Merge branch 'rel/v0.1'v0.1

12 files changed, 720 insertions, 0 deletions

diff --git a/app/model/datamods.php b/app/model/datamods.php
new file mode 100644
index 0000000..0b7f3da
--- /dev/null
+++ b/app/model/datamods.php
@@ -0,0 +1,120 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/agent.class.php";
+require_once "class/user.class.php";
+require_once "class/group.class.php";
+require_once "class/pad.class.php";
+require_once "class/stage.class.php";
+require_once "class/issue.class.php";
+require_once "class/mesg.class.php";
+
+/*
+ * Action: dm-group-add - New group modal
+ */
+if (isAction("dm-group-add"))
+{
+    $form = new form();
+    $form->text("name");
+
+    if (!$form->populate(input()))
+        return;
+
+    if (!($user = user::getCurrent()))
+    {
+        logError(ERROR, "You must be logged in to create a group");
+        return;
+    }
+
+    $group = group::initNew($form->name, $user);
+}
+
+/*
+ * Action: dm-pad-add - New pad modal
+ */
+if (isAction("dm-pad-add"))
+{
+    $form = new form();
+    $form->text("owner");
+    $form->text("name");
+
+    if (!$form->populate(input()))
+        return;
+
+    $owner = agent::getAgentObj($form->owner);
+
+    if (!($user = user::getCurrent()))
+    {
+        logError(ERROR, "You must be logged in to create a pad");
+        return;
+    }
+
+    if (!$user->canCreateSub($owner))
+    {
+        logError(ERROR, "You do not have permission to create a pad for '" . $owner->getDisplayName() . "'");
+        return;
+    }
+
+    $pad = pad::initNew($form->name, $owner);
+    $td = stage::initNew("To Do", $pad);
+    $ip = stage::initNew("In Progress", $pad);
+
+    $pad->insertStage($td);
+    $td->insertStage($ip);
+}
+
+/*
+ * Action: dm-issue-add - New issue modal
+ */
+if (isAction("dm-issue-add"))
+{
+    $form = new form();
+    $form->text("pad");
+    $form->text("name");
+    $form->text("mesg", false);
+
+    if (!$form->populate(input()))
+        return;
+
+    $pad  = new pad($form->pad);
+
+    if (!($user = user::getCurrent()))
+    {
+        logError(ERROR, "You must be logged in to open an issue");
+        return;
+    }
+
+    if (!$user->canCreateSub($pad))
+    {
+        logError(ERROR, "You do not have permission to open an issue for '" . $pad->name . "'");
+        return;
+    }
+
+    $stages = $pad->getStages();
+
+    if (count($stages) == 0)
+    {
+        logError(ERROR, "Cannot create new issue, '" . $pad->name . "' doesn't have any stages");
+        return;
+    }
+
+    $mesg = mesg::initNewDiscussion($form->name, $form->mesg, $user, $pad);
+    $issue = issue::initNew($mesg, $user, $stages[0]);
+    $log = mesg::initNewLog("%s opened issue", $user, $issue);
+
+    location(); // bug mitigation
+}
+
+?>
diff --git a/app/model/dbconfig.php b/app/model/dbconfig.php
new file mode 100644
index 0000000..c66b052
--- /dev/null
+++ b/app/model/dbconfig.php
@@ -0,0 +1,42 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/database.class.php";
+require_once "class/form.class.php";
+
+/*
+ * Action: save - Write given configuration parameters to the database
+ * configuration file.
