login/edit.php

   1 <?php
   2 global $User;
   3 if (empty($user = &$User)) {
   4         return;
   5 }
   6
   7 if (!empty($User['admin']) and !empty($Place['user'])) {
   8         $username = strtolower($Place['user']);
   9         unset($user);
  10         $user = [
  11                 'dir' => "profile/$username",
  12                 'name' => $username,
  13         ];
  14 }
  15
  16 $cols = [
  17         'name'  => [
  18                 'label' => 'volledige naam',
  19                 'explain' => "Alleen zichtbaar voor andere leden.",
  20         ],
  21         'email' => [
  22                 'label' => 'e-mailadres',
  23                 'type' => 'email',
  24                 'explain' => "Voor contact van of met deze site. Wij zullen dit nooit vrij- of doorgeven.",
  25         ],
  26         'avatar' => [
  27                 'label' => 'portretfoto',
  28                 'type' => 'file',
  29         ],
  30 ];
  31
  32 foreach ($cols as $col => &$colconf) {
  33         $filetype = @$colconf['type'] == 'file' ? 'jpg' : 'txt';
  34         $colpath = "{$user['dir']}/$col.$filetype";
  35         if (file_exists($colpath)) {
  36                 $colconf['value'] = $filetype != 'txt' ? '' :
  37                         file_get_contents($colpath);
  38         }
  39         if (file_exists($user['dir']) and !is_writable($user['dir'])) {
  40                 continue;  # locked parent directory
  41         }
  42         if (isset($colconf['value']) and !is_writable($colpath)) {
  43                 continue;  # locked column file
  44         }
  45         $colconf['target'] = $colpath;  # editing allowed
  46 }
  47
  48 $cols = [
  49         'username' => [
  50                 'label' => 'login',
  51                 'value' => $user['name'],
  52                 'target' => NULL,
  53                 'pattern' => "[a-z0-9-]+",
  54         ],
  55 ] + $cols;
  56
  57 $tagdir = 'profile/.tags';
  58 if (file_exists($tagdir)) {
  59         $tags = [];
  60         foreach (glob("$tagdir/*") as $tag) {
  61                 $tagname = pathinfo($tag, PATHINFO_BASENAME);
  62                 $target = "$tag/{$user['name']}";
  63                 $val = file_exists($target);
  64                 $tags[$tagname] = ['value' => $val];
  65                 if (empty($User['admin'])) {
  66                         continue;  # forbidden
  67                 }
  68                 if (!is_writable($tag)) {
  69                         continue;  # locked tag directory
  70                 }
  71                 if ($val and !is_writable($target)) {
  72                         continue;  # existing file locked
  73                 }
  74                 $tags[$tagname]['target'] = $target;
  75         }
  76
  77         if ($tags) {
  78                 $cols['tags'] = [
  79                         'label' => 'groepen',
  80                         'values' => $tags,
  81                 ];
  82         }
  83 }
  84
  85 if (isset($user['pass'])) {
  86         $cols['newpass'] = [
  87                 'label' => 'wachtwoord',
  88                 'input' => <<<'EOT'
  89                         <input type="password" name="oldpass" value="" placeholder="Huidig wachtwoord" />
  90                         <input type="password" id="newpass" name="newpass" value="" placeholder="Nieuw wachtwoord" />
  91                         <input type="password" name="passconf" value="" placeholder="Nogmaals" />
  92 EOT
  93                 ,
  94                 'hide'  => 'pass',
  95         ];
  96 }
  97
  98 $colwarn = [];
  99 if ($_POST) {
 100         if (!file_exists($user['dir']) and !@mkdir($user['dir'])) {
 101                 print "<p class=warn>Fout bij het aanmaken van gebruikersprofiel voor <em>{$user['name']}</em>.</p>\n\n";
 102                 return;
 103         }
 104
 105         foreach ($_POST as $col => $val) {
 106                 if (!isset($cols[$col])) {
 107                         continue; # unknown
 108                 }
 109                 if (isset($cols[$col]['values'])) {
 110                         $optwarn = [];
 111                         foreach ($val as $optcol => $optval) {
 112                                 $option = &$cols[$col]['values'][$optcol];
 113                                 if (!isset($option['target'])) {
 114                                         $optok = FALSE;  # forbidden
 115                                 }
 116                                 if ($option['value'] === !empty($optval)) {
 117                                         continue;  # unaltered
 118                                 }
 119                                 elseif (empty($optval)) {
 120                                         $optok = @unlink($option['target']);
 121                                 }
 122                                 else {
 123                                         # link option target to current user dir
 124                                         $optok = @symlink("../../{$user['name']}", $option['target']);
 125                                 }
 126                                 $option['value'] = $optval;  # update form value
 127                                 if (!$optok) {
 128                                         $optwarn[$optcol] = TRUE;
 129                                 }
 130                         }
 131                         if ($optwarn) {
 132                                 $colwarn[$col] = "Wijziging niet opgeslagen voor "
 133                                         . implode(', ', array_keys($optwarn));
 134                         }
 135                         continue;
 136                 }
 137                 if (isset($cols[$col]['value']) and $cols[$col]['value'] === $val) {
 138                         continue; # unaltered
 139                 }
