X-Git-Url: http://git.shiar.net/minimedit.git/blobdiff_plain/89f040eddafe00b282a8e4c3db7bc3ca649ac77c..d955f2d0837ca4c145546f56a8fe0d3a87f59052:/login/edit.php

diff --git a/login/edit.php b/login/edit.php
index 017a562..894264b 100644
--- a/login/edit.php
+++ b/login/edit.php
@@ -45,9 +45,56 @@ foreach ($cols as $col => &$colconf) {
 }
 
 $cols = [
-	'login' => ['label' => 'login', 'value' => $user['name'], 'target' => NULL],
+	'login' => [
+		'label' => 'login',
+		'value' => $user['name'],
+		'target' => NULL,
+		'pattern' => "[a-z0-9-]+",
+	],
 ] + $cols;
 
+$tagdir = 'profile/.tags';
+if (file_exists($tagdir)) {
+	$tags = [];
+	foreach (glob("$tagdir/*") as $tag) {
+		$tagname = pathinfo($tag, PATHINFO_BASENAME);
+		$target = "$tag/{$user['name']}";
+		$val = file_exists($target);
+		$tags[$tagname] = ['value' => $val];
+		if (empty($User['admin'])) {
+			continue;  # forbidden
+		}
+		if (!is_writable($tag)) {
+			continue;  # locked tag directory
+		}
+		if ($val and !is_writable($target)) {
+			continue;  # existing file locked
+		}
+		$tags[$tagname]['target'] = $target;
+	}
+
+	if ($tags) {
+		$options = '';
+		foreach ($tags as $tag => $val) {
+			$options .= sprintf(
+				"\n\t\t" .
+				'<input type="hidden" name="tags[%1$s]" value="" />' .
+				'<input type="checkbox" name="tags[%s]" value="1"%s%s /> %s',
+				$tag,
+				$val['value'] ? ' checked' : '',
+				isset($val['target']) ? '' : ' readonly',
+				ucfirst($tag)
+			);
+		}
+
+		$cols['tags'] = [
+			'label' => 'groepen',
+			'input' => $options,
+			'values' => $tags,
+		];
+	}
+}
+
 if (isset($user['pass'])) {
 	$cols['newpass'] = [
 		'label' => 'wachtwoord',
@@ -85,6 +132,29 @@ if ($_POST) {
 		}
 	}
 
+	if (isset($cols['tags']) and !empty($_POST['tags'])) {
+		$tagok = [];
+		foreach ($_POST['tags'] as $col => $val) {
+			$tag = $cols['tags']['values'][$col];
+			if (!isset($tag['target'])) {
+				$tagok[$col] = 'forbidden';
+			}
+			if ($tag['value'] === !empty($val)) {
+				$tagok[$col] = NULL;  # unaltered
+			}
+			elseif (empty($val)) {
+				$tagok[$col] = !@unlink($tag['target']);
+			}
+			else {
+				$tagok[$col] = !@symlink("../../{$user['name']}", $tag['target']);
+			}
+		}
+		if ($tagok = array_filter($tagok)) {
+			$colwarn['tags'] = "Wijziging niet opgeslagen voor "
+				. implode(', ', array_keys($tagok));
+		}
+	}
+
 	foreach ($_FILES as $col => $val) {
 		if (!isset($cols[$col]) and @$cols[$col]['type'] == 'file') {
 			continue; # unknown
@@ -159,6 +229,7 @@ foreach ($cols as $col => &$colconf) {
 			'value'       => htmlspecialchars(@$colconf['value']),
 			'placeholder' => "Niet ingesteld",
 			'readonly'    => empty($colconf['target']),
+			'pattern'     => @$colconf['pattern'] ?: FALSE,
 		];
 		if (@$colconf['type'] == 'file') {
 			$attrs['accept'] = "image/jpeg";