diff options
Diffstat (limited to 'mod')
-rw-r--r-- | mod/dfrn_request.php | 47 | ||||
-rw-r--r-- | mod/photo.php | 78 | ||||
-rw-r--r-- | mod/profile.php | 9 | ||||
-rw-r--r-- | mod/profile_photo.php | 165 | ||||
-rw-r--r-- | mod/profiles.php | 8 | ||||
-rw-r--r-- | mod/register.php | 55 | ||||
-rw-r--r-- | mod/settings.php | 32 |
7 files changed, 207 insertions, 187 deletions
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index b0c7b36aa..33a898d36 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -75,19 +75,19 @@ function dfrn_request_post(&$a) { $parms = scrape_dfrn($dfrn_url); if(! count($parms)) { - notice( 'URL is not valid or does not contain profile information.' . EOL ); + notice( 'Profile location is not valid or does not contain profile information.' . EOL ); return; } else { if(! x($parms,'fn')) - notice( 'Warning: DFRN profile has no identifiable owner name.' . EOL ); + notice( 'Warning: profile location has no identifiable owner name.' . EOL ); if(! x($parms,'photo')) - notice( 'Warning: DFRN profile has no profile photo.' . EOL ); + notice( 'Warning: profile location has no profile photo.' . EOL ); $invalid = validate_dfrn($parms); if($invalid) { - notice( $invalid . ' required DFRN parameter' + notice( $invalid . ' required parameter' . (($invalid == 1) ? " was " : "s were " ) - . "not found at the given URL" . EOL . print_r($parms,true)) ; + . "not found at the given location." . EOL ) ; return; } } @@ -145,10 +145,8 @@ function dfrn_request_post(&$a) { // If our user confirms the request, a record of it will need to exist on the // originator's site in order for the confirmation process to complete.. - if($a->profile['nickname']) - $tailname = $a->profile['nickname']; - else - $tailname = $a->profile['uid']; + + $tailname = $a->profile['nickname']; $uid = $a->profile['uid']; @@ -170,9 +168,26 @@ function dfrn_request_post(&$a) { $hostname = substr($url,strpos($url,'@') + 1); require_once('Scrape.php'); - $parms = scrape_meta('http://' . $url); - if((x($parms,'dfrn-template')) && strstr($parms['dfrn-template'],'%s')) + + $parms = scrape_meta('https://' . $url); + if((x($parms,'dfrn-template')) && strstr($parms['dfrn-template'],'%s')) { $url = sprintf($parms['dfrn-template'],$username); + } + else { + $parms = scrape_meta('http://' . $url); + if((x($parms,'dfrn-template')) && strstr($parms['dfrn-template'],'%s')) { + $url = sprintf($parms['dfrn-template'],$username); + } + else { + $url = ''; + } + } + + } + + if(! strlen($url)) { + notice("Unable to resolve your name at the provided location." . EOL); + return; } $ret = q("SELECT * FROM `contact` WHERE `uid` = %d AND `url` = '%s' LIMIT 1", @@ -207,19 +222,19 @@ function dfrn_request_post(&$a) { $parms = scrape_dfrn($url); if(! count($parms)) { - notice( 'URL is not valid or does not contain profile information.' . EOL ); + notice( 'Profile location is not valid or does not contain profile information.' . EOL ); killme(); } else { if(! x($parms,'fn')) - notice( 'Warning: DFRN profile has no identifiable owner name.' . EOL ); + notice( 'Warning: profile location has no identifiable owner name.' . EOL ); if(! x($parms,'photo')) - notice( 'Warning: DFRN profile has no profile photo.' . EOL ); + notice( 'Warning: profile location has no profile photo.' . EOL ); $invalid = validate_dfrn($parms); if($invalid) { - notice( $invalid . ' required DFRN parameter' + notice( $invalid . ' required parameter' . (($invalid == 1) ? " was " : "s were " ) - . "not found at the given URL" . EOL . print_r($parms,true)) ; + . "not found at the given location." . EOL ) ; return; } diff --git a/mod/photo.php b/mod/photo.php index bd0e415bf..f922c7ab2 100644 --- a/mod/photo.php +++ b/mod/photo.php @@ -2,24 +2,72 @@ function photo_init(&$a) { - if($a->argc != 2) { - killme(); + switch($a->argc) { + case 3: + $person = $a->argv[2]; + $type = $a->argv[1]; + break; + case 2: + $photo = $a->argv[1]; + break; + case 1: + default: + killme(); + return; // NOTREACHED + } + + if(x($type)) { + switch($type) { + + case 'profile': + $resolution = 4; + break; + case 'avatar': + default: + $resolution = 5; + break; + } + + $uid = str_replace('.jpg', '', $person); + + $r = q("SELECT * FROM `photo` WHERE `scale` = %d AND `uid` = %d AND `profile` = 1 LIMIT 1", + intval($resolution), + intval($uid) + ); + if(count($r)) { + $data = $r[0]['data']; + } + if(x($data) === false) { + $data = file_get_contents(($resolution == 5) + ? 'images/default-profile-sm.jpg' + : 'images/default-profile.jpg'); + } } - $resolution = 0; - $photo = $a->argv[1]; - $photo = str_replace('.jpg','',$photo); - if(substr($photo,-2,1) == '-') { - $resolution = intval(substr($photo,-1,1)); - $photo = substr($photo,0,-2); + else { + $resolution = 0; + $photo = str_replace('.jpg','',$photo); + + if(substr($photo,-2,1) == '-') { + $resolution = intval(substr($photo,-1,1)); + $photo = substr($photo,0,-2); + } + + $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d LIMIT 1", + dbesc($photo), + intval($resolution) + ); + if(count($r)) { + $data = $r[0]['data']; + } } - $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' - AND `scale` = %d LIMIT 1", - dbesc($photo), - intval($resolution)); - if($r === NULL || (! count($r))) { + + if(x($data) === false) { killme(); + return; // NOTREACHED } - header("Content-type: image/jpeg"); - echo $r[0]['data']; + header("Content-type: image/jpeg"); + echo $data; + killme(); + return; //NOTREACHED }
\ No newline at end of file diff --git a/mod/profile.php b/mod/profile.php index 5cd13d596..db538750d 100644 --- a/mod/profile.php +++ b/mod/profile.php @@ -1,11 +1,7 @@ <?php if(! function_exists('profile_load')) { -function profile_load(&$a,$uid,$profile = 0) { - - $sql_extra = (($uid) && (intval($uid)) - ? " WHERE `user`.`uid` = " . intval($uid) - : " WHERE `user`.`nickname` = '" . dbesc($uid) . "' " ); +function profile_load(&$a, $username, $profile = 0) { if(remote_user()) { $r = q("SELECT `profile-id` FROM `contact` WHERE `id` = %d LIMIT 1", @@ -23,7 +19,8 @@ function profile_load(&$a,$uid,$profile = 0) { $r = q("SELECT `profile`.`uid` AS `profile_uid`, `profile`.* , `user`.* FROM `profile` LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid` - $sql_extra $sql_which LIMIT 1" + WHERE `user`.`nickname` = '%s' $sql_which LIMIT 1", + dbesc($username) ); if(($r === false) || (! count($r))) { diff --git a/mod/profile_photo.php b/mod/profile_photo.php index 8b536c2aa..36657ba14 100644 --- a/mod/profile_photo.php +++ b/mod/profile_photo.php @@ -4,9 +4,7 @@ require_once("Photo.php"); function profile_photo_init(&$a) { - if((! x($_SESSION,'authenticated')) && (x($_SESSION,'uid'))) { - $_SESSION['sysmsg'] .= "Permission denied." . EOL; - $a->error = 404; + if((! local_user()) { return; } require_once("mod/profile.php"); @@ -16,23 +14,22 @@ function profile_photo_init(&$a) { function profile_photo_post(&$a) { - - - if((! x($_SESSION,'authenticated')) && (! (x($_SESSION,'uid')))) { - $_SESSION['sysmsg'] .= "Permission denied." . EOL; + if((! local_user()) { + notice ( "Permission denied." . EOL ); return; } - if($a->argc > 1) - $profile_id = intval($a->argv[1]); + if((x($_POST,'cropfinal')) && ($_POST['cropfinal'] == 1)) { - if(x($_POST,'xstart') !== false) { // phase 2 - we have finished cropping - if($a->argc != 3) { - $_SESSION['sysmsg'] .