function gooleAuthenticate()
{
// Creating new instance
$openid = new LightOpenID();
$openid->identity = 'https://www.google.com/accounts/o8/id';
//setting call back url
$openid->returnUrl = CALLBACK_URL;
//finding open id end point from google
$endpoint = $openid->discover('https://www.google.com/accounts/o8/id');
$fields = '?openid.ns=' . urlencode('http://specs.openid.net/auth/2.0') . '&openid.return_to=' . urlencode($openid->returnUrl) . '&openid.claimed_id=' . urlencode('http://specs.openid.net/auth/2.0/identifier_select') . '&openid.identity=' . urlencode('http://specs.openid.net/auth/2.0/identifier_select') . '&openid.mode=' . urlencode('checkid_setup') . '&openid.ns.ax=' . urlencode('http://openid.net/srv/ax/1.0') . '&openid.ax.mode=' . urlencode('fetch_request') . '&openid.ax.required=' . urlencode('email,firstname,lastname') . '&openid.ax.type.firstname=' . urlencode('http://axschema.org/namePerson/first') . '&openid.ax.type.lastname=' . urlencode('http://axschema.org/namePerson/last') . '&openid.ax.type.email=' . urlencode('http://axschema.org/contact/email');
header('Location: ' . $endpoint . $fields);
}
protected function doOpenId($identity)
{
require "vendor/lightopenid/openid.php";
$openid = new \LightOpenID(Ntentan::$config['application']['domain']);
if (!$openid->mode) {
$identity = $openid->discover($identity);
$openid->identity = $identity;
$openid->required = array('contact/email', 'namePerson/first', 'namePerson/last', 'namePerson/friendly');
header('Location: ' . $openid->authUrl());
} elseif ($openid->mode == 'cancel') {
return "cancelled";
} else {
if ($openid->validate()) {
$oidStatus = $openid->getAttributes();
$status = array('email' => $oidStatus['contact/email'], 'firstname' => $oidStatus['namePerson/first'], 'lastname' => $oidStatus['namePerson/last'], 'nickname' => $oidStatus['namePerson/friendly'], 'key' => $oidStatus['contact/email']);
return $status;
} else {
return "failed";
}
}
}
function settings_post(&$a)
{
if (!local_user()) {
return;
}
if (x($_SESSION, 'submanage') && intval($_SESSION['submanage'])) {
return;
}
if (count($a->user) && x($a->user, 'uid') && $a->user['uid'] != local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
$old_page_flags = $a->user['page-flags'];
if ($a->argc > 1 && $a->argv[1] === 'oauth' && x($_POST, 'remove')) {
check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
$key = $_POST['remove'];
q("DELETE FROM tokens WHERE id='%s' AND uid=%d", dbesc($key), local_user());
goaway($a->get_baseurl(true) . "/settings/oauth/");
return;
}
if ($a->argc > 2 && $a->argv[1] === 'oauth' && ($a->argv[2] === 'edit' || $a->argv[2] === 'add') && x($_POST, 'submit')) {
check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
$name = x($_POST, 'name') ? $_POST['name'] : '';
$key = x($_POST, 'key') ? $_POST['key'] : '';
$secret = x($_POST, 'secret') ? $_POST['secret'] : '';
$redirect = x($_POST, 'redirect') ? $_POST['redirect'] : '';
$icon = x($_POST, 'icon') ? $_POST['icon'] : '';
if ($name == "" || $key == "" || $secret == "") {
notice(t("Missing some important data!"));
} else {
if ($_POST['submit'] == t("Update")) {
$r = q("UPDATE clients SET\n\t\t\t\t\t\t\tclient_id='%s',\n\t\t\t\t\t\t\tpw='%s',\n\t\t\t\t\t\t\tname='%s',\n\t\t\t\t\t\t\tredirect_uri='%s',\n\t\t\t\t\t\t\ticon='%s',\n\t\t\t\t\t\t\tuid=%d\n\t\t\t\t\t\tWHERE client_id='%s'", dbesc($key), dbesc($secret), dbesc($name), dbesc($redirect), dbesc($icon), local_user(), dbesc($key));
} else {
$r = q("INSERT INTO clients\n\t\t\t\t\t\t\t(client_id, pw, name, redirect_uri, icon, uid)\n\t\t\t\t\t\tVALUES ('%s','%s','%s','%s','%s',%d)", dbesc($key), dbesc($secret), dbesc($name), dbesc($redirect), dbesc($icon), local_user());
