From 5a086d1592c43b8259f988e9e7f6f167318252ef Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Wed, 19 Sep 2018 16:12:15 -0400
Subject: settings:  Implement user tab form submission

---
 app/model/settings.php | 102 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 102 insertions(+)
 create mode 100644 app/model/settings.php

(limited to 'app/model/settings.php')

diff --git a/app/model/settings.php b/app/model/settings.php
new file mode 100644
index 0000000..3262dec
--- /dev/null
+++ b/app/model/settings.php
@@ -0,0 +1,102 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/user.class.php";
+
+/*
+ * Action: settings-user - Modify user settings
+ */
+if (isAction("settings-user"))
+{
+    $form = new form();
+    $form->text("guid");
+    $form->flag("setpasswd");
+    $form->text("curpasswd", false);
+    $form->text("passwd", false);
+    $form->text("cpasswd", false);
+    $form->text("alias", false);
+    $form->text("email", false);
+    $form->text("emailVer", false);
+
+    if (!$form->populate(input()))
+        return;
+
+    $user = new user($form->guid);
+
+    /* permissions */
+    if (!($cu = user::getCurrent()) || !$cu->canModify($user))
+    {
+        logError(ERROR, "You do not have permission to modify the selected user");
+        return;
+    }
+
+    /* image file removal */
+    if (isset(input()['rmImg-head']))
+    {
+        if ($user->rmHeadImg())
+            logError(NOTICE, "User image removed");
+        else
+            logError(ERROR, "Error removing user image");
+        return;
+    }
+
+    if (isset(input()['rmImg-bg']))
+    {
+        if ($user->rmBgImg())
+            logError(NOTICE, "Background image removed");
+        else
+            logError(ERROR, "Error removing background image");
+        return;
+    }
+
+    /* image file set */
+    if ($user->setHeadImg("img-head"))
+        logError(NOTICE, "User image updated");
+
+    if ($user->setBgImg("img-bg"))
+        logError(NOTICE, "Background image updated");
+
+    /* modify object */
+    if ($form->setpasswd)
+    {
+        if ($user->validatePasswd($form->curpasswd))
+        {
+            if ($form->passwd == $form->cpasswd)
+            {
+                $user->setPasswd($form->passwd);
+                logError(NOTICE, "Password updated successfully");
+            }
+            else
+                logError(WARNING, "Password not changed, passwords did not match");
+        }
+        else
+            logError(WARNING, "Password not changed, current password was incorrect");
+    }
+
+    $user->alias = $form->alias;
+
+    if ($form->email != $user->email)
+        $user->setEmail($form->email);
+
+    else if ($form->emailVer != "" && $user->emailConf == 0)
+    {
+        if (!$user->verifyEmail($form->emailVer))
+            logError(WARNING, "Email not verified, key was incorrect");
+    }
+
+    $user->saveObj();
+}
+
+?>
-- 
cgit v1.2.3


From d9b75f4f38bb258893896443bdfb3a3e43773d47 Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Sun, 23 Sep 2018 22:02:27 -0400
Subject: settings:  Implement admin tab form handler

---
 app/model/settings.php | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

(limited to 'app/model/settings.php')

diff --git a/app/model/settings.php b/app/model/settings.php
index 3262dec..a3afa0f 100644
--- a/app/model/settings.php
+++ b/app/model/settings.php
@@ -13,6 +13,7 @@
  */
 
 require_once "class/form.class.php";
+require_once "class/settings.class.php";
 require_once "class/user.class.php";
 
 /*
@@ -99,4 +100,43 @@ if (isAction("settings-user"))
     $user->saveObj();
 }
 
+/*
+ * Action: settings-admin - Modify global settings
+ */
+if (isAction("settings-admin"))
+{
+    $form = new form();
+    $form->flag("sslOnly");
+    $form->flag("allowPublicSignup");
+    $form->text("smtpEmailAddress", false);
+    $form->text("smtpFrom", false);
+    $form->text("smtpServer", false);
+    $form->numeric("smtpPort", 0, 65535);
+    $form->enum("smtpSecurity", array("", "ssl", "tls"));
+    $form->text("smtpUname", false);
+    $form->text("smtpPasswd", false);
+
+    if (!$form->populate(input()))
+        return;
+
+    /* permissions */
+    if (!($cu = user::getCurrent()) || $cu->admin == 0)
+    {
+        logError(ERROR, "You do not have permission to modify global settings");
+        return;
+    }
+
+    settings::sslOnly($form->sslOnly);
+    settings::allowPublicSignup($form->allowPublicSignup);
+    settings::smtpEmailAddress($form->smtpEmailAddress);
+    settings::smtpFrom($form->smtpFrom);
+    settings::smtpServer($form->smtpServer);
+    settings::smtpPort($form->smtpPort);
+    settings::smtpSecurity($form->smtpSecurity);
+    settings::smtpUname($form->smtpUname);
+
+    if ($form->smtpPasswd != "")
+        settings::smtpPasswd($form->smtpPasswd);
+}
+
 ?>
-- 
cgit v1.2.3


From 3e0aa02f2051300fbe255c578ed2717a71b65954 Mon Sep 17 00:00:00 2001
From: Malf Furious <m@lfurio.us>
Date: Fri, 26 Oct 2018 21:30:01 -0400
Subject: settings:  Add log event when admin alters global settings

Signed-off-by: Malf Furious <m@lfurio.us>
---
 app/model/settings.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'app/model/settings.php')

diff --git a/app/model/settings.php b/app/model/settings.php
index a3afa0f..3293122 100644
--- a/app/model/settings.php
+++ b/app/model/settings.php
@@ -137,6 +137,8 @@ if (isAction("settings-admin"))
 
     if ($form->smtpPasswd != "")
         settings::smtpPasswd($form->smtpPasswd);
+
+    $log = mesg::initNewAdminLog("%s changed global settings", $cu);
 }
 
 ?>
-- 
cgit v1.2.3