/**
* Returns a input field from the passed data, used together with editUserdataSettings()
*/
function getUserdataInput($row, $fill = false)
{
$fieldId = $row['fieldId'];
if (isset($row['value'])) {
$value = stripslashes($row['value']);
//doesnt nessecary exist
} else {
if (!empty($row['settingValue'])) {
$value = stripslashes($row['settingValue']);
} else {
if ($fill) {
//look for post data
if (!empty($_POST['userdata_' . $fieldId])) {
$value = $_POST['userdata_' . $fieldId];
}
}
}
}
if (!isset($value)) {
//for default values in admin display
$value = stripslashes($row['fieldDefault']);
}
switch ($row['fieldType']) {
case USERDATA_TYPE_EMAIL:
case USERDATA_TYPE_TEXT:
$result = '<td>' . stripslashes($row['fieldName']) . ':</td><td>';
$result .= xhtmlInput('userdata_' . $fieldId, $value, 20, 50);
if ($row['fieldType'] == USERDATA_TYPE_EMAIL) {
$result .= ' ' . xhtmlImage(coredev_webroot() . 'gfx/icon_mail.png', t('E-mail')) . '<br/>';
//$result .= '<div id="email_valid_'.$fieldId.'">dskksks</div>'; //XXX show email input status (invalid, taken)
}
if ($row['private']) {
$result .= '<br/>' . t('This setting is hidden from other users.');
}
$result .= '</td>';
break;
case USERDATA_TYPE_TEXTAREA:
$result = '<td>' . stripslashes($row['fieldName']) . ':</td><td>';
$result .= '<textarea name="userdata_' . $fieldId . '" rows="6" cols="40">' . $value . '</textarea>';
$result .= '</td>';
break;
case USERDATA_TYPE_CHECKBOX:
$result = '<td colspan="2">';
$result .= '<input name="userdata_' . $fieldId . '" type="hidden" value="0"/>';
$result .= '<input name="userdata_' . $fieldId . '" id="userdata_' . $fieldId . '" type="checkbox" class="checkbox" value="1"' . ($value == '1' ? ' checked="checked"' : '') . '/>';
$result .= ' <label for="userdata_' . $fieldId . '">' . $row['fieldName'] . '</label>';
$result .= '</td>';
break;
case USERDATA_TYPE_AVATAR:
$result = '<td>' . stripslashes($row['fieldName']) . ':</td><td>';
$options = getCategoriesByOwner(CATEGORY_USERDATA, $fieldId);
foreach ($options as $row) {
$result .= '<input name="userdata_' . $fieldId . '" type="radio" id="lab_' . $row['categoryId'] . '" value="' . $row['categoryId'] . '"' . ($row['categoryId'] == $value ? ' checked="checked"' : '') . '/>';
$result .= ' <label for="lab_' . $row['categoryId'] . '">';
$result .= '<img src="' . $row['categoryName'] . '"/>';
$result .= '</label><br/>';
}
$result .= '</td>';
break;
case USERDATA_TYPE_RADIO:
case USERDATA_TYPE_GENDER:
$result = '<td>' . stripslashes($row['fieldName']) . ':</td><td>';
$options = getCategoriesByOwner(CATEGORY_USERDATA, $fieldId);
foreach ($options as $row) {
$result .= '<input name="userdata_' . $fieldId . '" type="radio" id="lab_' . $row['categoryId'] . '" value="' . $row['categoryId'] . '"' . ($row['categoryId'] == $value ? ' checked="checked"' : '') . '/>';
$result .= ' <label for="lab_' . $row['categoryId'] . '">' . $row['categoryName'] . '</label><br/>';
}
$result .= '</td>';
break;
case USERDATA_TYPE_THEME:
case USERDATA_TYPE_SELECT:
$result = '<td>' . stripslashes($row['fieldName']) . ':</td><td>';
$result .= xhtmlSelectCategory(CATEGORY_USERDATA, $fieldId, 'userdata_' . $fieldId, $value);
$result .= '</td>';
break;
case USERDATA_TYPE_IMAGE:
$result = '<td>' . stripslashes($row['fieldName']) . ':</td><td>';
if ($value) {
$result .= makeThumbLink($value);
