sakura isn't dead? wow

2016-09-08 23:32:33 +02:00 · 2016-09-08 23:32:33 +02:00 · 76d9502d57
commit 76d9502d57
parent 6097dd7442
8 changed files with 178 additions and 299 deletions
--- a/app/Controllers/Settings/AccountController.php
+++ b/app/Controllers/Settings/AccountController.php
@ -90,23 +90,32 @@ class AccountController extends Controller
    }

    /**
-     * Renders the e-mail changing page.
+     * Details such as email, username and password.
     * @return string
     */
-    public function email()
+    public function details()
    {
-        // Check permission
-        if (!CurrentSession::$user->permission(Site::CHANGE_EMAIL)) {
-            $message = "You aren't allowed to change your e-mail address.";
-            $redirect = route('settings.index');
-            return view('global/information', compact('message', 'redirect'));
+        $user = CurrentSession::$user;
+
+        // Check permissions
+        $edit_email = $user->permission(Site::CHANGE_EMAIL);
+        $edit_usern = $user->permission(Site::CHANGE_USERNAME);
+        $edit_title = $user->permission(Site::CHANGE_USERTITLE);
+        $edit_passw = $user->permission(Site::CHANGE_PASSWORD);
+        $last_name_change = 0;
+
+        if ($edit_usern) {
+            $last_name_change = $user->getUsernameHistory()[0]->change_time ?? 0;
        }

+        // Check eligibility for username changes
+        $username_allow = $edit_usern && (time() - $last_name_change) > 2592000;
+
+        if (isset($_POST['session']) && session_check()) {
+            $redirect = route('settings.account.details');
            $email = $_POST['email'] ?? null;

-        if (session_check() && $email) {
-            $redirect = route('settings.account.email');
-
+            if ($email) {
                // Validate e-mail address
                if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
                    $message = "The e-mail address you supplied is invalid!";
@ -128,32 +137,12 @@ class AccountController extends Controller
                    return view('global/information', compact('redirect', 'message'));
                }

-            CurrentSession::$user->setMail($email);
-
-            $message = 'Changed your e-mail address!';
-            return view('global/information', compact('redirect', 'message'));
-        }
-
-        return view('settings/account/email');
-    }
-
-    /**
-     * Renders the username changing page.
-     * @return string
-     */
-    public function username()
-    {
-        // Check permission
-        if (!CurrentSession::$user->permission(Site::CHANGE_USERNAME)) {
-            $message = "You aren't allowed to change your username.";
-            $redirect = route('settings.index');
-            return view('global/information', compact('redirect', 'message'));
+                $user->setMail($email);
            }

            $username = $_POST['username'] ?? null;

-        if (session_check() && $username) {
-            $redirect = route('settings.account.username');
+            if ($username) {
                $username_clean = clean_string($username, true);

                // Check if the username is too short
@ -173,10 +162,10 @@ class AccountController extends Controller
                    ->where('username_old_clean', $username_clean)
                    ->where('change_time', '>', (config('user.name_reserve') * 24 * 60 * 60))
                    ->orderBy('change_id', 'desc')
-                ->get();
+                    ->first();

                // Check if anything was returned
-            if ($getOld && $getOld[0]->user_id != CurrentSession::$user->id) {
+                if ($getOld && $getOld->user_id != $user->id) {
                    $message = "The username you tried to use is reserved, try again later!";
                    return view('global/information', compact('redirect', 'message'));
                }
@ -184,7 +173,7 @@ class AccountController extends Controller
                // Check if the username is already in use
                $getInUse = DB::table('users')
                    ->where('username_clean', $username_clean)
-                ->get();
+                    ->count();

                // Check if anything was returned
                if ($getInUse) {
@ -192,95 +181,51 @@ class AccountController extends Controller
                    return view('global/information', compact('redirect', 'message'));
                }