= "Image uploaded but image cropping failed." . EOL; + + if($a->argc != 2) { + notice( "Image uploaded but image cropping failed." . EOL ); return; } - $image_id = $a->argv[2]; + + $image_id = $a->argv[1]; + if(substr($image_id,-2,1) == '-') { $scale = substr($image_id,-1,1); $image_id = substr($image_id,0,-2); @@ -44,77 +41,64 @@ function profile_photo_post(&$a) { $srcW = $_POST['xfinal'] - $srcX; $srcH = $_POST['yfinal'] - $srcY; - $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d LIMIT 1", + $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = %d LIMIT 1", dbesc($image_id), + dbesc($_SESSION['uid']), intval($scale)); - if($r !== NULL && (count($r))) { - $im = new Photo($r[0]['data']); + + if(count($r)) { + + $base_image = $r[0]; + + $im = new Photo($base_image['data']); $im->cropImage(175,$srcX,$srcY,$srcW,$srcH); - $s = $im->imageString(); - $x = $im->getWidth(); - $y = $im->getHeight(); $ret = q("INSERT INTO `photo` ( `uid`, `resource-id`, `created`, `edited`, `filename`, - `height`, `width`, `data`, `scale` ) - VALUES ( %d, '%s', '%s', '%s', '%s', %d, %d, '%s', 4 )", + `height`, `width`, `data`, `scale`, `profile` ) + VALUES ( %d, '%s', '%s', '%s', '%s', %d, %d, '%s', 4, 1 )", intval($_SESSION['uid']), - dbesc($r[0]['resource-id']), + dbesc($base_image['resource-id']), datetime_convert(), datetime_convert(), - dbesc($r[0]['filename']), - intval($y), - intval($x), - dbesc($s)); - if($r === NULL) - $_SESSION['sysmsg'] .= "Image size reduction (175) failed." . EOL; + dbesc($base_image['filename']), + intval($im->getHeight()), + intval($im->getWidth()), + dbesc($im->imageString() + ); + + if($r === false) + notice ("Image size reduction (175) failed." . EOL ); $im->scaleImage(80); - $s = $im->imageString(); - $x = $im->getWidth(); - $y = $im->getHeight(); + $ret = q("INSERT INTO `photo` ( `uid`, `resource-id`, `created`, `edited`, `filename`, - `height`, `width`, `data`, `scale` ) - VALUES ( %d, '%s', '%s', '%s', '%s', %d, %d, '%s', 5 )", + `height`, `width`, `data`, `scale`, `profile` ) + VALUES ( %d, '%s', '%s', '%s', '%s', %d, %d, '%s', 5, 1 )", intval($_SESSION['uid']), - dbesc($r[0]['resource-id']), + dbesc($base_image['resource-id']), datetime_convert(), datetime_convert(), - dbesc($r[0]['filename']), - intval($y), - intval($x), - dbesc($s)); - if($r === NULL) - $_SESSION['sysmsg'] .= "Image size reduction (80) failed." . EOL; - $r = q("UPDATE `profile` SET `photo` = '%s', `thumb` = '%s' WHERE `id` = %d LIMIT 1", - dbesc($a->get_baseurl() . '/photo/' . $image_id . '-4.jpg'), - dbesc($a->get_baseurl() . '/photo/' . $image_id . '-5.jpg'), - intval($profile_id) + dbesc($base_image['filename']), + intval($im->getHeight()), + intval($im->getWidth()), + dbesc($im->imageString() ); + if($r === false) - $_SESSION['sysmsg'] .= "Failed to add image to profile." . EOL; -// We should really only do this if requested, or if it is the default profile. The contact -//table images are used in coversations. - $r = q("UPDATE `contact` SET `photo` = '%s', `thumb` = '%s' WHERE `uid` = %d AND `self` = 1 LIMIT 1", - dbesc($a->get_baseurl() . '/photo/' . $image_id . '-4.jpg'), - dbesc($a->get_baseurl() . '/photo/' . $image_id . '-5.jpg'), + notice("Image size reduction (80) failed." . EOL); + + // Unset the profile photo flag from any other photos I own + + $r = q("UPDATE `photo` SET `profile` = 0 WHERE `profile` = 1 AND `resource-id` != '%s' AND `uid` = %d" + dbesc($base_image['resource-id']), intval($_SESSION['uid']) - ); - if($r ===false) - notice("Failed to add photo to contact table." .EOL ); + ) } goaway($a->get_baseurl() . '/profiles'); + return; // NOTREACHED } - $extra_sql = (($profile_id) ? " AND `id` = " . intval($profile_id) : " AND `is-default` = 1 " ); - - - $r = q("SELECT `id` FROM `profile` WHERE `uid` = %d $extra_sql LIMIT 1", intval($_SESSION['uid'])); - if($r === NULL || (! count($r))) { - $_SESSION['sysmsg'] .