$result .= '<input name="userdata_' . $fieldId . '_remove" id="userdata_' . $fieldId . '_remove" type="checkbox" class="checkbox"/> ';
$result .= '<label for="userdata_' . $fieldId . '_remove">' . t('Delete image') . '</label>';
} else {
$result .= '<input name="userdata_' . $fieldId . '" type="file"/>';
}
$result .= '</td>';
break;
case USERDATA_TYPE_BIRTHDATE:
$result = '<td>' . stripslashes($row['fieldName']) . ':</td><td>';
$d = $m = $y = '';
if ($value) {
$y = date('Y', strtotime($row['settingValue']));
$m = date('m', strtotime($row['settingValue']));
$d = date('d', strtotime($row['settingValue']));
} else {
if (isset($_POST['userdata_' . $fieldId . '_year'])) {
if (is_numeric($_POST['userdata_' . $fieldId . '_year'])) {
$y = $_POST['userdata_' . $fieldId . '_year'];
}
if (is_numeric($_POST['userdata_' . $fieldId . '_month'])) {
$m = $_POST['userdata_' . $fieldId . '_month'];
}
if (is_numeric($_POST['userdata_' . $fieldId . '_day'])) {
$d = $_POST['userdata_' . $fieldId . '_day'];
}
}
}
$result .= '<select name="userdata_' . $fieldId . '_year">';
$result .= '<option value="">- ' . t('Year') . ' -';
for ($j = date('Y') - 100; $j <= date('Y'); $j++) {
$result .= '<option value="' . $j . '"' . ($j == $y ? ' selected' : '') . '>' . $j;
}
$result .= '</select>';
$result .= '<select name="userdata_' . $fieldId . '_month">';
$result .= '<option value="">- ' . t('Month') . ' -';
for ($j = 1; $j <= 12; $j++) {
$k = $j;
if ($j < 10) {
$k = '0' . $k;
}
$result .= '<option value="' . $k . '"' . ($j == $m ? ' selected' : '') . '>' . $j;
}
$result .= '</select>';
$result .= '<select name="userdata_' . $fieldId . '_day">';
$result .= '<option value="">- ' . t('Day') . ' -';
for ($j = 1; $j <= 31; $j++) {
$result .= '<option value="' . ($j < 10 ? '0' . $j : $j) . '"' . ($j == $d ? ' selected' : '') . '>' . $j;
}
$result .= '</select>';
$result .= '</td>';
break;
case USERDATA_TYPE_BIRTHDATE_SWE:
$result = '<td>' . stripslashes($row['fieldName']) . ':</td><td>';
$d = $m = $y = $chk = '';
if ($value) {
$result .= date('Y-m-d', strtotime($row['settingValue']));
} else {
if (isset($_POST['userdata_' . $fieldId . '_year'])) {
if (is_numeric($_POST['userdata_' . $fieldId . '_year'])) {
$y = $_POST['userdata_' . $fieldId . '_year'];
}
if (is_numeric($_POST['userdata_' . $fieldId . '_month'])) {
$m = $_POST['userdata_' . $fieldId . '_month'];
}
if (is_numeric($_POST['userdata_' . $fieldId . '_day'])) {
$d = $_POST['userdata_' . $fieldId . '_day'];
}
if (is_numeric($_POST['userdata_' . $fieldId . '_chk'])) {
$chk = $_POST['userdata_' . $fieldId . '_chk'];
}
}
$result .= '<select name="userdata_' . $fieldId . '_year">';
$result .= '<option value="">- ' . t('Year') . ' -';
for ($j = date('Y') - 100; $j <= date('Y'); $j++) {
$result .= '<option value="' . $j . '"' . ($j == $y ? ' selected' : '') . '>' . $j;
}
$result .= '</select>';
$result .= '<select name="userdata_' . $fieldId . '_month">';
$result .= '<option value="">- ' . t('Month') . ' -';
for ($j = 1; $j <= 12; $j++) {
$k = $j;
if ($j < 10) {
$k = '0' . $k;
}
$result .= '<option value="' . $k . '"' . ($j == $m ? ' selected' : '') . '>' . $j;
}
$result .= '</select>';
$result .= '<select name="userdata_' . $fieldId . '_day">';
$result .= '<option value="">- ' . t('Day') . ' -';
for ($j = 1; $j <= 31; $j++) {
$result .= '<option value="' . ($j < 10 ? '0' . $j : $j) . '"' . ($j == $d ? ' selected' : '') . '>' . $j;
