function admin_settings()
{
if (!sr_is_signed_in()) {
sr_redirect('/d/main/signin/');
}
if (!sr_is_admin()) {
sr_redirect('/d/');
}
global $sr_root;
global $sr_db_type;
global $sr_db_host;
global $sr_db_port;
global $sr_db_name;
global $sr_db_user;
global $sr_db_password;
global $sr_db_charset;
global $sr_email_addr;
global $sr_email_smtp;
global $sr_default_authority;
global $sr_join_anonymous;
global $sr_join_non_authorized;
global $sr_main_content;
$sr_email_addr = htmlentities($sr_email_addr);
$context = array('db_type' => $sr_db_type, 'db_host' => $sr_db_host, 'db_port' => $sr_db_port, 'db_database' => $sr_db_name, 'db_username' => $sr_db_user, 'db_password' => $sr_db_password, 'db_char_set' => $sr_db_charset, 'default_authority' => $sr_default_authority ? 'Yes' : 'No', 'join_anonymous' => $sr_join_anonymous ? 'Yes' : 'No', 'join_non_authorized' => $sr_join_non_authorized ? 'Yes' : 'No', 'smtp_email_addr' => $sr_email_addr, 'smtp_server' => $sr_email_smtp['host'], 'smtp_port' => $sr_email_smtp['port'], 'smtp_username' => $sr_email_smtp['username'], 'installation_path' => $sr_root, 'maximum_users' => 'TODO', 'stun_server' => 'TODO', 'xmpp_server_use' => 'TODO', 'xmpp_server' => 'TODO', 'main_content' => $sr_main_content);
sr_response('views/admin/settings.php', $context);
}
<ul class="nav navbar-nav pull-right navbar-nav-large">
<li class="dropdown user-menu user-menu-large">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">
<i class="icon-user"></i>
<span class="user-name"><?php
echo sr_user_name();
?>
</span>
<i class="caret"></i>
</a>
<ul class="dropdown-menu">
<li> <a tabindex="-1" href="<?php
echo $GLOBALS['sr_root'];
?>
/d/main/profile/">My Profile</a> </li>
<? if (sr_is_admin()) { ?>
<li> <a tabindex="-1" href="<?php
echo $GLOBALS['sr_root'];
?>
/d/admin/">Admin Page</a> </li>
<? } ?>
<li class="divider"></li>
<li> <a tabindex="-1" href="<?php
echo $GLOBALS['sr_root'];
?>
/d/main/signout/">Sign Out</a> </li>
</ul>
</li>
</ul>
</nav>
</div>
function main_profile()
{
if (!sr_is_signed_in()) {
sr_response_error(400);
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if ($_POST['which'] == 'basic') {
global $sr_regex_name;
global $sr_regex_email;
$user = new User();
$context = array();
if (!preg_match($sr_regex_email, $_POST['profile_email'])) {
$context['result'] = 2;
$context['msg'] = 'Please enter a valid email address';
} else {
if (!preg_match($sr_regex_name, $_POST['first_name'])) {
$context['result'] = 3;
$context['msg'] = 'Name should consist of only alphabets (uppercase or lowercase).';
} else {
if (!preg_match($sr_regex_name, $_POST['last_name'])) {
$context['result'] = 4;
$context['msg'] = 'Name should consist of only alphabets (uppercase or lowercase).';
} else {
try {
$db = sr_pdo();
$user = $user->get($db, sr_user_id());
$user->first_name = ucfirst($_POST['first_name']);
$user->last_name = ucfirst($_POST['last_name']);
$user->email = strtolower($_POST['profile_email']);
$user->save($db);
$context['result'] = 1;
$context['msg'] = 'Successfully updated';
sr_set_user_first_name($user->first_name);
sr_set_user_last_name($user->last_name);
sr_set_user_name($user->first_name . ' ' . $user->last_name);
sr_set_user_email($user->email);
} catch (PDOException $e) {
$context['result'] = 99;
$context['msg'] = 'Failed to save. Please try it again.';
}
}
}
}
$context['which'] = 'basic';
$context['first_name'] = sr_user_first_name();
$context['last_name'] = sr_user_last_name();
$context['email'] = sr_user_email();
$context['is_authorized'] = sr_is_authorized();
$context['is_admin'] = sr_is_admin();
sr_response('views/main/profile.php', $context);
} else {
if ($_POST['which'] == 'password') {
global $sr_regex_password;
$user = new User();
$context = array();
if (!preg_match($sr_regex_password, $_POST['old_password'])) {
$context['result'] = 5;
$context['msg'] = 'Please enter a valid password.<br />Password should be alphanumeric.';
} else {
if (!preg_match($sr_regex_password, $_POST['new_password'])) {
$context['result'] = 6;
$context['msg'] = 'Please enter a valid password.<br />Password should be alphanumeric.';
} else {
if ($_POST['new_password'] != $_POST['repeat_password']) {
$context['result'] = 7;
$context['msg'] = 'Please repeat your password.';
} else {
try {
$db = sr_pdo();
$user = $user->get($db, sr_user_id());
if ($user->password != md5($_POST['old_password'])) {
$context['result'] = 8;
$context['msg'] = 'Please check your old password.';
} else {
$user->password = md5($_POST['new_password']);
$user->save($db);
$context['result'] = 1;
$context['msg'] = 'Successfully updated';
}
} catch (PDOException $e) {
$context['result'] = 99;
$context['msg'] = 'Failed to save. Please try it again.';
}
}
}
}
$context['which'] = 'password';
$context['first_name'] = sr_user_first_name();
$context['last_name'] = sr_user_last_name();
$context['email'] = sr_user_email();
$context['is_authorized'] = sr_is_authorized();
$context['is_admin'] = sr_is_admin();
sr_response('views/main/profile.php', $context);
} else {
$user = new User();
$result = array();
try {
$db = sr_pdo();
$user = $user->get($db, sr_user_id());
$user->delete($db);
sr_signout();
echo json_encode($result);
} catch (PDOException $e) {
}
}
}
} else {
// Show profile view
$context = array('which' => 'basic', 'first_name' => sr_user_first_name(), 'last_name' => sr_user_last_name(), 'email' => sr_user_email(), 'is_authorized' => sr_is_authorized(), 'is_admin' => sr_is_admin());
sr_response('views/main/profile.php', $context);
}
}
