widget/login/edit.php

   1 <?php
   2 global $User, $user;
   3 if (!$user) {
   4         $user = $User;
   5 }
   6 if (!$user) {
   7         return;
   8 }
   9
  10 require_once('edit.inc.php');
  11
  12 foreach ($cols as $col => &$colconf) {
  13         if (isset($colconf['visible'])) {
  14                 if ($colconf['visible'] == 'admin' and !$User->admin('user')) {
  15                         $colconf['visible'] = FALSE;
  16                         continue;
  17                 }
  18         }
  19         else {
  20                 $colconf['visible'] = TRUE;
  21         }
  22
  23         if (!isset($colconf['filename'])) {
  24                 continue;  # exceptional storage
  25         }
  26
  27         if (isset($colconf['values'])) {
  28                 if (!file_exists($colconf['filename'])) {
  29                         $colconf['visible'] = FALSE;
  30                         continue;
  31                 }
  32                 $tags = [];
  33                 foreach (glob($colconf['filename'] . '/*') as $tag) {
  34                         $tagname = pathinfo($tag, PATHINFO_BASENAME);
  35                         $target = "$tag/{$user->login}";
  36                         $val = file_exists($target);
  37                         $tagopt = &$colconf['values'][$tagname] ?: [];
  38                         $tagopt['value'] = $val;
  39                         if (!is_writable($tag)) {
  40                                 continue;  # locked tag directory
  41                         }
  42                         if ($val and !is_writable($target)) {
  43                                 continue;  # existing file locked
  44                         }
  45                         $tagopt['target'] = $target;
  46                 }
  47         }
  48
  49         $filetype = @$colconf['type'] == 'file' ? 'jpg' : 'txt';
  50         $colpath = $user->dir . '/' . $colconf['filename'];
  51         if (file_exists($colpath)) {
  52                 $colconf['value'] = $filetype != 'txt' ? '' :
  53                         rtrim(file_get_contents($colpath));
  54         }
  55         if (file_exists($user->dir) and !is_writable($user->dir)) {
  56                 continue;  # locked parent directory
  57         }
  58         if (isset($colconf['value']) and !is_writable($colpath)) {
  59                 continue;  # locked column file
  60         }
  61         $colconf['target'] = $colpath;  # editing allowed
  62 }
  63
  64 $colwarn = [];
  65 if ($_POST) {
  66         if (!file_exists($user->dir) and !@mkdir($user->dir)) {
  67                 print "<p class=warn>Fout bij het aanmaken van gebruikersprofiel voor <em>{$user->login}</em>.</p>\n\n";
  68                 return;
  69         }
  70
  71         foreach ($_POST as $col => $val) {
  72                 if (!isset($cols[$col])) {
  73                         continue; # unknown
  74                 }
  75                 if (isset($cols[$col]['values'])) {
  76                         $optwarn = [];
  77                         foreach ($val as $optcol => $optval) {
  78                                 $option = &$cols[$col]['values'][$optcol];
  79                                 if (!isset($option['target'])) {
  80                                         $optok = FALSE;  # forbidden
  81                                 }
  82                                 if ($option['value'] === !empty($optval)) {
  83                                         continue;  # unaltered
  84                                 }
  85                                 elseif (empty($optval)) {
  86                                         $optok = @unlink($option['target']);
  87                                 }
  88                                 else {
  89                                         # link option target to current user dir
  90                                         $optok = @symlink("../../{$user->login}", $option['target']);
  91                                 }
  92                                 $option['value'] = $optval;  # update form value
  93                                 if (!$optok) {
  94                                         $optwarn[$optcol] = TRUE;
  95                                 }
  96                         }
  97                         if ($optwarn) {
  98                                 $colwarn[$col] = "Wijziging niet opgeslagen voor "
  99                                         . implode(', ', array_keys($optwarn));
 100                         }
 101                         continue;
 102                 }
 103
 104                 if (isset($cols[$col]['filter'])) {
 105                         list ($targetstr, $inputstr) = $cols[$col]['filter'];
 106                         $val = str_replace($inputstr, $targetstr, $val);
 107                 }
 108                 if (isset($cols[$col]['value']) and $cols[$col]['value'] === $val) {
 109                         continue; # unaltered
 110                 }
 111                 $cols[$col]['value'] = $val;  # update form value
 112                 if (empty($cols[$col]['target'])) {
 113                         if (empty($cols[$col]['input'])) {
 114                                 $colwarn[$col] = "Kan niet worden aangepast.";
 115                         }
 116                         continue;
 117                 }
 118                 if (@$cols[$col]['type'] != 'file') {
 119                         $val .= "\n"; # eol in text files
 120                 }
 121                 if (file_put_contents($cols[$col]['target'], $val) === FALSE) {
 122                         $colwarn[$col] = "Fout bij opslaan.";
 123                 }
 124         }
 125
 126         foreach ($_FILES as $col => $val) {
 127                 if (!isset($cols[$col]) and @$cols[$col]['type'] == 'file') {
 128                         continue; # unknown
 129                 }
 130                 if (empty($cols[$col]['target'])) {
 131                         $colwarn[$col] = "Kan niet worden aangepast.";