}
}
goaway($a->get_baseurl(true) . "/settings/oauth/");
return;
}
if ($a->argc > 1 && $a->argv[1] == 'addon') {
check_form_security_token_redirectOnErr('/settings/addon', 'settings_addon');
call_hooks('plugin_settings_post', $_POST);
return;
}
if ($a->argc > 1 && $a->argv[1] == 'connectors') {
check_form_security_token_redirectOnErr('/settings/connectors', 'settings_connectors');
if (x($_POST, 'imap-submit')) {
$mail_server = x($_POST, 'mail_server') ? $_POST['mail_server'] : '';
$mail_port = x($_POST, 'mail_port') ? $_POST['mail_port'] : '';
$mail_ssl = x($_POST, 'mail_ssl') ? strtolower(trim($_POST['mail_ssl'])) : '';
$mail_user = x($_POST, 'mail_user') ? $_POST['mail_user'] : '';
$mail_pass = x($_POST, 'mail_pass') ? trim($_POST['mail_pass']) : '';
$mail_action = x($_POST, 'mail_action') ? trim($_POST['mail_action']) : '';
$mail_movetofolder = x($_POST, 'mail_movetofolder') ? trim($_POST['mail_movetofolder']) : '';
$mail_replyto = x($_POST, 'mail_replyto') ? $_POST['mail_replyto'] : '';
$mail_pubmail = x($_POST, 'mail_pubmail') ? $_POST['mail_pubmail'] : '';
$mail_disabled = function_exists('imap_open') && !get_config('system', 'imap_disabled') ? 0 : 1;
if (get_config('system', 'dfrn_only')) {
$mail_disabled = 1;
}
if (!$mail_disabled) {
$failed = false;
$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", intval(local_user()));
if (!count($r)) {
q("INSERT INTO `mailacct` (`uid`) VALUES (%d)", intval(local_user()));
}
if (strlen($mail_pass)) {
$pass = '';
openssl_public_encrypt($mail_pass, $pass, $a->user['pubkey']);
q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d", dbesc(bin2hex($pass)), intval(local_user()));
}
$r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s',\n\t\t\t\t\t`action` = %d, `movetofolder` = '%s',\n\t\t\t\t\t`mailbox` = 'INBOX', `reply_to` = '%s', `pubmail` = %d WHERE `uid` = %d", dbesc($mail_server), intval($mail_port), dbesc($mail_ssl), dbesc($mail_user), intval($mail_action), dbesc($mail_movetofolder), dbesc($mail_replyto), intval($mail_pubmail), intval(local_user()));
logger("mail: updating mailaccount. Response: " . print_r($r, true));
$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", intval(local_user()));
if (count($r)) {
$eacct = $r[0];
require_once 'include/email.php';
$mb = construct_mailbox_name($eacct);
if (strlen($eacct['server'])) {
$dcrpass = '';
openssl_private_decrypt(hex2bin($eacct['pass']), $dcrpass, $a->user['prvkey']);
$mbox = email_connect($mb, $mail_user, $dcrpass);
unset($dcrpass);
if (!$mbox) {
$failed = true;
notice(t('Failed to connect with email account using the settings provided.') . EOL);
}
}
}
if (!$failed) {
info(t('Email settings updated.') . EOL);
}
}
}
call_hooks('connector_settings_post', $_POST);
return;
}
if ($a->argc > 1 && $a->argv[1] === 'features') {
check_form_security_token_redirectOnErr('/settings/features', 'settings_features');
foreach ($_POST as $k => $v) {
if (strpos($k, 'feature_') === 0) {
set_pconfig(local_user(), 'feature', substr($k, 8), intval($v) ? 1 : 0);
}
}
info(t('Features updated') . EOL);
return;
}
if ($a->argc > 1 && $a->argv[1] === 'display') {
check_form_security_token_redirectOnErr('/settings/display', 'settings_display');
$theme = x($_POST, 'theme') ? notags(trim($_POST['theme'])) : $a->user['theme'];
$mobile_theme = x($_POST, 'mobile_theme') ? notags(trim($_POST['mobile_theme'])) : '';
$nosmile = x($_POST, 'nosmile') ? intval($_POST['nosmile']) : 0;
$noinfo = x($_POST, 'noinfo') ? intval($_POST['noinfo']) : 0;
$infinite_scroll = x($_POST, 'infinite_scroll') ? intval($_POST['infinite_scroll']) : 0;
