2015-05-05 06:24:19 +00:00
< ? php
/*
* Sakura User Settings
*/
// Declare Namespace
namespace Sakura ;
2015-07-30 01:12:53 +00:00
// If this we're requesting notifications this page won't require templating
if ( isset ( $_REQUEST [ 'request-notifications' ]) && $_REQUEST [ 'request-notifications' ]) {
define ( 'SAKURA_NO_TPL' , true );
}
2015-05-05 06:24:19 +00:00
// Include components
require_once str_replace ( basename ( __DIR__ ), '' , dirname ( __FILE__ )) . '_sakura/sakura.php' ;
2015-05-09 00:56:55 +00:00
// Notifications
if ( isset ( $_REQUEST [ 'request-notifications' ]) && $_REQUEST [ 'request-notifications' ]) {
2015-05-11 22:20:19 +00:00
// Set CORS header
header ( 'Access-Control-Allow-Origin: *' );
2015-05-09 00:56:55 +00:00
// Create the notification container array
$notifications = array ();
// Check if the user is logged in
if ( Users :: checkLogin () && isset ( $_REQUEST [ 'time' ]) && $_REQUEST [ 'time' ] > ( time () - 1000 ) && isset ( $_REQUEST [ 'session' ]) && $_REQUEST [ 'session' ] == session_id ()) {
// Get the user's notifications from the past forever but exclude read notifications
$userNotifs = Users :: getNotifications ( null , 0 , true , true );
// Add the proper values to the array
foreach ( $userNotifs as $notif ) {
2015-05-11 22:20:19 +00:00
// Add the notification to the display array
$notifications [ $notif [ 'timestamp' ]] = [
2015-08-21 22:07:45 +00:00
2015-05-11 22:20:19 +00:00
'read' => $notif [ 'notif_read' ],
'title' => $notif [ 'notif_title' ],
'text' => $notif [ 'notif_text' ],
'link' => $notif [ 'notif_link' ],
'img' => $notif [ 'notif_img' ],
'timeout' => $notif [ 'notif_timeout' ],
'sound' => $notif [ 'notif_sound' ]
2015-08-21 22:07:45 +00:00
2015-05-11 22:20:19 +00:00
];
2015-05-09 00:56:55 +00:00
}
}
// Set header, convert the array to json, print it and exit
print json_encode ( $notifications );
exit ;
2015-06-19 23:44:16 +00:00
// Friends
2015-06-20 19:25:41 +00:00
} elseif ( isset ( $_REQUEST [ 'friend-action' ]) && $_REQUEST [ 'friend-action' ] && Users :: checkLogin ()) {
2015-06-19 23:44:16 +00:00
2015-06-20 16:06:07 +00:00
// Continue
$continue = true ;
// Referrer
2015-09-05 16:11:04 +00:00
$redirect = ( isset ( $_SERVER [ 'HTTP_REFERER' ]) ? $_SERVER [ 'HTTP_REFERER' ] : $urls -> format ( 'SITE_INDEX' ));
2015-06-20 16:06:07 +00:00
// Compare time and session so we know the link isn't forged
if ( ! isset ( $_REQUEST [ 'add' ]) && ! isset ( $_REQUEST [ 'remove' ])) {
2015-06-20 19:25:41 +00:00
if ( ! isset ( $_REQUEST [ 'ajax' ])) {
2015-09-05 16:11:04 +00:00
header ( 'Location: ' . $redirect );
2015-06-20 19:25:41 +00:00
exit ;
}
2015-06-20 16:06:07 +00:00
$renderData [ 'page' ] = [
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
'redirect' => $redirect ,
'message' => 'One of the required operators isn\'t set.' ,
'success' => 0
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
];
// Prevent
$continue = false ;
2015-06-19 23:44:16 +00:00
}
2015-06-20 16:06:07 +00:00
// Compare time and session so we know the link isn't forged
2015-06-20 19:25:41 +00:00
if ( $continue && $_REQUEST [( isset ( $_REQUEST [ 'add' ]) ? 'add' : 'remove' )] == Session :: $userId ) {
2015-06-20 16:06:07 +00:00
$renderData [ 'page' ] = [
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
'redirect' => $redirect ,
'message' => 'You can\'t be friends with yourself, stop trying to bend reality.' ,
'success' => 0
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
];
// Prevent
$continue = false ;
2015-06-19 23:44:16 +00:00
}
2015-06-20 16:06:07 +00:00
// Compare time and session so we know the link isn't forged
if ( ! isset ( $_REQUEST [ 'time' ]) || $_REQUEST [ 'time' ] < time () - 1000 ) {
$renderData [ 'page' ] = [
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
'redirect' => $redirect ,
'message' => 'Timestamps differ too much, refresh the page and try again.' ,
'success' => 0
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
];
// Prevent
$continue = false ;
2015-06-19 23:44:16 +00:00
}
2015-06-20 16:06:07 +00:00
// Match session ids for the same reason
if ( ! isset ( $_REQUEST [ 'session' ]) || $_REQUEST [ 'session' ] != session_id ()) {
$renderData [ 'page' ] = [
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
'redirect' => $redirect ,
'message' => 'Invalid session, please try again.' ,
'success' => 0
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
];
// Prevent
$continue = false ;
}
// Continue if nothing fucked up
if ( $continue ) {
// Execute the action
2015-07-31 21:18:14 +00:00
$action = ( isset ( $_REQUEST [ 'add' ]) ? Users :: addFriend ( $_REQUEST [ 'add' ]) : Users :: removeFriend ( $_REQUEST [ 'remove' ], true ));
2015-06-20 16:06:07 +00:00
// Set the messages
$messages = [
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
'USER_NOT_EXIST' => 'The user you tried to add doesn\'t exist.' ,
'ALREADY_FRIENDS' => 'You are already friends with this person!' ,
'FRIENDS' => 'You are now mutual friends!' ,
'NOT_MUTUAL' => 'A friend request has been sent to this person.' ,
'ALREADY_REMOVED' => 'You aren\'t friends with this person.' ,
'REMOVED' => 'Removed this person from your friends list.'
