1 | <?php |
---|
2 | // +-----------------------------------------------------------------------+ |
---|
3 | // | PhpWebGallery - a PHP based picture gallery | |
---|
4 | // | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net | |
---|
5 | // | Copyright (C) 2003-2004 PhpWebGallery Team - http://phpwebgallery.net | |
---|
6 | // +-----------------------------------------------------------------------+ |
---|
7 | // | branch : BSF (Best So Far) |
---|
8 | // | file : $RCSfile$ |
---|
9 | // | last update : $Date: 2004-12-03 16:30:12 +0000 (Fri, 03 Dec 2004) $ |
---|
10 | // | last modifier : $Author: gweltas $ |
---|
11 | // | revision : $Revision: 631 $ |
---|
12 | // +-----------------------------------------------------------------------+ |
---|
13 | // | This program is free software; you can redistribute it and/or modify | |
---|
14 | // | it under the terms of the GNU General Public License as published by | |
---|
15 | // | the Free Software Foundation | |
---|
16 | // | | |
---|
17 | // | This program is distributed in the hope that it will be useful, but | |
---|
18 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
19 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
20 | // | General Public License for more details. | |
---|
21 | // | | |
---|
22 | // | You should have received a copy of the GNU General Public License | |
---|
23 | // | along with this program; if not, write to the Free Software | |
---|
24 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
25 | // | USA. | |
---|
26 | // +-----------------------------------------------------------------------+ |
---|
27 | |
---|
28 | // customize appearance of the site for a user |
---|
29 | // +-----------------------------------------------------------------------+ |
---|
30 | // | initialization | |
---|
31 | // +-----------------------------------------------------------------------+ |
---|
32 | $userdata = array(); |
---|
33 | if ( defined('IN_ADMIN') && isset( $_POST['submituser'] ) ) |
---|
34 | { |
---|
35 | $userdata = getuserdata($_POST['username']); |
---|
36 | } |
---|
37 | elseif (defined('IN_ADMIN') && isset( $_POST['submit'] )) |
---|
38 | { |
---|
39 | $userdata = getuserdata(intval($_POST['userid'])); |
---|
40 | } |
---|
41 | elseif (!defined('IN_ADMIN')) |
---|
42 | { |
---|
43 | define('PHPWG_ROOT_PATH','./'); |
---|
44 | include_once(PHPWG_ROOT_PATH.'include/common.inc.php'); |
---|
45 | check_login_authorization(false); |
---|
46 | $userdata=$user; |
---|
47 | } |
---|
48 | //------------------------------------------------------ update & customization |
---|
49 | $infos = array( 'nb_image_line', 'nb_line_page', 'language', |
---|
50 | 'maxwidth', 'maxheight', 'expand', 'show_nb_comments', |
---|
51 | 'recent_period', 'template', 'mail_address'); |
---|
52 | // mise à jour dans la base de données des valeurs |
---|
53 | // des paramètres pour l'utilisateur courant |
---|
54 | // - on teste si chacune des variables est passée en argument à la page |
---|
55 | // - ce qui signifie que l'on doit venir de la page de personnalisation |
---|
56 | $errors = array(); |
---|
57 | if ( isset( $_POST['submit'] ) ) |
---|
58 | { |
---|
59 | $int_pattern = '/^\d+$/'; |
---|
60 | if ( $_POST['maxwidth'] != '' |
---|
61 | and ( !preg_match( $int_pattern, $_POST['maxwidth'] ) |
---|
