PageRenderTime 52ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/chronique/UserSettings.php

http://chronique.googlecode.com/
PHP | 219 lines | 162 code | 43 blank | 14 comment | 33 complexity | a238baf0a7c4b1fc9889d5c5a0dcc59f MD5 | raw file
Possible License(s): AGPL-1.0, GPL-2.0, LGPL-2.1, MPL-2.0-no-copyleft-exception 
    

  1. <?php
    2. 

  2. 

  3. /* $Id: UserSettings.php 4752 2011-11-24 09:10:21Z daintree $*/
    4. 

  4. 

  5. include('includes/session.inc');
    6. 

  6. $title = _('User Settings');
    7. 

  7. include('includes/header.inc');
    8. 

  8. 

  9. echo '<p class="page_title_text"><img src="'.$rootpath.'/css/'.$theme.'/images/user.png" title="' .
    10. 

  10. 	_('User Settings') . '" alt="" />' . ' ' . _('User Settings') . '</p>';
    11. 

  11. 

  12. $PDFLanguages = array(_('Latin Western Languages'),
    13. 

  13. 					_('Eastern European Russian Japanese Korean Hebrew Arabic Thai'),
    14. 

  14. 					_('Chinese'));
    15. 

  15. 

  16. 

  17. if (isset($_POST['Modify'])) {
    18. 

  18. 	// no input errors assumed initially before we test
    19. 

  19. 	$InputError = 0;
    20. 

  20. 

  21. 	/* actions to take once the user has clicked the submit button
    22. 

  22. 	ie the page has called itself with some user input */
    23. 

  23. 

  24. 	//first off validate inputs sensible
    25. 

  25. 	if ($_POST['DisplayRecordsMax'] <= 0){
    26. 

  26. 		$InputError = 1;
    27. 

  27. 		prnMsg(_('The Maximum Number of Records on Display entered must not be negative') . '. ' . _('0 will default to system setting'),'error');
    28. 

  28. 	}
    29. 

  29. 

  30. 	//!!!for the demo only - enable this check so password is not changed
    31. 

  31.  /*
    32. 

  32. 	if ($_POST['pass'] != ''){
    33. 

  33. 		$InputError = 1;
    34. 

  34. 		prnMsg(_('Cannot change password in the demo or others would be locked out!'),'warn');
    35. 

  35. 	}
    36. 

  36.  */
    37. 

  37.  	$UpdatePassword = 'N';
    38. 

  38. 	
    39. 

  39. 	if ($_POST['PasswordCheck'] != ''){
    40. 

  40. 		if (mb_strlen($_POST['Password'])<5){
    41. 

  41. 			$InputError = 1;
    42. 

  42. 			prnMsg(_('The password entered must be at least 5 characters long'),'error');
    43. 

  43. 		} elseif (mb_strstr($_POST['Password'],$_SESSION['UserID'])!= False){
    44. 

  44. 			$InputError = 1;
    45. 

  45. 			prnMsg(_('The password cannot contain the user id'),'error');
    46. 

  46. 		}
    47. 

  47. 		if ($_POST['Password'] != $_POST['PasswordCheck']){
    48. 

  48. 			$InputError = 1;
    49. 

  49. 			prnMsg(_('The password and password confirmation fields entered do not match'),'error');
    50. 

  50. 		}else{
    51. 

  51. 			$UpdatePassword = 'Y';
    52. 

  52. 		}
    53. 

  53. 	}
    54. 

  54. 	
    55. 

  55. 

  56. 	if ($InputError != 1) {
    57. 

  57. 		// no errors
    58. 

  58. 		if ($UpdatePassword != 'Y'){
    59. 

  59. 			$sql = "UPDATE www_users
    60. 

  60. 				SET displayrecordsmax='" . $_POST['DisplayRecordsMax'] . "',
    61. 

  61. 					theme='" . $_POST['Theme'] . "',
    62. 

  62. 					language='" . $_POST['Language'] . "',
    63. 

  63. 					email='". $_POST['email'] ."',
    64. 

  64. 					pdflanguage='" . $_POST['PDFLanguage'] . "'
    65. 

  65. 				WHERE userid = '" . $_SESSION['UserID'] . "'";
    66. 

    67. 

  67. 			$ErrMsg =  _('The user alterations could not be processed because');
    68. 

  68. 			$DbgMsg = _('The SQL that was used to update the user and failed was');
    69. 

  69. 

  70. 			$result = DB_query($sql,$db, $ErrMsg, $DbgMsg);
    71. 

