X-Git-Url: https://git.wh0rd.org/?a=blobdiff_plain;f=classes%2Fpref%2Fprefs.php;h=faab69235504c66097fc3baf1717f91f4ea19ef5;hb=6322ac79a020ab584d412d782d62b2ee77d7c6cf;hp=938782b51df06d35efa1216c350badaffe0ee95e;hpb=58a2577d48790c79adfd44bcfd662c980ce6cfe4;p=tt-rss.git diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index 938782b5..faab6923 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -30,7 +30,7 @@ class Pref_Prefs extends Handler_Protected { "COMBINED_DISPLAY_MODE" => array(__("Combined feed display"), __("Display expanded list of feed articles, instead of separate displays for headlines and article content")), "CONFIRM_FEED_CATCHUP" => array(__("Confirm marking feed as read"), ""), "DEFAULT_ARTICLE_LIMIT" => array(__("Amount of articles to display at once"), ""), - "DEFAULT_UPDATE_INTERVAL" => array(__("Default interval between feed updates"), ""), + "DEFAULT_UPDATE_INTERVAL" => array(__("Default feed update interval"), __("Shortest interval at which a feed will be checked for updates regardless of update method")), "DIGEST_CATCHUP" => array(__("Mark articles in e-mail digest as read"), ""), "DIGEST_ENABLE" => array(__("Enable e-mail digest"), __("This option enables sending daily digest of new (and unread) headlines on your configured e-mail address")), "DIGEST_PREFERRED_TIME" => array(__("Try to send digests around specified time"), __("Uses UTC timezone")), @@ -53,7 +53,8 @@ class Pref_Prefs extends Handler_Protected { "STRIP_UNSAFE_TAGS" => array(__("Strip unsafe tags from articles"), __("Strip all but most common HTML tags when reading articles.")), "USER_STYLESHEET" => array(__("Customize stylesheet"), __("Customize CSS stylesheet to your liking")), "USER_TIMEZONE" => array(__("User timezone"), ""), - "VFEED_GROUP_BY_FEED" => array(__("Group headlines in virtual feeds"), __("Special feeds, labels, and categories are grouped by originating feeds")) + "VFEED_GROUP_BY_FEED" => array(__("Group headlines in virtual feeds"), __("Special feeds, labels, and categories are grouped by originating feeds")), + "USER_CSS_THEME" => array(__("Select theme"), __("Select one of the available CSS themes")) ); } @@ -98,32 +99,48 @@ class Pref_Prefs extends Handler_Protected { if (!isset($_POST[$pref])) $_POST[$pref] = 'false'; } + $need_reload = false; + foreach (array_keys($_POST) as $pref_name) { - $pref_name = db_escape_string($this->link, $pref_name); - $value = db_escape_string($this->link, $_POST[$pref_name]); + $pref_name = db_escape_string( $pref_name); + $value = db_escape_string( $_POST[$pref_name]); if ($pref_name == 'DIGEST_PREFERRED_TIME') { - if (get_pref($this->link, 'DIGEST_PREFERRED_TIME') != $value) { + if (get_pref( 'DIGEST_PREFERRED_TIME') != $value) { - db_query($this->link, "UPDATE ttrss_users SET + db_query( "UPDATE ttrss_users SET last_digest_sent = NULL WHERE id = " . $_SESSION['uid']); } } - set_pref($this->link, $pref_name, $value); + if ($pref_name == "language") { + if ($_SESSION["language"] != $value) { + setcookie("ttrss_lang", $value, + time() + SESSION_COOKIE_LIFETIME); + $_SESSION["language"] = $value; + + $need_reload = true; + } + } else { + set_pref( $pref_name, $value); + } } - print __("The configuration was saved."); + if ($need_reload) { + print "PREFS_NEED_RELOAD"; + } else { + print __("The configuration was saved."); + } } function getHelp() { - $pref_name = db_escape_string($this->link, $_REQUEST["pn"]); + $pref_name = db_escape_string( $_REQUEST["pn"]); - $result = db_query($this->link, "SELECT help_text FROM ttrss_prefs + $result = db_query( "SELECT help_text FROM ttrss_prefs WHERE pref_name = '$pref_name'"); if (db_num_rows($result) > 0) { @@ -136,12 +153,12 @@ class Pref_Prefs extends Handler_Protected { function changeemail() { - $email = db_escape_string($this->link, $_POST["email"]); - $full_name = db_escape_string($this->link, $_POST["full_name"]); + $email = db_escape_string( $_POST["email"]); + $full_name = db_escape_string( $_POST["full_name"]); $active_uid = $_SESSION["uid"]; - db_query($this->link, "UPDATE ttrss_users SET email = '$email', + db_query( "UPDATE ttrss_users SET email = '$email', full_name = '$full_name' WHERE id = '$active_uid'"); print __("Your personal data has been saved."); @@ -159,10 +176,12 @@ class Pref_Prefs extends Handler_Protected { $profile_qpart = "profile IS NULL"; } - db_query($this->link, "DELETE FROM ttrss_user_prefs + db_query( "DELETE FROM ttrss_user_prefs WHERE $profile_qpart AND owner_uid = ".$_SESSION["uid"]); - initialize_user_prefs($this->link, $_SESSION["uid"], $_SESSION["profile"]); + initialize_user_prefs( $_SESSION["uid"], $_SESSION["profile"]); + + echo __("Your preferences are now set to default values."); } function index() { @@ -206,7 +225,7 @@ class Pref_Prefs extends Handler_Protected { print "

