]> src.bluestatic.org Git - bugdar.git/blob - userctrl.php
r1374: Merging r1371/1373 back to the trunk to fix a potential SQL error on search...
[bugdar.git] / userctrl.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar [#]version[#]
5 || # Copyright ©2002-[#]year[#] Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version [#]gpl[#] of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 $fetchtemplates = array(
23 'userctrl',
24 'userctrl_column',
25 'userctrl_search'
26 );
27
28 define('SVN', '$Id$');
29
30 $focus['user'] = 'focus';
31
32 require_once('./global.php');
33 require_once('./includes/class_api_error.php');
34 require_once('./includes/api_user.php');
35
36 APIError(array(new API_Error_Handler($message), 'user_cumulative'));
37
38 if (!$bugsys->userinfo['userid'])
39 {
40 $message->error_permission();
41 }
42
43 $userapi = new UserAPI($bugsys);
44 $userapi->set('userid', $bugsys->userinfo['userid']);
45 $userapi->set_condition();
46
47 $userinfo = $bugsys->userinfo;
48
49 // ###################################################################
50
51 if (empty($_REQUEST['do']))
52 {
53 $_REQUEST['do'] = 'modify';
54 }
55
56 // ###################################################################
57
58 if ($_POST['do'] == 'killsearch')
59 {
60 $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']);
61 if (!$search)
62 {
63 $message->error_permission();
64 }
65
66 $db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->in['searchid']);
67
68 $message->redirect(_('This saved search has been removed from your list.'), 'userctrl.php');
69 }
70
71 // ###################################################################
72
73 if ($_REQUEST['do'] == 'deletesearch')
74 {
75 $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']);
76 if (!$search)
77 {
78 $message->error_permission();
79 }
80
81 $message->confirm(_('Are you sure you want to delete this saved search?'), 'userctrl.php', 'killsearch', _('Delete'), _('Cancel'), array('searchid' => $bugsys->in['searchid']));
82 }
83
84 // ###################################################################
85
86 if ($_POST['do'] == 'update')
87 {
88 // -------------------------------------------------------------------
89 // authentication
90 if (!empty($bugsys->in['password_change']) OR !empty($bugsys->in['email_change']))
91 {
92 if (empty($bugsys->in['validate']))
93 {
94 $message->add_error(_('You need to enter your current password to change your email or password'));
95 }
96 else
97 {
98 if (md5(md5($bugsys->in['validate']) . md5($bugsys->userinfo['salt'])) != $bugsys->userinfo['password'])
99 {
100 $message->add_error(_('Your authentication password does not match the one in our records'));
101 }
102 }
103 }
104
105 // -------------------------------------------------------------------
106 // email validation
107 if (!empty($bugsys->in['email_change']))
108 {
109 if (!empty($bugsys->in['email_change']) AND empty($bugsys->in['email_confirm']))
110 {
111 $message->add_error(_('You need to enter both the email and confirm email fields to change your address'));
112 }
113
114 if ($bugsys->in['email_change'] != $bugsys->in['email_confirm'])
115 {
116 $message->add_error(_('Your email and confirm email addresses do not match'));
117 }
118
119 $userapi->set('email', $bugsys->in['email_change']);
120 }
121
122 // -------------------------------------------------------------------
123 // password validation
124 if (!empty($bugsys->in['password_change']))
125 {
126 if (!empty($bugsys->in['password_change']) AND empty($bugsys->in['password_confirm']))
127 {
128 $message->add_error(_('You need to enter both the password and confirm password fields to change your password'));
129 }
130 else
131 {
132 if ($bugsys->in['password_change'] != $bugsys->in['password_confirm'])
133 {
134 $message->add_error(_('Your password and confirm password do not match'));
135 }
136 }
137
138 $userapi->set('password', $bugsys->in['password_change']);
139 }
140
141 $userapi->set('displayname', $bugsys->in['displayname']);
142 $userapi->set('showemail', $bugsys->in['showemail']);
143 $userapi->set('showcolors', $bugsys->in['showcolors']);
144 $userapi->set('languageid', $bugsys->in['languageid']);
145 $userapi->set('timezone', $bugsys->in['timezone']);
146 $userapi->set('usedst', $bugsys->in['usedst']);
147 $userapi->set('hidestatuses', $bugsys->in['hidestatuses']);
148 $userapi->set('defaultsortkey', $bugsys->in['defaultsortkey']);
149 $userapi->set('defaultsortas', $bugsys->in['defaultsortas']);
150 $userapi->set('columnoptions', $bugsys->input_clean('columnoptions', TYPE_UINT));
151
152 // -------------------------------------------------------------------
153 // copy fields
154 $userinfo['displayname'] = $bugsys->in['displayname'];
155 $userinfo['showemail'] = $bugsys->in['showemail'];
156 $userinfo['showcolors'] = $bugsys->in['showcolors'];
