summaryrefslogtreecommitdiffstats
path: root/app/model
diff options
context:
space:
mode:
authorMalf Furious <m@lfurio.us>2018-10-27 18:28:22 -0400
committerMalf Furious <m@lfurio.us>2018-10-27 18:28:22 -0400
commit0421aa1b60f4fe6bf140888159c58059c1013588 (patch)
treec3285276f6c53b6789e2f6dc82cb3b0fd17b38a4 /app/model
parent495157341d60522084dcc9f6219877b6ba497312 (diff)
parent6512655aee73d3d295daa4de0e4ef25c08cfec9e (diff)
downloadscrott-0421aa1b60f4fe6bf140888159c58059c1013588.tar.gz
scrott-0421aa1b60f4fe6bf140888159c58059c1013588.zip
Merge branch 'rel/v0.1'v0.1
Diffstat (limited to '')
-rw-r--r--app/model/datamods.php120
-rw-r--r--app/model/dbconfig.php42
-rw-r--r--app/model/deleteaccount.php51
-rw-r--r--app/model/gpListItem.php42
-rw-r--r--app/model/group.php20
-rw-r--r--app/model/issue.php58
-rw-r--r--app/model/login.php97
-rw-r--r--app/model/noticemodal.php40
-rw-r--r--app/model/objBgPrev.php40
-rw-r--r--app/model/objHeadCircle.php37
-rw-r--r--app/model/pad.php29
-rw-r--r--app/model/settings.php144
12 files changed, 720 insertions, 0 deletions
diff --git a/app/model/datamods.php b/app/model/datamods.php
new file mode 100644
index 0000000..0b7f3da
--- /dev/null
+++ b/app/model/datamods.php
@@ -0,0 +1,120 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/agent.class.php";
+require_once "class/user.class.php";
+require_once "class/group.class.php";
+require_once "class/pad.class.php";
+require_once "class/stage.class.php";
+require_once "class/issue.class.php";
+require_once "class/mesg.class.php";
+
+/*
+ * Action: dm-group-add - New group modal
+ */
+if (isAction("dm-group-add"))
+{
+ $form = new form();
+ $form->text("name");
+
+ if (!$form->populate(input()))
+ return;
+
+ if (!($user = user::getCurrent()))
+ {
+ logError(ERROR, "You must be logged in to create a group");
+ return;
+ }
+
+ $group = group::initNew($form->name, $user);
+}
+
+/*
+ * Action: dm-pad-add - New pad modal
+ */
+if (isAction("dm-pad-add"))
+{
+ $form = new form();
+ $form->text("owner");
+ $form->text("name");
+
+ if (!$form->populate(input()))
+ return;
+
+ $owner = agent::getAgentObj($form->owner);
+
+ if (!($user = user::getCurrent()))
+ {
+ logError(ERROR, "You must be logged in to create a pad");
+ return;
+ }
+
+ if (!$user->canCreateSub($owner))
+ {
+ logError(ERROR, "You do not have permission to create a pad for '" . $owner->getDisplayName() . "'");
+ return;
+ }
+
+ $pad = pad::initNew($form->name, $owner);
+ $td = stage::initNew("To Do", $pad);
+ $ip = stage::initNew("In Progress", $pad);
+
+ $pad->insertStage($td);
+ $td->insertStage($ip);
+}
+
+/*
+ * Action: dm-issue-add - New issue modal
+ */
+if (isAction("dm-issue-add"))
+{
+ $form = new form();
+ $form->text("pad");
+ $form->text("name");
+ $form->text("mesg", false);
+
+ if (!$form->populate(input()))
+ return;
+
+ $pad = new pad($form->pad);
+
+ if (!($user = user::getCurrent()))
+ {
+ logError(ERROR, "You must be logged in to open an issue");
+ return;
+ }
+
+ if (!$user->canCreateSub($pad))
+ {
+ logError(ERROR, "You do not have permission to open an issue for '" . $pad->name . "'");
+ return;
+ }
+
+ $stages = $pad->getStages();
+
+ if (count($stages) == 0)
+ {
+ logError(ERROR, "Cannot create new issue, '" . $pad->name . "' doesn't have any stages");
+ return;
+ }
+
+ $mesg = mesg::initNewDiscussion($form->name, $form->mesg, $user, $pad);
+ $issue = issue::initNew($mesg, $user, $stages[0]);
+ $log = mesg::initNewLog("%s opened issue", $user, $issue);
+
+ location(); // bug mitigation
+}
+
+?>
diff --git a/app/model/dbconfig.php b/app/model/dbconfig.php
new file mode 100644
index 0000000..c66b052
--- /dev/null
+++ b/app/model/dbconfig.php
@@ -0,0 +1,42 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/database.class.php";
+require_once "class/form.class.php";
+
+/*
+ * Action: save - Write given configuration parameters to the database
+ * configuration file.