-            CurrentSession::$user->setUsername($username);
-
-            $message = "Changed your username!";
-            return view('global/information', compact('redirect', 'message'));
-        }
-
-        return view('settings/account/username');
-    }
-
-    /**
-     * Renders the user title changing page.
-     * @return string
-     */
-    public function title()
-    {
-        // Check permission
-        if (!CurrentSession::$user->permission(Site::CHANGE_USERTITLE)) {
-            $message = "You aren't allowed to change your title.";
-            $redirect = route('settings.index');
-            return view('global/information', compact('redirect', 'message'));
+                $user->setUsername($username);
            }

            $title = $_POST['title'] ?? null;

-        if (session_check() && $title !== null) {
-            $redirect = route('settings.account.title');
-
+            if ($title) {
                if (strlen($title) > 64) {
                    $message = "This title is too long!";
                    return view('global/information', compact('redirect', 'message'));
                }

-            if ($title === CurrentSession::$user->title) {
-                $message = "This is already your title!";
-                return view('global/information', compact('redirect', 'message'));
-            }
-
+                if ($title !== $user->title) {
                    // Update database
                    DB::table('users')
-                ->where('user_id', CurrentSession::$user->id)
+                        ->where('user_id', $user->id)
                        ->update([
                            'user_title' => $title,
                        ]);
-
-            $message = "Changed your title!";
-            return view('global/information', compact('redirect', 'message'));
+                }
            }

-        return view('settings/account/title');
-    }
-
-    /**
-     * Renders the password changing page.
-     * @return string
-     */
-    public function password()
-    {
-        // Check permission
-        if (!CurrentSession::$user->permission(Site::CHANGE_PASSWORD)) {
-            $message = "You aren't allowed to change your password.";
-            $redirect = route('settings.index');
-            return view('global/information', compact('redirect', 'message'));
-        }
-
-        $current = $_POST['current'] ?? null;
            $password = $_POST['password'] ?? null;

-        if (session_check() && $current && $password) {
-            $redirect = route('settings.account.password');
-
-            // Check current password
-            if (!password_verify($current, CurrentSession::$user->password)) {
-                $message = "Your password was invalid!";
-                return view('global/information', compact('redirect', 'message'));
-            }
-
+            if ($password) {
                // Check password entropy
                if (password_entropy($password) < config('user.pass_min_entropy')) {
                    $message = "Your password isn't strong enough!";
                    return view('global/information', compact('redirect', 'message'));
                }

-            CurrentSession::$user->setPassword($password);
+                $user->setPassword($password);
+            }

-            $message = "Changed your password!";
+            $message = "Saved!";
            return view('global/information', compact('redirect', 'message'));
        }

-        return view('settings/account/password');
+        return view('settings/account/details', compact(
+            'edit_email',
+            'edit_usern',
+            'edit_title',
+            'edit_passw',
+            'last_name_change',
+            'username_allow'
+        ));
    }

    /**
--- a/app/Controllers/Settings/Controller.php
+++ b/app/Controllers/Settings/Controller.php
@ -9,7 +9,6 @@ namespace Sakura\Controllers\Settings;
 use Sakura\Controllers\Controller as BaseController;
 use Sakura\CurrentSession;
 use Sakura\Perms\Site;
-use Sakura\Router;
 use Sakura\Template;

 /**
@ -37,59 +36,53 @@ class Controller extends BaseController

        // Account
        if (CurrentSession::$user->permission(Site::ALTER_PROFILE)) {
-            $nav["Account"]["Profile"] = Router::route('settings.account.profile');
+            $nav["Account"]["Profile"] = route('settings.account.profile');
        }
-        if (CurrentSession::$user->permission(Site::CHANGE_EMAIL)) {
-            $nav["Account"]["E-mail address"] = Router::route('settings.account.email');
-        }
-        if (CurrentSession::$user->permission(Site::CHANGE_USERNAME)) {
-            $nav["Account"]["Username"] = Router::route('settings.account.username');
-        }
-        if (CurrentSession::$user->permission(Site::CHANGE_USERTITLE)) {
-            $nav["Account"]["Title"] = Router::route('settings.account.title');
-        }
-        if (CurrentSession::$user->permission(Site::CHANGE_PASSWORD)) {
-            $nav["Account"]["Password"] = Router::route('settings.account.password');
+        if (CurrentSession::$user->permission(Site::CHANGE_EMAIL)
+            || CurrentSession::$user->permission(Site::CHANGE_USERNAME)
+            || CurrentSession::$user->permission(Site::CHANGE_USERTITLE)
+            || CurrentSession::$user->permission(Site::CHANGE_PASSWORD)) {
+            $nav["Account"]["Details"] = route('settings.account.details');
        }
        if (CurrentSession::$user->permission(Site::ALTER_RANKS)) {
-            $nav["Account"]["Ranks"] = Router::route('settings.account.ranks');
+            $nav["Account"]["Ranks"] = route('settings.account.ranks');
        }

