X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/311a57decd4bc956cbffdfdb35276895e382f8b1..943688a66694cc3d97188c7b789207aa3ee8bfc2:/login/edit.php

diff --git a/login/edit.php b/login/edit.php
index 116abb3..88272e0 100644
--- a/login/edit.php
+++ b/login/edit.php
@@ -1,57 +1,254 @@
 <?php
 global $User;
-if (empty($User)) {
+if (empty($user = &$User)) {
 	return;
 }
 
-$userdir = $User['dir'];
-$setfile = "$userdir/email.txt";
+if (!empty($User['admin'])
+and !empty($Place['user']) and $Place['user'] !== $User['name']) {
+	$username = strtolower($Place['user']);
+	unset($user);
+	$user = [
+		'dir' => "profile/$username",
+		'name' => $username,
+	];
+}
+
+require_once('edit.inc.php');
+
+foreach ($cols as $col => &$colconf) {
+	if (isset($colconf['visible'])) {
+		if ($colconf['visible'] == 'admin' and empty($User['admin'])) {
+			$colconf['visible'] = FALSE;
+			continue;
+		}
+	}
+	else {
+		$colconf['visible'] = TRUE;
+	}
+
+	if (!isset($colconf['filename'])) {
+		continue;  # exceptional storage
+	}
+
+	if (isset($colconf['values'])) {
+		if (!file_exists($colconf['filename'])) {
+			$colconf['visible'] = FALSE;
+			continue;
+		}
+		$tags = [];
+		foreach (glob($colconf['filename'] . '/*') as $tag) {
+			$tagname = pathinfo($tag, PATHINFO_BASENAME);
+			$target = "$tag/{$user['name']}";
+			$val = file_exists($target);
+			$tagopt = &$colconf['values'][$tagname] ?: [];
+			$tagopt['value'] = $val;
+			if (!is_writable($tag)) {
+				continue;  # locked tag directory
+			}
+			if ($val and !is_writable($target)) {
+				continue;  # existing file locked
+			}
+			$tagopt['target'] = $target;
+		}
+	}
 
-$error = NULL;
+	$filetype = @$colconf['type'] == 'file' ? 'jpg' : 'txt';
+	$colpath = $user['dir'] . '/' . $colconf['filename'];
+	if (file_exists($colpath)) {
+		$colconf['value'] = $filetype != 'txt' ? '' :
+			rtrim(file_get_contents($colpath));
+	}
+	if (file_exists($user['dir']) and !is_writable($user['dir'])) {
+		continue;  # locked parent directory
+	}
+	if (isset($colconf['value']) and !is_writable($colpath)) {
+		continue;  # locked column file
+	}
+	$colconf['target'] = $colpath;  # editing allowed
+}
+
+$colwarn = [];
 if ($_POST) {
-	foreach (@$_POST['email'] as $val) {
-		if (!isset($val)) {
+	if (!file_exists($user['dir']) and !@mkdir($user['dir'])) {
+		print "<p class=warn>Fout bij het aanmaken van gebruikersprofiel voor <em>{$user['name']}</em>.</p>\n\n";
+		return;
+	}
+
+	foreach ($_POST as $col => $val) {
+		if (!isset($cols[$col])) {
+			continue; # unknown
+		}
+		if (isset($cols[$col]['values'])) {
+			$optwarn = [];
+			foreach ($val as $optcol => $optval) {
+				$option = &$cols[$col]['values'][$optcol];
+				if (!isset($option['target'])) {
+					$optok = FALSE;  # forbidden
+				}
+				if ($option['value'] === !empty($optval)) {
+					continue;  # unaltered
+				}
+				elseif (empty($optval)) {
+					$optok = @unlink($option['target']);
+				}
+				else {
+					# link option target to current user dir
+					$optok = @symlink("../../{$user['name']}", $option['target']);
+				}
+				$option['value'] = $optval;  # update form value
+				if (!$optok) {
+					$optwarn[$optcol] = TRUE;
+				}
+			}
+			if ($optwarn) {
+				$colwarn[$col] = "Wijziging niet opgeslagen voor "
+					. implode(', ', array_keys($optwarn));
+			}
 			continue;
 		}
-		if (!is_writable(file_exists($setfile) ? $setfile : $userdir)) {
-			$error = "Kan niet worden aangepast.";
+
+		if (isset($cols[$col]['filter'])) {
+			list ($targetstr, $inputstr) = $cols[$col]['filter'];
+			$val = str_replace($inputstr, $targetstr, $val);
+		}
+		if (isset($cols[$col]['value']) and $cols[$col]['value'] === $val) {
+			continue; # unaltered
+		}
+		$cols[$col]['value'] = $val;  # update form value
+		if (empty($cols[$col]['target'])) {
+			if (empty($cols[$col]['input'])) {
+				$colwarn[$col] = "Kan niet worden aangepast.";
+			}
 			continue;
 		}
-		if (!file_put_contents($setfile, $val)) {
-			$error = "Fout bij opslaan.";
+		if (@$cols[$col]['type'] != 'file') {
+			$val .= "\n"; # eol in text files
+		}
+		if (file_put_contents($cols[$col]['target'], $val) === FALSE) {
+			$colwarn[$col] = "Fout bij opslaan.";
 		}
 	}
 