  71. 

  72. 			prnMsg( _('The user settings have been updated') . '. ' . _('Be sure to remember your password for the next time you login'),'success');
    73. 

  73. 		} else {
    74. 

  74. 			$sql = "UPDATE www_users
    75. 

  75. 				SET displayrecordsmax='" . $_POST['DisplayRecordsMax'] . "',
    76. 

  76. 					theme='" . $_POST['Theme'] . "',
    77. 

  77. 					language='" . $_POST['Language'] . "',
    78. 

  78. 					email='". $_POST['email'] ."',
    79. 

  79. 					pdflanguage='" . $_POST['PDFLanguage'] . "',
    80. 

  80. 					password='" . CryptPass($_POST['Password']) . "'
    81. 

  81. 				WHERE userid = '" . $_SESSION['UserID'] . "'";
    82. 

    83. 

  83. 			$ErrMsg =  _('The user alterations could not be processed because');
    84. 

  84. 			$DbgMsg = _('The SQL that was used to update the user and failed was');
    85. 

  85. 

  86. 			$result = DB_query($sql,$db, $ErrMsg, $DbgMsg);
    87. 

  87. 

  88. 			prnMsg(_('The user settings have been updated'),'success');
    89. 

  89. 		}
    90. 

  90. 	  // update the session variables to reflect user changes on-the-fly
    91. 

  91. 		$_SESSION['DisplayRecordsMax'] = $_POST['DisplayRecordsMax'];
    92. 

  92. 		$_SESSION['Theme'] = trim($_POST['Theme']); /*already set by session.inc but for completeness */
    93. 

  93. 		$theme = $_SESSION['Theme'];
    94. 

  94. 		$_SESSION['Language'] = trim($_POST['Language']);
    95. 

  95. 		$_SESSION['PDFLanguage'] = $_POST['PDFLanguage'];
    96. 

  96. 		include ('includes/LanguageSetup.php');
    97. 

  97. 

  98. 	}
    99. 

  99. }
    100. 

  100. 

  101. echo '<form method="post" action="' . htmlspecialchars($_SERVER['PHP_SELF']) . '">';
    102. 

  102. echo '<input type="hidden" name="FormID" value="' . $_SESSION['FormID'] . '" />';
    103. 

  103. 

  104. If (!isset($_POST['DisplayRecordsMax']) OR $_POST['DisplayRecordsMax']=='') {
    105. 

  105. 

  106.   $_POST['DisplayRecordsMax'] = $_SESSION['DefaultDisplayRecordsMax'];
    107. 

  107. 

  108. }
    109. 

  109. 

  110. echo '<table class="selection">
    111. 

  111. 		<tr>
    112. 

  112. 			<td>' . _('User ID') . ':</td>
    113. 

  113. 			<td>' . $_SESSION['UserID'] . '</td>
    114. 

  114. 		</tr>';
    115. 

    116. 

  116. echo '<tr>
    117. 

  117. 		<td>' . _('User Name') . ':</td>
    118. 

  118. 		<td>' . $_SESSION['UsersRealName'] . '</td>
    119. 

  119. 		<input type="hidden" name="RealName" value="'.$_SESSION['UsersRealName'].'" /></tr>';
    120. 

    121. 

  121. echo '<tr>
    122. 

  122. 	<td>' . _('Maximum Number of Records to Display') . ':</td>
    123. 

  123. 	<td><input type="text" class="number" name="DisplayRecordsMax" size="3" maxlength="3" value="' . $_POST['DisplayRecordsMax'] . '" ></td>
    124. 

  124. 	</tr>';
    125. 

    126. 

  126. 

  127. echo '<tr>
    128. 

  128. 	<td>' . _('Language') . ':</td>
    129. 

  129. 	<td><select name="Language">';
    130. 

  130. 	
    131. 

  131. if (!isset($_POST['Language'])){
    132. 

  132. 	$_POST['Language']=$_SESSION['Language'];
    133. 

  133. }
    134. 

  134. 

  135. foreach ($LanguagesArray as $LanguageEntry => $LanguageName){
    136. 

  136. 	if (isset($_POST['Language']) AND $_POST['Language'] == $LanguageEntry){
    137. 

  137. 		echo '<option selected value="' . $LanguageEntry . '">' . $LanguageName['LanguageName'] .'</option>';
    138. 

  138. 	} elseif (!isset($_POST['Language']) AND $LanguageEntry == $DefaultLanguage) {
    139. 

