widget/login/edit.php

   1 <?php
   2 global $User;
   3 if (empty($user = &$User)) {
   4         return;
   5 }
   6
   7 if ($User->admin('user')
   8 and !empty($Place['user']) and $Place['user'] !== $User->login) {
   9         $username = strtolower($Place['user']);
  10         unset($user);
  11         $user = new User("profile/$username");
  12 }
  13
  14 require_once('edit.inc.php');
  15
  16 foreach ($cols as $col => &$colconf) {
  17         if (isset($colconf['visible'])) {
  18                 if ($colconf['visible'] == 'admin' and !$User->admin('user')) {
  19                         $colconf['visible'] = FALSE;
  20                         continue;
  21                 }
  22         }
  23         else {
  24                 $colconf['visible'] = TRUE;
  25         }
  26
  27         if (!isset($colconf['filename'])) {
  28                 continue;  # exceptional storage
  29         }
  30
  31         if (isset($colconf['values'])) {
  32                 if (!file_exists($colconf['filename'])) {
  33                         $colconf['visible'] = FALSE;
  34                         continue;
  35                 }
  36                 $tags = [];
  37                 foreach (glob($colconf['filename'] . '/*') as $tag) {
  38                         $tagname = pathinfo($tag, PATHINFO_BASENAME);
  39                         $target = "$tag/{$user->login}";
  40                         $val = file_exists($target);
  41                         $tagopt = &$colconf['values'][$tagname] ?: [];
  42                         $tagopt['value'] = $val;
  43                         if (!is_writable($tag)) {
  44                                 continue;  # locked tag directory
  45                         }
  46                         if ($val and !is_writable($target)) {
  47                                 continue;  # existing file locked
  48                         }
  49                         $tagopt['target'] = $target;
  50                 }
  51         }
  52
  53         $filetype = @$colconf['type'] == 'file' ? 'jpg' : 'txt';
  54         $colpath = $user->dir . '/' . $colconf['filename'];
  55         if (file_exists($colpath)) {
  56                 $colconf['value'] = $filetype != 'txt' ? '' :
  57                         rtrim(file_get_contents($colpath));
  58         }
  59         if (file_exists($user->dir) and !is_writable($user->dir)) {
  60                 continue;  # locked parent directory
  61         }
  62         if (isset($colconf['value']) and !is_writable($colpath)) {
  63                 continue;  # locked column file
  64         }
  65         $colconf['target'] = $colpath;  # editing allowed
  66 }
  67
  68 $colwarn = [];
  69 if ($_POST) {
  70         if (!file_exists($user->dir) and !@mkdir($user->dir)) {
  71                 print "<p class=warn>Fout bij het aanmaken van gebruikersprofiel voor <em>{$user->login}</em>.</p>\n\n";
  72                 return;
  73         }
  74
  75         foreach ($_POST as $col => $val) {
  76                 if (!isset($cols[$col])) {
  77                         continue; # unknown
  78                 }
  79                 if (isset($cols[$col]['values'])) {
  80                         $optwarn = [];
  81                         foreach ($val as $optcol => $optval) {
  82                                 $option = &$cols[$col]['values'][$optcol];
  83                                 if (!isset($option['target'])) {
  84                                         $optok = FALSE;  # forbidden
  85                                 }
  86                                 if ($option['value'] === !empty($optval)) {
  87                                         continue;  # unaltered
  88                                 }
  89                                 elseif (empty($optval)) {
  90                                         $optok = @unlink($option['target']);
  91                                 }
  92                                 else {
  93                                         # link option target to current user dir
  94                                         $optok = @symlink("../../{$user->login}", $option['target']);
  95                                 }
  96                                 $option['value'] = $optval;  # update form value
  97                                 if (!$optok) {
  98                                         $optwarn[$optcol] = TRUE;
  99                                 }
 100                         }
 101                         if ($optwarn) {
 102                                 $colwarn[$col] = "Wijziging niet opgeslagen voor "
 103                                         . implode(', ', array_keys($optwarn));
 104                         }
 105                         continue;
 106                 }
 107
 108                 if (isset($cols[$col]['filter'])) {
 109                         list ($targetstr, $inputstr) = $cols[$col]['filter'];
 110                         $val = str_replace($inputstr, $targetstr, $val);
 111                 }
 112                 if (isset($cols[$col]['value']) and $cols[$col]['value'] === $val) {
 113                         continue; # unaltered
 114                 }
 115                 $cols[$col]['value'] = $val;  # update form value
 116                 if (empty($cols[$col]['target'])) {
 117                         if (empty($cols[$col]['input'])) {
 118                                 $colwarn[$col] = "Kan niet worden aangepast.";
 119                         }
 120                         continue;
 121                 }
 122                 if (@$cols[$col]['type'] != 'file') {
 123                         $val .= "\n"; # eol in text files
 124                 }
 125                 if (file_put_contents($cols[$col]['target'], $val) === FALSE) {
 126                         $colwarn[$col] = "Fout bij opslaan.";
 127                 }
 128         }
