
$Auth->logout();
}
}
}
Template::setBaseDir('./assets/tmpl');
$html = Template::loadTemplate('layout', array(
'header'=>Template::loadTemplate('header', array('title'=>$title,'user'=>$user,'admin'=>$isadmin,'msg'=>$msg)),
'content'=>Template::loadTemplate('settings', array('inputValue'=>$inputValue, 'userId'=>$userId, 'changes'=>$changes)),
'footer'=>Template::loadTemplate('footer',array('time_start'=>$time_start))
));
echo $html;
?>