62 | or $_POST['maxwidth'] < 50 ) ) |
---|
63 | { |
---|
64 | array_push( $errors, $lang['maxwidth_error'] ); |
---|
65 | } |
---|
66 | if ( $_POST['maxheight'] |
---|
67 | and ( !preg_match( $int_pattern, $_POST['maxheight'] ) |
---|
68 | or $_POST['maxheight'] < 50 ) ) |
---|
69 | { |
---|
70 | array_push( $errors, $lang['maxheight_error'] ); |
---|
71 | } |
---|
72 | // periods must be integer values, they represents number of days |
---|
73 | if (!preg_match($int_pattern, $_POST['recent_period']) |
---|
74 | or $_POST['recent_period'] <= 0) |
---|
75 | { |
---|
76 | array_push( $errors, $lang['periods_error'] ); |
---|
77 | } |
---|
78 | |
---|
79 | if ( $_POST['mail_address']!= $userdata['mail_address']) |
---|
80 | { |
---|
81 | if ($user['status'] == 'admin') |
---|
82 | { |
---|
83 | $mail_error = validate_mail_address( $_POST['mail_address'] ); |
---|
84 | if ( !empty($mail_error)) array_push( $errors, $mail_error ); |
---|
85 | } |
---|
86 | elseif (!empty($_POST['password'])) |
---|
87 | array_push( $errors, $lang['reg_err_pass'] ); |
---|
88 | else |
---|
89 | { |
---|
90 | // retrieving the encrypted password of the login submitted |
---|
91 | $query = 'SELECT password FROM '.USERS_TABLE.' |
---|
92 | WHERE username = \''.$userdata['username'].'\';'; |
---|
93 | $row = mysql_fetch_array(pwg_query($query)); |
---|
94 | if ($row['password'] == md5($_POST['password'])) |
---|
95 | { |
---|
96 | $mail_error = validate_mail_address( $_POST['mail_address'] ); |
---|
97 | if ( !empty($mail_error)) array_push( $errors, $mail_error ); |
---|
98 | } |
---|
99 | else |
---|
100 | array_push( $errors, $lang['reg_err_pass'] ); |
---|
101 | |
---|
102 | } |
---|
103 | } |
---|
104 | |
---|
105 | // password must be the same as its confirmation |
---|
106 | if ( !empty( $_POST['use_new_pwd'] ) |
---|
107 | and $_POST['use_new_pwd'] != $_POST['passwordConf'] ) |
---|
108 | array_push( $errors, $lang['reg_err_pass'] ); |
---|
109 | |
---|
110 | // We check if we are in the admin level |
---|
111 | if (isset ($_POST['user_delete'])) |
---|
112 | { |
---|
113 | if ($_POST['userid'] > 2) // gallery founder + guest |
---|
114 | { |
---|
115 | delete_user($_POST['userid']); |
---|
116 | } |
---|
117 | else |
---|
118 | array_push( $errors, $lang['user_err_modify'] ); |
---|
119 | } |
---|
120 | |
---|
121 | // We check if we are in the admin level |
---|
122 | if (isset ($_POST['status']) && $_POST['status'] <> $userdata['status']) |
---|
123 | { |
---|
124 | if ($_POST['userid'] > 2) // gallery founder + guest |
---|
125 | { |
---|
126 | array_push($infos, 'status'); |
---|
127 | } |
---|
128 | else |
---|
129 | array_push( $errors, $lang['user_err_modify'] ); |
---|
130 | } |
---|
131 | |
---|
132 | if ( count( $errors ) == 0 ) |
---|
133 | { |
---|
134 | $query = 'UPDATE '.USERS_TABLE; |
---|
135 | $query.= ' SET '; |
---|
136 | foreach ( $infos as $i => $info ) { |
---|
137 | if ( $i > 0 ) $query.= ','; |
---|
138 | $query.= $info; |
---|
139 | $query.= ' = '; |
---|
140 | if ( $_POST[$info] == '' ) $query.= 'NULL'; |
---|
141 | else $query.= "'".$_POST[$info]."'"; |
---|
142 | } |
---|
143 | $query.= ' WHERE id = '.$_POST['userid']; |
---|
144 | $query.= ';'; |
---|
145 | pwg_query( $query ); |
---|
146 | |
---|
147 | if ( !empty( $_POST['use_new_pwd'] ) ) |
---|
148 | { |
---|
149 | $query = 'UPDATE '.USERS_TABLE; |
