save module user authenticated with, only allow password change if module is 'internal'

[tt-rss.git] / classes / pref_prefs.php

diff --git a/classes/pref_prefs.php b/classes/pref_prefs.php
index c8843adae17036e9864888e7d7bd81903595ab9a..5339095bac4d0e4c614bba7534d79ae6c07ab118 100644 (file)
--- a/classes/pref_prefs.php
+++ b/classes/pref_prefs.php
@@ -160,60 +160,61 @@ class Pref_Prefs extends Protected_Handler {
                                        "SSL_CERT_SERIAL", "DIGEST_PREFERRED_TIME");
 
 
-               if (!SINGLE_USER_MODE) {
+               $_SESSION["prefs_op_result"] = "";
 
-                       $_SESSION["prefs_op_result"] = "";
+               print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">";
+               print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Personal data / Authentication')."\">";
 
-                       print "<div dojoType=\"dijit.layout.AccordionContainer\" region=\"center\">";
-                       print "<div dojoType=\"dijit.layout.AccordionPane\" title=\"".__('Personal data / Authentication')."\">";
+               print "<form dojoType=\"dijit.form.Form\" id=\"changeUserdataForm\">";
 
-                       print "<form dojoType=\"dijit.form.Form\" id=\"changeUserdataForm\">";
+               print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">
+               evt.preventDefault();
+               if (this.validate()) {
+                       notify_progress('Saving data...', true);
 
-                       print "<script type=\"dojo/method\" event=\"onSubmit\" args=\"evt\">
-                       evt.preventDefault();
-                       if (this.validate()) {
-                               notify_progress('Saving data...', true);
+                       new Ajax.Request('backend.php', {
+                               parameters: dojo.objectToQuery(this.getValues()),
+                               onComplete: function(transport) {
+                                       notify_callback2(transport);
+                       } });
 
-                               new Ajax.Request('backend.php', {
-                                       parameters: dojo.objectToQuery(this.getValues()),
-                                       onComplete: function(transport) {
-                                               notify_callback2(transport);
-                               } });
+               }
+               </script>";
 
-                       }
-                       </script>";
+               print "<table width=\"100%\" class=\"prefPrefsList\">";
 
-                       print "<table width=\"100%\" class=\"prefPrefsList\">";
+               $result = db_query($this->link, "SELECT email,full_name,
+                       access_level FROM ttrss_users
+                       WHERE id = ".$_SESSION["uid"]);
 
-                       $result = db_query($this->link, "SELECT email,full_name,
-                               access_level FROM ttrss_users
-                               WHERE id = ".$_SESSION["uid"]);
+               $email = htmlspecialchars(db_fetch_result($result, 0, "email"));
+               $full_name = htmlspecialchars(db_fetch_result($result, 0, "full_name"));
 
-                       $email = htmlspecialchars(db_fetch_result($result, 0, "email"));
-                       $full_name = htmlspecialchars(db_fetch_result($result, 0, "full_name"));
+               print "<tr><td width=\"40%\">".__('Full name')."</td>";
+               print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"full_name\" required=\"1\"
+                       value=\"$full_name\"></td></tr>";
 
-                       print "<tr><td width=\"40%\">".__('Full name')."</td>";
-                       print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"full_name\" required=\"1\"
-                               value=\"$full_name\"></td></tr>";
+               print "<tr><td width=\"40%\">".__('E-mail')."</td>";
+               print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"email\" required=\"1\" value=\"$email\"></td></tr>";
 
-                       print "<tr><td width=\"40%\">".__('E-mail')."</td>";
-                       print "<td class=\"prefValue\"><input dojoType=\"dijit.form.ValidationTextBox\" name=\"email\" required=\"1\" value=\"$email\"></td></tr>";
+               if (!SINGLE_USER_MODE && !$_SESSION["hide_hello"]) {
 
-                       if (!SINGLE_USER_MODE) {
-                               $access_level = db_fetch_result($result, 0, "access_level");
-                               print "<tr><td width=\"40%\">".__('Access level')."</td>";
-                               print "<td>" . $access_level_names[$access_level] . "</td></tr>";
-                       }
+                       $access_level = db_fetch_result($result, 0, "access_level");
+                       print "<tr><td width=\"40%\">".__('Access level')."</td>";
+                       print "<td>" . $access_level_names[$access_level] . "</td></tr>";
+               }
 
-                       print "</table>";
+               print "</table>";
 
-                       print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">";
-                       print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"changeemail\">";
+               print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"op\" value=\"pref-prefs\">";
+               print "<input dojoType=\"dijit.form.TextBox\" style=\"display : none\" name=\"method\" value=\"changeemail\">";
 
-                       print "<p><button dojoType=\"dijit.form.Button\" type=\"submit\">".
-                               __("Save data")."</button>";
+               print "<p><button dojoType=\"dijit.form.Button\" type=\"submit\">".
+                       __("Save data")."</button>";
 
-                       print "</form>";
+               print "</form>";
+
+               if (!SINGLE_USER_MODE && $_SESSION["auth_module"] == 'internal') {
 
                        $result = db_query($this->link, "SELECT id FROM ttrss_users
                                WHERE id = ".$_SESSION["uid"]." AND pwd_hash
@@ -270,9 +271,10 @@ class Pref_Prefs extends Protected_Handler {
 
                        print "</form>";
 
-                       print "</div>"; #pane
                }
 
+               print "</div>"; #pane
+
                print "<div dojoType=\"dijit.layout.AccordionPane\" selected=\"true\" title=\"".__('Preferences')."\">";
 
                print "<form dojoType=\"dijit.form.Form\" id=\"changeSettingsForm\">";
@@ -311,7 +313,7 @@ class Pref_Prefs extends Protected_Handler {
                        $profile_qpart = "profile IS NULL";
                }
 
-               $result = db_query($this->link, "SELECT
+               $result = db_query($this->link, "SELECT DISTINCT
                        ttrss_user_prefs.pref_name,short_desc,help_text,value,type_name,
                        section_name,def_value,section_id
                        FROM ttrss_prefs,ttrss_prefs_types,ttrss_prefs_sections,ttrss_user_prefs
@@ -472,9 +474,9 @@ class Pref_Prefs extends Protected_Handler {
 
                        } else if ($pref_name == 'DIGEST_PREFERRED_TIME') {
                                print "<input dojoType=\"dijit.form.ValidationTextBox\"
-                                       id=\"$pref_name\" regexp=\"[012]\d:\d\d\" placeHolder=\"12:00\"
+                                       id=\"$pref_name\" regexp=\"[012]?\d:\d\d\" placeHolder=\"12:00\"
                                        name=\"$pref_name\" value=\"$value\"><div class=\"insensitive\">".
-                                       T_sprintf("Current server time: %s", date("H:i")) . "</div>";
+                                       T_sprintf("Current server time: %s (UTC)", date("H:i")) . "</div>";
                        } else {
                                $regexp = ($type_name == 'integer') ? 'regexp="^\d*$"' : '';