$no_auto_update = x($_POST, 'no_auto_update') ? intval($_POST['no_auto_update']) : 0;
$browser_update = x($_POST, 'browser_update') ? intval($_POST['browser_update']) : 0;
$browser_update = $browser_update * 1000;
if ($browser_update < 10000) {
$browser_update = 10000;
}
$itemspage_network = x($_POST, 'itemspage_network') ? intval($_POST['itemspage_network']) : 40;
if ($itemspage_network > 100) {
$itemspage_network = 100;
}
$itemspage_mobile_network = x($_POST, 'itemspage_mobile_network') ? intval($_POST['itemspage_mobile_network']) : 20;
if ($itemspage_mobile_network > 100) {
$itemspage_mobile_network = 100;
}
if ($mobile_theme !== '') {
set_pconfig(local_user(), 'system', 'mobile_theme', $mobile_theme);
}
set_pconfig(local_user(), 'system', 'update_interval', $browser_update);
set_pconfig(local_user(), 'system', 'itemspage_network', $itemspage_network);
set_pconfig(local_user(), 'system', 'itemspage_mobile_network', $itemspage_mobile_network);
set_pconfig(local_user(), 'system', 'no_smilies', $nosmile);
set_pconfig(local_user(), 'system', 'ignore_info', $noinfo);
set_pconfig(local_user(), 'system', 'infinite_scroll', $infinite_scroll);
set_pconfig(local_user(), 'system', 'no_auto_update', $no_auto_update);
if ($theme == $a->user['theme']) {
// call theme_post only if theme has not been changed
if (($themeconfigfile = get_theme_config_file($theme)) != null) {
require_once $themeconfigfile;
theme_post($a);
}
}
$r = q("UPDATE `user` SET `theme` = '%s' WHERE `uid` = %d", dbesc($theme), intval(local_user()));
call_hooks('display_settings_post', $_POST);
goaway($a->get_baseurl(true) . '/settings/display');
return;
// NOTREACHED
}
check_form_security_token_redirectOnErr('/settings', 'settings');
if (x($_POST, 'resend_relocate')) {
proc_run('php', 'include/notifier.php', 'relocate', local_user());
info(t("Relocate message has been send to your contacts"));
goaway($a->get_baseurl(true) . '/settings');
}
call_hooks('settings_post', $_POST);
if (x($_POST, 'password') || x($_POST, 'confirm')) {
$newpass = $_POST['password'];
$confirm = $_POST['confirm'];
$oldpass = hash('whirlpool', $_POST['opassword']);
$err = false;
if ($newpass != $confirm) {
notice(t('Passwords do not match. Password unchanged.') . EOL);
$err = true;
}
if (!x($newpass) || !x($confirm)) {
notice(t('Empty passwords are not allowed. Password unchanged.') . EOL);
$err = true;
}
// check if the old password was supplied correctly before
// changing it to the new value
$r = q("SELECT `password` FROM `user`WHERE `uid` = %d LIMIT 1", intval(local_user()));
if ($oldpass != $r[0]['password']) {
notice(t('Wrong password.') . EOL);
$err = true;
}
if (!$err) {
$password = hash('whirlpool', $newpass);
$r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d", dbesc($password), intval(local_user()));
if ($r) {
info(t('Password changed.') . EOL);
} else {
notice(t('Password update failed. Please try again.') . EOL);
}
}
}
$username = x($_POST, 'username') ? notags(trim($_POST['username'])) : '';
$email = x($_POST, 'email') ? notags(trim($_POST['email'])) : '';
$timezone = x($_POST, 'timezone') ? notags(trim($_POST['timezone'])) : '';
$defloc = x($_POST, 'defloc') ? notags(trim($_POST['defloc'])) : '';
$openid = x($_POST, 'openid_url') ? notags(trim($_POST['openid_url'])) : '';
$maxreq = x($_POST, 'maxreq') ? intval($_POST['maxreq']) : 0;
$expire = x($_POST, 'expire') ? intval($_POST['expire']) : 0;
$def_gid = x($_POST, 'group-selection') ? intval($_POST['group-selection']) : 0;
$expire_items = x($_POST, 'expire_items') ? intval($_POST['expire_items']) : 0;
$expire_notes = x($_POST, 'expire_notes') ? intval($_POST['expire_notes']) : 0;
