diff options
Diffstat (limited to 'Zotlabs/Module/Settings/Account.php')
-rw-r--r-- | Zotlabs/Module/Settings/Account.php | 135 |
1 files changed, 135 insertions, 0 deletions
diff --git a/Zotlabs/Module/Settings/Account.php b/Zotlabs/Module/Settings/Account.php new file mode 100644 index 000000000..cd5ed1fca --- /dev/null +++ b/Zotlabs/Module/Settings/Account.php @@ -0,0 +1,135 @@ +<?php + +namespace Zotlabs\Module\Settings; + +class Account { + + function post() { + check_form_security_token_redirectOnErr('/settings/account', 'settings_account'); + + call_hooks('account_settings_post', $_POST); + + $errs = array(); + + $email = ((x($_POST,'email')) ? trim(notags($_POST['email'])) : ''); + $techlevel = ((array_key_exists('techlevel',$_POST)) ? intval($_POST['techlevel']) : 0); + + $account = \App::get_account(); + if($email != $account['account_email']) { + if(! valid_email($email)) + $errs[] = t('Not valid email.'); + $adm = trim(get_config('system','admin_email')); + if(($adm) && (strcasecmp($email,$adm) == 0)) { + $errs[] = t('Protected email address. Cannot change to that email.'); + $email = \App::$account['account_email']; + } + if(! $errs) { + $r = q("update account set account_email = '%s' where account_id = %d", + dbesc($email), + intval($account['account_id']) + ); + if(! $r) + $errs[] = t('System failure storing new email. Please try again.'); + } + } + if($techlevel != $account['account_level']) { + $r = q("update account set account_level = %d where account_id = %d", + intval($techlevel), + intval($account['account_id']) + ); + info( t('Technical skill level updated') . EOL); + } + + if($errs) { + foreach($errs as $err) + notice($err . EOL); + $errs = array(); + } + + + if((x($_POST,'npassword')) || (x($_POST,'confirm'))) { + + $origpass = trim($_POST['origpass']); + + require_once('include/auth.php'); + if(! account_verify_password($email,$origpass)) { + $errs[] = t('Password verification failed.'); + } + + $newpass = trim($_POST['npassword']); + $confirm = trim($_POST['confirm']); + + if($newpass != $confirm ) { + $errs[] = t('Passwords do not match. Password unchanged.'); + } + + if((! x($newpass)) || (! x($confirm))) { + $errs[] = t('Empty passwords are not allowed. Password unchanged.'); + } + + if(! $errs) { + $salt = random_string(32); + $password_encoded = hash('whirlpool', $salt . $newpass); + $r = q("update account set account_salt = '%s', account_password = '%s', account_password_changed = '%s' + where account_id = %d", + dbesc($salt), + dbesc($password_encoded), + dbesc(datetime_convert()), + intval(get_account_id()) + ); + if($r) + info( t('Password changed.') . EOL); + else + $errs[] = t('Password update failed. Please try again.'); + } + } + + + if($errs) { + foreach($errs as $err) + notice($err . EOL); + } + goaway(z_root() . '/settings/account' ); + } + + + + function get() { + $account_settings = ""; + + call_hooks('account_settings', $account_settings); + + $email = \App::$account['account_email']; + + $techlevels = [ + '0' => t('Beginner/Basic'), + '1' => t('Novice - not skilled but willing to learn'), + '2' => t('Intermediate - somewhat comfortable'), + '3' => t('Advanced - very comfortable'), + '4' => t('Expert - I can write computer code'), + '5' => t('Wizard - I probably know more than you do') + ]; + + + $def_techlevel = \App::$account['account_level']; + $techlock = get_config('system','techlevel_lock'); + + $tpl = get_markup_template("settings_account.tpl"); + $o .= replace_macros($tpl, array( + '$form_security_token' => get_form_security_token("settings_account"), + '$title' => t('Account Settings'), + '$origpass' => array('origpass', t('Current Password'), ' ',''), + '$password1'=> array('npassword', t('Enter New Password'), '', ''), + '$password2'=> array('confirm', t('Confirm New Password'), '', t('Leave password fields blank unless changing')), + '$techlevel' => [ 'techlevel', t('Your technical skill level'), $def_techlevel, t('Used to provide a member experience matched to your comfort level'), $techlevels ], + '$techlock' => $techlock, + '$submit' => t('Submit'), + '$email' => array('email', t('Email Address:'), $email, ''), + '$removeme' => t('Remove Account'), + '$removeaccount' => t('Remove this account including all its channels'), + '$account_settings' => $account_settings + )); + return $o; + } + +} |