/**
* Saves user's preferences back to the database
*
* @param array $A User's data to save
* @return void
*
*/
function savepreferences($A)
{
global $_CONF, $_TABLES, $_USER;
if (isset($A['noicons']) && $A['noicons'] == 'on') {
$A['noicons'] = 1;
} else {
$A['noicons'] = 0;
}
if (isset($A['willing']) && $A['willing'] == 'on') {
$A['willing'] = 1;
} else {
$A['willing'] = 0;
}
if (isset($A['noboxes']) && $A['noboxes'] == 'on') {
$A['noboxes'] = 1;
} else {
$A['noboxes'] = 0;
}
if (isset($A['emailfromadmin']) && $A['emailfromadmin'] == 'on') {
$A['emailfromadmin'] = 1;
} else {
$A['emailfromadmin'] = 0;
}
if (isset($A['emailfromuser']) && $A['emailfromuser'] == 'on') {
$A['emailfromuser'] = 1;
} else {
$A['emailfromuser'] = 0;
}
if (isset($A['showonline']) && $A['showonline'] == 'on') {
$A['showonline'] = 1;
} else {
$A['showonline'] = 0;
}
$A['maxstories'] = COM_applyFilter($A['maxstories'], true);
if (empty($A['maxstories'])) {
$A['maxstories'] = 0;
} else {
if ($A['maxstories'] > 0) {
if ($A['maxstories'] < $_CONF['minnews']) {
$A['maxstories'] = $_CONF['minnews'];
}
}
}
$TIDS = @array_values($A['topics']);
// array of strings
$AIDS = @array_values($A['selauthors']);
// array of integers
$BOXES = @array_values($A['blocks']);
// array of integers
$ETIDS = @array_values($A['etids']);
// array of strings
$AETIDS = USER_getAllowedTopics();
// array of strings (fetched, needed to "clean" $TIDS and $ETIDS)
$tids = '';
if (count($TIDS) > 0) {
// the array_intersect mitigates the need to scrub the TIDS input
$tids = addslashes(implode(' ', array_intersect($AETIDS, $TIDS)));
}
$aids = '';
if (count($AIDS) > 0) {
// Scrub the AIDS array to prevent SQL injection and bad values
foreach ($AIDS as $key => $val) {
$AIDS[$key] = COM_applyFilter($val, true);
}
$aids = addslashes(implode(' ', $AIDS));
}
$selectedblocks = '';
if (count($BOXES) > 0) {
// Scrub the BOXES array to prevent SQL injection and bad values
foreach ($BOXES as $key => $val) {
$BOXES[$key] = COM_applyFilter($val, true);
}
$boxes = addslashes(implode(',', $BOXES));
$blockresult = DB_query("SELECT bid,name FROM {$_TABLES['blocks']} WHERE bid NOT IN ({$boxes})");
$numRows = DB_numRows($blockresult);
for ($x = 1; $x <= $numRows; $x++) {
$row = DB_fetchArray($blockresult);
if ($row['name'] != 'user_block' and $row['name'] != 'admin_block' and $row['name'] != 'section_block') {
$selectedblocks .= $row['bid'];
if ($x != $numRows) {
$selectedblocks .= ' ';
}
}
}
}
$selectedblocks = trim($selectedblocks);
$etids = '';
if ($_CONF['emailstories'] == 1 && count($ETIDS) > 0) {
// the array_intersect mitigates the need to scrub the ETIDS input
$etids = addslashes(implode(' ', array_intersect($AETIDS, $ETIDS)));
}
if (isset($A['tzid'])) {
$A['tzid'] = COM_applyFilter($A['tzid']);
} else {
$A['tzid'] = '';
}
if (isset($A['theme'])) {
$A['theme'] = COM_applyFilter($A['theme']);
}
if (empty($A['theme'])) {
$A['theme'] = $_CONF['theme'];
}
if (isset($A['language'])) {
$A['language'] = COM_applyFilter($A['language']);
}
if (empty($A['language'])) {
$A['language'] = $_CONF['language'];
}
// Save theme, when doing so, put in cookie so we can set the user's theme
// even when they aren't logged in
$theme = addslashes($A['theme']);
$language = addslashes($A['language']);
DB_query("UPDATE {$_TABLES['users']} SET theme='{$theme}',language='{$language}' WHERE uid = '{$_USER['uid']}'");
setcookie($_CONF['cookie_theme'], $A['theme'], time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
setcookie($_CONF['cookie_language'], $A['language'], time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
setcookie($_CONF['cookie_tzid'], $A['tzid'], time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
$A['dfid'] = COM_applyFilter($A['dfid'], true);
DB_query("UPDATE {$_TABLES['userprefs']} SET noicons='{$A['noicons']}', willing='{$A['willing']}', dfid='{$A['dfid']}', tzid='{$A['tzid']}', emailfromadmin='{$A['emailfromadmin']}', emailfromuser='******'emailfromuser']}', showonline='{$A['showonline']}' WHERE uid='{$_USER['uid']}'");
if (empty($etids)) {
$etids = '-';
}
DB_save($_TABLES['userindex'], "uid,tids,aids,boxes,noboxes,maxstories,etids", "'{$_USER['uid']}','{$tids}','{$aids}','{$selectedblocks}','{$A['noboxes']}',{$A['maxstories']},'{$etids}'");
$A['commentmode'] = COM_applyFilter($A['commentmode']);
if (empty($A['commentmode'])) {
$A['commentmode'] = $_CONF['comment_mode'];
}
$A['commentmode'] = addslashes($A['commentmode']);
$A['commentorder'] = COM_applyFilter($A['commentorder']);
if (empty($A['commentorder'])) {
$A['commentorder'] = 'ASC';
}
$A['commentorder'] = addslashes($A['commentorder']);
$A['commentlimit'] = COM_applyFilter($A['commentlimit'], true);
if ($A['commentlimit'] <= 0) {
$A['commentlimit'] = $_CONF['comment_limit'];
}
DB_save($_TABLES['usercomment'], 'uid,commentmode,commentorder,commentlimit', "'{$_USER['uid']}','{$A['commentmode']}','{$A['commentorder']}','{$A['commentlimit']}'");
PLG_userInfoChanged($_USER['uid']);
}
/**
* Unsubscribe user from a topic (for the Daily Digest)
*
* @param string $tid Topic ID
*
*/
function USER_unsubscribeFromTopic($tid)
{
global $_CONF, $_TABLES, $_USER;
if ($_CONF['emailstories'] == 0) {
return;
}
if (COM_isAnonUser()) {
return;
}
// no check for SEC_hasTopicAccess here to unsubscribe user "just in case"
$user_etids = DB_getItem($_TABLES['userindex'], 'etids', "uid = {$_USER['uid']}");
if ($user_etids == '-') {
return;
// not subscribed to any topics
}
if (empty($user_etids)) {
// subscribed to all topics - get list
$etids = USER_getAllowedTopics();
} else {
$etids = explode(' ', $user_etids);
}
$key = array_search($tid, $etids);
if ($key === false) {
return;
// not subscribed to this topic
}
unset($etids[$key]);
if (count($etids) == 0) {
$user_etids = '-';
} else {
$user_etids = implode(' ', $etids);
}
$user_etids = addslashes($user_etids);
DB_query("UPDATE {$_TABLES['userindex']} SET etids = '{$user_etids}' WHERE uid = {$_USER['uid']}");
}