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
];
// Notification strings
$notifStrings = [
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
'FRIENDS' => [ '%s accepted your friend request!' , 'You can now do mutual friend things!' ],
'NOT_MUTUAL' => [ '%s added you as a friend!' , 'Click here to add them as well.' ],
'REMOVED' => [ '%s removed you from their friends.' , 'You can no longer do friend things now ;_;' ]
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
];
// Add page specific things
$renderData [ 'page' ] = [
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
'redirect' => $redirect ,
'message' => $messages [ $action [ 1 ]],
'success' => $action [ 0 ]
2015-08-21 22:07:45 +00:00
2015-06-20 16:06:07 +00:00
];
// Create a notification
if ( array_key_exists ( $action [ 1 ], $notifStrings )) {
// Get the current user's profile data
2015-08-21 22:07:45 +00:00
$user = new User ( Session :: $userId );
2015-06-20 16:06:07 +00:00
Users :: createNotification (
$_REQUEST [( isset ( $_REQUEST [ 'add' ]) ? 'add' : 'remove' )],
2015-08-21 22:07:45 +00:00
sprintf ( $notifStrings [ $action [ 1 ]][ 0 ], $user -> data [ 'username' ]),
2015-06-20 16:06:07 +00:00
$notifStrings [ $action [ 1 ]][ 1 ],
60000 ,
2015-08-21 22:07:45 +00:00
'//' . Configuration :: getConfig ( 'url_main' ) . '/a/' . $user -> data [ 'id' ],
'//' . Configuration :: getConfig ( 'url_main' ) . '/u/' . $user -> data [ 'id' ],
2015-06-20 16:06:07 +00:00
'1'
);
}
2015-06-19 23:44:16 +00:00
}
2015-06-20 16:06:07 +00:00
// Print page contents or if the AJAX request is set only display the render data
print isset ( $_REQUEST [ 'ajax' ]) ?
(
2015-09-07 20:53:47 +00:00
$renderData [ 'page' ][ 'message' ] . '|' .
$renderData [ 'page' ][ 'success' ] . '|' .
