aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Settings/Account.php
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module/Settings/Account.php')
-rw-r--r--Zotlabs/Module/Settings/Account.php135
1 files changed, 135 insertions, 0 deletions
diff --git a/Zotlabs/Module/Settings/Account.php b/Zotlabs/Module/Settings/Account.php
new file mode 100644
index 000000000..cd5ed1fca
--- /dev/null
+++ b/Zotlabs/Module/Settings/Account.php
@@ -0,0 +1,135 @@
+<?php
+
+namespace Zotlabs\Module\Settings;
+
+class Account {
+
+ function post() {
+ check_form_security_token_redirectOnErr('/settings/account', 'settings_account');
+
+ call_hooks('account_settings_post', $_POST);
+
+ $errs = array();
+
+ $email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : '');
+ $techlevel = ((array_key_exists('techlevel',$_POST)) ? intval($_POST['techlevel']) : 0);
+
+ $account = \App::get_account();
+ if($email != $account['account_email']) {
+ if(! valid_email($email))
+ $errs[] = t('Not valid email.');
+ $adm = trim(get_config('system','admin_email'));
+ if(($adm) && (strcasecmp($email,$adm) == 0)) {
+ $errs[] = t('Protected email address. Cannot change to that email.');
+ $email = \App::$account['account_email'];
+ }
+ if(! $errs) {
+ $r = q("update account set account_email = '%s' where account_id = %d",
+ dbesc($email),
+ intval($account['account_id'])
+ );
+ if(! $r)
+ $errs[] = t('System failure storing new email. Please try again.');
+ }
+ }
+ if($techlevel != $account['account_level']) {
+ $r = q("update account set account_level = %d where account_id = %d",
+ intval($techlevel),
+ intval($account['account_id'])
+ );
+ info( t('Technical skill level updated') . EOL);
+ }
+
+ if($errs) {
+ foreach($errs as $err)
+ notice($err . EOL);
+ $errs = array();
+ }
+
+
+ if((x($_POST,'npassword')) || (x($_POST,'confirm'))) {
+
+ $origpass = trim($_POST['origpass']);
+
+ require_once('include/auth.php');
+ if(! account_verify_password($email,$origpass)) {
+ $errs[] = t('Password verification failed.');
+ }
+
+ $newpass = trim($_POST['npassword']);
+ $confirm = trim($_POST['confirm']);
+
+ if($newpass != $confirm ) {
+ $errs[] = t('Passwords do not match. Password unchanged.');
+ }
+
+ if((! x($newpass)) || (! x($confirm))) {
+ $errs[] = t('Empty passwords are not allowed. Password unchanged.');
+ }
+
+ if(! $errs) {
+ $salt = random_string(32);
+ $password_encoded = hash('whirlpool', $salt . $newpass);
+ $r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s'
+ where account_id = %d",
+ dbesc($salt),
+ dbesc($password_encoded),
+ dbesc(datetime_convert()),
+ intval(get_account_id())
+ );
+ if($r)
+ info( t('Password changed.') . EOL);
+ else
+ $errs[] = t('Password update failed. Please try again.');
+ }
+ }
+
+
+ if($errs) {
+ foreach($errs as $err)
+ notice($err . EOL);
+ }
+ goaway(z_root() . '/settings/account' );
+ }
+
+
+
+ function get() {
+ $account_settings = "";
+
+ call_hooks('account_settings', $account_settings);
+
+ $email = \App::$account['account_email'];
+
+ $techlevels = [
+ '0' => t('Beginner/Basic'),
+ '1' => t('Novice - not skilled but willing to learn'),
+ '2' => t('Intermediate - somewhat comfortable'),
+ '3' => t('Advanced - very comfortable'),
+ '4' => t('Expert - I can write computer code'),
+ '5' => t('Wizard - I probably know more than you do')
+ ];
+
+
+ $def_techlevel = \App::$account['account_level'];
+ $techlock = get_config('system','techlevel_lock');
+
+ $tpl = get_markup_template("settings_account.tpl");
+ $o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("settings_account"),
+ '$title' => t('Account Settings'),
+ '$origpass' => array('origpass', t('Current Password'), ' ',''),
+ '$password1'=> array('npassword', t('Enter New Password'), '', ''),
+ '$password2'=> array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')),
+ '$techlevel' => [ 'techlevel', t('Your technical skill level'), $def_techlevel, t('Used to provide a member experience matched to your comfort level'), $techlevels ],
+ '$techlock' => $techlock,
+ '$submit' => t('Submit'),
+ '$email' => array('email', t('Email Address:'), $email, ''),
+ '$removeme' => t('Remove Account'),
+ '$removeaccount' => t('Remove this account including all its channels'),
+ '$account_settings' => $account_settings
+ ));
+ return $o;
+ }
+
+}