 140                 $cols[$col]['value'] = $val;  # update form value
 141                 if (empty($cols[$col]['target'])) {
 142                         if (empty($cols[$col]['input'])) {
 143                                 $colwarn[$col] = "Kan niet worden aangepast.";
 144                         }
 145                         continue;
 146                 }
 147                 if (file_put_contents($cols[$col]['target'], $val) === FALSE) {
 148                         $colwarn[$col] = "Fout bij opslaan.";
 149                 }
 150         }
 151
 152         foreach ($_FILES as $col => $val) {
 153                 if (!isset($cols[$col]) and @$cols[$col]['type'] == 'file') {
 154                         continue; # unknown
 155                 }
 156                 switch ($val['error']) {
 157                 case UPLOAD_ERR_OK:
 158                         break;
 159                 case UPLOAD_ERR_NO_FILE:
 160                         continue 2; # current
 161                 default:
 162                         $colwarn[$col] = "Afbeelding niet goed ontvangen.";
 163                         continue 2;
 164                 }
 165                 if (empty($cols[$col]['target'])) {
 166                         $colwarn[$col] = "Kan niet worden aangepast.";
 167                         continue;
 168                 }
 169                 if (!@move_uploaded_file($val['tmp_name'], $cols[$col]['target'])) {
 170                         $colwarn[$col] = "Fout bij opslaan.";
 171                 }
 172                 foreach (@glob('thumb/*/') as $thumbres) {
 173                         # attempt to remove old derivations
 174                         @unlink($thumbres.'/'.$cols[$col]['target']);
 175                 }
 176                 $cols[$col]['value'] = '';
 177         }
 178
 179         if (!empty($_POST['newpass'])) {
 180                 require_once('login/pass.inc.php');
 181                 if ($error = passform($user, $_POST)) {
 182                         $colwarn['newpass'] = $error;
 183                 }
 184         }
 185
 186         if ($colwarn) {
 187                 print "<p class=warn>Instellingen zijn niet (volledig) opgeslagen. Probeer het later nog eens.</p>\n\n";
 188         }
 189         else {
 190                 print "<p>Alle instellingen zijn opgeslagen.</p>\n\n";
 191         }
 192 }
 193
 194 ?>
 195 <form method="post" enctype="multipart/form-data">
 196         <ul class="grid">
 197 <?php
 198 foreach ($cols as $col => &$colconf) {
 199         print "\t";
 200         printf('<li><label for="%s">%s:</label>', $col, ucfirst($colconf['label']));
 201         if (@$colconf['type'] == 'file' and isset($colconf['value'])) {
 202                 printf('<a href="/%s"><img src="/thumb/%s/%s?%s" /></a><br />',
 203                         $colconf['target'],
 204                         200, $colconf['target'], filemtime($colconf['target'])
 205                 );
 206         }
 207
 208         if ($hide = @$colconf['hide'] and empty($_POST[$col])) {
 209                 printf('<a onclick="%s">Wijzigen</a><span id="%s" hidden>',
 210                         "document.getElementById('$hide').removeAttribute('hidden'); this.remove()",
 211                         $hide
 212                 );
 213         }
 214
 215         if (isset($colconf['input'])) {
 216                 print $colconf['input'];
 217         }
 218         elseif (isset($colconf['values'])) {
 219                 foreach ($colconf['values'] as $tag => $val) {
 220                         printf(
 221                                 "\n\t\t" .
 222                                 '<input type="hidden" name="%1$s" value="" />' .
 223                                 '<input type="checkbox" name="%s" value="1" id="%s"%s%s />' .
 224                                 '<label for="%2$s"> %s</label>',
 225                                 "tags[$tag]", "tag-$tag",
 226                                 $val['value'] ? ' checked' : '',
 227                                 isset($val['target']) ? '' : ' readonly',
 228                                 ucfirst($tag)
 229                         );
 230                 }
 231         }
 232         else {
 233                 $attrs = [
 234                         'type'        => @$colconf['type'] ?: 'text',
 235                         'name'        => $col,
 236                         'id'          => $col,
 237                         'value'       => htmlspecialchars(@$colconf['value']),
 238                         'placeholder' => "Niet ingesteld",
 239                         'readonly'    => empty($colconf['target']),
 240                         'pattern'     => @$colconf['pattern'] ?: FALSE,
 241                 ];
 242                 if (@$colconf['type'] == 'file') {
 243                         $attrs['accept'] = "image/jpeg";
 244                 }
 245
 246                 print '<input';
 247                 foreach ($attrs as $attr => $attrval) {
 248                         if ($attrval === FALSE) {
 249                                 continue;
 250                         }
 251                         print ' ' . $attr;
 252                         if ($attrval !== TRUE) {
 253                                 printf('="%s"', $attrval);
 254                         }
 255                 }
 256                 print ' />';
 257         }
 258
 259         if (!empty($colconf['explain'])) {
 260                 printf(' <span>(%s)</span>', $colconf['explain']);
 261         }
 262
 263         if ($hide) {
 264                 print '</span>';
 265         }
 266
 267         if ($error = @$colwarn[$col]) {
 268                 print " <span class=warn>$error</span>\n";
 269         }
 270         print "</li>\n";
 271 }
 272 ?>
 273         </ul>
 274         <p><input type="submit" value="Opslaan" /></p>
 275 </form>