$renderData [ 'page' ][ 'redirect' ]
2015-06-20 16:06:07 +00:00
) :
2015-09-05 16:11:04 +00:00
Templates :: render ( 'global/information.tpl' , $renderData );
2015-06-19 23:44:16 +00:00
exit ;
2015-08-08 00:37:56 +00:00
} elseif ( isset ( $_POST [ 'submit' ]) && isset ( $_POST [ 'submit' ])) {
$continue = true ;
2015-09-05 16:11:04 +00:00
// Set redirector
$redirect = isset ( $_SERVER [ 'HTTP_REFERER' ]) ? $_SERVER [ 'HTTP_REFERER' ] : $urls -> format ( 'SETTINGS_INDEX' );
2015-08-08 00:37:56 +00:00
// Check if the user is logged in
if ( ! Users :: checkLogin () || ! $continue ) {
$renderData [ 'page' ] = [
2015-08-21 22:07:45 +00:00
2015-08-08 00:37:56 +00:00
'redirect' => '/authenticate' ,
'message' => 'You must be logged in to edit your settings.' ,
'success' => 0
2015-08-21 22:07:45 +00:00
2015-08-08 00:37:56 +00:00
];
2015-08-09 18:26:01 +00:00
break ;
2015-08-08 00:37:56 +00:00
}
// Check session variables
if ( ! isset ( $_REQUEST [ 'timestamp' ]) || $_REQUEST [ 'timestamp' ] < time () - 1000 || ! isset ( $_REQUEST [ 'sessid' ]) || $_REQUEST [ 'sessid' ] != session_id () || ! $continue ) {
$renderData [ 'page' ] = [
2015-08-21 22:07:45 +00:00
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-08 00:37:56 +00:00
'message' => 'Your session has expired, please refresh the page and try again.' ,
'success' => 0
2015-08-21 22:07:45 +00:00
2015-08-08 00:37:56 +00:00
];
2015-08-09 18:26:01 +00:00
break ;
2015-08-08 00:37:56 +00:00
}
// Change settings
if ( $continue ) {
// Switch to the correct mode
switch ( $_POST [ 'mode' ]) {
2015-08-10 19:09:47 +00:00
// Avatar & Background
2015-08-09 18:26:01 +00:00
case 'avatar' :
2015-08-10 19:09:47 +00:00
case 'background' :
// Assign $_POST['mode'] to a $mode variable because I ain't typin that more than once
$mode = $_POST [ 'mode' ];
// Assign the correct userData key to a variable and correct title
switch ( $mode ) {
case 'background' :
$userDataKey = 'profileBackground' ;
$msgTitle = 'Background' ;
2015-08-21 22:07:45 +00:00
$permission = ( ! empty ( $currentUser -> data [ 'userData' ][ $userDataKey ]) && $currentUser -> checkPermission ( 'SITE' , 'CHANGE_BACKGROUND' )) || $currentUser -> checkPermission ( 'SITE' , 'CREATE_BACKGROUND' );
2015-08-10 19:09:47 +00:00
break ;
case 'avatar' :
default :
$userDataKey = 'userAvatar' ;
$msgTitle = 'Avatar' ;
2015-08-21 22:07:45 +00:00
$permission = $currentUser -> checkPermission ( 'SITE' , 'CHANGE_AVATAR' );
}
// Check if the user has the permissions to go ahead
if ( ! $permission ) {
// Set render data
$renderData [ 'page' ] = [
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-21 22:07:45 +00:00
'message' => 'You are not allowed to alter your ' . strtolower ( $msgTitle ) . '.' ,
'success' => 0
];
break ;
2015-08-10 19:09:47 +00:00
}
2015-08-09 18:26:01 +00:00
// Set path variables
2015-08-09 20:32:58 +00:00
$filepath = ROOT . Configuration :: getConfig ( 'user_uploads' ) . '/' ;
2015-08-10 19:09:47 +00:00
$filename = $filepath . $mode . '_' . Session :: $userId ;
2015-08-21 22:07:45 +00:00
$currfile = isset ( $currentUser -> data [ 'userData' ][ $userDataKey ]) && ! empty ( $_OLDFILE = $currentUser -> data [ 'userData' ][ $userDataKey ]) ? $_OLDFILE : null ;
2015-08-09 18:26:01 +00:00
// Check if $_FILES is set
2015-08-10 19:09:47 +00:00
if ( ! isset ( $_FILES [ $mode ]) && empty ( $_FILES [ $mode ])) {
2015-08-09 18:26:01 +00:00
// Set render data
$renderData [ 'page' ] = [
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-09 18:26:01 +00:00
'message' => 'No file was uploaded.' ,
'success' => 0
];
break ;
2015-08-19 19:44:01 +00:00
2015-08-09 18:26:01 +00:00
}
// Check if the upload went properly
2015-08-21 22:07:45 +00:00
if ( $_FILES [ $mode ][ 'error' ] !== UPLOAD_ERR_OK && $_FILES [ $mode ][ 'error' ] !== UPLOAD_ERR_NO_FILE ) {
2015-08-09 18:26:01 +00:00
// Get the error in text
2015-08-10 19:09:47 +00:00
switch ( $_FILES [ $mode ][ 'error' ]) {
2015-08-09 18:26:01 +00:00
case UPLOAD_ERR_INI_SIZE :
case UPLOAD_ERR_FORM_SIZE :
$msg = 'The uploaded file exceeds the maximum filesize!' ;
break ;
case UPLOAD_ERR_PARTIAL :
$msg = 'The upload was interrupted!' ;
break ;
case UPLOAD_ERR_NO_TMP_DIR :
case UPLOAD_ERR_CANT_WRITE :
$msg = 'Unable to save file to temporary location, contact the administrator!' ;
break ;
case UPLOAD_ERR_EXTENSION :
default :
$msg = 'An unknown exception occurred!' ;
break ;
}
// Set render data
$renderData [ 'page' ] = [
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-09 18:26:01 +00:00
'message' => $msg ,
'success' => 0
];
break ;
}
2015-08-21 22:07:45 +00:00
// Check if we're not in removal mode
if ( $_FILES [ $mode ][ 'error' ] != UPLOAD_ERR_NO_FILE ) {
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Get the meta data
$metadata = getimagesize ( $_FILES [ $mode ][ 'tmp_name' ]);
