<?php

/*
 * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
 * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
 * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
 * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
 * OTHER DEALINGS IN THE SOFTWARE.
 *
 * For more information, please refer to UNLICENSE
 */

require_once "class/form.class.php";
require_once "class/user.class.php";

/*
 * Action: settings-user - Modify user settings
 */
if (isAction("settings-user"))
{
    $form = new form();
    $form->text("guid");
    $form->flag("setpasswd");
    $form->text("curpasswd", false);
    $form->text("passwd", false);
    $form->text("cpasswd", false);
    $form->text("alias", false);
    $form->text("email", false);
    $form->text("emailVer", false);

    if (!$form->populate(input()))
        return;

    $user = new user($form->guid);

    /* permissions */
    if (!($cu = user::getCurrent()) || !$cu->canModify($user))
    {
        logError(ERROR, "You do not have permission to modify the selected user");
        return;
    }

    /* image file removal */
    if (isset(input()['rmImg-head']))
    {
        if ($user->rmHeadImg())
            logError(NOTICE, "User image removed");
        else
            logError(ERROR, "Error removing user image");
        return;
    }

    if (isset(input()['rmImg-bg']))
    {
        if ($user->rmBgImg())
            logError(NOTICE, "Background image removed");
        else
            logError(ERROR, "Error removing background image");
        return;
    }

    /* image file set */
    if ($user->setHeadImg("img-head"))
        logError(NOTICE, "User image updated");

    if ($user->setBgImg("img-bg"))
        logError(NOTICE, "Background image updated");

    /* modify object */
    if ($form->setpasswd)
    {
        if ($user->validatePasswd($form->curpasswd))
        {
            if ($form->passwd == $form->cpasswd)
            {
                $user->setPasswd($form->passwd);
                logError(NOTICE, "Password updated successfully");
            }
            else
                logError(WARNING, "Password not changed, passwords did not match");
        }
        else
            logError(WARNING, "Password not changed, current password was incorrect");
    }

    $user->alias = $form->alias;

    if ($form->email != $user->email)
        $user->setEmail($form->email);

    else if ($form->emailVer != "" && $user->emailConf == 0)
    {
        if (!$user->verifyEmail($form->emailVer))
            logError(WARNING, "Email not verified, key was incorrect");
    }

    $user->saveObj();
}

?>