-	if ($error) {
+	foreach ($_FILES as $col => $val) {
+		if (!isset($cols[$col]) and @$cols[$col]['type'] == 'file') {
+			continue; # unknown
+		}
+		if (empty($cols[$col]['target'])) {
+			$colwarn[$col] = "Kan niet worden aangepast.";
+			continue;
+		}
+		try {
+			require_once('upload.inc.php');
+			$target = userupload($val, NULL, $cols[$col]['target']);
+			if (!$target) continue;
+			$cols[$col]['value'] = '';
+		}
+		catch (Exception $e) {
+			$colwarn[$col] = ucfirst($e->getMessage()).'.';
+		}
+	}
+
+	if (!empty($_POST['newpass'])) {
+		require_once('login/pass.inc.php');
+		if ($error = passform($user, $_POST)) {
+			$colwarn['newpass'] = $error;
+		}
+	}
+
+	if ($colwarn) {
 		print "<p class=warn>Instellingen zijn niet (volledig) opgeslagen. Probeer het later nog eens.</p>\n\n";
 	}
 	else {
-		print "<p>Het e-mailadres is ingesteld.</p>\n\n";
+		print "<p>Alle instellingen zijn opgeslagen.</p>\n\n";
 	}
 }
 
-$usermail = @file_get_contents($setfile);
 ?>
-<form method="post" class="inline">
-	<p>
-	Geef een e-mailadres op waarmee we u kunnen bereiken indien nodig.
-	Wij zullen dit adres nooit vrij- of doorgeven.
-	</p>
-	<p>
+<form method="post" enctype="multipart/form-data">
+	<ul class="grid">
 <?php
-	print "\t<input";
-	printf(' type="%s" name="%s" id="%1$s" value="%s"',
-		'email',
-		'email',
-		htmlspecialchars($usermail)
-	);
-	print ' placeholder="Geen e-mailadres ingesteld"';
-	print " />\n";
-
-	if ($error) {
-		print "<span class=warn>$error</span>\n";
+foreach ($cols as $col => &$colconf) {
+	if (!$colconf['visible']) {
+		continue;
+	}
+
+	print "\t";
+	printf('<li><label for="%s">%s:</label>', $col, ucfirst($colconf['label']));
+	if (@$colconf['type'] == 'file' and isset($colconf['value'])) {
+		$target = $user['dir'] . '/' . $colconf['filename'];
+		printf('<a href="/%s"><img src="/thumb/%s/%s?%s" /></a><br />',
+			$target,
+			200, $target, filemtime($target)
+		);
+	}
+
+	if ($hide = @$colconf['hide'] and empty($_POST[$col])) {
+		printf('<a onclick="%s">Wijzigen</a><span id="%s" hidden>',
+			"document.getElementById('$hide').removeAttribute('hidden'); this.remove()",
+			$hide
+		);
+	}
+
+	if (isset($colconf['input'])) {
+		print $colconf['input'];
 	}
+	elseif (isset($colconf['values'])) {
+		foreach ($colconf['values'] as $tag => $val) {
+			printf(
+				"\n\t\t" .
+				'<input type="hidden" name="%1$s" value="" />' .
+				'<input type="checkbox" name="%s" value="1" id="%s"%s%s />' .
+				'<label for="%2$s"> %s</label>',
+				"tags[$tag]", "tag-$tag",
+				!empty($val['value']) ? ' checked' : '',
+				isset($val['target']) ? '' : ' readonly',
+				@$val['label'] ?: ucfirst($tag)
+			);
+		}
+	}
+	elseif (@$colconf['type'] !== 'file' or isset($colconf['target'])) {
+		if (isset($cols[$col]['filter'])) {
+			list ($targetstr, $inputstr) = $cols[$col]['filter'];
+			$colconf['value'] = str_replace($targetstr, $inputstr, @$colconf['value']);
+		}
+
+		$attrs = [
+			'type'        => @$colconf['type'] ?: 'text',
+			'name'        => $col,
+			'id'          => $col,
+			'value'       => htmlspecialchars(@$colconf['value']),
+			'placeholder' => "Niet ingesteld",
+			'readonly'    => empty($colconf['target']),
+		] + (@$colconf['attr'] ?: []);
+
+		print '<input';
+		foreach ($attrs as $attr => $attrval) {
+			if ($attrval === FALSE) {
+				continue;
+			}
+			print ' ' . $attr;
+			if ($attrval !== TRUE) {
+				printf('="%s"', $attrval);
+			}
+		}
+		print ' />';
+	}
+
+	if (!empty($colconf['explain'])) {
+		printf(' <span>(%s)</span>', $colconf['explain']);
+	}
+
+	if ($hide) {
+		print '</span>';
+	}
+
+	if ($error = @$colwarn[$col]) {
+		print " <span class=warn>$error</span>\n";
+	}
+	print "</li>\n";
+}
 ?>
-	<input type="submit" value="Opslaan" />
-	</p>
+	</ul>
+	<p><input type="submit" value="Opslaan" /></p>
 </form>