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Check if the image is actually an image
if ( $metadata == false ) {
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Set render data
$renderData [ 'page' ] = [
2015-08-09 18:26:01 +00:00
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-21 22:07:45 +00:00
'message' => 'Uploaded file is not an image.' ,
'success' => 0
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
];
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
break ;
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
}
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Check if the image is an allowed filetype
if ((( $metadata [ 2 ] !== IMAGETYPE_GIF ) && ( $metadata [ 2 ] !== IMAGETYPE_JPEG ) && ( $metadata [ 2 ] !== IMAGETYPE_PNG ))) {
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Set render data
$renderData [ 'page' ] = [
2015-08-09 18:26:01 +00:00
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-21 22:07:45 +00:00
'message' => 'This filetype is not allowed.' ,
'success' => 0
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
];
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
break ;
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
}
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Check if the image is too large
if (( $metadata [ 0 ] > Configuration :: getConfig ( $mode . '_max_width' ) || $metadata [ 1 ] > Configuration :: getConfig ( $mode . '_max_height' ))) {
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Set render data
$renderData [ 'page' ] = [
2015-08-09 18:26:01 +00:00
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-21 22:07:45 +00:00
'message' => 'The resolution of this picture is too big.' ,
'success' => 0
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
];
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
break ;
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
}
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Check if the image is too small
if (( $metadata [ 0 ] < Configuration :: getConfig ( $mode . '_min_width' ) || $metadata [ 1 ] < Configuration :: getConfig ( $mode . '_min_height' ))) {
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Set render data
$renderData [ 'page' ] = [
2015-08-09 18:26:01 +00:00
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-21 22:07:45 +00:00
'message' => 'The resolution of this picture is too small.' ,
'success' => 0
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
];
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
break ;
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
}
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Check if the file is too large
if (( filesize ( $_FILES [ $mode ][ 'tmp_name' ]) > Configuration :: getConfig ( $mode . '_max_fsize' ))) {
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Set render data
$renderData [ 'page' ] = [
2015-08-09 18:26:01 +00:00
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-21 22:07:45 +00:00
'message' => 'The filesize of this file is too large.' ,
'success' => 0
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
];
break ;
}
2015-08-09 18:26:01 +00:00
}
2015-08-09 19:19:11 +00:00
// Delete old avatar
if ( $currfile && file_exists ( $currfile )) {
unlink ( $filepath . $currfile );
}
2015-08-21 22:07:45 +00:00
if ( $_FILES [ $mode ][ 'error' ] != UPLOAD_ERR_NO_FILE ) {
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Append extension to filename
$filename .= image_type_to_extension ( $metadata [ 2 ]);
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
if ( ! move_uploaded_file ( $_FILES [ $mode ][ 'tmp_name' ], $filename )) {
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Set render data
$renderData [ 'page' ] = [
2015-08-09 18:26:01 +00:00
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-21 22:07:45 +00:00
'message' => 'Something went wrong, please try again.' ,
'success' => 0
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
];
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
}
2015-08-09 18:26:01 +00:00
2015-08-21 22:07:45 +00:00
// Create new array
$updated = [ $userDataKey => basename ( $filename )];
2015-08-19 19:44:01 +00:00
2015-08-21 22:07:45 +00:00
} else {
2015-08-19 19:44:01 +00:00
2015-08-21 22:07:45 +00:00
// Remove entry
$updated = [ $userDataKey => null ];
2015-08-19 19:44:01 +00:00
}
2015-08-09 18:26:01 +00:00
// Update database
2015-08-19 19:44:01 +00:00
Users :: updateUserDataField ( Session :: $userId , $updated );
2015-08-09 18:26:01 +00:00
// Set render data
$renderData [ 'page' ] = [
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-10 19:09:47 +00:00
'message' => 'Updated your ' . strtolower ( $msgTitle ) . '!' ,
2015-08-09 18:26:01 +00:00
'success' => 1
];
break ;
2015-08-08 00:37:56 +00:00