$expire_starred = x($_POST, 'expire_starred') ? intval($_POST['expire_starred']) : 0;
$expire_photos = x($_POST, 'expire_photos') ? intval($_POST['expire_photos']) : 0;
$expire_network_only = x($_POST, 'expire_network_only') ? intval($_POST['expire_network_only']) : 0;
$allow_location = x($_POST, 'allow_location') && intval($_POST['allow_location']) == 1 ? 1 : 0;
$publish = x($_POST, 'profile_in_directory') && intval($_POST['profile_in_directory']) == 1 ? 1 : 0;
$net_publish = x($_POST, 'profile_in_netdirectory') && intval($_POST['profile_in_netdirectory']) == 1 ? 1 : 0;
$old_visibility = x($_POST, 'visibility') && intval($_POST['visibility']) == 1 ? 1 : 0;
$page_flags = x($_POST, 'page-flags') && intval($_POST['page-flags']) ? intval($_POST['page-flags']) : 0;
$blockwall = x($_POST, 'blockwall') && intval($_POST['blockwall']) == 1 ? 0 : 1;
// this setting is inverted!
$blocktags = x($_POST, 'blocktags') && intval($_POST['blocktags']) == 1 ? 0 : 1;
// this setting is inverted!
$unkmail = x($_POST, 'unkmail') && intval($_POST['unkmail']) == 1 ? 1 : 0;
$cntunkmail = x($_POST, 'cntunkmail') ? intval($_POST['cntunkmail']) : 0;
$suggestme = x($_POST, 'suggestme') ? intval($_POST['suggestme']) : 0;
$hide_friends = $_POST['hide-friends'] == 1 ? 1 : 0;
$hidewall = $_POST['hidewall'] == 1 ? 1 : 0;
$post_newfriend = $_POST['post_newfriend'] == 1 ? 1 : 0;
$post_joingroup = $_POST['post_joingroup'] == 1 ? 1 : 0;
$post_profilechange = $_POST['post_profilechange'] == 1 ? 1 : 0;
$email_textonly = $_POST['email_textonly'] == 1 ? 1 : 0;
$notify = 0;
if (x($_POST, 'notify1')) {
$notify += intval($_POST['notify1']);
}
if (x($_POST, 'notify2')) {
$notify += intval($_POST['notify2']);
}
if (x($_POST, 'notify3')) {
$notify += intval($_POST['notify3']);
}
if (x($_POST, 'notify4')) {
$notify += intval($_POST['notify4']);
}
if (x($_POST, 'notify5')) {
$notify += intval($_POST['notify5']);
}
if (x($_POST, 'notify6')) {
$notify += intval($_POST['notify6']);
}
if (x($_POST, 'notify7')) {
$notify += intval($_POST['notify7']);
}
if (x($_POST, 'notify8')) {
$notify += intval($_POST['notify8']);
}
$email_changed = false;
$err = '';
$name_change = false;
if ($username != $a->user['username']) {
$name_change = true;
if (strlen($username) > 40) {
$err .= t(' Please use a shorter name.');
}
if (strlen($username) < 3) {
$err .= t(' Name too short.');
}
}
if ($email != $a->user['email']) {
$email_changed = true;
// check for the correct password
$r = q("SELECT `password` FROM `user`WHERE `uid` = %d LIMIT 1", intval(local_user()));
$password = hash('whirlpool', $_POST['mpassword']);
if ($password != $r[0]['password']) {
$err .= t('Wrong Password') . EOL;
$email = $a->user['email'];
}
// check the email is valid
if (!valid_email($email)) {
$err .= t(' Not valid email.');
}
// ensure new email is not the admin mail
//if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0)) {
if (x($a->config, 'admin_email')) {
$adminlist = explode(",", str_replace(" ", "", strtolower($a->config['admin_email'])));
if (in_array(strtolower($email), $adminlist)) {
$err .= t(' Cannot change to that email.');
$email = $a->user['email'];
}
}
}
if (strlen($err)) {
notice($err . EOL);
return;
}
if ($timezone != $a->user['timezone']) {
if (strlen($timezone)) {
date_default_timezone_set($timezone);
}
}
$str_group_allow = perms2str($_POST['group_allow']);
$str_contact_allow = perms2str($_POST['contact_allow']);
$str_group_deny = perms2str($_POST['group_deny']);
$str_contact_deny = perms2str($_POST['contact_deny']);
$openidserver = $a->user['openidserver'];
$openid = normalise_openid($openid);
// If openid has changed or if there's an openid but no openidserver, try and discover it.
