/**
* Creates a preference string.
*
* When a string is created, will trigger a 'preference.create > done' callback event.
*
* @param string $name The name
* @param string $val The value
* @param string $event The section the preference appears in
* @param int $type Either PREF_CORE, PREF_PLUGIN, PREF_HIDDEN
* @param string $html The HTML control type the field uses. Can take a custom function name
* @param int $position Used to sort the field on the Preferences panel
* @param string|bool $user_name The user name, PREF_GLOBAL or PREF_PRIVATE
* @return bool TRUE if the string exists, FALSE on error
* @since 4.6.0
* @package Pref
* @example
* if (create_pref('myPref', 'value', 'site', PREF_PLUGIN, 'text_input', 25))
* {
* echo "'myPref' created.";
* }
*/
function create_pref($name, $val, $event = 'publish', $type = PREF_CORE, $html = 'text_input', $position = 0, $user_name = PREF_GLOBAL)
{
global $txp_user;
if ($user_name === PREF_PRIVATE) {
if (!$txp_user) {
return false;
}
$user_name = $txp_user;
}
if (pref_exists($name, $user_name)) {
return true;
}
if (safe_insert('txp_prefs', "prefs_id = 1,\n name = '" . doSlash($name) . "',\n val = '" . doSlash($val) . "',\n event = '" . doSlash($event) . "',\n html = '" . doSlash($html) . "',\n type = " . intval($type) . ",\n position = " . intval($position) . ",\n user_name = '" . doSlash((string) $user_name) . "'") === false) {
return false;
}
callback_event('preference.create', 'done', 0, compact('name', 'val', 'event', 'type', 'html', 'position', 'user_name'));
return true;
}
function edit_post()
{
global $DB, $Security;
if (!session('id')) {
return to_index();
}
if (strtolower(session('name')) != strtolower(post('name'))) {
print "You may only change the case of your name.";
exit_clean();
} else {
$update = array();
$update['name'] = post('name');
$update['postalcode'] = post('postalcode');
$DB->update("member", "id", session('id'), $update);
unset($_POST['name'], $_POST['postalcode']);
}
if (post("_current") && post("_pass") && post("_pass_confirm")) {
if (strlen(post("_pass")) < 4) {
print "Your password must be at least 4 characters.";
exit_clean();
}
if (post("_pass") != post("_pass_confirm")) {
print "Your new passwords did not match.";
exit_clean();
}
if (!$Security->auth(session('name'), post('_current'))) {
print "Your current password did not match our records.";
exit_clean();
}
$DB->query("UPDATE member SET pass=\$1 WHERE id=\$2", array(md5(post('_pass')), session('id')));
$Security->update_session(session('id'));
$Security->setcookie();
}
foreach ($_POST as $key => $value) {
if (substr($key, 0, 1) == "_") {
continue;
}
if ($pref_id = $DB->value("SELECT id FROM pref WHERE name=\$1", array($key))) {
if (!pref_exists($pref_id, session('id'))) {
if ($value == "") {
continue;
}
$insert = array();
$insert['pref_id'] = $pref_id;
$insert['member_id'] = session('id');
$insert['value'] = $value;
$DB->insert("member_pref", $insert);
} else {
if ($value == "") {
$DB->query("DELETE FROM member_pref WHERE member_id=\$1 AND pref_id=\$2", array(session('id'), $pref_id));
} else {
$DB->query("UPDATE\r\n member_pref\r\n SET\r\n value=\$1\r\n WHERE\r\n member_id=\$2\r\n AND\r\n pref_id=\$3", array($value, session('id'), $pref_id));
}
}
}
}
$Security->update_session(session('id'));
exit_clean();
}