        // Friends
        if (CurrentSession::$user->permission(Site::MANAGE_FRIENDS)) {
-            $nav["Friends"]["Listing"] = Router::route('settings.friends.listing');
-            $nav["Friends"]["Requests"] = Router::route('settings.friends.requests');
+            $nav["Friends"]["Listing"] = route('settings.friends.listing');
+            $nav["Friends"]["Requests"] = route('settings.friends.requests');
        }

        // Notifications
-        $nav["Notifications"]["History"] = Router::route('settings.notifications.history');
+        $nav["Notifications"]["History"] = route('settings.notifications.history');

        // Appearance
        if (CurrentSession::$user->permission(Site::CHANGE_AVATAR)) {
-            $nav["Appearance"]["Avatar"] = Router::route('settings.appearance.avatar');
+            $nav["Appearance"]["Avatar"] = route('settings.appearance.avatar');
        }
        if (CurrentSession::$user->permission(Site::CHANGE_BACKGROUND)) {
-            $nav["Appearance"]["Background"] = Router::route('settings.appearance.background');
+            $nav["Appearance"]["Background"] = route('settings.appearance.background');
        }
        if (CurrentSession::$user->permission(Site::CHANGE_HEADER)) {
-            $nav["Appearance"]["Header"] = Router::route('settings.appearance.header');
+            $nav["Appearance"]["Header"] = route('settings.appearance.header');
        }
        if ((
            CurrentSession::$user->page
            && CurrentSession::$user->permission(Site::CHANGE_USERPAGE)
        ) || CurrentSession::$user->permission(Site::CREATE_USERPAGE)) {
-            $nav["Appearance"]["Userpage"] = Router::route('settings.appearance.userpage');
+            $nav["Appearance"]["Userpage"] = route('settings.appearance.userpage');
        }
        if (CurrentSession::$user->permission(Site::CHANGE_SIGNATURE)) {
-            $nav["Appearance"]["Signature"] = Router::route('settings.appearance.signature');
+            $nav["Appearance"]["Signature"] = route('settings.appearance.signature');
        }

        // Advanced
        if (CurrentSession::$user->permission(Site::MANAGE_SESSIONS)) {
-            $nav["Advanced"]["Sessions"] = Router::route('settings.advanced.sessions');
+            $nav["Advanced"]["Sessions"] = route('settings.advanced.sessions');
        }
        if (CurrentSession::$user->permission(Site::DEACTIVATE_ACCOUNT)) {
-            $nav["Advanced"]["Deactivate"] = Router::route('settings.advanced.deactivate');
+            $nav["Advanced"]["Deactivate"] = route('settings.advanced.deactivate');
        }

