git.shiar.nl / minimedit.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
login/edit: declare column file storage
[minimedit.git] / login / edit.php
1 <?php
2 global $User;
3 if (empty($user = &$User)) {
4         return;
5 }
6
7 if (!empty($User['admin'])
8 and !empty($Place['user']) and $Place['user'] !== $User['name']) {
9         $username = strtolower($Place['user']);
10         unset($user);
11         $user = [
12                 'dir' => "profile/$username",
13                 'name' => $username,
14         ];
15 }
16
17 $cols = [
18         'name'  => [
19                 'label' => 'volledige naam',
20                 'explain' => "Alleen zichtbaar voor andere leden.",
21                 'filter' => ["\n", '; '],
22                 'size' => 30,
23                 'filename' => 'name.txt',
24         ],
25         'email' => [
26                 'label' => 'e-mailadres',
27                 'type' => 'email',
28                 'explain' => "Voor contact van of met deze site. Wij zullen dit nooit vrij- of doorgeven.",
29                 'size' => 30,
30                 'filename' => 'email.txt',
31         ],
32         'avatar' => [
33                 'label' => 'portretfoto',
34                 'type' => 'file',
35                 'filename' => 'avatar.jpg',
36         ],
37 ];
38
39 foreach ($cols as $col => &$colconf) {
40         if (!isset($colconf['filename'])) {
41                 continue;  # exceptional storage
42         }
43         $filetype = @$colconf['type'] == 'file' ? 'jpg' : 'txt';
44         $colpath = $user['dir'] . '/' . $colconf['filename'];
45         if (file_exists($colpath)) {
46                 $colconf['value'] = $filetype != 'txt' ? '' :
47                         file_get_contents($colpath);
48         }
49         if (file_exists($user['dir']) and !is_writable($user['dir'])) {
50                 continue;  # locked parent directory
51         }
52         if (isset($colconf['value']) and !is_writable($colpath)) {
53                 continue;  # locked column file
54         }
55         $colconf['target'] = $colpath;  # editing allowed
56 }
57
58 $cols = [
59         'username' => [
60                 'label' => 'login',
61                 'value' => $user['name'],
62                 'target' => NULL,
63                 'pattern' => "[a-z0-9-]+",
64                 'size' => 10,
65         ],
66 ] + $cols;
67
68 $tagdir = 'profile/.tags';
69 if (file_exists($tagdir)) {
70         $tags = [];
71         foreach (glob("$tagdir/*") as $tag) {
72                 $tagname = pathinfo($tag, PATHINFO_BASENAME);
73                 $target = "$tag/{$user['name']}";
74                 $val = file_exists($target);
75                 $tags[$tagname] = ['value' => $val];
76                 if (empty($User['admin'])) {
77                         continue;  # forbidden
78                 }
79                 if (!is_writable($tag)) {
80                         continue;  # locked tag directory
81                 }
82                 if ($val and !is_writable($target)) {
83                         continue;  # existing file locked
84                 }
85                 $tags[$tagname]['target'] = $target;
86         }
87
88         if ($tags) {
89                 $cols['tags'] = [
90                         'label' => 'groepen',
91                         'values' => $tags,
92                 ];
93         }
94 }
95
96 if (isset($user['pass'])) {
97         $cols['newpass'] = [
98                 'label' => 'wachtwoord',
99                 'input' => <<<'EOT'
100                         <input type="password" name="oldpass" value="" placeholder="Huidig wachtwoord" />
101                         <input type="password" id="newpass" name="newpass" value="" placeholder="Nieuw wachtwoord" />
102                         <input type="password" name="passconf" value="" placeholder="Nogmaals" />
103 EOT
104                 ,
105                 'hide'  => 'pass',
106         ];
107 }
108
109 $colwarn = [];
110 if ($_POST) {
111         if (!file_exists($user['dir']) and !@mkdir($user['dir'])) {
112                 print "<p class=warn>Fout bij het aanmaken van gebruikersprofiel voor <em>{$user['name']}</em>.</p>\n\n";
113                 return;
114         }
115
116         foreach ($_POST as $col => $val) {
117                 if (!isset($cols[$col])) {
118                         continue; # unknown
119                 }
120                 if (isset($cols[$col]['values'])) {
121                         $optwarn = [];
122                         foreach ($val as $optcol => $optval) {
123                                 $option = &$cols[$col]['values'][$optcol];
124                                 if (!isset($option['target'])) {
125                                         $optok = FALSE;  # forbidden
126                                 }
127                                 if ($option['value'] === !empty($optval)) {
128                                         continue;  # unaltered
129                                 }
130                                 elseif (empty($optval)) {
131                                         $optok = @unlink($option['target']);
132                                 }
133                                 else {
134                                         # link option target to current user dir
135                                         $optok = @symlink("../../{$user['name']}", $option['target']);
136                                 }
137                                 $option['value'] = $optval;  # update form value
138                                 if (!$optok) {
139                                         $optwarn[$optcol] = TRUE;
140                                 }
141                         }
142                         if ($optwarn) {
143                                 $colwarn[$col] = "Wijziging niet opgeslagen voor "
144                                         . implode(', ', array_keys($optwarn));
145                         }
146                         continue;
147                 }
148
149                 if (isset($cols[$col]['filter'])) {
150                         list ($targetstr, $inputstr) = $cols[$col]['filter'];
151                         $val = str_replace($inputstr, $targetstr, $val);
152                 }