 132                         continue;
 133                 }
 134                 try {
 135                         require_once('upload.inc.php');
 136                         $target = userupload($val, NULL, $cols[$col]['target']);
 137                         if (!$target) continue;
 138                         $cols[$col]['value'] = '';
 139                 }
 140                 catch (Exception $e) {
 141                         $colwarn[$col] = ucfirst($e->getMessage()).'.';
 142                 }
 143         }
 144
 145         if (!empty($_POST['newpass'])) {
 146                 require_once('login/pass.inc.php');
 147                 if ($error = passform($user, $_POST)) {
 148                         $colwarn['newpass'] = $error;
 149                 }
 150         }
 151
 152         if ($colwarn) {
 153                 print "<p class=warn>Instellingen zijn niet (volledig) opgeslagen. Probeer het later nog eens.</p>\n\n";
 154         }
 155         else {
 156                 print "<p>Alle instellingen zijn opgeslagen.</p>\n\n";
 157         }
 158 }
 159
 160 if ($User->admin('user')) {
 161 ?>
 162 <aside>
 163 <h2>Gebruikersbeheer</h2>
 164 <dl>
 165 <?php if ($time = @fileatime($user->dir)) { // assume noatime ?>
 166 <dt>Aangemaakt</dt>
 167 <dd><?php print strftime('%F %H:%M', $time); ?></dd>
 168 <?php } ?>
 169 <?php if ($time = @filemtime("{$user->dir}/.passwd")) { ?>
 170 <dt>Wachtwoord ingesteld</dt>
 171 <dd><?php print strftime('%F %H:%M', $time); ?></dd>
 172 <?php } ?>
 173 <?php if ($user->seen) { ?>
 174 <dt>Laatste bezoek</dt>
 175 <dd><?php print strftime('%F %H:%M', $user->seen); ?></dd>
 176 <?php } ?>
 177 </dl>
 178 <?php
 179         $postdir = 'doc/post';
 180         if (is_dir($postdir)) {
 181                 print "<h3>Brieven</h3><ul>\n";
 182                 foreach (glob("$postdir/*.html") as $link) {
 183                         $page = new ArchiveArticle($link);
 184                         printf('<li><a href="/%s?login=%s">%s</a></li>'."\n",
 185                                 $page->link, $user->login, $page->name
 186                         );
 187                 }
 188                 print "</ul>\n";
 189         }
 190 ?>
 191 </aside>
 192 <?php
 193 }
 194 ?>
 195
 196 <form method="post" enctype="multipart/form-data">
 197         <ul class="grid">
 198 <?php
 199 foreach ($cols as $col => &$colconf) {
 200         if (!$colconf['visible']) {
 201                 continue;
 202         }
 203
 204         print "\t";
 205         printf('<li><label for="%s">%s:</label>', $col, ucfirst($colconf['label']));
 206         if (@$colconf['type'] == 'file' and isset($colconf['value'])) {
 207                 $target = $user->dir . '/' . $colconf['filename'];
 208                 printf('<a href="/%s"><img src="/thumb/%s/%s?%s" /></a><br />',
 209                         $target,
 210                         200, $target, filemtime($target)
 211                 );
 212         }
 213
 214         if ($hide = @$colconf['hide'] and empty($_POST[$col])) {
 215                 printf('<a onclick="%s">Wijzigen</a><span id="%s" hidden>',
 216                         "document.getElementById('$hide').removeAttribute('hidden'); this.remove()",
 217                         $hide
 218                 );
 219         }
 220
 221         if (isset($colconf['input'])) {
 222                 print $colconf['input'];
 223         }
 224         elseif (isset($colconf['values'])) {
 225                 foreach ($colconf['values'] as $tag => $val) {
 226                         printf(
 227                                 "\n\t\t" .
 228                                 '<input type="hidden" name="%1$s" value="" />' .
 229                                 '<input type="checkbox" name="%s" value="1" id="%s"%s%s />' .
 230                                 '<label for="%2$s"> %s</label>',
 231                                 "tags[$tag]", "tag-$tag",
 232                                 !empty($val['value']) ? ' checked' : '',
 233                                 isset($val['target']) ? '' : ' readonly',
 234                                 @$val['label'] ?: ucfirst($tag)
 235                         );
 236                 }
 237         }
 238         elseif (@$colconf['type'] !== 'file' or isset($colconf['target'])) {
 239                 if (isset($cols[$col]['filter'])) {
 240                         list ($targetstr, $inputstr) = $cols[$col]['filter'];
 241                         $colconf['value'] = str_replace($targetstr, $inputstr, @$colconf['value']);
 242                 }
 243
 244                 $attrs = [
 245                         'type'        => @$colconf['type'] ?: 'text',
 246                         'name'        => $col,
 247                         'id'          => $col,
 248                         'value'       => htmlspecialchars(@$colconf['value']),
 249                         'placeholder' => "Niet ingesteld",
 250                         'readonly'    => empty($colconf['target']),
 251                 ] + (@$colconf['attr'] ?: []);
 252
 253                 print '<input';
 254                 foreach ($attrs as $attr => $attrval) {
 255                         if ($attrval === FALSE) {
 256                                 continue;
 257                         }
 258                         print ' ' . $attr;
 259                         if ($attrval !== TRUE) {
 260                                 printf('="%s"', $attrval);
 261                         }
 262                 }
 263                 print ' />';
 264         }
 265
 266         if (!empty($colconf['explain'])) {
 267                 printf(' <span>(%s)</span>', $colconf['explain']);
 268         }
 269
 270         if ($hide) {
 271                 print '</span>';
 272         }
 273
 274         if ($error = @$colwarn[$col]) {
 275                 print " <span class=warn>$error</span>\n";
 276         }
 277         print "</li>\n";
 278 }
 279 ?>
 280         </ul>
 281         <p><input type="submit" value="Opslaan" /></p>
 282 </form>