if ($openid != $a->user['openid'] || strlen($openid) && !strlen($openidserver)) {
$tmp_str = $openid;
if (strlen($tmp_str) && validate_url($tmp_str)) {
logger('updating openidserver');
require_once 'library/openid.php';
$open_id_obj = new LightOpenID();
$open_id_obj->identity = $openid;
$openidserver = $open_id_obj->discover($open_id_obj->identity);
} else {
$openidserver = '';
}
}
set_pconfig(local_user(), 'expire', 'items', $expire_items);
set_pconfig(local_user(), 'expire', 'notes', $expire_notes);
set_pconfig(local_user(), 'expire', 'starred', $expire_starred);
set_pconfig(local_user(), 'expire', 'photos', $expire_photos);
set_pconfig(local_user(), 'expire', 'network_only', $expire_network_only);
set_pconfig(local_user(), 'system', 'suggestme', $suggestme);
set_pconfig(local_user(), 'system', 'post_newfriend', $post_newfriend);
set_pconfig(local_user(), 'system', 'post_joingroup', $post_joingroup);
set_pconfig(local_user(), 'system', 'post_profilechange', $post_profilechange);
set_pconfig(local_user(), 'system', 'email_textonly', $email_textonly);
if ($page_flags == PAGE_PRVGROUP) {
$hidewall = 1;
if (!$str_contact_allow && !$str_group_allow && !$str_contact_deny && !$str_group_deny) {
if ($def_gid) {
info(t('Private forum has no privacy permissions. Using default privacy group.') . EOL);
$str_group_allow = '<' . $def_gid . '>';
} else {
notice(t('Private forum has no privacy permissions and no default privacy group.') . EOL);
}
}
}
$r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `def_gid` = %d, `blockwall` = %d, `hidewall` = %d, `blocktags` = %d, `unkmail` = %d, `cntunkmail` = %d WHERE `uid` = %d", dbesc($username), dbesc($email), dbesc($openid), dbesc($timezone), dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), intval($notify), intval($page_flags), dbesc($defloc), intval($allow_location), intval($maxreq), intval($expire), dbesc($openidserver), intval($def_gid), intval($blockwall), intval($hidewall), intval($blocktags), intval($unkmail), intval($cntunkmail), intval(local_user()));
if ($r) {
info(t('Settings updated.') . EOL);
}
$r = q("UPDATE `profile`\n\t\tSET `publish` = %d,\n\t\t`name` = '%s',\n\t\t`net-publish` = %d,\n\t\t`hide-friends` = %d\n\t\tWHERE `is-default` = 1 AND `uid` = %d", intval($publish), dbesc($username), intval($net_publish), intval($hide_friends), intval(local_user()));
if ($name_change) {
q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `self` = 1", dbesc($username), dbesc(datetime_convert()), intval(local_user()));
}
if ($old_visibility != $net_publish || $page_flags != $old_page_flags) {
// Update global directory in background
$url = $_SESSION['my_url'];
if ($url && strlen(get_config('system', 'directory_submit_url'))) {
proc_run('php', "include/directory.php", "{$url}");
}
}
require_once 'include/profile_update.php';
profile_change();
//$_SESSION['theme'] = $theme;
if ($email_changed && $a->config['register_policy'] == REGISTER_VERIFY) {
// FIXME - set to un-verified, blocked and redirect to logout
// Why? Are we verifying people or email addresses?
