function admin_settings() { if (!sr_is_signed_in()) { sr_redirect('/d/main/signin/'); } if (!sr_is_admin()) { sr_redirect('/d/'); } global $sr_root; global $sr_db_type; global $sr_db_host; global $sr_db_port; global $sr_db_name; global $sr_db_user; global $sr_db_password; global $sr_db_charset; global $sr_email_addr; global $sr_email_smtp; global $sr_default_authority; global $sr_join_anonymous; global $sr_join_non_authorized; global $sr_main_content; $sr_email_addr = htmlentities($sr_email_addr); $context = array('db_type' => $sr_db_type, 'db_host' => $sr_db_host, 'db_port' => $sr_db_port, 'db_database' => $sr_db_name, 'db_username' => $sr_db_user, 'db_password' => $sr_db_password, 'db_char_set' => $sr_db_charset, 'default_authority' => $sr_default_authority ? 'Yes' : 'No', 'join_anonymous' => $sr_join_anonymous ? 'Yes' : 'No', 'join_non_authorized' => $sr_join_non_authorized ? 'Yes' : 'No', 'smtp_email_addr' => $sr_email_addr, 'smtp_server' => $sr_email_smtp['host'], 'smtp_port' => $sr_email_smtp['port'], 'smtp_username' => $sr_email_smtp['username'], 'installation_path' => $sr_root, 'maximum_users' => 'TODO', 'stun_server' => 'TODO', 'xmpp_server_use' => 'TODO', 'xmpp_server' => 'TODO', 'main_content' => $sr_main_content); sr_response('views/admin/settings.php', $context); }
<ul class="nav navbar-nav pull-right navbar-nav-large"> <li class="dropdown user-menu user-menu-large"> <a href="#" class="dropdown-toggle" data-toggle="dropdown"> <i class="icon-user"></i> <span class="user-name"><?php echo sr_user_name(); ?> </span> <i class="caret"></i> </a> <ul class="dropdown-menu"> <li> <a tabindex="-1" href="<?php echo $GLOBALS['sr_root']; ?> /d/main/profile/">My Profile</a> </li> <? if (sr_is_admin()) { ?> <li> <a tabindex="-1" href="<?php echo $GLOBALS['sr_root']; ?> /d/admin/">Admin Page</a> </li> <? } ?> <li class="divider"></li> <li> <a tabindex="-1" href="<?php echo $GLOBALS['sr_root']; ?> /d/main/signout/">Sign Out</a> </li> </ul> </li> </ul> </nav> </div>
function main_profile() { if (!sr_is_signed_in()) { sr_response_error(400); } if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($_POST['which'] == 'basic') { global $sr_regex_name; global $sr_regex_email; $user = new User(); $context = array(); if (!preg_match($sr_regex_email, $_POST['profile_email'])) { $context['result'] = 2; $context['msg'] = 'Please enter a valid email address'; } else { if (!preg_match($sr_regex_name, $_POST['first_name'])) { $context['result'] = 3; $context['msg'] = 'Name should consist of only alphabets (uppercase or lowercase).'; } else { if (!preg_match($sr_regex_name, $_POST['last_name'])) { $context['result'] = 4; $context['msg'] = 'Name should consist of only alphabets (uppercase or lowercase).'; } else { try { $db = sr_pdo(); $user = $user->get($db, sr_user_id()); $user->first_name = ucfirst($_POST['first_name']); $user->last_name = ucfirst($_POST['last_name']); $user->email = strtolower($_POST['profile_email']); $user->save($db); $context['result'] = 1; $context['msg'] = 'Successfully updated'; sr_set_user_first_name($user->first_name); sr_set_user_last_name($user->last_name); sr_set_user_name($user->first_name . ' ' . $user->last_name); sr_set_user_email($user->email); } catch (PDOException $e) { $context['result'] = 99; $context['msg'] = 'Failed to save. Please try it again.'; } } } } $context['which'] = 'basic'; $context['first_name'] = sr_user_first_name(); $context['last_name'] = sr_user_last_name(); $context['email'] = sr_user_email(); $context['is_authorized'] = sr_is_authorized(); $context['is_admin'] = sr_is_admin(); sr_response('views/main/profile.php', $context); } else { if ($_POST['which'] == 'password') { global $sr_regex_password; $user = new User(); $context = array(); if (!preg_match($sr_regex_password, $_POST['old_password'])) { $context['result'] = 5; $context['msg'] = 'Please enter a valid password.<br />Password should be alphanumeric.'; } else { if (!preg_match($sr_regex_password, $_POST['new_password'])) { $context['result'] = 6; $context['msg'] = 'Please enter a valid password.<br />Password should be alphanumeric.'; } else { if ($_POST['new_password'] != $_POST['repeat_password']) { $context['result'] = 7; $context['msg'] = 'Please repeat your password.'; } else { try { $db = sr_pdo(); $user = $user->get($db, sr_user_id()); if ($user->password != md5($_POST['old_password'])) { $context['result'] = 8; $context['msg'] = 'Please check your old password.'; } else { $user->password = md5($_POST['new_password']); $user->save($db); $context['result'] = 1; $context['msg'] = 'Successfully updated'; } } catch (PDOException $e) { $context['result'] = 99; $context['msg'] = 'Failed to save. Please try it again.'; } } } } $context['which'] = 'password'; $context['first_name'] = sr_user_first_name(); $context['last_name'] = sr_user_last_name(); $context['email'] = sr_user_email(); $context['is_authorized'] = sr_is_authorized(); $context['is_admin'] = sr_is_admin(); sr_response('views/main/profile.php', $context); } else { $user = new User(); $result = array(); try { $db = sr_pdo(); $user = $user->get($db, sr_user_id()); $user->delete($db); sr_signout(); echo json_encode($result); } catch (PDOException $e) { } } } } else { // Show profile view $context = array('which' => 'basic', 'first_name' => sr_user_first_name(), 'last_name' => sr_user_last_name(), 'email' => sr_user_email(), 'is_authorized' => sr_is_authorized(), 'is_admin' => sr_is_admin()); sr_response('views/main/profile.php', $context); } }