= "Profile unavailable." . EOL; - return; - } - $src = $_FILES['userfile']['tmp_name']; $filename = basename($_FILES['userfile']['name']); $filesize = intval($_FILES['userfile']['size']); @@ -123,16 +107,17 @@ function profile_photo_post(&$a) { $ph = new Photo($imagedata); if(! ($image = $ph->getImage())) { - $_SESSION['sysmsg'] .= "Unable to process image." . EOL; + notice("Unable to process image." . EOL); @unlink($src); return; } @unlink($src); + $width = $ph->getWidth(); $height = $ph->getHeight(); - if($width < 175 || $width < 175) { + if($width < 175 || $height < 175) { $ph->scaleImageUp(200); $width = $ph->getWidth(); $height = $ph->getHeight(); @@ -142,6 +127,7 @@ function profile_photo_post(&$a) { $str_image = $ph->imageString(); $smallest = 0; + $r = q("INSERT INTO `photo` ( `uid`, `resource-id`, `created`, `edited`, `filename`, `height`, `width`, `data`, `scale` ) VALUES ( %d, '%s', '%s', '%s', '%s', %d, %d, '%s', 0 )", @@ -154,9 +140,9 @@ function profile_photo_post(&$a) { intval($width), dbesc($str_image)); if($r) - $_SESSION['sysmsg'] .= "Image uploaded successfully." . EOL; + notice("Image uploaded successfully." . EOL); else - $_SESSION['sysmsg'] .= "Image upload failed." . EOL; + notice("Image upload failed." . EOL); if($width > 640 || $height > 640) { $ph->scaleImage(640); @@ -172,11 +158,12 @@ function profile_photo_post(&$a) { datetime_convert(), datetime_convert(), dbesc(basename($filename)), - intval($height), - intval($width), - dbesc($str_image)); - if($r === NULL) - $_SESSION['sysmsg'] .= "Image size reduction (640) failed." . EOL; + intval($ph->getHeight()), + intval($ph->getWidth()), + dbesc($ph->imageString() + ); + if($r === false) + notice("Image size reduction (640) failed." . EOL ); else $smallest = 1; } @@ -184,48 +171,34 @@ function profile_photo_post(&$a) { $a->config['imagecrop'] = $hash; $a->config['imagecrop_resolution'] = $smallest; $a->page['htmlhead'] .= file_get_contents("view/crophead.tpl"); - + return; } if(! function_exists('profile_photo_content')) { function profile_photo_content(&$a) { + if(! local_user()) { + notice("Permission denied." . EOL ); + return; + } if(! x($a->config,'imagecrop')) { - if((! x($_SESSION['authenticated'])) && (! (x($_SESSION,'uid')))) { - $_SESSION['sysmsg'] .= "Permission denied." . EOL; - return; - } - - if($a->argc > 1) - $profile_id = intval($a->argv[1]); - $extra_sql = (($profile_id) ? " AND `id` = $profile_id " : " AND `is-default` = 1 " ); + $tpl = file_get_contents('view/profile_photo.tpl'); + $o .= replace_macros($tpl,array( - $r = q("SELECT `id` FROM `profile` WHERE `uid` = %d $extra_sql LIMIT 1", intval($_SESSION['uid'])); - if($r === NULL || (! count($r))) { - $_SESSION['sysmsg'] .= "Profile unavailable." . EOL; - return; - } - - $o = file_get_contents('view/profile_photo.tpl'); - - $o = replace_macros($o,array( - '$profile_id' => $r[0]['id'], - '$uid' => $_SESSION['uid'], - )); + )); return $o; } else { $filename = $a->config['imagecrop'] . '-' . $a->config['imagecrop_resolution'] . '.jpg'; $resolution = $a->config['imagecrop_resolution']; - $o = file_get_contents("view/cropbody.tpl"); - $o = replace_macros($o,array( + $tpl = file_get_contents("view/cropbody.tpl"); + $o .= replace_macros($tpl,array( '$filename' => $filename, - '$profile_id' => $a->argv[1], '$resource' => $a->config['imagecrop'] . '-' . $a->config['imagecrop_resolution'], '$image_url' => $a->get_baseurl() . '/photo/' . $filename )); @@ -233,5 +206,5 @@ function profile_photo_content(&$a) { return $o; } - + return; // NOTREACHED }}