}
goaway($a->get_baseurl(true) . '/settings');
return;
// NOTREACHED
}
function settings_post(&$a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
if (count($a->user) && x($a->user, 'uid') && $a->user['uid'] != local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
if ($a->argc > 1 && $a->argv[1] === 'oauth' && x($_POST, 'remove')) {
$key = $_POST['remove'];
q("DELETE FROM tokens WHERE id='%s' AND uid=%d", dbesc($key), local_user());
goaway($a->get_baseurl() . "/settings/oauth/");
return;
}
if ($a->argc > 2 && $a->argv[1] === 'oauth' && ($a->argv[2] === 'edit' || $a->argv[2] === 'add') && x($_POST, 'submit')) {
$name = x($_POST, 'name') ? $_POST['name'] : '';
$key = x($_POST, 'key') ? $_POST['key'] : '';
$secret = x($_POST, 'secret') ? $_POST['secret'] : '';
$redirect = x($_POST, 'redirect') ? $_POST['redirect'] : '';
$icon = x($_POST, 'icon') ? $_POST['icon'] : '';
if ($name == "" || $key == "" || $secret == "") {
notice(t("Missing some important data!"));
} else {
if ($_POST['submit'] == t("Update")) {
$r = q("UPDATE clients SET\n\t\t\t\t\t\t\tclient_id='%s',\n\t\t\t\t\t\t\tpw='%s',\n\t\t\t\t\t\t\tname='%s',\n\t\t\t\t\t\t\tredirect_uri='%s',\n\t\t\t\t\t\t\ticon='%s',\n\t\t\t\t\t\t\tuid=%d\n\t\t\t\t\t\tWHERE client_id='%s'", dbesc($key), dbesc($secret), dbesc($name), dbesc($redirect), dbesc($icon), local_user(), dbesc($key));
} else {
$r = q("INSERT INTO clients\n\t\t\t\t\t\t\t(client_id, pw, name, redirect_uri, icon, uid)\n\t\t\t\t\t\tVALUES ('%s','%s','%s','%s','%s',%d)", dbesc($key), dbesc($secret), dbesc($name), dbesc($redirect), dbesc($icon), local_user());
}
}
goaway($a->get_baseurl() . "/settings/oauth/");
return;
}
if ($a->argc > 1 && $a->argv[1] == 'addon') {
call_hooks('plugin_settings_post', $_POST);
return;
}
if ($a->argc > 1 && $a->argv[1] == 'connectors') {
if (x($_POST['imap-submit'])) {
$mail_server = x($_POST, 'mail_server') ? $_POST['mail_server'] : '';
$mail_port = x($_POST, 'mail_port') ? $_POST['mail_port'] : '';
$mail_ssl = x($_POST, 'mail_ssl') ? strtolower(trim($_POST['mail_ssl'])) : '';
$mail_user = x($_POST, 'mail_user') ? $_POST['mail_user'] : '';
$mail_pass = x($_POST, 'mail_pass') ? trim($_POST['mail_pass']) : '';
$mail_replyto = x($_POST, 'mail_replyto') ? $_POST['mail_replyto'] : '';
$mail_pubmail = x($_POST, 'mail_pubmail') ? $_POST['mail_pubmail'] : '';
$mail_disabled = function_exists('imap_open') && !get_config('system', 'imap_disabled') ? 0 : 1;
if (get_config('system', 'dfrn_only')) {
$mail_disabled = 1;
}
if (!$mail_disabled) {
$failed = false;
$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", intval(local_user()));
if (!count($r)) {
q("INSERT INTO `mailacct` (`uid`) VALUES (%d)", intval(local_user()));
}
if (strlen($mail_pass)) {
$pass = '';
openssl_public_encrypt($mail_pass, $pass, $a->user['pubkey']);
q("UPDATE `mailacct` SET `pass` = '%s' WHERE `uid` = %d LIMIT 1", dbesc(bin2hex($pass)), intval(local_user()));
}