+ */
+if (isAction("save"))
+{
+    $form = new form();
+    $form->text("dbHost");
+    $form->text("dbUname");
+    $form->text("dbPasswd", false);
+    $form->text("dbName");
+
+    if (!$form->populate(input()))
+        return;
+
+    $stat = database::setConfig("mysql", $form->dbHost, $form->dbUname,
+        $form->dbPasswd, $form->dbName);
+
+    if (!$stat)
+        return;
+
+    location("/");
+}
+
+?>
diff --git a/app/model/deleteaccount.php b/app/model/deleteaccount.php
new file mode 100644
index 0000000..d83537e
--- /dev/null
+++ b/app/model/deleteaccount.php
@@ -0,0 +1,51 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/user.class.php";
+
+/*
+ * Action: deleteaccount - Remove one's own user account
+ */
+if (isAction("deleteaccount"))
+{
+    $form = new form();
+    $form->text("passwd", false);
+
+    if (!$form->populate(input()))
+        return;
+
+    if (!($user = user::getCurrent()))
+    {
+        logError(ERROR, "You must be logged in to close your account");
+        return;
+    }
+
+    if (!$user->validatePasswd($form->passwd))
+    {
+        logError(WARNING, "Account not deleted, password was incorrect");
+        return;
+    }
+
+    if ($user->admin == 1 && count(user::getAllAdmin_ordByUname()) == 1)
+    {
+        logError(ERROR, "Account not deleted, can not remove the last administrator");
+        return;
+    }
+
+    $user->delObj();
+    location("/");
+}
+
+?>
diff --git a/app/model/gpListItem.php b/app/model/gpListItem.php
new file mode 100644
index 0000000..809a7cf
--- /dev/null
+++ b/app/model/gpListItem.php
@@ -0,0 +1,42 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/group.class.php";
+require_once "class/pad.class.php";
+
+/*
+ * including scope defines
+ * obj $obj
+ */
+
+$url = ar() . "/" . $obj->guid;
+$owner = $obj->getOwner();
+$own_name = $owner->getDisplayName();
+$obj_name = $obj->name;
+$numb_membs = count($obj->getMembers());
+
+/* TODO - tweak lengths (check view file as well) */
+$membs_lg = $obj->getMembers(18);
+$membs_md = $obj->getMembers(18);
+$membs_sm = $obj->getMembers(18);
+$membs_xs = $obj->getMembers(18);
+
+if ($obj->objtype == "group")
+    $glyph = "glyphicon-th";
+else if ($obj->objtype == "pad")
+    $glyph = "glyphicon-edit";
+else
+    throw new Exception("Group/pad list item was given something besides a group or pad");
+
+?>
diff --git a/app/model/group.php b/app/model/group.php
new file mode 100644
index 0000000..7f3b2bc
--- /dev/null
+++ b/app/model/group.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/group.class.php";
+
+$group = getPageObj();
+$pads = $group->getPads_ordByOwnByName();
+
+?>
diff --git a/app/model/issue.php b/app/model/issue.php
new file mode 100644
index 0000000..4300bbb
--- /dev/null
+++ b/app/model/issue.php
@@ -0,0 +1,58 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/issue.class.php";
+require_once "class/mesg.class.php";
+
+/*
+ * Action: iss-mesg-add - Post new issue message
+ */
+if (isAction("iss-mesg-add"))
+{
+    $form = new form();
+    $form->text("issue");
+    $form->text("mesg");
+
+    if (!$form->populate(input()))
+        return;
+
+    $issue = new issue($form->issue);
+
+    if (!($user = user::getCurrent()))
+    {
+        logError(ERROR, "You must be logged in to post a message");
+        return;
+    }
+
+    if (!$user->canCreateSub($issue))
+    {
+        logError(ERROR, "You do not have permission to post to this issue");
+        return;
+    }
+
+    $mesg = mesg::initNew($form->mesg, $user, $issue);
+
+    if ($mesg->setAttachment("attachment"))
+        logError(NOTICE, "Saved attachment " . $mesg->attachment);
+
+    if (isset(input()['closeIssue']))
+    {
+        $issue->close($user);
+        logError(NOTICE, "Issue #" . $issue->numb . " closed");
+        $log = mesg::initNewLog("% closed issue", $user, $issue);
+    }
+}
+
+?>
diff --git a/app/model/login.php b/app/model/login.php
new file mode 100644
index 0000000..3393281
--- /dev/null
+++ b/app/model/login.php
