2024-12-24 10:37:16 +01:00
< ? php
require_once '../startup.php' ;
include_once '_user.php' ;
if ( ! session_active ()) {
header ( 'Location: /login?m=forbidden' );
return ;
}
$options = [
FMF_UF_SCROLLBEYOND => 'Scroll beyond end of the page.' ,
];
$timeZones = DateTimeZone :: listIdentifiers ();
if ( isset ( $_POST [ 'date_format_custom' ], $_POST [ 'timezone' ]) && CSRF :: verify ()) {
$timeZone = is_string ( $_POST [ 'timezone' ]) ? $_POST [ 'timezone' ] : '' ;
$dateFormatCustom = is_string ( $_POST [ 'date_format_custom' ]) ? $_POST [ 'date_format_custom' ] : '' ;
$currentPass = isset ( $_POST [ 'currpass' ]) && is_string ( $_POST [ 'currpass' ]) ? $_POST [ 'currpass' ] : '' ;
$newPass = isset ( $_POST [ 'newpwd' ]) && is_string ( $_POST [ 'newpwd' ]) ? $_POST [ 'newpwd' ] : '' ;
$confPass = isset ( $_POST [ 'conpwd' ]) && is_string ( $_POST [ 'conpwd' ]) ? $_POST [ 'conpwd' ] : '' ;
$newMail = isset ( $_POST [ 'newmail' ]) && is_string ( $_POST [ 'newmail' ]) ? $_POST [ 'newmail' ] : '' ;
$confMail = isset ( $_POST [ 'conmail' ]) && is_string ( $_POST [ 'conmail' ]) ? $_POST [ 'conmail' ] : '' ;
$setMail = ! empty ( $newMail ) && ! empty ( $confMail );
$setPass = ! empty ( $newPass ) && ! empty ( $confPass );
if ( $setMail || $setPass ) {
if ( ! verify_password ( $currentPass )) {
$error = 'Current password was invalid.' ;
} else {
if ( ! isset ( $error ) && $setPass ) {
$error = validate_password ( $newPass );
if ( ! isset ( $error )) {
if ( $newPass !== $confPass ) {
$email = 'Passwords don\'t match.' ;
} else {
user_set_password ( current_user_id (), $newPass );
}
}
}
if ( ! isset ( $error ) && $setMail ) {
$error = validate_email ( $newMail );
if ( ! isset ( $error )) {
if ( $newMail !== $confMail ) {
$error = 'E-mail addresses don\'t match.' ;
} else {
$emailVerification = user_set_email ( current_user_id (), $newMail );
}
}
}
}
}
if ( ! isset ( $error )) {
if ( ! in_array ( $timeZone , $timeZones )) {
$error = 'Invalid time zone specified.' ;
} elseif ( strlen ( $dateFormatCustom ) > 50 ) {
$error = 'Invalid date/time format string.' ;
} else {
$userFlags = 0 ;
foreach ( array_keys ( $options ) as $flag )
if ( ! empty ( $_POST [ 'flag_' . $flag ]))
$userFlags |= $flag ;
$updateUser = $pdo -> prepare ( '
UPDATE `fmf_users`
SET `user_date_format` = : dtf ,
`user_time_zone` = : tz ,
`user_flags` = : flags
WHERE `user_id` = : user
' );
$updateUser -> bindValue ( 'dtf' , htmlentities ( $dateFormatCustom ));
$updateUser -> bindValue ( 'tz' , $timeZone );
$updateUser -> bindValue ( 'flags' , $userFlags );
$updateUser -> bindValue ( 'user' , current_user_id ());
$updateUser -> execute ();
}
}
if ( ! empty ( $emailVerification )) {
$userInfo = user_info ( current_user_id (), true );
$mailer -> send (
( new Swift_Message ( 'flash.moe message board activation' ))
-> setFrom ([ 'system@flash.moe' => 'flash.moe' ])
-> setTo ([ $userInfo [ 'user_email' ] => $userInfo [ 'user_login' ]])
-> setBody (
" Hey { $userInfo [ 'user_login' ] } , \r \n \r \n " .
" You are required to reactivate your account after e-mail changes. \r \n \r \n " .
" Click the following link to activate your account: \r \n \r \n " .
