]> git.wh0rd.org - tt-rss.git/blob - modules/pref-prefs.php
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
fix form autosubmit problem
[tt-rss.git] / modules / pref-prefs.php
1 <?php
2 function prefs_js_redirect() {
3 print "<html><body>
4 <script type=\"text/javascript\">
5 window.location = 'prefs.php';
6 </script>
7 </body></html>";
8 }
9
10 function module_pref_prefs($link) {
11 $subop = $_REQUEST["subop"];
12
13 if ($subop == "change-password") {
14
15 $old_pw = $_POST["OLD_PASSWORD"];
16 $new_pw = $_POST["NEW_PASSWORD"];
17 $con_pw = $_POST["CONFIRM_PASSWORD"];
18
19 if ($old_pw == "") {
20 print "ERROR: Old password cannot be blank.";
21 return;
22 }
23
24 if ($new_pw == "") {
25 print "ERROR: New password cannot be blank.";
26 return;
27 }
28
29 if ($new_pw != $con_pw) {
30 print "ERROR: Entered passwords do not match.";
31 return;
32 }
33
34 $old_pw_hash = 'SHA1:' . sha1($_POST["OLD_PASSWORD"]);
35 $new_pw_hash = 'SHA1:' . sha1($_POST["NEW_PASSWORD"]);
36
37 $active_uid = $_SESSION["uid"];
38
39 if ($old_pw && $new_pw) {
40
41 $login = db_escape_string($_SERVER['PHP_AUTH_USER']);
42
43 $result = db_query($link, "SELECT id FROM ttrss_users WHERE
44 id = '$active_uid' AND (pwd_hash = '$old_pw' OR
45 pwd_hash = '$old_pw_hash')");
46
47 if (db_num_rows($result) == 1) {
48 db_query($link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash'
49 WHERE id = '$active_uid'");
50
51 print "Password has been changed.";
52 } else {
53 print "ERROR: Old password is incorrect.";
54 }
55 }
56
57 return;
58 }
59
60 if ($subop == "Save configuration") {
61
62 $_SESSION["prefs_op_result"] = "save-config";
63
64 $_SESSION["prefs_cache"] = false;
65
66 foreach (array_keys($_POST) as $pref_name) {
67
68 $pref_name = db_escape_string($pref_name);
69 $value = db_escape_string($_POST[$pref_name]);
70
71 $result = db_query($link, "SELECT type_name
72 FROM ttrss_prefs,ttrss_prefs_types
73 WHERE pref_name = '$pref_name' AND type_id = ttrss_prefs_types.id");
74
75 if (db_num_rows($result) > 0) {
76
77 $type_name = db_fetch_result($result, 0, "type_name");
78
79 // print "$pref_name : $type_name : $value<br>";
80
81 if ($type_name == "bool") {
82 if ($value == "1") {
83 $value = "true";
84 } else {
85 $value = "false";
86 }
87 } else if ($type_name == "integer") {
88 $value = sprintf("%d", $value);
89 }
90
91 // print "$pref_name : $type_name : $value<br>";
92
93 db_query($link, "UPDATE ttrss_user_prefs SET value = '$value'
94 WHERE pref_name = '$pref_name' AND owner_uid = ".$_SESSION["uid"]);
95
96 }
97
98 }
99
100 return prefs_js_redirect();
101
102 } else if ($subop == "getHelp") {
103
104 $pref_name = db_escape_string($_GET["pn"]);
105
106 $result = db_query($link, "SELECT help_text FROM ttrss_prefs
107 WHERE pref_name = '$pref_name'");
108
109 if (db_num_rows($result) > 0) {
110 $help_text = db_fetch_result($result, 0, "help_text");
111 print $help_text;
112 } else {
113 print "Unknown option: $pref_name";
114 }
115
116 } else if ($subop == "Change e-mail") {
117
118 $email = db_escape_string($_GET["email"]);
119 $active_uid = $_SESSION["uid"];
120
121 if ($email) {
122 db_query($link, "UPDATE ttrss_users SET email = '$email'
123 WHERE id = '$active_uid'");
124 }
125
126 return prefs_js_redirect();
127
128 } else if ($subop == "Reset to defaults") {
129
130 $_SESSION["prefs_op_result"] = "reset-to-defaults";
131
132 if (DB_TYPE == "pgsql") {
133 db_query($link,"UPDATE ttrss_user_prefs
134 SET value = ttrss_prefs.def_value
135 WHERE owner_uid = '".$_SESSION["uid"]."' AND
136 ttrss_prefs.pref_name = ttrss_user_prefs.pref_name");
137 } else {
138 db_query($link, "DELETE FROM ttrss_user_prefs