// Profile
case 'profile' :
// Get profile fields and create storage var
$fields = Users :: getProfileFields ();
$store = [];
// Go over each field
foreach ( $fields as $field ) {
// Add to the store array
if ( isset ( $_POST [ 'profile_' . $field [ 'ident' ]]) && ! empty ( $_POST [ 'profile_' . $field [ 'ident' ]])) {
$store [ $field [ 'ident' ]] = $_POST [ 'profile_' . $field [ 'ident' ]];
}
// Check if there's additional values we should keep in mind
if ( isset ( $field [ 'additional' ]) && ! empty ( $field [ 'additional' ])) {
// Decode the json
$field [ 'additional' ] = json_decode ( $field [ 'additional' ], true );
// Go over each additional value
foreach ( $field [ 'additional' ] as $addKey => $addVal ) {
// Add to the array
2015-09-08 21:57:33 +00:00
$store [ $addKey ] = ( isset ( $_POST [ 'profile_additional_' . $addKey ]) || ! empty ( $_POST [ 'profile_additional_' . $addKey ])) ? $_POST [ 'profile_additional_' . $addKey ] : false ;
2015-08-08 00:37:56 +00:00
}
}
}
// Update database
2015-08-09 18:26:01 +00:00
Users :: updateUserDataField ( Session :: $userId , [ 'profileFields' => $store ]);
2015-08-08 00:37:56 +00:00
// Set render data
$renderData [ 'page' ] = [
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-08 00:37:56 +00:00
'message' => 'Your profile has been updated!' ,
'success' => 1
];
2015-09-08 21:57:33 +00:00
// Birthdays
if ( isset ( $_POST [ 'birthday_day' ]) && isset ( $_POST [ 'birthday_month' ]) && isset ( $_POST [ 'birthday_year' ])) {
// Check if the values aren't fucked with
if ( $_POST [ 'birthday_day' ] < 0 || $_POST [ 'birthday_day' ] > 31 || $_POST [ 'birthday_month' ] < 0 || $_POST [ 'birthday_month' ] > 12 || ( $_POST [ 'birthday_year' ] != 0 && $_POST [ 'birthday_year' ] < ( date ( " Y " ) - 100 )) || $_POST [ 'birthday_year' ] > date ( " Y " )) {
$renderData [ 'page' ][ 'message' ] = 'Your birthdate is invalid.' ;
$renderData [ 'page' ][ 'success' ] = 0 ;
break ;
}
// Check if the values aren't fucked with
if (( $_POST [ 'birthday_day' ] < 1 && $_POST [ 'birthday_month' ] > 0 ) || ( $_POST [ 'birthday_day' ] > 0 && $_POST [ 'birthday_month' ] < 1 )) {
$renderData [ 'page' ][ 'message' ] = 'Only setting a day or month is disallowed.' ;
$renderData [ 'page' ][ 'success' ] = 0 ;
break ;
}
// Check if the values aren't fucked with
if ( $_POST [ 'birthday_year' ] > 0 && ( $_POST [ 'birthday_day' ] < 1 || $_POST [ 'birthday_month' ] < 1 )) {
$renderData [ 'page' ][ 'message' ] = 'Only setting a year is disallowed.' ;
$renderData [ 'page' ][ 'success' ] = 0 ;
break ;
}
$birthdate = implode ( '-' , [ $_POST [ 'birthday_year' ], $_POST [ 'birthday_month' ], $_POST [ 'birthday_day' ]]);
Database :: update ( 'users' , [
[
'birthday' => $birthdate
],
[
'id' => [ Session :: $userId , '=' ]
]
]);
}
2015-08-08 00:37:56 +00:00
break ;
2015-08-21 22:07:45 +00:00
// Profile
case 'options' :
// Get profile fields and create storage var
$fields = Users :: getOptionFields ();
$store = [];
// Go over each field
foreach ( $fields as $field ) {
2015-08-23 22:08:36 +00:00
// Make sure the user has sufficient permissions to complete this action
if ( ! $currentUser -> checkPermission ( 'SITE' , $field [ 'require_perm' ])) {
2015-08-21 22:07:45 +00:00
2015-08-23 22:08:36 +00:00
$store [ $field [ 'id' ]] = false ;
continue ;
2015-08-21 22:07:45 +00:00
}
2015-08-23 22:08:36 +00:00
$store [ $field [ 'id' ]] = isset ( $_POST [ 'option_' . $field [ 'id' ]]) && ! empty ( $_POST [ 'option_' . $field [ 'id' ]]) ? $_POST [ 'option_' . $field [ 'id' ]] : null ;
2015-08-21 22:07:45 +00:00
}
// Update database
Users :: updateUserDataField ( Session :: $userId , [ 'userOptions' => $store ]);
// Set render data
$renderData [ 'page' ] = [
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-21 22:07:45 +00:00
'message' => 'Changed your options!' ,
'success' => 1
];
break ;
2015-08-10 19:09:47 +00:00
// Userpage
2015-09-05 16:11:04 +00:00
/* case 'userpage' :
2015-08-10 19:09:47 +00:00
// Base64 encode the userpage
$userPage = base64_encode ( $_POST [ 'userpage' ]);
// Update database
Users :: updateUserDataField ( Session :: $userId , [ 'userPage' => [ $userPage , 0 ]]);
// Set render data
$renderData [ 'page' ] = [
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-10 19:09:47 +00:00
'message' => 'Your userpage has been updated!' ,
'success' => 1
];
2015-09-05 16:11:04 +00:00
break ; */
2015-08-10 19:09:47 +00:00
2015-08-08 00:37:56 +00:00
// Fallback
default :
// Set render data
$renderData [ 'page' ] = [
2015-09-05 16:11:04 +00:00
'redirect' => $redirect ,
2015-08-08 00:37:56 +00:00
'message' => 'The requested method does not exist.' ,
'success' => 0
];
break ;
}
}
// Print page contents or if the AJAX request is set only display the render data
print isset ( $_REQUEST [ 'ajax' ]) ?