153                 if (isset($cols[$col]['value']) and $cols[$col]['value'] === $val) {
154                         continue; # unaltered
155                 }
156                 $cols[$col]['value'] = $val;  # update form value
157                 if (empty($cols[$col]['target'])) {
158                         if (empty($cols[$col]['input'])) {
159                                 $colwarn[$col] = "Kan niet worden aangepast.";
160                         }
161                         continue;
162                 }
163                 if (file_put_contents($cols[$col]['target'], $val) === FALSE) {
164                         $colwarn[$col] = "Fout bij opslaan.";
165                 }
166         }
167
168         foreach ($_FILES as $col => $val) {
169                 if (!isset($cols[$col]) and @$cols[$col]['type'] == 'file') {
170                         continue; # unknown
171                 }
172                 switch ($val['error']) {
173                 case UPLOAD_ERR_OK:
174                         break;
175                 case UPLOAD_ERR_NO_FILE:
176                         continue 2; # current
177                 default:
178                         $colwarn[$col] = "Afbeelding niet goed ontvangen.";
179                         continue 2;
180                 }
181                 if (empty($cols[$col]['target'])) {
182                         $colwarn[$col] = "Kan niet worden aangepast.";
183                         continue;
184                 }
185                 if (!@move_uploaded_file($val['tmp_name'], $cols[$col]['target'])) {
186                         $colwarn[$col] = "Fout bij opslaan.";
187                 }
188                 foreach (@glob('thumb/*/') as $thumbres) {
189                         # attempt to remove old derivations
190                         @unlink($thumbres.'/'.$cols[$col]['target']);
191                 }
192                 $cols[$col]['value'] = '';
193         }
194
195         if (!empty($_POST['newpass'])) {
196                 require_once('login/pass.inc.php');
197                 if ($error = passform($user, $_POST)) {
198                         $colwarn['newpass'] = $error;
199                 }
200         }
201
202         if ($colwarn) {
203                 print "<p class=warn>Instellingen zijn niet (volledig) opgeslagen. Probeer het later nog eens.</p>\n\n";
204         }
205         else {
206                 print "<p>Alle instellingen zijn opgeslagen.</p>\n\n";
207         }
208 }
209
210 ?>
211 <form method="post" enctype="multipart/form-data">
212         <ul class="grid">
213 <?php
214 foreach ($cols as $col => &$colconf) {
215         print "\t";
216         printf('<li><label for="%s">%s:</label>', $col, ucfirst($colconf['label']));
217         if (@$colconf['type'] == 'file' and isset($colconf['value'])) {
218                 printf('<a href="/%s"><img src="/thumb/%s/%s?%s" /></a><br />',
219                         $colconf['target'],
220                         200, $colconf['target'], filemtime($colconf['target'])
221                 );
222         }
223
224         if ($hide = @$colconf['hide'] and empty($_POST[$col])) {
225                 printf('<a onclick="%s">Wijzigen</a><span id="%s" hidden>',
226                         "document.getElementById('$hide').removeAttribute('hidden'); this.remove()",
227                         $hide
228                 );
229         }
230
231         if (isset($colconf['input'])) {
232                 print $colconf['input'];
233         }
234         elseif (isset($colconf['values'])) {
235                 foreach ($colconf['values'] as $tag => $val) {
236                         printf(
237                                 "\n\t\t" .
238                                 '<input type="hidden" name="%1$s" value="" />' .
239                                 '<input type="checkbox" name="%s" value="1" id="%s"%s%s />' .
240                                 '<label for="%2$s"> %s</label>',
241                                 "tags[$tag]", "tag-$tag",
242                                 $val['value'] ? ' checked' : '',
243                                 isset($val['target']) ? '' : ' readonly',
244                                 ucfirst($tag)
245                         );
246                 }
247         }
248         else {
249                 if (isset($cols[$col]['filter'])) {
250                         list ($targetstr, $inputstr) = $cols[$col]['filter'];
251                         $colconf['value'] = str_replace($targetstr, $inputstr, $colconf['value']);
252                 }
253
254                 $attrs = [
255                         'type'        => @$colconf['type'] ?: 'text',
256                         'name'        => $col,
257                         'id'          => $col,
258                         'value'       => htmlspecialchars(@$colconf['value']),
259                         'placeholder' => "Niet ingesteld",
260                         'readonly'    => empty($colconf['target']),
261                         'pattern'     => @$colconf['pattern'] ?: FALSE,
262                         'size'        => @$colconf['size'] ?: FALSE,
263                 ];
264                 if (@$colconf['type'] == 'file') {
265                         $attrs['accept'] = "image/jpeg";
266                 }
267
268                 print '<input';
269                 foreach ($attrs as $attr => $attrval) {
270                         if ($attrval === FALSE) {
271                                 continue;
272                         }
273                         print ' ' . $attr;
274                         if ($attrval !== TRUE) {
275                                 printf('="%s"', $attrval);
276                         }
277                 }
278                 print ' />';
279         }
280
281         if (!empty($colconf['explain'])) {
282                 printf(' <span>(%s)</span>', $colconf['explain']);
283         }
284
285         if ($hide) {
286                 print '</span>';
287         }
288
289         if ($error = @$colwarn[$col]) {
290                 print " <span class=warn>$error</span>\n";
291         }
292         print "</li>\n";
293 }
294 ?>
295         </ul>
296         <p><input type="submit" value="Opslaan" /></p>
297 </form>
MinimEdit - databaseless cms with only a bit of php