X-Git-Url: http://git.shiar.net/minimedit.git/blobdiff_plain/2f8daf093a4587ca30630d2aaa7e0a373d4afb45..73eec3eb33d28775d3aff4d87e3ab9399c001fed:/login/edit.php

diff --git a/login/edit.php b/login/edit.php
index 0a90e0e..fe70ef9 100644
--- a/login/edit.php
+++ b/login/edit.php
@@ -1,30 +1,34 @@
 <?php
 global $User;
-if (empty($user = $User)) {
+if (empty($user = &$User)) {
 	return;
 }
 
 if (!empty($User['admin']) and $Page == 'login/edit' and $Args) {
-	$username = ltrim($Args, '/');
+	$username = strtolower(ltrim($Args, '/'));
 	$user = [
 		'dir' => "profile/$username",
+		'name' => $username,
 	];
-	if (!is_writable($user['dir'])) {
-		print "<p class=warn>Het is niet mogelijk om de gebruiker <em>{$user['name']}</em> aan te passen.</p>\n\n";
-		return;
-	}
 }
 
 $cols = [
+	'name'  => ['label' => 'volledige naam'],
 	'email' => ['label' => 'e-mailadres', 'type' => 'email'],
+	'avatar' => [
+		'label' => 'portretfoto',
+		'type' => 'file',
+	],
 ];
 
 foreach ($cols as $col => &$colconf) {
-	$colpath = "{$user['dir']}/$col.txt";
+	$filetype = @$colconf['type'] == 'file' ? 'jpg' : 'txt';
+	$colpath = "{$user['dir']}/$col.$filetype";
 	if (file_exists($colpath)) {
-		$colconf['value'] = file_get_contents($colpath);
+		$colconf['value'] = $filetype != 'txt' ? '' :
+			file_get_contents($colpath);
 	}
-	if (!is_writable($user['dir'])) {
+	if (file_exists($user['dir']) and !is_writable($user['dir'])) {
 		continue;  # locked parent directory
 	}
 	if (isset($colconf['value']) and !is_writable($colpath)) {
@@ -33,8 +37,17 @@ foreach ($cols as $col => &$colconf) {
 	$colconf['target'] = $colpath;  # editing allowed
 }
 
+$cols = [
+	'login' => ['label' => 'login', 'value' => $user['name'], 'target' => NULL],
+] + $cols;
+
 $colwarn = [];
 if ($_POST) {
+	if (!file_exists($user['dir']) and !@mkdir($user['dir'])) {
+		print "<p class=warn>Fout bij het aanmaken van gebruikersprofiel voor <em>{$user['name']}</em>.</p>\n\n";
+		return;
+	}
+
 	foreach ($_POST as $col => $val) {
 		if (!isset($cols[$col])) {
 			continue; # unknown
@@ -47,9 +60,39 @@ if ($_POST) {
 			$colwarn[$col] = "Kan niet worden aangepast.";
 			continue;
 		}
-		if (!file_put_contents($cols[$col]['target'], $val)) {
+		if (file_put_contents($cols[$col]['target'], $val) === FALSE) {
+			$colwarn[$col] = "Fout bij opslaan.";
+		}
+	}
+
+	foreach ($_FILES as $col => $val) {
+		if (!isset($cols[$col]) and @$cols[$col]['type'] == 'file') {
+			continue; # unknown
+		}
+		switch ($val['error']) {
+		case UPLOAD_ERR_OK:
+			break;
+		case UPLOAD_ERR_NO_FILE:
+			continue 2; # current
+		default:
+			$colwarn[$col] = "Afbeelding niet goed ontvangen.";
+			continue 2;
+		}
+		if (empty($cols[$col]['target'])) {
+			$colwarn[$col] = "Kan niet worden aangepast.";
+			continue;
+		}
+		if (!@move_uploaded_file($val['tmp_name'], $cols[$col]['target'])) {
 			$colwarn[$col] = "Fout bij opslaan.";
 		}
+		$cols[$col]['value'] = '';
+	}
+
+	if (!empty($_POST['newpass'])) {
+		require_once('login/pass.inc.php');
+		if ($error = passform($user, $_POST)) {
+			$colwarn['pass'] = $error;
+		}
 	}
 
 	if ($colwarn) {
@@ -61,29 +104,60 @@ if ($_POST) {
 }
 
 ?>
-<form method="post" class="inline">
+<form method="post" enctype="multipart/form-data">
 	<p>
 	Geef een e-mailadres op waarmee we u kunnen bereiken indien nodig.
 	Wij zullen dit adres nooit vrij- of doorgeven.
 	</p>
-	<p>
 <?php
 foreach ($cols as $col => &$colconf) {
-	print "\t<input";
+	print "\t";
+	printf('<label for="%s">%s:</label> ', $col, ucfirst($colconf['label']));
+	if (@$colconf['type'] == 'file' and isset($colconf['value'])) {
+		printf('<a href="/%s"><img src="/thumb/%s/%s" /></a><br />',
+			$colconf['target'],
+			200, $colconf['target']
+		);
+	}
+	print "<input";
 	if (empty($colconf['target'])) print ' readonly';
-	printf(' type="%s" name="%s" id="%1$s" value="%s"',
+	printf(' type="%s" name="%s" id="%2$s" value="%s"',
 		@$colconf['type'] ?: 'text',
 		$col,
 		htmlspecialchars(@$colconf['value'])
 	);
-	print ' placeholder="Geen '.$colconf['label'].' ingesteld"';
-	print " />\n";
+	if (@$colconf['type'] == 'file') {
+		printf(' accept="%s"', 'image/jpeg');
+	}
+	print ' placeholder="Niet ingesteld"';
+	print " />";
 
 	if ($error = @$colwarn[$col]) {
-		print "<span class=warn>$error</span>\n";
+		print " <span class=warn>$error</span>\n";
 	}
+	print "<br />\n";
+}
+
+if (isset($user['pass'])) {
+	if ($hide = empty($_POST['newpass'])) {
+?>
+	<p><a onclick="document.getElementById('pass').removeAttribute('hidden'); this.remove()">Wachtwoord wijzigen</a></p>
+<?php
+	}
+?>
+	<div id="pass"<?php if ($hide) print ' hidden'; ?>>
+		<label for="newpass">Wachtwoord:</label>
+		<input type="password" name="oldpass" value="" placeholder="Huidig wachtwoord" />
+		<input type="password" name="newpass" value="" placeholder="Nieuw wachtwoord" />
+		<input type="password" name="passconf" value="" placeholder="Nogmaals" />
+<?php
+	if ($error = @$colwarn['pass']) {
+		print " <span class=warn>$error</span>\n";
+	}
+?>
+	</div>
+<?php
 }
 ?>
 	<input type="submit" value="Opslaan" />
-	</p>
 </form>