(
2015-09-07 20:53:47 +00:00
$renderData [ 'page' ][ 'message' ] . '|' .
$renderData [ 'page' ][ 'success' ] . '|' .
$renderData [ 'page' ][ 'redirect' ]
2015-08-08 00:37:56 +00:00
) :
2015-09-05 16:11:04 +00:00
Templates :: render ( 'global/information.tpl' , $renderData );
2015-08-08 00:37:56 +00:00
exit ;
2015-05-09 00:56:55 +00:00
}
2015-06-20 19:25:41 +00:00
if ( Users :: checkLogin ()) {
// Settings page list
$pages = [
2015-08-21 22:07:45 +00:00
2015-08-23 22:08:36 +00:00
'general' => [
'title' => 'General' ,
'modes' => [
'home' => [
'title' => 'Home' ,
'description' => [
'Welcome to the Settings Panel. From here you can monitor, view and update your profile and preferences.'
],
2015-09-06 01:04:55 +00:00
'access' => ! $currentUser -> checkPermission ( 'SITE' , 'DEACTIVATED' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'profile' => [
'title' => 'Edit Profile' ,
'description' => [
'These are the external account links etc. on your profile, shouldn\'t need any additional explanation for this one.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'ALTER_PROFILE' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'options' => [
'title' => 'Site Options' ,
'description' => [
'These are a few personalisation options for the site while you\'re logged in.'
],
2015-09-06 01:04:55 +00:00
'access' => ! $currentUser -> checkPermission ( 'SITE' , 'DEACTIVATED' ),
'menu' => true
2015-08-23 22:08:36 +00:00
2015-09-08 21:57:33 +00:00
] /* ,
2015-08-23 22:08:36 +00:00
'groups' => [
'title' => 'Groups' ,
'description' => [
'{{ user.colour }}'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'JOIN_GROUPS' ),
'menu' => true
2015-08-23 22:08:36 +00:00
2015-09-08 21:57:33 +00:00
] */
2015-08-23 22:08:36 +00:00
]
],
'friends' => [
'title' => 'Friends' ,
'modes' => [
'listing' => [
'title' => 'Listing' ,
'description' => [
'Manage your friends.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'MANAGE_FRIENDS' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'requests' => [
'title' => 'Requests' ,
'description' => [
'Handle friend requests.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'MANAGE_FRIENDS' ),
'menu' => true
2015-08-23 22:08:36 +00:00
]
]
],
'messages' => [
'title' => 'Messages' ,
'modes' => [
'inbox' => [
'title' => 'Inbox' ,
'description' => [
'The list of messages you\'ve received.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'USE_MESSAGES' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'sent' => [
'title' => 'Sent' ,
'description' => [
'The list of messages you\'ve sent to other users.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'USE_MESSAGES' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'compose' => [
'title' => 'Compose' ,
'description' => [
'Write a new message.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'SEND_MESSAGES' ),
'menu' => true
],
'read' => [
'title' => 'Read' ,
'description' => [
'Read a message.'
],
'access' => $currentUser -> checkPermission ( 'SITE' , 'USE_MESSAGES' ),
'menu' => false
2015-08-23 22:08:36 +00:00
]
]
],
'notifications' => [
'title' => 'Notifications' ,
'modes' => [
'history' => [
'title' => 'History' ,
'description' => [
'The history of notifications that have been sent to you.'
],
2015-09-06 01:04:55 +00:00
'access' => ! $currentUser -> checkPermission ( 'SITE' , 'DEACTIVATED' ),
'menu' => true
2015-08-23 22:08:36 +00:00
]
]
],
'appearance' => [
'title' => 'Appearance' ,
'modes' => [
'avatar' => [
'title' => 'Avatar' ,
'description' => [
'Your avatar which is displayed all over the site and on your profile.' ,
'Maximum image size is {{ avatar.max_width }}x{{ avatar.max_height }}, minimum image size is {{ avatar.min_width }}x{{ avatar.min_height }}, maximum file size is {{ avatar.max_size_view }}.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'CHANGE_AVATAR' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'background' => [
'title' => 'Background' ,
'description' => [
'The background that is displayed on your profile.' ,
'Maximum image size is {{ background.max_width }}x{{ background.max_height }}, minimum image size is {{ background.min_width }}x{{ background.min_height }}, maximum file size is {{ background.max_size_view }}.'