        return $nav;
--- a/resources/views/yuuno/settings/account/details.twig
+++ b/resources/views/yuuno/settings/account/details.twig
@ -0,0 +1,40 @@
+{% extends 'settings/account/master.twig' %}
+
+{% set mode = 'Details' %}
+
+{% block description %}
+    <p>Alter the details of your account, leave fields blank to leave them unchanged.</p>
+{% endblock %}
+
+{% block settingsContent %}
+    <form enctype="multipart/form-data" method="post" action="{{ route('settings.account.details') }}">
+        {% if edit_email %}
+            <div class="profile-field">
+                <div><h2>E-mail address</h2></div>
+                <div><input type="text" name="email" placeholder="{{ user.email }}" class="inputStyling"></div>
+            </div>
+        {% endif %}
+        {% if edit_usern %}
+            <div class="profile-field">
+                <div><h2>Username {% if last_name_change %}(last change was <time class="time-ago" datetime="{{ last_name_change|date('r') }}">{{ last_name_change|date(config('general.date_format')) }}</time>){% endif %}</h2></div>
+                <div><input type="text" name="username"{% if username_allow %} placeholder="At least {{ config('user.name_min') }} and at most {{ config('user.name_max') }} characters!"{% else %}disabled placeholder="You can't change your name right now!" {% endif %} class="inputStyling"></div>
+            </div>
+        {% endif %}
+        {% if edit_title %}
+            <div class="profile-field">
+                <div><h2>Title</h2></div>
+                <div><input type="text" name="title" placeholder="Max 64 characters, leaving this empty will actually reset it" class="inputStyling" value="{{ user.title }}"></div>
+            </div>
+        {% endif %}
+        {% if edit_passw %}
+            <div class="profile-field">
+                <div><h2>Password</h2></div>
+                <div><input type="password" name="password" placeholder="Must be at least decently strong, size doesn't matter" class="inputStyling"></div>
+            </div>
+        {% endif %}
+        <div class="profile-save">
+            <button value="{{ session_id() }}" name="session" class="inputStyling">Save</button>
+            <button type="reset" class="inputStyling">Reset</button>
+        </div>
+    </form>
+{% endblock %}
--- a/resources/views/yuuno/settings/account/email.twig
+++ b/resources/views/yuuno/settings/account/email.twig
@ -1,21 +0,0 @@
-{% extends 'settings/account/master.twig' %}
-
-{% set mode = 'E-mail address' %}
-
-{% block description %}
-    <p>You e-mail address is used for password recovery and stuff like that!</p>
-{% endblock %}
-
-{% block settingsContent %}
-    <form enctype="multipart/form-data" method="post" action="{{ route('settings.account.email') }}">
-        <h3 style="text-align: center;">Your e-mail address is currently set to <span style="font-weight: 700;">{{ user.email }}</span>.</h3>
-        <div class="profile-field">
-            <div><h2>E-mail address</h2></div>
-            <div><input type="text" name="email" placeholder="Enter your new e-mail address" class="inputStyling"></div>
-        </div>
-        <div class="profile-save">
-            <button value="{{ session_id() }}" name="session" class="inputStyling">Save</button>
-            <button type="reset" class="inputStyling">Reset</button>
-        </div>
-    </form>
-{% endblock %}
--- a/resources/views/yuuno/settings/account/password.twig
+++ b/resources/views/yuuno/settings/account/password.twig
@ -1,24 +0,0 @@
-{% extends 'settings/account/master.twig' %}
-
-{% set mode = 'Password' %}
-
-{% block description %}
-    <p>Used to authenticate with the site and certain related services.</p>
-{% endblock %}
-
-{% block settingsContent %}
-    <form enctype="multipart/form-data" method="post" action="{{ route('settings.account.password') }}">
-        <div class="profile-field">
-            <div><h2>Current Password</h2></div>
-            <div><input type="password" name="current" placeholder="Enter your current password." class="inputStyling"></div>
-        </div>
-        <div class="profile-field">
-            <div><h2>New Password</h2></div>
-            <div><input type="password" name="password" placeholder="Enter your new password." class="inputStyling"></div>
-        </div>
-        <div class="profile-save">
-            <button value="{{ session_id() }}" name="session" class="inputStyling">Save</button>
-            <button type="reset" class="inputStyling">Reset</button>
-        </div>
