X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/9e4119fa6d4855b49a49c79f89d9034dfb0845ff..943688a66694cc3d97188c7b789207aa3ee8bfc2:/login/edit.php diff --git a/login/edit.php b/login/edit.php index 2adfc51..88272e0 100644 --- a/login/edit.php +++ b/login/edit.php @@ -4,29 +4,62 @@ if (empty($user = &$User)) { return; } -if (!empty($User['admin']) and $Page == 'login/edit' and $Args) { - $username = ltrim($Args, '/'); +if (!empty($User['admin']) +and !empty($Place['user']) and $Place['user'] !== $User['name']) { + $username = strtolower($Place['user']); + unset($user); $user = [ 'dir' => "profile/$username", 'name' => $username, ]; - if (!is_writable($user['dir'])) { - print "

Het is niet mogelijk om de gebruiker {$user['name']} aan te passen.

\n\n"; - return; - } } -$cols = [ - 'name' => ['label' => 'volledige naam'], - 'email' => ['label' => 'e-mailadres', 'type' => 'email'], -]; +require_once('edit.inc.php'); foreach ($cols as $col => &$colconf) { - $colpath = "{$user['dir']}/$col.txt"; + if (isset($colconf['visible'])) { + if ($colconf['visible'] == 'admin' and empty($User['admin'])) { + $colconf['visible'] = FALSE; + continue; + } + } + else { + $colconf['visible'] = TRUE; + } + + if (!isset($colconf['filename'])) { + continue; # exceptional storage + } + + if (isset($colconf['values'])) { + if (!file_exists($colconf['filename'])) { + $colconf['visible'] = FALSE; + continue; + } + $tags = []; + foreach (glob($colconf['filename'] . '/*') as $tag) { + $tagname = pathinfo($tag, PATHINFO_BASENAME); + $target = "$tag/{$user['name']}"; + $val = file_exists($target); + $tagopt = &$colconf['values'][$tagname] ?: []; + $tagopt['value'] = $val; + if (!is_writable($tag)) { + continue; # locked tag directory + } + if ($val and !is_writable($target)) { + continue; # existing file locked + } + $tagopt['target'] = $target; + } + } + + $filetype = @$colconf['type'] == 'file' ? 'jpg' : 'txt'; + $colpath = $user['dir'] . '/' . $colconf['filename']; if (file_exists($colpath)) { - $colconf['value'] = file_get_contents($colpath); + $colconf['value'] = $filetype != 'txt' ? '' : + rtrim(file_get_contents($colpath)); } - if (!is_writable($user['dir'])) { + if (file_exists($user['dir']) and !is_writable($user['dir'])) { continue; # locked parent directory } if (isset($colconf['value']) and !is_writable($colpath)) { @@ -35,33 +68,91 @@ foreach ($cols as $col => &$colconf) { $colconf['target'] = $colpath; # editing allowed } -$cols = [ - 'login' => ['label' => 'login', 'value' => $user['name'], 'target' => NULL], -] + $cols; - $colwarn = []; if ($_POST) { + if (!file_exists($user['dir']) and !@mkdir($user['dir'])) { + print "

Fout bij het aanmaken van gebruikersprofiel voor {$user['name']}.

\n\n"; + return; + } + foreach ($_POST as $col => $val) { if (!isset($cols[$col])) { continue; # unknown } + if (isset($cols[$col]['values'])) { + $optwarn = []; + foreach ($val as $optcol => $optval) { + $option = &$cols[$col]['values'][$optcol]; + if (!isset($option['target'])) { + $optok = FALSE; # forbidden + } + if ($option['value'] === !empty($optval)) { + continue; # unaltered + } + elseif (empty($optval)) { + $optok = @unlink($option['target']); + } + else { + # link option target to current user dir + $optok = @symlink("../../{$user['name']}", $option['target']); + } + $option['value'] = $optval; # update form value + if (!$optok) { + $optwarn[$optcol] = TRUE; + } + } + if ($optwarn) { + $colwarn[$col] = "Wijziging niet opgeslagen voor " + . implode(', ', array_keys($optwarn)); + } + continue; + } + + if (isset($cols[$col]['filter'])) { + list ($targetstr, $inputstr) = $cols[$col]['filter']; + $val = str_replace($inputstr, $targetstr, $val); + } if (isset($cols[$col]['value']) and $cols[$col]['value'] === $val) { continue; # unaltered } $cols[$col]['value'] = $val; # update form value if (empty($cols[$col]['target'])) { - $colwarn[$col] = "Kan niet worden aangepast."; + if (empty($cols[$col]['input'])) { + $colwarn[$col] = "Kan niet worden aangepast."; + } continue; } - if (!file_put_contents($cols[$col]['target'], $val)) { + if (@$cols[$col]['type'] != 'file') { + $val .= "\n"; # eol in text files + } + if (file_put_contents($cols[$col]['target'], $val) === FALSE) { $colwarn[$col] = "Fout bij opslaan."; } } + foreach ($_FILES as $col => $val) { + if (!isset($cols[$col]) and @$cols[$col]['type'] == 'file') { + continue; # unknown + } + if (empty($cols[$col]['target'])) { + $colwarn[$col] = "Kan niet worden aangepast."; + continue; + } + try { + require_once('upload.inc.php'); + $target = userupload($val, NULL, $cols[$col]['target']); + if (!$target) continue; + $cols[$col]['value'] = ''; + } + catch (Exception $e) { + $colwarn[$col] = ucfirst($e->getMessage()).'.'; + } + } + if (!empty($_POST['newpass'])) { require_once('login/pass.inc.php'); if ($error = passform($user, $_POST)) { - $colwarn['pass'] = $error; + $colwarn['newpass'] = $error; } } @@ -74,50 +165,90 @@ if ($_POST) { } ?> -
-

- Geef een e-mailadres op waarmee we u kunnen bereiken indien nodig. - Wij zullen dit adres nooit vrij- of doorgeven. -

+ + +