],
2015-09-06 01:04:55 +00:00
'access' => ( isset ( $currentUser -> data [ 'userData' ][ 'profileBackground' ]) && $currentUser -> checkPermission ( 'SITE' , 'CHANGE_BACKGROUND' )) || $currentUser -> checkPermission ( 'SITE' , 'CREATE_BACKGROUND' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'userpage' => [
'title' => 'Userpage' ,
'description' => [
'The custom text that is displayed on your profile.'
],
2015-09-06 01:04:55 +00:00
'access' => ( isset ( $currentUser -> data [ 'userData' ][ 'userPage' ]) && $currentUser -> checkPermission ( 'SITE' , 'CHANGE_USERPAGE' )) || $currentUser -> checkPermission ( 'SITE' , 'CREATE_USERPAGE' ),
'menu' => true
2015-08-23 22:08:36 +00:00
]
]
],
'account' => [
'title' => 'Account' ,
'modes' => [
'email' => [
'title' => 'E-mail Address' ,
'description' => [
'You e-mail address is used for password recovery and stuff like that, we won\'t spam you ;).'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'CHANGE_EMAIL' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'username' => [
'title' => 'Username' ,
'description' => [
'Probably the biggest part of your identity on a site.' ,
'<b>You can only change this once every 30 days so choose wisely.</b>'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'CHANGE_USERNAME' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'usertitle' => [
'title' => 'Username' ,
'description' => [
'That little piece of text displayed under your username on your profile.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'CHANGE_USERTITLE' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'password' => [
'title' => 'Password' ,
'description' => [
'Used to authenticate with the site and certain related services.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'CHANGE_PASSWORD' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'ranks' => [
'title' => 'Ranks' ,
'description' => [
'Manage what ranks you\'re in and what is set as your main rank. Your main rank is highlighted. You get the permissions of all of the ranks you\'re in combined.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'ALTER_RANKS' ),
'menu' => true
2015-08-23 22:08:36 +00:00
]
]
],
'advanced' => [
'title' => 'Advanced' ,
'modes' => [
'sessions' => [
'title' => 'Sessions' ,
'description' => [
'Session keys are a way of identifying yourself with the system without keeping your password in memory.' ,
'If someone finds one of your session keys they could possibly compromise your account, if you see any sessions here that shouldn\'t be here hit the Kill button to kill the selected session.' ,
'If you get logged out after clicking one you\'ve most likely killed your current session, to make it easier to avoid this from happening your current session is highlighted.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'MANAGE_SESSIONS' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'registrationkeys' => [
'title' => 'Registration Keys' ,
'description' => [
'Sometimes we activate the registration key system which means that users can only register using your "referer" keys, this means we can keep unwanted people from registering.' ,
'Each user can generate 5 of these keys, bans and deactivates render these keys useless.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'CREATE_REGKEYS' ),
'menu' => true
2015-08-23 22:08:36 +00:00
],
'deactivate' => [
'title' => 'Deactivate Account' ,
'description' => [
'You can deactivate your account here if you want to leave :(.'
],
2015-09-06 01:04:55 +00:00
'access' => $currentUser -> checkPermission ( 'SITE' , 'DEACTIVATE_ACCOUNT' ),
'menu' => true
2015-08-23 22:08:36 +00:00
]
]
]
2015-08-21 22:07:45 +00:00
2015-06-20 19:25:41 +00:00
];
// Current settings page
2015-09-03 19:44:14 +00:00
$category = isset ( $_GET [ 'cat' ]) ? ( array_key_exists ( $_GET [ 'cat' ], $pages ) ? $_GET [ 'cat' ] : false ) : array_keys ( $pages )[ 0 ];
$mode = false ;
// Only continue setting mode if $category is true
if ( $category ) {
