diff options
Diffstat (limited to '')
-rw-r--r-- | app/model/settings.php | 144 |
1 files changed, 144 insertions, 0 deletions
diff --git a/app/model/settings.php b/app/model/settings.php new file mode 100644 index 0000000..3293122 --- /dev/null +++ b/app/model/settings.php @@ -0,0 +1,144 @@ +<?php + +/* + * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. + * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR + * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, + * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR + * OTHER DEALINGS IN THE SOFTWARE. + * + * For more information, please refer to UNLICENSE + */ + +require_once "class/form.class.php"; +require_once "class/settings.class.php"; +require_once "class/user.class.php"; + +/* + * Action: settings-user - Modify user settings + */ +if (isAction("settings-user")) +{ + $form = new form(); + $form->text("guid"); + $form->flag("setpasswd"); + $form->text("curpasswd", false); + $form->text("passwd", false); + $form->text("cpasswd", false); + $form->text("alias", false); + $form->text("email", false); + $form->text("emailVer", false); + + if (!$form->populate(input())) + return; + + $user = new user($form->guid); + + /* permissions */ + if (!($cu = user::getCurrent()) || !$cu->canModify($user)) + { + logError(ERROR, "You do not have permission to modify the selected user"); + return; + } + + /* image file removal */ + if (isset(input()['rmImg-head'])) + { + if ($user->rmHeadImg()) + logError(NOTICE, "User image removed"); + else + logError(ERROR, "Error removing user image"); + return; + } + + if (isset(input()['rmImg-bg'])) + { + if ($user->rmBgImg()) + logError(NOTICE, "Background image removed"); + else + logError(ERROR, "Error removing background image"); + return; + } + + /* image file set */ + if ($user->setHeadImg("img-head")) + logError(NOTICE, "User image updated"); + + if ($user->setBgImg("img-bg")) + logError(NOTICE, "Background image updated"); + + /* modify object */ + if ($form->setpasswd) + { + if ($user->validatePasswd($form->curpasswd)) + { + if ($form->passwd == $form->cpasswd) + { + $user->setPasswd($form->passwd); + logError(NOTICE, "Password updated successfully"); + } + else + logError(WARNING, "Password not changed, passwords did not match"); + } + else + logError(WARNING, "Password not changed, current password was incorrect"); + } + + $user->alias = $form->alias; + + if ($form->email != $user->email) + $user->setEmail($form->email); + + else if ($form->emailVer != "" && $user->emailConf == 0) + { + if (!$user->verifyEmail($form->emailVer)) + logError(WARNING, "Email not verified, key was incorrect"); + } + + $user->saveObj(); +} + +/* + * Action: settings-admin - Modify global settings + */ +if (isAction("settings-admin")) +{ + $form = new form(); + $form->flag("sslOnly"); + $form->flag("allowPublicSignup"); + $form->text("smtpEmailAddress", false); + $form->text("smtpFrom", false); + $form->text("smtpServer", false); + $form->numeric("smtpPort", 0, 65535); + $form->enum("smtpSecurity", array("", "ssl", "tls")); + $form->text("smtpUname", false); + $form->text("smtpPasswd", false); + + if (!$form->populate(input())) + return; + + /* permissions */ + if (!($cu = user::getCurrent()) || $cu->admin == 0) + { + logError(ERROR, "You do not have permission to modify global settings"); + return; + } + + settings::sslOnly($form->sslOnly); + settings::allowPublicSignup($form->allowPublicSignup); + settings::smtpEmailAddress($form->smtpEmailAddress); + settings::smtpFrom($form->smtpFrom); + settings::smtpServer($form->smtpServer); + settings::smtpPort($form->smtpPort); + settings::smtpSecurity($form->smtpSecurity); + settings::smtpUname($form->smtpUname); + + if ($form->smtpPasswd != "") + settings::smtpPasswd($form->smtpPasswd); + + $log = mesg::initNewAdminLog("%s changed global settings", $cu); +} + +?> |