$r = q("UPDATE `mailacct` SET `server` = '%s', `port` = %d, `ssltype` = '%s', `user` = '%s',\n\t\t\t\t\t`mailbox` = 'INBOX', `reply_to` = '%s', `pubmail` = %d WHERE `uid` = %d LIMIT 1", dbesc($mail_server), intval($mail_port), dbesc($mail_ssl), dbesc($mail_user), dbesc($mail_replyto), intval($mail_pubmail), intval(local_user()));
$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", intval(local_user()));
if (count($r)) {
$eacct = $r[0];
require_once 'include/email.php';
$mb = construct_mailbox_name($eacct);
if (strlen($eacct['server'])) {
$dcrpass = '';
openssl_private_decrypt(hex2bin($eacct['pass']), $dcrpass, $a->user['prvkey']);
$mbox = email_connect($mb, $mail_user, $dcrpass);
unset($dcrpass);
if (!$mbox) {
$failed = true;
notice(t('Failed to connect with email account using the settings provided.') . EOL);
}
}
}
if (!$failed) {
info(t('Email settings updated.') . EOL);
}
}
}
call_hooks('connector_settings_post', $_POST);
return;
}
call_hooks('settings_post', $_POST);
if (x($_POST, 'npassword') || x($_POST, 'confirm')) {
$newpass = $_POST['npassword'];
$confirm = $_POST['confirm'];
$err = false;
if ($newpass != $confirm) {
notice(t('Passwords do not match. Password unchanged.') . EOL);
$err = true;
}
if (!x($newpass) || !x($confirm)) {
notice(t('Empty passwords are not allowed. Password unchanged.') . EOL);
$err = true;
}
if (!$err) {
$password = hash('whirlpool', $newpass);
$r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d LIMIT 1", dbesc($password), intval(local_user()));
if ($r) {
info(t('Password changed.') . EOL);
} else {
notice(t('Password update failed. Please try again.') . EOL);
}
}
}
$theme = x($_POST, 'theme') ? notags(trim($_POST['theme'])) : '';
$username = x($_POST, 'username') ? notags(trim($_POST['username'])) : '';
$email = x($_POST, 'email') ? notags(trim($_POST['email'])) : '';
$timezone = x($_POST, 'timezone') ? notags(trim($_POST['timezone'])) : '';
$defloc = x($_POST, 'defloc') ? notags(trim($_POST['defloc'])) : '';
$openid = x($_POST, 'openid_url') ? notags(trim($_POST['openid_url'])) : '';
$maxreq = x($_POST, 'maxreq') ? intval($_POST['maxreq']) : 0;
$expire = x($_POST, 'expire') ? intval($_POST['expire']) : 0;
$expire_items = x($_POST, 'expire_items') ? intval($_POST['expire_items']) : 0;
$expire_notes = x($_POST, 'expire_notes') ? intval($_POST['expire_notes']) : 0;
$expire_starred = x($_POST, 'expire_starred') ? intval($_POST['expire_starred']) : 0;
$expire_photos = x($_POST, 'expire_photos') ? intval($_POST['expire_photos']) : 0;
$allow_location = x($_POST, 'allow_location') && intval($_POST['allow_location']) == 1 ? 1 : 0;
$publish = x($_POST, 'profile_in_directory') && intval($_POST['profile_in_directory']) == 1 ? 1 : 0;
$net_publish = x($_POST, 'profile_in_netdirectory') && intval($_POST['profile_in_netdirectory']) == 1 ? 1 : 0;
$old_visibility = x($_POST, 'visibility') && intval($_POST['visibility']) == 1 ? 1 : 0;
$page_flags = x($_POST, 'page-flags') && intval($_POST['page-flags']) ? intval($_POST['page-flags']) : 0;
$blockwall = x($_POST, 'blockwall') && intval($_POST['blockwall']) == 1 ? 0 : 1;
// this setting is inverted!
$blocktags = x($_POST, 'blocktags') && intval($_POST['blocktags']) == 1 ? 0 : 1;
// this setting is inverted!