+ */
+if (isAction("save"))
+{
+ $form = new form();
+ $form->text("dbHost");
+ $form->text("dbUname");
+ $form->text("dbPasswd", false);
+ $form->text("dbName");
+
+ if (!$form->populate(input()))
+ return;
+
+ $stat = database::setConfig("mysql", $form->dbHost, $form->dbUname,
+ $form->dbPasswd, $form->dbName);
+
+ if (!$stat)
+ return;
+
+ location("/");
+}
+
+?>
diff --git a/app/model/deleteaccount.php b/app/model/deleteaccount.php
new file mode 100644
index 0000000..d83537e
--- /dev/null
+++ b/app/model/deleteaccount.php
@@ -0,0 +1,51 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/user.class.php";
+
+/*
+ * Action: deleteaccount - Remove one's own user account
+ */
+if (isAction("deleteaccount"))
+{
+ $form = new form();
+ $form->text("passwd", false);
+
+ if (!$form->populate(input()))
+ return;
+
+ if (!($user = user::getCurrent()))
+ {
+ logError(ERROR, "You must be logged in to close your account");
+ return;
+ }
+
+ if (!$user->validatePasswd($form->passwd))
+ {
+ logError(WARNING, "Account not deleted, password was incorrect");
+ return;
+ }
+
+ if ($user->admin == 1 && count(user::getAllAdmin_ordByUname()) == 1)
+ {
+ logError(ERROR, "Account not deleted, can not remove the last administrator");
+ return;
+ }
+
+ $user->delObj();
+ location("/");
+}
+
+?>
diff --git a/app/model/gpListItem.php b/app/model/gpListItem.php
new file mode 100644
index 0000000..809a7cf
--- /dev/null
+++ b/app/model/gpListItem.php
@@ -0,0 +1,42 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/group.class.php";
+require_once "class/pad.class.php";
+
+/*
+ * including scope defines
+ * obj $obj
+ */
+
+$url = ar() . "/" . $obj->guid;
+$owner = $obj->getOwner();
+$own_name = $owner->getDisplayName();
+$obj_name = $obj->name;
+$numb_membs = count($obj->getMembers());
+
+/* TODO - tweak lengths (check view file as well) */
+$membs_lg = $obj->getMembers(18);
+$membs_md = $obj->getMembers(18);
+$membs_sm = $obj->getMembers(18);
+$membs_xs = $obj->getMembers(18);
+
+if ($obj->objtype == "group")
+ $glyph = "glyphicon-th";
+else if ($obj->objtype == "pad")
+ $glyph = "glyphicon-edit";
+else
+ throw new Exception("Group/pad list item was given something besides a group or pad");
+
+?>
diff --git a/app/model/group.php b/app/model/group.php
new file mode 100644
index 0000000..7f3b2bc
--- /dev/null
+++ b/app/model/group.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/group.class.php";
+
+$group = getPageObj();
+$pads = $group->getPads_ordByOwnByName();
+
+?>
diff --git a/app/model/issue.php b/app/model/issue.php
new file mode 100644
index 0000000..4300bbb
--- /dev/null
+++ b/app/model/issue.php
@@ -0,0 +1,58 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/issue.class.php";
+require_once "class/mesg.class.php";
+
+/*
+ * Action: iss-mesg-add - Post new issue message
+ */
+if (isAction("iss-mesg-add"))
+{
+ $form = new form();
+ $form->text("issue");
+ $form->text("mesg");
+
+ if (!$form->populate(input()))
+ return;
+
+ $issue = new issue($form->issue);
+
+ if (!($user = user::getCurrent()))
+ {
+ logError(ERROR, "You must be logged in to post a message");
+ return;
+ }
+
+ if (!$user->canCreateSub($issue))
+ {
+ logError(ERROR, "You do not have permission to post to this issue");
+ return;
+ }
+
+ $mesg = mesg::initNew($form->mesg, $user, $issue);
+
+ if ($mesg->setAttachment("attachment"))
+ logError(NOTICE, "Saved attachment " . $mesg->attachment);
+
+ if (isset(input()['closeIssue']))
+ {
+ $issue->close($user);
+ logError(NOTICE, "Issue #" . $issue->numb . " closed");
+ $log = mesg::initNewLog("% closed issue", $user, $issue);
+ }
+}
+
+?>
diff --git a/app/model/login.php b/app/model/login.php
new file mode 100644