}
$result .= '</select>';
$result .= '<input type="text" name="userdata_' . $fieldId . '_chk" value="' . $chk . '" size="4" maxlength="4"/>';
}
$result .= '</td>';
break;
case USERDATA_TYPE_LOCATION_SWE:
$result = '<td>' . stripslashes($row['fieldName']) . ':</td><td>';
$result .= '<input name="userdata_' . $fieldId . '" type="text" value="' . $value . '" size="5" maxlength="5"/>';
$result .= '</td>';
break;
case USERDATA_TYPE_CELLPHONE:
$result = '<td>' . stripslashes($row['fieldName']) . ':</td><td>';
$result .= '<input name="userdata_' . $fieldId . '" type="text" value="' . $value . '" size="12" maxlength="12"/>';
$result .= '</td>';
break;
default:
die('FATAL: unhandled userdata type in getUserdataInput(): ' . $row['fieldType']);
}
return $result;
}
if ($session->id) {
return;
}
$header->embedCss('.forgot_pwd_box{' . 'font-size:14px;' . 'border:1px solid #aaa;' . 'min-width:280px;' . 'color:#000;' . 'background-color:#ddd;' . 'padding:10px;' . 'border-radius:15px 15px 15px 15px;' . '-moz-border-radius:15px 15px 15px 15px;' . '}');
echo '<div id="forgot_pwd_layer" class="forgot_pwd_box">';
echo '<b>Forgot password</b><br/><br/>';
if (isset($_POST['forgot_pwd'])) {
$header->embedJsOnload('show_recover_form();');
if (!ForgotPasswordHandler::getInstance()->sendMail($_POST['forgot_pwd'])) {
$error->add('The specified email address does not match any registered user.');
} else {
echo 'A email has been sent to your mail address with instructions how to reclaim your account.';
echo '</div>';
return;
}
}
echo $error->render(true);
echo 'Enter the e-mail address used when registering your account.<br/><br/>';
echo 'You will recieve an e-mail with a link to follow,<br/>';
echo 'where you can set a new password.<br/><br/>';
echo xhtmlForm();
echo '<table cellpadding="2">' . '<tr>' . '<td>E-mail:</td>' . '<td>' . xhtmlInput('forgot_pwd', '', 26) . ' ' . xhtmlImage($page->getRelativeCoreDevUrl() . 'gfx/icon_mail.png', t('E-mail')) . '</td>' . '</tr>' . '</table><br/>';
echo xhtmlSubmit('Forgot password', 'button', 'font-weight: bold');
$x = new XhtmlComponentButton();
$x->text = t('Cancel');
$x->onClick('return show_login_form();');
//$x->style = 'font-weight:bold';
echo $x->render();
echo xhtmlFormClose();
echo '</div>';
}
// Add this user to Super Admin group
UserGroupHandler::addToGroup($user_id, $sadmin_id);
}
if ($session->login($_POST['register_usr'], $_POST['register_pwd'])) {
$session->showStartPage();
}
}
// after form submit failed, put focus back to the register form <div> to show error
$header->embedJsOnload('show_reg_form();');
}
$header->embedCss('.register_box{' . 'font-size:14px;' . 'border:1px solid #aaa;' . 'min-width:280px;' . 'color:#000;' . 'background-color:#ddd;' . 'padding:10px;' . 'border-radius:15px 15px 15px 15px;' . '-moz-border-radius:15px 15px 15px 15px;' . '}');
echo '<div id="login_register_layer" class="register_box">';
echo '<b>Register new account</b><br/><br/>';
if ($superadmin_reg) {
echo '<div class="critical">The account you create now will be the super administrator account.</div><br/>';
}
echo xhtmlForm('reg_frm', '', '', '', 'return validate_reg_form(this);');
echo '<table cellpadding="2">';
echo '<tr>' . '<td>' . t('Username') . ':</td>' . '<td>' . xhtmlInput('register_usr', !empty($_POST['register_usr']) ? $_POST['register_usr'] : '') . ' ' . xhtmlImage($page->getRelativeCoreDevUrl() . 'gfx/icon_user.png', t('Username')) . '</td>' . '</tr>';