\ No newline at end of file diff --git a/mod/profiles.php b/mod/profiles.php index 208f8545e..db4426474 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -4,7 +4,7 @@ function profiles_post(&$a) { if(! local_user()) { - $_SESSION['sysmsg'] .= "Unauthorised." . EOL; + notice( "Permission denied." . EOL); return; } if(($a->argc > 1) && ($a->argv[1] != "new") && intval($a->argv[1])) { @@ -251,9 +251,6 @@ function profiles_content(&$a) { } - - - if(intval($a->argv[1])) { $r = q("SELECT * FROM `profile` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($a->argv[1]), @@ -265,7 +262,7 @@ function profiles_content(&$a) { } require_once('mod/profile.php'); - profile_load($a,$_SESSION['uid'],$r[0]['id']); + profile_load($a,$a->user['nickname'],$r[0]['id']); require_once('view/profile_selectors.php'); @@ -293,6 +290,7 @@ function profiles_content(&$a) { $is_default = (($r[0]['is-default']) ? 1 : 0); $tpl = file_get_contents("view/profile_edit.tpl"); $o .= replace_macros($tpl,array( + '$disabled' => (($is_default) ? 'onclick="return false;" style="color: #BBBBFF;"' : ''), '$baseurl' => $a->get_baseurl(), '$profile_id' => $r[0]['id'], '$profile_name' => $r[0]['profile-name'], diff --git a/mod/register.php b/mod/register.php index 53ead682f..5e132d584 100644 --- a/mod/register.php +++ b/mod/register.php @@ -32,10 +32,12 @@ function register_post(&$a) { if(x($_POST,'username')) $username = notags(trim($_POST['username'])); + if(x($_POST['nickname'])) + $nickname = notags(trim($_POST['nickname'])); if(x($_POST,'email')) - $email =notags(trim($_POST['email'])); + $email = notags(trim($_POST['email'])); - if((! x($username)) || (! x($email))) { + if((! x($username)) || (! x($email)) || (! x($nickname))) { notice( "Please enter the required information.". EOL ); return; } @@ -43,17 +45,28 @@ function register_post(&$a) { $err = ''; if(!eregi('[A-Za-z0-9._%-]+@[A-Za-z0-9._%-]+\.[A-Za-z]{2,6}',$email)) - $err .= " Not valid email."; - if(strlen($username) > 40) + $err .= " Not a valid email address."; + if(strlen($username) > 48) $err .= " Please use a shorter name."; if(strlen($username) < 3) $err .= " Name too short."; $r = q("SELECT `uid` FROM `user` WHERE `email` = '%s' LIMIT 1", dbesc($email) - ); + ); + if($r !== false && count($r)) - $err .= " This email address is already registered."; + $err .= " This email address is already registered on this system."; + + if(! preg_match("/^[a-zA-Z][a-zA-Z0-9\-\_]*$/",$nickname)) + $err .= " Nickname <strong>must</strong> start with a letter and contain only letters, numbers, dashes, or underscore."; + $r = q("SELECT `uid` FROM `user` + WHERE `nickname` = '%s' LIMIT 1", + dbesc($nickname) + ); + if(count($r)) + $err .= " Nickname is already registered. Please choose another." . EOL; + if(strlen($err)) { notice( $err . EOL ); return; @@ -79,12 +92,13 @@ function register_post(&$a) { $pkey = openssl_pkey_get_details($res); $pubkey = $pkey["key"]; - $r = q("INSERT INTO `user` ( `username`, `password`, `email`, + $r = q("INSERT INTO `user` ( `username`, `password`, `email`, `nickname`, `pubkey`, `prvkey`, `verified`, `blocked` ) - VALUES ( '%s', '%s', '%s', '%s', '%s', %d, %d )", + VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )", dbesc($username), dbesc($new_password_encoded), dbesc($email), + dbesc($nickname), dbesc($pubkey), dbesc($prvkey), intval($verified), @@ -105,15 +119,15 @@ function register_post(&$a) { return; } - if(x($newuid) !== NULL) { + if(x($newuid) !