diff options
Diffstat (limited to 'mod/settings.php')
-rw-r--r-- | mod/settings.php | 84 |
1 files changed, 25 insertions, 59 deletions
diff --git a/mod/settings.php b/mod/settings.php index f9cc429df..9e7a6654e 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -2,25 +2,20 @@ function settings_init(&$a) { - - if(! local_user()) { - notice("Permission denied." . EOL); - $a->error = 404; - return; + if(local_user()) { + require_once("mod/profile.php"); + profile_load($a,$a->user['nickname']); } - require_once("mod/profile.php"); - profile_load($a,$a->user['nickname']); } function settings_post(&$a) { - if(! local_user()) { notice( t('Permission denied.') . EOL); return; } - if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != $_SESSION['uid']) { + if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != get_uid()) { notice( t('Permission denied.') . EOL); return; } @@ -44,7 +39,7 @@ function settings_post(&$a) { $password = hash('whirlpool',$newpass); $r = q("UPDATE `user` SET `password` = '%s' WHERE `uid` = %d LIMIT 1", dbesc($password), - intval($_SESSION['uid'])); + intval(get_uid()); if($r) notice( t('Password changed.') . EOL); else @@ -52,15 +47,15 @@ function settings_post(&$a) { } } - $theme = notags(trim($_POST['theme'])); - $username = notags(trim($_POST['username'])); - $email = notags(trim($_POST['email'])); - $timezone = notags(trim($_POST['timezone'])); - $defloc = notags(trim($_POST['defloc'])); + $theme = notags(trim($_POST['theme'])); + $username = notags(trim($_POST['username'])); + $email = notags(trim($_POST['email'])); + $timezone = notags(trim($_POST['timezone'])); + $defloc = notags(trim($_POST['defloc'])); - $publish = (($_POST['profile_in_directory'] == 1) ? 1: 0); - $net_publish = (($_POST['profile_in_netdirectory'] == 1) ? 1: 0); - $old_visibility = ((intval($_POST['visibility']) == 1) ? 1 : 0); + $publish = (($_POST['profile_in_directory'] == 1) ? 1: 0); + $net_publish = (($_POST['profile_in_netdirectory'] == 1) ? 1: 0); + $old_visibility = ((intval($_POST['visibility']) == 1) ? 1 : 0); $notify = 0; @@ -75,13 +70,11 @@ function settings_post(&$a) { if($_POST['notify5']) $notify += intval($_POST['notify5']); - $username_changed = false; $email_changed = false; - $zone_changed = false; + $err = ''; if($username != $a->user['username']) { - $username_changed = true; if(strlen($username) > 40) $err .= t(' Please use a shorter name.'); if(strlen($username) < 3) @@ -104,38 +97,15 @@ function settings_post(&$a) { return; } if($timezone != $a->user['timezone']) { - $zone_changed = true; if(strlen($timezone)) date_default_timezone_set($timezone); } - $str_group_allow = ''; - $group_allow = $_POST['group_allow']; - if(is_array($group_allow)) { - array_walk($group_allow,'sanitise_acl'); - $str_group_allow = implode('',$group_allow); - } - - $str_contact_allow = ''; - $contact_allow = $_POST['contact_allow']; - if(is_array($contact_allow)) { - array_walk($contact_allow,'sanitise_acl'); - $str_contact_allow = implode('',$contact_allow); - } - $str_group_deny = ''; - $group_deny = $_POST['group_deny']; - if(is_array($group_deny)) { - array_walk($group_deny,'sanitise_acl'); - $str_group_deny = implode('',$group_deny); - } - - $str_contact_deny = ''; - $contact_deny = $_POST['contact_deny']; - if(is_array($contact_deny)) { - array_walk($contact_deny,'sanitise_acl'); - $str_contact_deny = implode('',$contact_deny); - } + $str_group_allow = perms2str($_POST['group_allow']); + $str_contact_allow = perms2str($_POST['contact_allow']); + $str_group_deny = perms2str($_POST['group_deny']); + $str_contact_deny = perms2str($_POST['contact_deny']); $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `default-location` = '%s', `theme` = '%s' WHERE `uid` = %d LIMIT 1", dbesc($username), @@ -148,7 +118,7 @@ function settings_post(&$a) { intval($notify), dbesc($defloc), dbesc($theme), - intval($_SESSION['uid']) + intval(get_uid()) ); if($r) notice( t('Settings updated.') . EOL); @@ -158,7 +128,7 @@ function settings_post(&$a) { WHERE `is-default` = 1 AND `uid` = %d LIMIT 1", intval($publish), intval($net_publish), - intval($_SESSION['uid']) + intval(get_uid()) ); if($old_visibility != $net_publish) { @@ -178,6 +148,7 @@ function settings_post(&$a) { } goaway($a->get_baseurl() . '/settings' ); + return; // NOTREACHED } @@ -210,28 +181,23 @@ function settings_content(&$a) { $opt_tpl = file_get_contents("view/profile-in-directory.tpl"); $profile_in_dir = replace_macros($opt_tpl,array( - '$yes_selected' => (($profile['publish']) ? " checked=\"checked\" " : ""), - '$no_selected' => (($profile['publish'] == 0) ? " checked=\"checked\" " : "") + '$yes_selected' => (($profile['publish']) ? " checked=\"checked\" " : ""), + '$no_selected' => (($profile['publish'] == 0) ? " checked=\"checked\" " : "") )); if(strlen(get_config('system','directory_submit_url'))) { $opt_tpl = file_get_contents("view/profile-in-netdir.tpl"); $profile_in_net_dir = replace_macros($opt_tpl,array( - '$yes_selected' => (($profile['net-publish']) ? " checked=\"checked\" " : ""), - '$no_selected' => (($profile['net-publish'] == 0) ? " checked=\"checked\" " : "") + '$yes_selected' => (($profile['net-publish']) ? " checked=\"checked\" " : ""), + '$no_selected' => (($profile['net-publish'] == 0) ? " checked=\"checked\" " : "") )); } else $profile_in_net_dir = ''; - - - - $nickname_block = file_get_contents("view/settings_nick_set.tpl"); - $nickname_subdir = ''; if(strlen($a->get_path())) { $subdir_tpl = file_get_contents('view/settings_nick_subdir.tpl'); |