@@ -0,0 +1,97 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/user.class.php";
+require_once "class/settings.class.php";
+
+/*
+ * Action: login - Attempt to authenticate new user
+ */
+if (isAction("login"))
+{
+    $form = new form();
+    $form->text("uname");
+    $form->text("passwd", false);
+
+    if (!$form->populate(input()))
+        goto prep;
+
+    if (!(($user = user::getByUname($form->uname)) &&
+           $user->validatePasswd($form->passwd)))
+    {
+        logError(ERROR, "Username or password is incorrect");
+
+        if ($user)
+            $log = mesg::initNewAdminLog("Failed login for username '%s'", $user);
+
+        goto prep;
+    }
+
+    user::setCurrent($user);
+    location();
+}
+
+/*
+ * Action: signup - Attempt to register a new account
+ */
+if (isAction("signup"))
+{
+    if (!settings::allowPublicSignup() &&
+        count(user::getAll_ordByUname()) > 0)
+    {
+        logError(ERROR, "You may not signup at this time");
+        goto prep;
+    }
+
+    $form = new form();
+    $form->text("uname");
+    $form->text("passwd", false);
+    $form->text("cpasswd", false);
+
+    if (!$form->populate(input()))
+        goto prep;
+
+    if ($form->passwd != $form->cpasswd)
+    {
+        logError(ERROR, "Passwords do not match");
+        goto prep;
+    }
+
+    if (!($user = user::initNew($form->uname, $form->passwd)))
+    {
+        logError(ERROR, "Your requested username is already in use");
+        goto prep;
+    }
+
+    user::setCurrent($user);
+    $log = mesg::initNewAdminLog("%s account registered", $user);
+    location("/");
+}
+
+prep:
+
+    if (count(user::getAll_ordByUname()) == 0)
+    {
+        $noaccounts = true;
+        $activeTab['signup'] = "in active";
+        $tabSwap = false;
+    }
+    else
+    {
+        $activeTab['login'] = "in active";
+        $tabSwap = settings::allowPublicSignup();
+    }
+
+?>
diff --git a/app/model/noticemodal.php b/app/model/noticemodal.php
new file mode 100644
index 0000000..c1e99c3
--- /dev/null
+++ b/app/model/noticemodal.php
@@ -0,0 +1,40 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/globals.php";
+
+prep:
+
+if (isError(ERROR))
+{
+    $noticeModalAlertClass = "alert-danger";
+    $noticeModalGlyphicon  = "glyphicon-remove-sign";
+}
+else if (isError(WARNING))
+{
+    $noticeModalAlertClass = "alert-warning";
+    $noticeModalGlyphicon  = "glyphicon-exclamation-sign";
+}
+else if (isError(NOTICE))
+{
+    $noticeModalAlertClass = "alert-info";
+    $noticeModalGlyphicon  = "glyphicon-info-sign";
+}
+else
+{
+    $noticeModalAlertClass = "";
+    $noticeModalGlyphicon  = "";
+}
+
+?>
diff --git a/app/model/objBgPrev.php b/app/model/objBgPrev.php
new file mode 100644
index 0000000..f8d024a
--- /dev/null
+++ b/app/model/objBgPrev.php
@@ -0,0 +1,40 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/obj.class.php";
+
+/*
+ * including scope defines
+ * obj $obj
+ * int $height
+ */
+
+$src = $obj->getBgImg();
+
+if ($src == NULL)
+    $src = ar() . "/static/img/null.jpg";
+
+switch ($obj->objtype)
+{
+    case "user":
+    case "group":
+        $alt = $obj->getDisplayName() . " background";
+        break;
+
+    default:
+        $alt = $obj->name . " background";
+        break;
+}
+
+?>
diff --git a/app/model/objHeadCircle.php b/app/model/objHeadCircle.php
new file mode 100644
index 0000000..eef56b7
--- /dev/null
+++ b/app/model/objHeadCircle.php
@@ -0,0 +1,37 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/obj.class.php";
+
+/*
+ * including scope defines
+ * obj $obj
+ * int $height
+ */
+
+$src = $obj->getHeadImg();
+
+switch ($obj->objtype)
+{
+    case "user":
+    case "group":
+        $alt = $obj->getDisplayName();
+        break;
+
+    default:
+        $alt = $obj->name;
+        break;
+}
+
+?>
diff --git a/app/model/pad.php b/app/model/pad.php
new file mode 100644
index 0000000..d7cfb23
--- /dev/null
+++ b/app/model/pad.php
@@ -0,0 +1,29 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/pad.class.php";
+
+$pad = getPageObj();
+$stages = $pad->getStages();