---|
150 | $query.= " SET password = '".md5( $_POST['use_new_pwd'] )."'"; |
---|
151 | $query.= ' WHERE id = '.$_POST['userid']; |
---|
152 | $query.= ';'; |
---|
153 | pwg_query( $query ); |
---|
154 | } |
---|
155 | |
---|
156 | // redirection |
---|
157 | if (!defined('IN_ADMIN')) |
---|
158 | { |
---|
159 | redirect(add_session_id(PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING'])); |
---|
160 | } |
---|
161 | else |
---|
162 | { |
---|
163 | redirect(add_session_id(PHPWG_ROOT_PATH.'admin.php?page=profile')); |
---|
164 | } |
---|
165 | } |
---|
166 | } |
---|
167 | |
---|
168 | // +-----------------------------------------------------------------------+ |
---|
169 | // | page header and options | |
---|
170 | // +-----------------------------------------------------------------------+ |
---|
171 | $url_action = PHPWG_ROOT_PATH; |
---|
172 | if (!defined('IN_ADMIN')) |
---|
173 | { |
---|
174 | $title= $lang['customize_page_title']; |
---|
175 | include(PHPWG_ROOT_PATH.'include/page_header.php'); |
---|
176 | $url_action .='profile.php'; |
---|
177 | } |
---|
178 | else |
---|
179 | { |
---|
180 | $url_action .='admin.php?page=profile'; |
---|
181 | } |
---|
182 | //----------------------------------------------------- template initialization |
---|
183 | |
---|
184 | $template->set_filenames(array('profile_body'=>'profile.tpl')); |
---|
185 | if ( defined('IN_ADMIN') && empty($userdata)) |
---|
186 | { |
---|
187 | $template->assign_block_vars('select_user',array()); |
---|
188 | $template->assign_vars(array( |
---|
189 | 'L_SELECT_USERNAME'=>$lang['Select_username'], |
---|
190 | 'L_LOOKUP_USER'=>$lang['Look_up_user'], |
---|
191 | 'L_FIND_USERNAME'=>$lang['Find_username'], |
---|
192 | 'L_AUTH_USER'=>$lang['permuser_only_private'], |
---|
193 | 'L_SUBMIT'=>$lang['submit'], |
---|
194 | |
---|
195 | 'F_SEARCH_USER_ACTION' => add_session_id(PHPWG_ROOT_PATH.'admin.php?page=profile'), |
---|
196 | 'U_SEARCH_USER' => add_session_id(PHPWG_ROOT_PATH.'admin/search.php') |
---|
197 | )); |
---|
198 | } |
---|
199 | else |
---|
200 | { |
---|
201 | $expand = ($userdata['expand']=='true')?'EXPAND_TREE_YES':'EXPAND_TREE_NO'; |
---|
202 | $nb_comments = ($userdata['show_nb_comments']=='true')?'NB_COMMENTS_YES':'NB_COMMENTS_NO'; |
---|
203 | |
---|
204 | $template->assign_block_vars('modify',array()); |
---|
205 | $template->assign_vars(array( |
---|
206 | 'USERNAME'=>$userdata['username'], |
---|
207 | 'USERID'=>$userdata['id'], |
---|
208 | 'EMAIL'=>$userdata['mail_address'], |
---|
209 | 'LANG_SELECT'=>language_select($userdata['language'], 'language'), |
---|
210 | 'NB_IMAGE_LINE'=>$userdata['nb_image_line'], |
---|
211 | 'NB_ROW_PAGE'=>$userdata['nb_line_page'], |
---|
212 | 'STYLE_SELECT'=>style_select($userdata['template'], 'template'), |
---|
213 | 'RECENT_PERIOD'=>$userdata['recent_period'], |
---|
214 | 'MAXWIDTH'=>$userdata['maxwidth'], |
---|
215 | 'MAXHEIGHT'=>$userdata['maxheight'], |
---|
216 | |
---|
217 | $expand=>'checked="checked"', |
---|
218 | $nb_comments=>'checked="checked"', |
---|
219 | |
---|
220 | 'L_TITLE' => $lang['customize_title'], |
---|
221 | 'L_REGISTRATION_INFO' => $lang['register_title'], |
---|
222 | 'L_PREFERENCES' => $lang['preferences'], |
---|
223 | 'L_USERNAME' => $lang['login'], |
---|
224 | 'L_EMAIL' => $lang['mail_address'], |