157 $userinfo['languageid'] = $bugsys->in['languageid'];
158 $userinfo['timezone'] = $bugsys->in['timezone'];
159 $userinfo['usedst'] = $bugsys->in['usedst'];
160 $userinfo['hidestatuses'] = $bugsys->in['hidestatuses'];
161 $userinfo['defaultsorkey'] = $bugsys->in['defaultsorkey'];
162 $userinfo['defaultsortas'] = $bugsys->in['defaultsortas'];
163 $userinfo['columnoptions'] = $bugsys->in['columnoptions'];
164
165 $email = $bugsys->in['email_change'];
166 $email_confirm = $bugsys->in['email_confirm'];
167
168 // -------------------------------------------------------------------
169 // error handling
170 if ($message->items)
171 {
172 $message->error_list_process();
173
174 $show['errors'] = true;
175 $_REQUEST['do'] = 'modify';
176 }
177 else
178 {
179 $userapi->update();
180
181 if (can_perform('canbeassignedto'))
182 {
183 require_once('./includes/functions_datastore.php');
184 build_assignedto();
185 }
186
187 $db->query("DELETE FROM " . TABLE_PREFIX . "useremail WHERE userid = " . $bugsys->userinfo['userid']);
188 $bugsys->input_clean('emailopts', TYPE_INT);
189 if (is_array($bugsys->in['emailopts']))
190 {
191 foreach ($bugsys->in['emailopts'] AS $relation => $bitarr)
192 {
193 $bitmask = 0;
194 if (is_array($bitarr))
195 {
196 foreach ($bitarr AS $option => $yes)
197 {
198 $bitmask += $option * $yes;
199 }
200 }
201 $db->query("INSERT INTO " . TABLE_PREFIX . "useremail (userid, relation, mask) VALUES (" . $bugsys->userinfo['userid'] . ", $relation, $bitmask)");
202 }
203 }
204
205 $message->redirect(_('The changes to your account have been made.'), 'userctrl.php');
206 }
207 }
208
209 // ###################################################################
210
211 if ($_REQUEST['do'] == 'modify')
212 {
213 $langselect = construct_datastore_select('language', 'title', 'languageid', $userinfo['languageid']);
214
215 $hidestatuses = construct_datastore_select('status', 'status', 'statusid', (!is_array($userinfo['hidestatuses']) ? explode(',', $userinfo['hidestatuses']) : $userinfo['hidestatuses']), 0);
216 $hidestatusesnum = (sizeof($bugsys->datastore['status']) < 8 ? sizeof($bugsys->datastore['status']) + 1 : 8);
217
218 $defaultsortkey = construct_option_select('defaultsortkey', ListSorter::fetch_by_text(false), $userinfo['defaultsortkey']);
219 $defaultsortas = construct_option_select('defaultsortas', ListSorter::fetch_as_text(false), $userinfo['defaultsortas']);
220
221 foreach ($datef->fetch_timezone_list() AS $value => $label)
222 {
223 $selected = ($value == $userinfo['timezone']);
224 eval('$tzselect .= "' . $template->fetch('selectoption') . '";');
225 }
226
227 $checked = array();
228 if (!is_array($bugsys->in['emailopts']))
229 {
230 $options = $db->query("SELECT * FROM " . TABLE_PREFIX . "useremail WHERE userid = " . $bugsys->userinfo['userid']);
231 while ($opt = $db->fetch_array($options))
232 {
233 foreach ($bugsys->emailoptions['notifications'] AS $name => $notif)
234 {
235 foreach ($bugsys->emailoptions['relations'] AS $name => $relation)
236 {
237 if ($opt['mask'] & $notif AND $opt['relation'] == $relation)
238 {
239 $checked["$relation"]["$notif"] = HTML_CHECKED;
240 }
241 }
242 }
243 }
244 }
245 else
246 {
247 $checked = $bugsys->in['emailopts'];
248 foreach ($checked AS $key1 => $value1)
249 {
250 foreach ($value1 AS $key2 => $value2)
251 {
252 if ($value2)
253 {
254 $checked["$key1"]["$key2"] = HTML_CHECKED;
255 }
256 }
257 }
258 }
259
260 $columns = array();
261 $columnOptions = '';
262 if (!is_array($bugsys->in['columnoptions']))
263 {
264 foreach ($bugsys->columns AS $column => $mask)
265 {
266 if (is_array($bugsys->userinfo['columnoptions']))
267 {
268 $columns["$column"] = $bugsys->userinfo['columnoptions']["$column"];
269 }
270 else
271 {
272 $columns["$column"] = $bugsys->options['columnoptions']["$colunn"];
273 }
274 eval('$columnOptions .= "' . $template->fetch('userctrl_column') . '";');
275 }
276 }
277 else
278 {
279 $columns = $bugsys->in['columnoptions'];
280 foreach ($bugsys->columns AS $column => $mask)
281 {
282 eval('$columnOptions .= "' . $template->fetch('userctrl_column') . '";');
283 }
284 }
285
286 // searches
287 $searches = '';
288 $searchesFetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NOT NULL AND userid = " . $bugsys->userinfo['userid']);
289 while ($search = $db->fetch_array($searchesFetch))
290 {
291 eval('$searches .= "' . $template->fetch('userctrl_search') . '";');
292 }
293
294 eval('$template->flush("' . $template->fetch('userctrl') . '");');
295 }
296
297 /*=====================================================================*\
298 || ###################################################################
299 || # $HeadURL$
300 || # $Id$
301 || ###################################################################
302 \*=====================================================================*/
303 ?>