+$stages = array_reverse($stages);
+
+$issues = array();
+
+foreach ($stages as $s)
+{
+    $i = $s->getIssues_ordByDueByNumb();
+    $issues = array_merge($issues, $i);
+}
+
+?>
diff --git a/app/model/settings.php b/app/model/settings.php
new file mode 100644
index 0000000..3293122
--- /dev/null
+++ b/app/model/settings.php
@@ -0,0 +1,144 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/settings.class.php";
+require_once "class/user.class.php";
+
+/*
+ * Action: settings-user - Modify user settings
+ */
+if (isAction("settings-user"))
+{
+    $form = new form();
+    $form->text("guid");
+    $form->flag("setpasswd");
+    $form->text("curpasswd", false);
+    $form->text("passwd", false);
+    $form->text("cpasswd", false);
+    $form->text("alias", false);
+    $form->text("email", false);
+    $form->text("emailVer", false);
+
+    if (!$form->populate(input()))
+        return;
+
+    $user = new user($form->guid);
+
+    /* permissions */
+    if (!($cu = user::getCurrent()) || !$cu->canModify($user))
+    {
+        logError(ERROR, "You do not have permission to modify the selected user");
+        return;
+    }
+
+    /* image file removal */
+    if (isset(input()['rmImg-head']))
+    {
+        if ($user->rmHeadImg())
+            logError(NOTICE, "User image removed");
+        else
+            logError(ERROR, "Error removing user image");
+        return;
+    }
+
+    if (isset(input()['rmImg-bg']))
+    {
+        if ($user->rmBgImg())
+            logError(NOTICE, "Background image removed");
+        else
+            logError(ERROR, "Error removing background image");
+        return;
+    }
+
+    /* image file set */
+    if ($user->setHeadImg("img-head"))
+        logError(NOTICE, "User image updated");
+
+    if ($user->setBgImg("img-bg"))
+        logError(NOTICE, "Background image updated");
+
+    /* modify object */
+    if ($form->setpasswd)
+    {
+        if ($user->validatePasswd($form->curpasswd))
+        {
+            if ($form->passwd == $form->cpasswd)
+            {
+                $user->setPasswd($form->passwd);
+                logError(NOTICE, "Password updated successfully");
+            }
+            else
+                logError(WARNING, "Password not changed, passwords did not match");
+        }
+        else
+            logError(WARNING, "Password not changed, current password was incorrect");
+    }
+
+    $user->alias = $form->alias;
+
+    if ($form->email != $user->email)
+        $user->setEmail($form->email);
+
+    else if ($form->emailVer != "" && $user->emailConf == 0)
+    {
+        if (!$user->verifyEmail($form->emailVer))
+            logError(WARNING, "Email not verified, key was incorrect");
+    }
+
+    $user->saveObj();
+}
+
+/*
+ * Action: settings-admin - Modify global settings
+ */
+if (isAction("settings-admin"))
+{
+    $form = new form();
+    $form->flag("sslOnly");
+    $form->flag("allowPublicSignup");
+    $form->text("smtpEmailAddress", false);
+    $form->text("smtpFrom", false);
+    $form->text("smtpServer", false);
+    $form->numeric("smtpPort", 0, 65535);
+    $form->enum("smtpSecurity", array("", "ssl", "tls"));
+    $form->text("smtpUname", false);
+    $form->text("smtpPasswd", false);
+
+    if (!$form->populate(input()))
+        return;
+
+    /* permissions */
+    if (!($cu = user::getCurrent()) || $cu->admin == 0)
+    {
+        logError(ERROR, "You do not have permission to modify global settings");
+        return;
+    }
+
+    settings::sslOnly($form->sslOnly);
+    settings::allowPublicSignup($form->allowPublicSignup);
+    settings::smtpEmailAddress($form->smtpEmailAddress);
+    settings::smtpFrom($form->smtpFrom);
+    settings::smtpServer($form->smtpServer);
+    settings::smtpPort($form->smtpPort);
+    settings::smtpSecurity($form->smtpSecurity);
+    settings::smtpUname($form->smtpUname);
+
+    if ($form->smtpPasswd != "")
+        settings::smtpPasswd($form->smtpPasswd);
+
+    $log = mesg::initNewAdminLog("%s changed global settings", $cu);
+}
+
+?>