---|
225 | 'L_CURRENT_PASSWORD' => $lang['password'], |
---|
226 | 'L_CURRENT_PASSWORD_HINT' => $lang['password_hint'], |
---|
227 | 'L_NEW_PASSWORD' => $lang['new_password'], |
---|
228 | 'L_NEW_PASSWORD_HINT' => $lang['new_password_hint'], |
---|
229 | 'L_CONFIRM_PASSWORD' => $lang['reg_confirm'], |
---|
230 | 'L_CONFIRM_PASSWORD_HINT' => $lang['confirm_password_hint'], |
---|
231 | 'L_LANG_SELECT'=>$lang['language'], |
---|
232 | 'L_NB_IMAGE_LINE'=>$lang['nb_image_per_row'], |
---|
233 | 'L_NB_ROW_PAGE'=>$lang['nb_row_per_page'], |
---|
234 | 'L_STYLE_SELECT'=>$lang['theme'], |
---|
235 | 'L_RECENT_PERIOD'=>$lang['recent_period'], |
---|
236 | 'L_EXPAND_TREE'=>$lang['auto_expand'], |
---|
237 | 'L_NB_COMMENTS'=>$lang['show_nb_comments'], |
---|
238 | 'L_MAXWIDTH'=>$lang['maxwidth'], |
---|
239 | 'L_MAXHEIGHT'=>$lang['maxheight'], |
---|
240 | 'L_YES'=>$lang['yes'], |
---|
241 | 'L_NO'=>$lang['no'], |
---|
242 | 'L_SUBMIT'=>$lang['submit'], |
---|
243 | 'L_RETURN' => $lang['home'], |
---|
244 | 'L_RETURN_HINT' => $lang['home_hint'], |
---|
245 | |
---|
246 | 'F_ACTION'=>add_session_id($url_action), |
---|
247 | |
---|
248 | 'U_RETURN' => add_session_id(PHPWG_ROOT_PATH.'category.php?'.$_SERVER['QUERY_STRING']) |
---|
249 | )); |
---|
250 | |
---|
251 | //-------------------------------------------------------------- errors display |
---|
252 | if ( sizeof( $errors ) != 0 ) |
---|
253 | { |
---|
254 | $template->assign_block_vars('modify.errors',array()); |
---|
255 | for ( $i = 0; $i < sizeof( $errors ); $i++ ) |
---|
256 | { |
---|
257 | $template->assign_block_vars('modify.errors.error',array('ERROR'=>$errors[$i])); |
---|
258 | } |
---|
259 | } |
---|
260 | //------------------------------------------------------------- user management |
---|
261 | if (defined('IN_ADMIN')) |
---|
262 | { |
---|
263 | $status_select = '<select name="status">'; |
---|
264 | $status_select .='<option value = "guest" '; |
---|
265 | if ($userdata['status'] == 'guest') $status_select .= 'selected="selected"'; |
---|
266 | $status_select .='>'.$lang['user_status_guest'] .'</option>'; |
---|
267 | $status_select .='<option value = "admin" '; |
---|
268 | if ($userdata['status'] == 'admin') $status_select .= 'selected="selected"'; |
---|
269 | $status_select .='>'.$lang['user_status_admin'] .'</option>'; |
---|
270 | $status_select .='</select>'; |
---|
271 | $template->assign_block_vars('modify.admin',array( |
---|
272 | 'L_ADMIN_USER'=>$lang['user_management'], |
---|
273 | 'L_STATUS'=>$lang['user_status'], |
---|
274 | 'L_DELETE'=>$lang['user_delete'], |
---|
275 | 'L_DELETE_HINT'=>$lang['user_delete_hint'], |
---|
276 | 'STATUS'=>$status_select |
---|
277 | )); |
---|
278 | } |
---|
279 | } |
---|
280 | // +-----------------------------------------------------------------------+ |
---|
281 | // | html code display | |
---|
282 | // +-----------------------------------------------------------------------+ |
---|
283 | if (defined('IN_ADMIN')) |
---|
284 | { |
---|
285 | $template->assign_var_from_handle('ADMIN_CONTENT', 'profile_body'); |
---|
286 | } |
---|
287 | else |
---|
288 | { |
---|
289 | $template->assign_block_vars('modify.profile',array()); |
---|
290 | $template->pparse('profile_body'); |
---|
291 | include(PHPWG_ROOT_PATH.'include/page_tail.php'); |
---|
292 | } |
---|
293 | ?> |
---|