index 0000000..3393281
--- /dev/null
+++ b/app/model/login.php
@@ -0,0 +1,97 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/user.class.php";
+require_once "class/settings.class.php";
+
+/*
+ * Action: login - Attempt to authenticate new user
+ */
+if (isAction("login"))
+{
+ $form = new form();
+ $form->text("uname");
+ $form->text("passwd", false);
+
+ if (!$form->populate(input()))
+ goto prep;
+
+ if (!(($user = user::getByUname($form->uname)) &&
+ $user->validatePasswd($form->passwd)))
+ {
+ logError(ERROR, "Username or password is incorrect");
+
+ if ($user)
+ $log = mesg::initNewAdminLog("Failed login for username '%s'", $user);
+
+ goto prep;
+ }
+
+ user::setCurrent($user);
+ location();
+}
+
+/*
+ * Action: signup - Attempt to register a new account
+ */
+if (isAction("signup"))
+{
+ if (!settings::allowPublicSignup() &&
+ count(user::getAll_ordByUname()) > 0)
+ {
+ logError(ERROR, "You may not signup at this time");
+ goto prep;
+ }
+
+ $form = new form();
+ $form->text("uname");
+ $form->text("passwd", false);
+ $form->text("cpasswd", false);
+
+ if (!$form->populate(input()))
+ goto prep;
+
+ if ($form->passwd != $form->cpasswd)
+ {
+ logError(ERROR, "Passwords do not match");
+ goto prep;
+ }
+
+ if (!($user = user::initNew($form->uname, $form->passwd)))
+ {
+ logError(ERROR, "Your requested username is already in use");
+ goto prep;
+ }
+
+ user::setCurrent($user);
+ $log = mesg::initNewAdminLog("%s account registered", $user);
+ location("/");
+}
+
+prep:
+
+ if (count(user::getAll_ordByUname()) == 0)
+ {
+ $noaccounts = true;
+ $activeTab['signup'] = "in active";
+ $tabSwap = false;
+ }
+ else
+ {
+ $activeTab['login'] = "in active";
+ $tabSwap = settings::allowPublicSignup();
+ }
+
+?>
diff --git a/app/model/noticemodal.php b/app/model/noticemodal.php
new file mode 100644
index 0000000..c1e99c3
--- /dev/null
+++ b/app/model/noticemodal.php
@@ -0,0 +1,40 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/globals.php";
+
+prep:
+
+if (isError(ERROR))
+{
+ $noticeModalAlertClass = "alert-danger";
+ $noticeModalGlyphicon = "glyphicon-remove-sign";
+}
+else if (isError(WARNING))
+{
+ $noticeModalAlertClass = "alert-warning";
+ $noticeModalGlyphicon = "glyphicon-exclamation-sign";
+}
+else if (isError(NOTICE))
+{
+ $noticeModalAlertClass = "alert-info";
+ $noticeModalGlyphicon = "glyphicon-info-sign";
+}
+else
+{
+ $noticeModalAlertClass = "";
+ $noticeModalGlyphicon = "";
+}
+
+?>
diff --git a/app/model/objBgPrev.php b/app/model/objBgPrev.php
new file mode 100644
index 0000000..f8d024a
--- /dev/null
+++ b/app/model/objBgPrev.php
@@ -0,0 +1,40 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/obj.class.php";
+
+/*
+ * including scope defines
+ * obj $obj
+ * int $height
+ */
+
+$src = $obj->getBgImg();
+
+if ($src == NULL)
+ $src = ar() . "/static/img/null.jpg";
+
+switch ($obj->objtype)
+{
+ case "user":
+ case "group":
+ $alt = $obj->getDisplayName() . " background";
+ break;
+
+ default:
+ $alt = $obj->name . " background";
+ break;
+}
+
+?>
diff --git a/app/model/objHeadCircle.php b/app/model/objHeadCircle.php
new file mode 100644
index 0000000..eef56b7
--- /dev/null
+++ b/app/model/objHeadCircle.php
@@ -0,0 +1,37 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/obj.class.php";
+
+/*
+ * including scope defines
+ * obj $obj
+ * int $height
+ */
+
+$src = $obj->getHeadImg();
+
+switch ($obj->objtype)
+{
+ case "user":
+ case "group":
+ $alt = $obj->getDisplayName();
+ break;
+
+ default:
+ $alt = $obj->name;
+ break;
+}
+
+?>
diff --git a/app/model/pad.php b/app/model/pad.php
new file mode 100644
index 0000000..d7cfb23
--- /dev/null
+++ b/app/model/pad.php