-    </form>
-{% endblock %}
--- a/resources/views/yuuno/settings/account/title.twig
+++ b/resources/views/yuuno/settings/account/title.twig
@ -1,21 +0,0 @@
-{% extends 'settings/account/master.twig' %}
-
-{% set mode = 'Title' %}
-
-{% block description %}
-    <p>That little piece of text displayed besides your username in most places.</p>
-{% endblock %}
-
-{% block settingsContent %}
-    <form enctype="multipart/form-data" method="post" action="{{ route('settings.account.title') }}">
-        <h3 style="text-align: center;">Your current user title is:<br><span style="font-weight: 700;">{{ user.title }}</span></h3>
-        <div class="profile-field">
-            <div><h2>New title</h2></div>
-            <div><input type="text" name="title" placeholder="Enter your new user title (Max 64 characters)" class="inputStyling" value="{{ user.title }}"></div>
-        </div>
-        <div class="profile-save">
-            <button value="{{ session_id() }}" name="session" class="inputStyling">Save</button>
-            <button type="reset" class="inputStyling">Reset</button>
-        </div>
-    </form>
-{% endblock %}
--- a/resources/views/yuuno/settings/account/username.twig
+++ b/resources/views/yuuno/settings/account/username.twig
@ -1,27 +0,0 @@
-{% extends 'settings/account/master.twig' %}
-
-{% set mode = 'Username' %}
-
-{% block description %}
-    <p>Probably the biggest part of your identity on a site.</p>
-    <p><b>You can only change this once every 30 days so choose wisely.</b></p>
-{% endblock %}
-
-{% set eligible = user.getUsernameHistory ? (date().timestamp - user.getUsernameHistory()[0].change_time) > 2592000 : true %}
-
-{% block settingsContent %}
-    <form enctype="multipart/form-data" method="post" action="{{ route('settings.account.username') }}">
-        <h1 class="stylised" style="text-align: center; margin-top: 10px;{% if not eligible %} color: #c44;{% endif %}">You are {% if not eligible %}not {% endif %}eligible for a name change.</h1>
-        <h3 style="text-align: center;">{% if user.getUsernameHistory %}Your last name change was <time class="time-ago" datetime="{{ user.getUsernameHistory[0]['change_time']|date('r') }}">{{ user.getUsernameHistory[0]['change_time']|date(config('general.date_format')) }}</time>.{% else %}This is your first username change.{% endif %}</h3>
-        {% if eligible %}
-            <div class="profile-field">
-                <div><h2>Username</h2></div>
-                <div><input type="text" name="username" placeholder="Enter your new username (at least {{ config('user.name_min') }} and at most {{ config('user.name_max') }} characters!)" class="inputStyling"></div>
-            </div>
-            <div class="profile-save">
-                <button value="{{ session_id() }}" name="session" class="inputStyling">Save</button>
-                <button type="reset" class="inputStyling">Reset</button>
-            </div>
-        {% endif %}
-    </form>
-{% endblock %}
--- a/routes.php
+++ b/routes.php
@ -226,14 +226,8 @@ Router::group(['before' => 'maintenance'], function () {

            Router::get('/profile', 'Settings.AccountController@profile', 'settings.account.profile');
            Router::post('/profile', 'Settings.AccountController@profile', 'settings.account.profile');
-            Router::get('/email', 'Settings.AccountController@email', 'settings.account.email');
-            Router::post('/email', 'Settings.AccountController@email', 'settings.account.email');
-            Router::get('/username', 'Settings.AccountController@username', 'settings.account.username');
-            Router::post('/username', 'Settings.AccountController@username', 'settings.account.username');
-            Router::get('/title', 'Settings.AccountController@title', 'settings.account.title');
-            Router::post('/title', 'Settings.AccountController@title', 'settings.account.title');
-            Router::get('/password', 'Settings.AccountController@password', 'settings.account.password');
-            Router::post('/password', 'Settings.AccountController@password', 'settings.account.password');
+            Router::get('/details', 'Settings.AccountController@details', 'settings.account.details');
+            Router::post('/details', 'Settings.AccountController@details', 'settings.account.details');
            Router::get('/ranks', 'Settings.AccountController@ranks', 'settings.account.ranks');
            Router::post('/ranks', 'Settings.AccountController@ranks', 'settings.account.ranks');
        });