139 WHERE owner_uid = ".$_SESSION["uid"]);
140 initialize_user_prefs($link, $_SESSION["uid"]);
141 }
142
143 return prefs_js_redirect();
144
145 } else if ($subop == "Change theme") {
146
147 $theme = db_escape_string($_POST["theme"]);
148
149 if ($theme == "Default") {
150 $theme_qpart = 'NULL';
151 } else {
152 $theme_qpart = "'$theme'";
153 }
154
155 $result = db_query($link, "SELECT id,theme_path FROM ttrss_themes
156 WHERE theme_name = '$theme'");
157
158 if (db_num_rows($result) == 1) {
159 $theme_id = db_fetch_result($result, 0, "id");
160 $theme_path = db_fetch_result($result, 0, "theme_path");
161 } else {
162 $theme_id = "NULL";
163 $theme_path = "";
164 }
165
166 db_query($link, "UPDATE ttrss_users SET
167 theme_id = $theme_id WHERE id = " . $_SESSION["uid"]);
168
169 $_SESSION["theme"] = $theme_path;
170
171 return prefs_js_redirect();
172
173 } else {
174
175 // print check_for_update($link);
176
177 if (!SINGLE_USER_MODE) {
178
179 $result = db_query($link, "SELECT id,email FROM ttrss_users
180 WHERE id = ".$_SESSION["uid"]." AND (pwd_hash = 'password' OR
181 pwd_hash = 'SHA1:".sha1("password")."')");
182
183 if (db_num_rows($result) != 0) {
184 print format_warning("Your password is at default value, please change it.");
185 }
186
187 /* if ($_SESSION["pwd_change_result"] == "failed") {
188 print format_warning("Could not change the password.");
189 }
190
191 if ($_SESSION["pwd_change_result"] == "ok") {
192 print format_notice("Password was changed.");
193 }
194
195 $_SESSION["pwd_change_result"] = ""; */
196
197 if ($_SESSION["prefs_op_result"] == "reset-to-defaults") {
198 print format_notice("The configuration was reset to defaults.");
199 }
200
201 if ($_SESSION["prefs_op_result"] == "save-config") {
202 print format_notice("The configuration was saved.");
203 }
204
205 $_SESSION["prefs_op_result"] = "";
206
207 print "<form action=\"backend.php\" method=\"GET\">";
208
209 print "<table width=\"100%\" class=\"prefPrefsList\">";
210 print "<tr><td colspan='3'><h3>Personal data</h3></tr></td>";
211
212 $result = db_query($link, "SELECT email FROM ttrss_users
213 WHERE id = ".$_SESSION["uid"]);
214
215 $email = db_fetch_result($result, 0, "email");
216
217 print "<tr><td width=\"40%\">E-mail</td>";
218 print "<td><input class=\"editbox\" name=\"email\"
219 value=\"$email\"></td></tr>";
220
221 print "</table>";
222
223 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
224
225 print "<p><input class=\"button\" type=\"submit\"
226 value=\"Change e-mail\" name=\"subop\">";
227
228 print "</form>";
229
230 print "<form onsubmit=\"return false\"
231 name=\"change_pass_form\" id=\"change_pass_form\">";
232
233 print "<table width=\"100%\" class=\"prefPrefsList\">";
234 print "<tr><td colspan='3'><h3>Authentication</h3></tr></td>";
235
236 print "<tr><td width=\"40%\">Old password</td>";
237 print "<td><input class=\"editbox\" type=\"password\"
238 onkeypress=\"return filterCR(event, changeUserPassword)\"
239 name=\"OLD_PASSWORD\"></td></tr>";
240
241 print "<tr><td width=\"40%\">New password</td>";
242
243 print "<td><input class=\"editbox\" type=\"password\"
244 onkeypress=\"return filterCR(event, changeUserPassword)\"
245 name=\"NEW_PASSWORD\"></td></tr>";
246
247 print "<tr><td width=\"40%\">Confirm password</td>";
248
249 print "<td><input class=\"editbox\" type=\"password\"
250 onkeypress=\"return filterCR(event, changeUserPassword)\"
251 name=\"CONFIRM_PASSWORD\"></td></tr>";
252
253 print "</table>";
254
255 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
256 print "<input type=\"hidden\" name=\"subop\" value=\"change-password\">";
257
258 print "</form>";
259
