From 5a086d1592c43b8259f988e9e7f6f167318252ef Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Wed, 19 Sep 2018 16:12:15 -0400
Subject: settings: Implement user tab form submission
---
app/model/settings.php | 102 +++++++++++++++++++++++++++++++++++++++++++++++++
app/view/settings.php | 1 +
2 files changed, 103 insertions(+)
create mode 100644 app/model/settings.php
diff --git a/app/model/settings.php b/app/model/settings.php
new file mode 100644
index 0000000..3262dec
--- /dev/null
+++ b/app/model/settings.php
@@ -0,0 +1,102 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/user.class.php";
+
+/*
+ * Action: settings-user - Modify user settings
+ */
+if (isAction("settings-user"))
+{
+ $form = new form();
+ $form->text("guid");
+ $form->flag("setpasswd");
+ $form->text("curpasswd", false);
+ $form->text("passwd", false);
+ $form->text("cpasswd", false);
+ $form->text("alias", false);
+ $form->text("email", false);
+ $form->text("emailVer", false);
+
+ if (!$form->populate(input()))
+ return;
+
+ $user = new user($form->guid);
+
+ /* permissions */
+ if (!($cu = user::getCurrent()) || !$cu->canModify($user))
+ {
+ logError(ERROR, "You do not have permission to modify the selected user");
+ return;
+ }
+
+ /* image file removal */
+ if (isset(input()['rmImg-head']))
+ {
+ if ($user->rmHeadImg())
+ logError(NOTICE, "User image removed");
+ else
+ logError(ERROR, "Error removing user image");
+ return;
+ }
+
+ if (isset(input()['rmImg-bg']))
+ {
+ if ($user->rmBgImg())
+ logError(NOTICE, "Background image removed");
+ else
+ logError(ERROR, "Error removing background image");
+ return;
+ }
+
+ /* image file set */
+ if ($user->setHeadImg("img-head"))
+ logError(NOTICE, "User image updated");
+
+ if ($user->setBgImg("img-bg"))
+ logError(NOTICE, "Background image updated");
+
+ /* modify object */
+ if ($form->setpasswd)
+ {
+ if ($user->validatePasswd($form->curpasswd))
+ {
+ if ($form->passwd == $form->cpasswd)
+ {
+ $user->setPasswd($form->passwd);
+ logError(NOTICE, "Password updated successfully");
+ }
+ else
+ logError(WARNING, "Password not changed, passwords did not match");
+ }
+ else
+ logError(WARNING, "Password not changed, current password was incorrect");
+ }
+
+ $user->alias = $form->alias;
+
+ if ($form->email != $user->email)
+ $user->setEmail($form->email);
+
+ else if ($form->emailVer != "" && $user->emailConf == 0)
+ {
+ if (!$user->verifyEmail($form->emailVer))
+ logError(WARNING, "Email not verified, key was incorrect");
+ }
+
+ $user->saveObj();
+}
+
+?>
diff --git a/app/view/settings.php b/app/view/settings.php
index 0d7d011..9208f4c 100644
--- a/app/view/settings.php
+++ b/app/view/settings.php
@@ -14,6 +14,7 @@
namespace settings;
+require_once "model/settings.php";
require_once "view/formctrl.php";
require_once "view/datalsts.php";
require_once "class/obj.class.php";
--
cgit v1.2.3