@@ -0,0 +1,29 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/pad.class.php";
+
+$pad = getPageObj();
+$stages = $pad->getStages();
+$stages = array_reverse($stages);
+
+$issues = array();
+
+foreach ($stages as $s)
+{
+ $i = $s->getIssues_ordByDueByNumb();
+ $issues = array_merge($issues, $i);
+}
+
+?>
diff --git a/app/model/settings.php b/app/model/settings.php
new file mode 100644
index 0000000..3293122
--- /dev/null
+++ b/app/model/settings.php
@@ -0,0 +1,144 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/settings.class.php";
+require_once "class/user.class.php";
+
+/*
+ * Action: settings-user - Modify user settings
+ */
+if (isAction("settings-user"))
+{
+ $form = new form();
+ $form->text("guid");
+ $form->flag("setpasswd");
+ $form->text("curpasswd", false);
+ $form->text("passwd", false);
+ $form->text("cpasswd", false);
+ $form->text("alias", false);
+ $form->text("email", false);
+ $form->text("emailVer", false);
+
+ if (!$form->populate(input()))
+ return;
+
+ $user = new user($form->guid);
+
+ /* permissions */
+ if (!($cu = user::getCurrent()) || !$cu->canModify($user))
+ {
+ logError(ERROR, "You do not have permission to modify the selected user");
+ return;
+ }
+
+ /* image file removal */
+ if (isset(input()['rmImg-head']))
+ {
+ if ($user->rmHeadImg())
+ logError(NOTICE, "User image removed");
+ else
+ logError(ERROR, "Error removing user image");
+ return;
+ }
+
+ if (isset(input()['rmImg-bg']))
+ {
+ if ($user->rmBgImg())
+ logError(NOTICE, "Background image removed");
+ else
+ logError(ERROR, "Error removing background image");
+ return;
+ }
+
+ /* image file set */
+ if ($user->setHeadImg("img-head"))
+ logError(NOTICE, "User image updated");
+
+ if ($user->setBgImg("img-bg"))
+ logError(NOTICE, "Background image updated");
+
+ /* modify object */
+ if ($form->setpasswd)
+ {
+ if ($user->validatePasswd($form->curpasswd))
+ {
+ if ($form->passwd == $form->cpasswd)
+ {
+ $user->setPasswd($form->passwd);
+ logError(NOTICE, "Password updated successfully");
+ }
+ else
+ logError(WARNING, "Password not changed, passwords did not match");
+ }
+ else
+ logError(WARNING, "Password not changed, current password was incorrect");
+ }
+
+ $user->alias = $form->alias;
+
+ if ($form->email != $user->email)
+ $user->setEmail($form->email);
+
+ else if ($form->emailVer != "" && $user->emailConf == 0)
+ {
+ if (!$user->verifyEmail($form->emailVer))
+ logError(WARNING, "Email not verified, key was incorrect");
+ }
+
+ $user->saveObj();
+}
+
+/*
+ * Action: settings-admin - Modify global settings
+ */
+if (isAction("settings-admin"))
+{
+ $form = new form();
+ $form->flag("sslOnly");
+ $form->flag("allowPublicSignup");
+ $form->text("smtpEmailAddress", false);
+ $form->text("smtpFrom", false);
+ $form->text("smtpServer", false);
+ $form->numeric("smtpPort", 0, 65535);
+ $form->enum("smtpSecurity", array("", "ssl", "tls"));
+ $form->text("smtpUname", false);
+ $form->text("smtpPasswd", false);
+
+ if (!$form->populate(input()))
+ return;
+
+ /* permissions */
+ if (!($cu = user::getCurrent()) || $cu->admin == 0)
+ {
+ logError(ERROR, "You do not have permission to modify global settings");
+ return;
+ }
+
+ settings::sslOnly($form->sslOnly);
+ settings::allowPublicSignup($form->allowPublicSignup);
+ settings::smtpEmailAddress($form->smtpEmailAddress);
+ settings::smtpFrom($form->smtpFrom);
+ settings::smtpServer($form->smtpServer);
+ settings::smtpPort($form->smtpPort);
+ settings::smtpSecurity($form->smtpSecurity);
+ settings::smtpUname($form->smtpUname);
+
+ if ($form->smtpPasswd != "")
+ settings::smtpPasswd($form->smtpPasswd);
+
+ $log = mesg::initNewAdminLog("%s changed global settings", $cu);
+}
+
+?>