260 print "<p><input class=\"button\" type=\"submit\"
261 onclick=\"return changeUserPassword()\"
262 value=\"Change password\">";
263
264 }
265
266 $result = db_query($link, "SELECT
267 theme_id FROM ttrss_users WHERE id = " . $_SESSION["uid"]);
268
269 $user_theme_id = db_fetch_result($result, 0, "theme_id");
270
271 $result = db_query($link, "SELECT
272 id,theme_name FROM ttrss_themes ORDER BY theme_name");
273
274 if (db_num_rows($result) > 0) {
275
276 print "<form action=\"backend.php\" method=\"POST\">";
277 print "<table width=\"100%\" class=\"prefPrefsList\">";
278 print "<tr><td colspan='3'><h3>Themes</h3></tr></td>";
279 print "<tr><td width=\"40%\">Select theme</td>";
280 print "<td><select name=\"theme\">";
281 print "<option>Default</option>";
282 print "<option disabled>--------</option>";
283
284 while ($line = db_fetch_assoc($result)) {
285 if ($line["id"] == $user_theme_id) {
286 $selected = "selected";
287 } else {
288 $selected = "";
289 }
290 print "<option $selected>" . $line["theme_name"] . "</option>";
291 }
292 print "</select></td></tr>";
293 print "</table>";
294 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
295 print "<p><input class=\"button\" type=\"submit\"
296 value=\"Change theme\" name=\"subop\">";
297 print "</form>";
298 }
299
300 initialize_user_prefs($link, $_SESSION["uid"]);
301
302 $result = db_query($link, "SELECT
303 ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
304 section_name,def_value
305 FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
306 WHERE type_id = ttrss_prefs_types.id AND
307 section_id = ttrss_prefs_sections.id AND
308 ttrss_user_prefs.pref_name = ttrss_prefs.pref_name AND
309 owner_uid = ".$_SESSION["uid"]."
310 ORDER BY section_id,short_desc");
311
312 print "<form action=\"backend.php\" method=\"POST\">";
313
314 $lnum = 0;
315
316 $active_section = "";
317
318 while ($line = db_fetch_assoc($result)) {
319
320 if ($active_section != $line["section_name"]) {
321
322 if ($active_section != "") {
323 print "</table>";
324 }
325
326 print "<p><table width=\"100%\" class=\"prefPrefsList\">";
327
328 $active_section = $line["section_name"];
329
330 print "<tr><td colspan=\"3\"><h3>$active_section</h3></td></tr>";
331 // print "<tr class=\"title\">
332 // <td width=\"25%\">Option</td><td>Value</td></tr>";
333
334 $lnum = 0;
335 }
336
337 // $class = ($lnum % 2) ? "even" : "odd";
338
339 print "<tr>";
340
341 $type_name = $line["type_name"];
342 $pref_name = $line["pref_name"];
343 $value = $line["value"];
344 $def_value = $line["def_value"];
345 $help_text = $line["help_text"];
346
347 print "<td width=\"40%\" id=\"$pref_name\">" . $line["short_desc"];
348
349 if ($help_text) print "<div class=\"prefHelp\">$help_text</div>";
350
351 print "</td>";
352
353 print "<td>";
354
355 if ($type_name == "bool") {
356 // print_select($pref_name, $value, array("true", "false"));
357
358 if ($value == "true") {
359 $value = "Yes";
360 } else {
361 $value = "No";
362 }
363
364 print_radio($pref_name, $value, array("Yes", "No"));
365
366 } else {
367 print "<input class=\"editbox\" name=\"$pref_name\" value=\"$value\">";
368 }
369
370 print "</td>";
371
372 print "</tr>";
373
374 $lnum++;
375 }
376
377 print "</table>";
378
379 print "<input type=\"hidden\" name=\"op\" value=\"pref-prefs\">";
380
381 print "<p><input class=\"button\" type=\"submit\"
382 name=\"subop\" value=\"Save configuration\">";
383
384 print "&nbsp;<input class=\"button\" type=\"submit\"
385 name=\"subop\" onclick=\"return validatePrefsReset()\"
386 value=\"Reset to defaults\"></p>";
387
388 print "</form>";
389
390 }
391 }
392 ?>
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/