  139. 		echo '<option selected value="' . $LanguageEntry . '">' . $LanguageName['LanguageName'] .'</option>';
    140. 

  140. 	} else {
    141. 

  141. 		echo '<option value="' . $LanguageEntry . '">' . $LanguageName['LanguageName'] .'</option>';
    142. 

  142. 	}
    143. 

  143. }
    144. 

  144. echo '</select></td></tr>';
    145. 

  145. 

  146. echo '<tr>
    147. 

  147. 	<td>' . _('Theme') . ':</td>
    148. 

  148. 	<td><select name="Theme">';
    149. 

    150. 

  150. $ThemeDirectory = dir('css/');
    151. 

  151. 

  152. 

  153. while (false != ($ThemeName = $ThemeDirectory->read())){
    154. 

  154. 

  155. 	if (is_dir('css/' . $ThemeName) AND $ThemeName != '.' AND $ThemeName != '..' AND $ThemeName != '.svn'){
    156. 

  156. 

  157. 		if ($_SESSION['Theme'] == $ThemeName){
    158. 

  158. 			echo '<option selected value="' . $ThemeName . '">' . $ThemeName . '</option>';
    159. 

  159. 		} else {
    160. 

  160. 			echo '<option value="' . $ThemeName . '">' . $ThemeName . '</option>';
    161. 

  161. 		}
    162. 

  162. 	}
    163. 

  163. }
    164. 

  164. 

  165. if (!isset($_POST['PasswordCheck'])) {
    166. 

  166. 	$_POST['PasswordCheck']='';
    167. 

  167. }
    168. 

  168. if (!isset($_POST['Password'])) {
    169. 

  169. 	$_POST['Password']='';
    170. 

  170. }
    171. 

  171. echo '</select></td></tr>
    172. 

  172. 	<tr>
    173. 

  173. 		<td>' . _('New Password') . ':</td>
    174. 

  174. 		<td><input type="password" name="Password" size="20" value="' .  $_POST['Password'] . '" /></td>
    175. 

  175. 	</tr>
    176. 

  176. 	<tr>
    177. 

  177. 		<td>' . _('Confirm Password') . ':</td>
    178. 

  178. 		<td><input type="password" name="PasswordCheck" size="20"  value="' . $_POST['PasswordCheck'] . '" /></td>
    179. 

  179. 	</tr>
    180. 

  180. 	<tr>
    181. 

  181. 		<td colspan=2 align="center"><i>' . _('If you leave the password boxes empty your password will not change') . '</i></td>
    182. 

  182. 	</tr>
    183. 

  183. 	<tr>
    184. 

  184. 		<td>' . _('Email') . ':</td>';
    185. 

    186. 

  186. $sql = "SELECT email from www_users WHERE userid = '" . $_SESSION['UserID'] . "'";
    187. 

  187. $result = DB_query($sql,$db);
    188. 

  188. $myrow = DB_fetch_array($result);
    189. 

  189. if(!isset($_POST['email'])){
    190. 

  190. 	$_POST['email'] = $myrow['email'];
    191. 

  191. }
    192. 

  192. 

  193. echo '<td><input type="text" name="email" size=40 value="' . $_POST['email'] . '" /></td>
    194. 

  194. 	</tr>';
    195. 

    196. 

  196. if (!isset($_POST['PDFLanguage'])){
    197. 

  197. 	$_POST['PDFLanguage']=$_SESSION['PDFLanguage'];
    198. 

  198. }
    199. 

  199. 

  200. echo '<tr>
    201. 

  201. 		<td>' . _('PDF Language Support') . ': </td>
    202. 

  202. 		<td><select name="PDFLanguage">';
    203. 

  203. 		
    204. 

  204. for($i=0;$i<count($PDFLanguages);$i++){
    205. 

  205. 	if ($_POST['PDFLanguage']==$i){
    206. 

  206. 		echo '<option selected value=' . $i .'>' . $PDFLanguages[$i] . '</option>';
    207. 

  207. 	} else {
    208. 

  208. 		echo '<option value=' . $i .'>' . $PDFLanguages[$i]. '</option>';
    209. 

  209. 	}
    210. 

  210. }
    211. 

  211. echo '</select></td>
    212. 

  212. 	</tr>
    213. 

  213. 	</table>
    214. 

  214. 	<br />
    215. 

  215. 	<div class="centre"><input type="submit" name="Modify" value="' . _('Modify') . '"></div>
    216. 

  216. 	</form>';
    217. 

    218. 

  218. include('includes/footer.inc');
    219. 

  219. ?>
    220.