== false) { $r = q("INSERT INTO `profile` ( `uid`, `profile-name`, `is-default`, `name`, `photo`, `thumb` ) VALUES ( %d, '%s', %d, '%s', '%s', '%s' ) ", intval($newuid), 'default', 1, dbesc($username), - dbesc($a->get_baseurl() . '/images/default-profile.jpg'), - dbesc($a->get_baseurl() . '/images/default-profile-sm.jpg') + dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"), + dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg") ); if($r === false) { @@ -129,13 +143,13 @@ function register_post(&$a) { intval($newuid), datetime_convert(), dbesc($username), - dbesc($a->get_baseurl() . '/images/default-profile.jpg'), - dbesc($a->get_baseurl() . '/images/default-profile-sm.jpg'), - dbesc($a->get_baseurl() . '/profile/' . intval($newuid)), - dbesc($a->get_baseurl() . '/dfrn_request/' . intval($newuid)), - dbesc($a->get_baseurl() . '/dfrn_notify/' . intval($newuid)), - dbesc($a->get_baseurl() . '/dfrn_poll/' . intval($newuid)), - dbesc($a->get_baseurl() . '/dfrn_confirm/' . intval($newuid)) + dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"), + dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"), + dbesc($a->get_baseurl() . "/profile/$nickname"), + dbesc($a->get_baseurl() . "/dfrn_request/$nickname"), + dbesc($a->get_baseurl() . "/dfrn_notify/$nickname"), + dbesc($a->get_baseurl() . "/dfrn_poll/$nickname"), + dbesc($a->get_baseurl() . "/dfrn_confirm/$nickname") ); @@ -181,7 +195,10 @@ function register_content(&$a) { } $o = file_get_contents("view/register.tpl"); - $o = replace_macros($o, array('$registertext' =>((x($a->config,'register_text'))? $a->config['register_text'] : "" ))); + $o = replace_macros($o, array( + '$registertext' =>((x($a->config,'register_text'))? $a->config['register_text'] : "" ), + '$sitename' => $a->get_hostname() + )); return $o; }} diff --git a/mod/settings.php b/mod/settings.php index 1abb60fcc..54fca992c 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -53,13 +53,10 @@ function settings_post(&$a) { $username = notags(trim($_POST['username'])); $email = notags(trim($_POST['email'])); - if(x($_POST,'nick')) - $nick = notags(trim($_POST['nick'])); $timezone = notags(trim($_POST['timezone'])); $username_changed = false; $email_changed = false; - $nick_changed = false; $zone_changed = false; $err = ''; @@ -81,19 +78,6 @@ function settings_post(&$a) { if($r !== NULL && count($r)) $err .= " This email address is already registered." . EOL; } - if((x($nick)) && ($nick != $a->user['nickname'])) { - $nick_changed = true; - if(! preg_match("/^[a-zA-Z][a-zA-Z0-9\-\_]*$/",$nick)) - $err .= " Nickname must start with a letter and contain only contain letters, numbers, dashes, and underscore."; - $r = q("SELECT `uid` FROM `user` - WHERE `nickname` = '%s' LIMIT 1", - dbesc($nick) - ); - if($r !== NULL && count($r)) - $err .= " Nickname is already registered. Try another." . EOL; - } - else - $nick = $a->user['nickname']; if(strlen($err)) { $_SESSION['sysmsg'] .= $err . EOL; @@ -104,11 +88,10 @@ function settings_post(&$a) { if(strlen($timezone)) date_default_timezone_set($timezone); } - if($email_changed || $username_changed || $nick_changed || $zone_changed ) { - $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `nickname` = '%s', `timezone` = '%s' WHERE `uid` = %d LIMIT 1", + if($email_changed || $username_changed || $zone_changed ) { + $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `timezone` = '%s' WHERE `uid` = %d LIMIT 1", dbesc($username), dbesc($email), - dbesc($nick), dbesc($timezone), intval($_SESSION['uid'])); if($r) @@ -119,17 +102,6 @@ function settings_post(&$a) { // FIXME - set to un-verified, blocked and redirect to logout } - if($nick_changed) { - $r = q ("UPDATE `profile` SET `url` = '%s', `request` = '%s', `notify` = '%s', `poll` = '%s', `confirm` = '%s' - WHERE `uid` = %d AND `self` = 1 LIMIT 1", - dbesc( $a->get_baseurl() . '/profile/' . $nick ), - dbesc( $a->get_baseurl() . '/dfrn_request/' . $nick ), - dbesc( $a->get_baseurl() . '/dfrn_notify/' . $nick ), - dbesc( $a->get_baseurl() . '/dfrn_poll/' . $nick ), - dbesc( $a->get_baseurl() . '/dfrn_confirm/' . $nick ), - intval($_SESSION['uid']) - ); - } // Refresh the content display with new data |