echo '<tr><td>' . t('Password') . ':</td>' . '<td>' . xhtmlPassword('register_pwd') . ' ' . xhtmlImage($page->getRelativeCoreDevUrl() . 'gfx/icon_keys.png', t('Password')) . '</td>' . '</tr>';
echo '<tr><td>' . t('Again') . ':</td>' . '<td>' . xhtmlPassword('register_pwd2') . ' ' . xhtmlImage($page->getRelativeCoreDevUrl() . 'gfx/icon_keys.png', t('Repeat password')) . '</td>' . '</tr>';
echo '</table><br/>';
echo xhtmlSubmit('Register', 'button', 'font-weight:bold');
$x = new XhtmlComponentButton();
$x->text = t('Cancel');
$x->onClick('return show_login_form();');
//$x->style = 'font-weight:bold';
echo $x->render();
echo xhtmlFormClose();
echo '</div>';
/**
* XXX
*/
function openidLogin($site_url)
{
//FIXME php maps GET parameter with . in it to _, example: "openid.ns" => $_GET['openid_ns'], can this be disabled??
/*
http://projects.localhost/openid.php
?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
&openid.mode=id_res
&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud
&openid.response_nonce=2008-11-25T13%3A07%3A28ZyUCwx4n3gmUeYw
&openid.return_to=http%3A%2F%2Fprojects.localhost%2Fopenid.php
&openid.assoc_handle=AOQobUctv7u8lBNS9czmmriBnnyuKsKCaO-cCSm5K3trwFcShQoTZ2xM
&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle
&openid.sig=wedYQY22Kh%2FhGKSkFhlkJtk%2BQS0%3D
&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3DAItOawnqet4MjcGaTLcdu5wONrN_e4sRqpd3mNc
&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3DAItOawnqet4MjcGaTLcdu5wONrN_e4sRqpd3mNc
*/
//XXX A relying party application should be prepared to accept responses as both GETs and as POSTs.
if (!empty($_GET['openid_mode'])) {
if ($_GET['openid_mode'] == 'id_res') {
echo "google openid succeeded!\n\n";
echo "get:\n\n";
print_r($_GET);
echo "\n\npost:\n\n";
print_r($_POST);
echo "claimed openid : " . $_GET['openid_claimed_id'] . "\n";
if (!empty($_GET['openid_ext1_value_email'])) {
echo "email address is: " . $_GET['openid_ext1_value_email'] . "\n";
}
return true;
} else {
echo "openid auth failed!\n\n";
return false;
}
}
if (!empty($_POST['core_openid_url'])) {
$p = parse_url($site_url);
$realm = $p['scheme'] . '://' . $p['host'] . (!empty($p['port']) ? ':' . $p['port'] : '');
$params = array('openid.ns' => 'http://specs.openid.net/auth/2.0', 'openid.claimed_id' => 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.identity' => 'http://specs.openid.net/auth/2.0/identifier_select', 'openid.return_to' => $site_url, 'openid.mode' => 'checkid_setup', 'openid.realm' => $realm, 'openid.ns.ext1' => 'http://openid.net/srv/ax/1.0', 'openid.ext1.mode' => 'fetch_request', 'openid.ext1.type.email' => 'http://axschema.org/contact/email', 'openid.ext1.required' => 'email');
header('Location: ' . OPENID_GOOGLE_LOGIN . '?' . http_encode_params($params));
die;
}
echo xhtmlForm();
echo xhtmlInput('core_openid_url', 'http://google.com') . '<br/>';
//XXX click image to select that OpenID supplier, as in http://sourceforge.net/account/login.php
echo xhtmlImage('http://google.com/favicon.ico', 'Sign in with Google');
//echo xhtmlImage('http://blogger.com/favicon.ico', 'Sign in with Blogger');
//echo xhtmlImage('http://yahoo.com/favicon.ico', 'Sign in with Yahoo');
echo '<br/><br/>';
echo xhtmlSubmit('Log in');
echo xhtmlFormClose();
return false;
}