 129
 130         foreach ($_FILES as $col => $val) {
 131                 if (!isset($cols[$col]) and @$cols[$col]['type'] == 'file') {
 132                         continue; # unknown
 133                 }
 134                 if (empty($cols[$col]['target'])) {
 135                         $colwarn[$col] = "Kan niet worden aangepast.";
 136                         continue;
 137                 }
 138                 try {
 139                         require_once('upload.inc.php');
 140                         $target = userupload($val, NULL, $cols[$col]['target']);
 141                         if (!$target) continue;
 142                         $cols[$col]['value'] = '';
 143                 }
 144                 catch (Exception $e) {
 145                         $colwarn[$col] = ucfirst($e->getMessage()).'.';
 146                 }
 147         }
 148
 149         if (!empty($_POST['newpass'])) {
 150                 require_once('login/pass.inc.php');
 151                 if ($error = passform($user, $_POST)) {
 152                         $colwarn['newpass'] = $error;
 153                 }
 154         }
 155
 156         if ($colwarn) {
 157                 print "<p class=warn>Instellingen zijn niet (volledig) opgeslagen. Probeer het later nog eens.</p>\n\n";
 158         }
 159         else {
 160                 print "<p>Alle instellingen zijn opgeslagen.</p>\n\n";
 161         }
 162 }
 163
 164 if ($User->admin('user')) {
 165 ?>
 166 <aside>
 167 <h2>Gebruikersbeheer</h2>
 168 <?php
 169         $postdir = 'doc/post';
 170         if (is_dir($postdir)) {
 171                 print "<h3>Brieven</h3><ul>\n";
 172                 foreach (glob("$postdir/*.html") as $link) {
 173                         $page = new ArchiveArticle($link);
 174                         printf('<li><a href="/%s?login=%s">%s</a></li>'."\n",
 175                                 $page->link, $user->login, $page->name
 176                         );
 177                 }
 178                 print "</ul>\n";
 179         }
 180 ?>
 181 </aside>
 182 <?php
 183 }
 184 ?>
 185
 186 <form method="post" enctype="multipart/form-data">
 187         <ul class="grid">
 188 <?php
 189 foreach ($cols as $col => &$colconf) {
 190         if (!$colconf['visible']) {
 191                 continue;
 192         }
 193
 194         print "\t";
 195         printf('<li><label for="%s">%s:</label>', $col, ucfirst($colconf['label']));
 196         if (@$colconf['type'] == 'file' and isset($colconf['value'])) {
 197                 $target = $user->dir . '/' . $colconf['filename'];
 198                 printf('<a href="/%s"><img src="/thumb/%s/%s?%s" /></a><br />',
 199                         $target,
 200                         200, $target, filemtime($target)
 201                 );
 202         }
 203
 204         if ($hide = @$colconf['hide'] and empty($_POST[$col])) {
 205                 printf('<a onclick="%s">Wijzigen</a><span id="%s" hidden>',
 206                         "document.getElementById('$hide').removeAttribute('hidden'); this.remove()",
 207                         $hide
 208                 );
 209         }
 210
 211         if (isset($colconf['input'])) {
 212                 print $colconf['input'];
 213         }
 214         elseif (isset($colconf['values'])) {
 215                 foreach ($colconf['values'] as $tag => $val) {
 216                         printf(
 217                                 "\n\t\t" .
 218                                 '<input type="hidden" name="%1$s" value="" />' .
 219                                 '<input type="checkbox" name="%s" value="1" id="%s"%s%s />' .
 220                                 '<label for="%2$s"> %s</label>',
 221                                 "tags[$tag]", "tag-$tag",
 222                                 !empty($val['value']) ? ' checked' : '',
 223                                 isset($val['target']) ? '' : ' readonly',
 224                                 @$val['label'] ?: ucfirst($tag)
 225                         );
 226                 }
 227         }
 228         elseif (@$colconf['type'] !== 'file' or isset($colconf['target'])) {
 229                 if (isset($cols[$col]['filter'])) {
 230                         list ($targetstr, $inputstr) = $cols[$col]['filter'];
 231                         $colconf['value'] = str_replace($targetstr, $inputstr, @$colconf['value']);
 232                 }
 233
 234                 $attrs = [
 235                         'type'        => @$colconf['type'] ?: 'text',
 236                         'name'        => $col,
 237                         'id'          => $col,
 238                         'value'       => htmlspecialchars(@$colconf['value']),
 239                         'placeholder' => "Niet ingesteld",
 240                         'readonly'    => empty($colconf['target']),
 241                 ] + (@$colconf['attr'] ?: []);
 242
 243                 print '<input';
 244                 foreach ($attrs as $attr => $attrval) {
 245                         if ($attrval === FALSE) {
 246                                 continue;
 247                         }
 248                         print ' ' . $attr;
 249                         if ($attrval !== TRUE) {
 250                                 printf('="%s"', $attrval);
 251                         }
 252                 }
 253                 print ' />';
 254         }
 255
 256         if (!empty($colconf['explain'])) {
 257                 printf(' <span>(%s)</span>', $colconf['explain']);
 258         }
 259
 260         if ($hide) {
 261                 print '</span>';
 262         }
 263
 264         if ($error = @$colwarn[$col]) {
 265                 print " <span class=warn>$error</span>\n";
 266         }
 267         print "</li>\n";
 268 }
 269 ?>
 270         </ul>
 271         <p><input type="submit" value="Opslaan" /></p>
 272 </form>