$mode = isset ( $_GET [ 'mode' ]) && $category ? ( array_key_exists ( $_GET [ 'mode' ], $pages [ $category ][ 'modes' ]) ? $_GET [ 'mode' ] : false ) : array_keys ( $pages [ $category ][ 'modes' ])[ 0 ];
}
2015-08-23 22:08:36 +00:00
// Not found
if ( ! $category || empty ( $category ) || ! $mode || empty ( $mode ) || ! $pages [ $category ][ 'modes' ][ $mode ][ 'access' ]) {
header ( 'HTTP/1.0 404 Not Found' );
2015-09-05 16:11:04 +00:00
print Templates :: render ( 'global/notfound.tpl' , $renderData );
2015-08-23 22:08:36 +00:00
exit ;
}
2015-06-20 19:25:41 +00:00
// Render data
2015-08-23 22:08:36 +00:00
$renderData [ 'current' ] = $category . '.' . $mode ;
// Settings pages
$renderData [ 'pages' ] = $pages ;
// Page data
2015-06-20 19:25:41 +00:00
$renderData [ 'page' ] = [
2015-08-21 22:07:45 +00:00
2015-09-07 20:53:47 +00:00
'category' => $pages [ $category ][ 'title' ],
'mode' => $pages [ $category ][ 'modes' ][ $mode ][ 'title' ],
2015-08-10 20:04:22 +00:00
'currentPage' => isset ( $_GET [ 'page' ]) && ( $_GET [ 'page' ] - 1 ) >= 0 ? $_GET [ 'page' ] - 1 : 0 ,
2015-08-23 22:08:36 +00:00
'description' => $pages [ $category ][ 'modes' ][ $mode ][ 'description' ]
2015-08-21 22:07:45 +00:00
2015-06-20 19:25:41 +00:00
];
2015-08-23 22:08:36 +00:00
2015-06-20 19:25:41 +00:00
// Section specific
2015-08-23 22:08:36 +00:00
switch ( $category . '.' . $mode ) {
2015-06-20 19:25:41 +00:00
2015-06-27 11:03:11 +00:00
// Profile
2015-08-23 22:08:36 +00:00
case 'general.profile' :
2015-06-27 11:03:11 +00:00
$renderData [ 'profile' ] = [
2015-08-21 22:07:45 +00:00
2015-09-08 21:57:33 +00:00
'fields' => Users :: getProfileFields (),
'months' => [
1 => 'January' ,
2 => 'February' ,
3 => 'March' ,
4 => 'April' ,
5 => 'May' ,
6 => 'June' ,
7 => 'July' ,
8 => 'August' ,
9 => 'September' ,
10 => 'October' ,
11 => 'November' ,
12 => 'December'
]
2015-08-21 22:07:45 +00:00
];
break ;
// Options
2015-08-23 22:08:36 +00:00
case 'general.options' :
2015-08-21 22:07:45 +00:00
$renderData [ 'options' ] = [
2015-09-08 21:57:33 +00:00
'fields' => Users :: getOptionFields ()
2015-08-21 22:07:45 +00:00
2015-06-27 11:03:11 +00:00
];
break ;
// Friends
2015-08-23 22:08:36 +00:00
case 'friends.listing' :
2015-07-31 21:18:14 +00:00
$renderData [ 'friends' ] = array_chunk ( array_reverse ( Users :: getFriends ( null , true , true )), 12 , true );
break ;
// Pending Friend Requests
2015-08-23 22:08:36 +00:00
case 'friends.requests' :
2015-07-31 21:18:14 +00:00
$renderData [ 'friends' ] = array_chunk ( array_reverse ( Users :: getPendingFriends ( null , true )), 12 , true );
2015-06-22 17:44:14 +00:00
break ;
2015-08-23 22:08:36 +00:00
// PM inbox
case 'messages.inbox' :
$renderData [ 'messages' ] = Users :: getPrivateMessages ();
break ;
2015-06-20 19:25:41 +00:00
// Notification history
2015-08-23 22:08:36 +00:00
case 'notifications.history' :
2015-07-31 21:18:14 +00:00
$renderData [ 'notifs' ] = array_chunk ( array_reverse ( Users :: getNotifications ( null , 0 , false , true )), 10 , true );
2015-06-20 19:25:41 +00:00
break ;
2015-06-19 16:12:44 +00:00
2015-08-23 22:08:36 +00:00
// Avatar and background sizes
case 'appearance.avatar' :
case 'appearance.background' :
$renderData [ $mode ] = [
'max_width' => Configuration :: getConfig ( $mode . '_max_width' ),
'max_height' => Configuration :: getConfig ( $mode . '_max_height' ),
'min_width' => Configuration :: getConfig ( $mode . '_min_width' ),
'min_height' => Configuration :: getConfig ( $mode . '_min_height' ),
'max_size' => Configuration :: getConfig ( $mode . '_max_fsize' ),
'max_size_view' => Main :: getByteSymbol ( Configuration :: getConfig ( $mode . '_max_fsize' ))
];
break ;
// Profile
case 'appearance.userpage' :
break ;
2015-06-20 19:25:41 +00:00
}
// Print page contents
2015-08-10 20:04:22 +00:00
print Templates :: render ( 'main/settings.tpl' , $renderData );
2015-06-20 19:25:41 +00:00
} else {
2015-05-11 22:20:19 +00:00
2015-09-07 20:53:47 +00:00
// If not allowed print the restricted page
2015-09-06 01:04:55 +00:00
print Templates :: render ( 'global/restricted.tpl' , $renderData );
2015-06-20 19:25:41 +00:00
}