" <https:// { $_SERVER [ 'HTTP_HOST' ] } /activate/ { $emailVerification } > \r \n "
)
);
destroy_session ( $_COOKIE [ 'fmfauth' ] ? ? '' );
header ( 'Location: /login?m=reactivate' );
return ;
}
}
$userInfo = user_info ( current_user_id (), true );
$title = 'Settings' ;
foreach ( $timeZones as $key => $timeZone ) {
$timeZones [ $key ] = new DateTimeZone ( $timeZone );
$timeZones [ $key ] -> offset = $timeZones [ $key ] -> getOffset ( new DateTime ( 'now' , new DateTimeZone ( 'UTC' )));
}
uasort ( $timeZones , function ( $a , $b ) {
$diff = $a -> offset <=> $b -> offset ;
2024-12-24 10:37:16 +01:00
2024-12-24 10:37:16 +01:00
if ( $diff === 0 )
return strcmp ( $a -> getName (), $b -> getName ());
2024-12-24 10:37:16 +01:00
2024-12-24 10:37:16 +01:00
return $diff ;
});
include FMF_LAYOUT . '/header.php' ;
?>
< form method = " post " action = " " >
< ? = CSRF :: html (); ?>
< ? php if ( isset ( $error ) || isset ( $message )) { ?>
< div class = " settings-message<?php if(isset( $error )) { echo ' settings-message-error'; }?> " >< ? = ( $error ? ? $message ); ?> </div>
< ? php } ?>
< div class = " setting " >
< div class = " setting-head " >< h3 > Avatar </ h3 ></ div >
< div class = " setting-value " >
< a href = " https://en.gravatar.com/ " > Gravatar </ a > is used for user profile images , go < a href = " https://en.gravatar.com/emails/ " > here </ a > to change it . Only images with G rating will be used .
</ div >
</ div >
< div class = " setting " >
< div class = " setting-head " >< h3 > Options </ h3 ></ div >
< div class = " setting-value " >
< ? php
foreach ( $options as $oFlag => $oText ) {
?>
< div class = " settings-option " >< label >
< input type = " checkbox " name = " flag_<?= $oFlag ;?> " < ? php if (( $userInfo [ 'user_flags' ] & $oFlag ) > 0 ) { echo 'checked' ; } ?> />
< ? = $oText ; ?>
</ label ></ div >
< ? php
}
?>
</ div >
</ div >
< div class = " setting " >
< div class = " setting-head " >< h3 > Date / time format </ h3 ></ div >
< div class = " setting-value " >
< input type = " text " name = " date_format_custom " value = " <?= $userInfo['user_date_format'] ;?> " />< br />
2024-12-24 10:37:16 +01:00
< a href = " https://www.php.net/manual/en/datetime.format.php#refsect1-datetime.format-parameters " style = " font-size: .9em; " target = " _blank " rel = " noopener " > Using PHP DateTimeInterface :: format () format </ a >
2024-12-24 10:37:16 +01:00
</ div >
</ div >
< div class = " setting " >
< div class = " setting-head " >< h3 > Time zone </ h3 ></ div >
< div class = " setting-value " >
< select name = " timezone " >
< ? php
foreach ( $timeZones as $timeZone ) {
?>
< option value = " <?= $timeZone->getName ();?> " < ? = ( $timeZone -> getName () === $userInfo [ 'user_time_zone' ] ? 'selected' : '' ); ?> >(UTC<?=($timeZone->offset < 0 ? '-' : '+');?><?=gmdate('H:i', abs($timeZone->offset));?>) <?=$timeZone->getName();?></option>
< ? php
}
?>
</ select >
</ div >
</ div >
< div class = " setting " >
< div class = " setting-head " >< h3 > Password </ h3 ></ div >
< div class = " setting-value " >
< label > New Password :& nbsp ; & nbsp ; & nbsp ; & nbsp ; & nbsp ; < input type = " password " name = " newpwd " /></ label >< br />
< label > Confirm Password :& nbsp ; < input type = " password " name = " conpwd " /></ label >
</ div >
</ div >
< div class = " setting " >
< div class = " setting-head " >< h3 > E - mail </ h3 ></ div >
< div class = " setting-value " >
< span style = " font-size: .9em; font-weight: 700; " > You will be forced to reactivate your account after changing your e - mail address , make sure to get it right !</ span >< br />
< label > New e - mail address :& nbsp ; & nbsp ; & nbsp ; & nbsp ; & nbsp ; < input type = " email " name = " newmail " value = " <?= $userInfo['user_email'] ;?> " /></ label >< br />
< label > Confirm e - mail address :& nbsp ; < input type = " email " name = " conmail " /></ label >
</ div >
</ div >
< div class = " setting " >
< div class = " setting-head " >< h3 > Current Password </ h3 ></ div >
< div class = " setting-value " >
Only required for changing e - mail or password .< br />
< input type = " password " name = " currpass " />
</ div >
</ div >
< div class = " settings-buttons " >
< input type = " submit " value = " Save " />
< input type = " reset " value = " Reset " />
</ div >
</ form >
< ? php
include FMF_LAYOUT . '/footer.php' ;