$suggestme = x($_POST, 'suggestme') ? intval($_POST['suggestme']) : 0;
$hide_friends = $_POST['hide-friends'] == 1 ? 1 : 0;
$hidewall = $_POST['hidewall'] == 1 ? 1 : 0;
$notify = 0;
if (x($_POST, 'notify1')) {
$notify += intval($_POST['notify1']);
}
if (x($_POST, 'notify2')) {
$notify += intval($_POST['notify2']);
}
if (x($_POST, 'notify3')) {
$notify += intval($_POST['notify3']);
}
if (x($_POST, 'notify4')) {
$notify += intval($_POST['notify4']);
}
if (x($_POST, 'notify5')) {
$notify += intval($_POST['notify5']);
}
$email_changed = false;
$err = '';
$name_change = false;
if ($username != $a->user['username']) {
$name_change = true;
if (strlen($username) > 40) {
$err .= t(' Please use a shorter name.');
}
if (strlen($username) < 3) {
$err .= t(' Name too short.');
}
}
if ($email != $a->user['email']) {
$email_changed = true;
if (!valid_email($email)) {
$err .= t(' Not valid email.');
}
if (x($a->config, 'admin_email') && strcasecmp($email, $a->config['admin_email']) == 0) {
$err .= t(' Cannot change to that email.');
$email = $a->user['email'];
}
}
if (strlen($err)) {
notice($err . EOL);
return;
}
if ($timezone != $a->user['timezone']) {
if (strlen($timezone)) {
date_default_timezone_set($timezone);
}
}
$str_group_allow = perms2str($_POST['group_allow']);
$str_contact_allow = perms2str($_POST['contact_allow']);
$str_group_deny = perms2str($_POST['group_deny']);
$str_contact_deny = perms2str($_POST['contact_deny']);
$openidserver = $a->user['openidserver'];
// If openid has changed or if there's an openid but no openidserver, try and discover it.
if ($openid != $a->user['openid'] || strlen($openid) && !strlen($openidserver)) {
$tmp_str = $openid;
if (strlen($tmp_str) && validate_url($tmp_str)) {
logger('updating openidserver');
require_once 'library/openid.php';
$open_id_obj = new LightOpenID();
$open_id_obj->identity = $openid;
$openidserver = $open_id_obj->discover($open_id_obj->identity);
} else {
$openidserver = '';
}
}
set_pconfig(local_user(), 'expire', 'items', $expire_items);
set_pconfig(local_user(), 'expire', 'notes', $expire_notes);
set_pconfig(local_user(), 'expire', 'starred', $expire_starred);
set_pconfig(local_user(), 'expire', 'photos', $expire_photos);
set_pconfig(local_user(), 'system', 'suggestme', $suggestme);
$r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `theme` = '%s', `maxreq` = %d, `expire` = %d, `openidserver` = '%s', `blockwall` = %d, `hidewall` = %d, `blocktags` = %d WHERE `uid` = %d LIMIT 1", dbesc($username), dbesc($email), dbesc($openid), dbesc($timezone), dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), intval($notify), intval($page_flags), dbesc($defloc), intval($allow_location), dbesc($theme), intval($maxreq), intval($expire), dbesc($openidserver), intval($blockwall), intval($hidewall), intval($blocktags), intval(local_user()));
if ($r) {
info(t('Settings updated.') . EOL);
}
$r = q("UPDATE `profile` \n\t\tSET `publish` = %d, \n\t\t`net-publish` = %d,\n\t\t`hide-friends` = %d\n\t\tWHERE `is-default` = 1 AND `uid` = %d LIMIT 1", intval($publish), intval($net_publish), intval($hide_friends), intval(local_user()));
if ($name_change) {
q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `self` = 1 LIMIT 1", dbesc($username), dbesc(datetime_convert()), intval(local_user()));
}
if ($old_visibility != $net_publish) {
// Update global directory in background
$url = $_SESSION['my_url'];
if ($url && strlen(get_config('system', 'directory_submit_url'))) {
proc_run('php', "include/directory.php", "{$url}");
}
}
require_once 'include/profile_update.php';
profile_change();
$_SESSION['theme'] = $theme;
if ($email_changed && $a->config['register_policy'] == REGISTER_VERIFY) {
// FIXME - set to un-verified, blocked and redirect to logout
}
goaway($a->get_baseurl() . '/settings');
return;
// NOTREACHED
}