" . __("Personal data") . "

"; - $result = db_query($this->link, "SELECT email,full_name,otp_enabled, + $result = db_query( "SELECT email,full_name,otp_enabled, access_level FROM ttrss_users WHERE id = ".$_SESSION["uid"]); @@ -251,7 +270,7 @@ class Pref_Prefs extends Handler_Protected { print "

" . __("Password") . "

"; - $result = db_query($this->link, "SELECT id FROM ttrss_users + $result = db_query( "SELECT id FROM ttrss_users WHERE id = ".$_SESSION["uid"]." AND pwd_hash = 'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8'"); @@ -380,8 +399,8 @@ class Pref_Prefs extends Handler_Protected { parameters: dojo.objectToQuery(this.getValues()), onComplete: function(transport) { notify(''); - if (transport.responseText.indexOf('ERROR: ') == 0) { - notify_error(transport.responseText.replace('ERROR: ', '')); + if (transport.responseText.indexOf('ERROR:') == 0) { + notify_error(transport.responseText.replace('ERROR:', '')); } else { window.location.reload(); } @@ -397,11 +416,13 @@ class Pref_Prefs extends Handler_Protected { print ""; - print ""; + print "".__("Enter the generated one time password").""; - print " "; - print ""; + print ""; + + print ""; print ""; @@ -428,8 +449,8 @@ class Pref_Prefs extends Handler_Protected { print "
"; - print ""; @@ -451,10 +480,10 @@ class Pref_Prefs extends Handler_Protected { } if ($_SESSION["profile"]) { - initialize_user_prefs($this->link, $_SESSION["uid"], $_SESSION["profile"]); + initialize_user_prefs( $_SESSION["uid"], $_SESSION["profile"]); $profile_qpart = "profile = '" . $_SESSION["profile"] . "'"; } else { - initialize_user_prefs($this->link, $_SESSION["uid"]); + initialize_user_prefs( $_SESSION["uid"]); $profile_qpart = "profile IS NULL"; } @@ -465,7 +494,7 @@ class Pref_Prefs extends Handler_Protected { $access_query = 'true'; - $result = db_query($this->link, "SELECT DISTINCT + $result = db_query( "SELECT DISTINCT ttrss_user_prefs.pref_name,value,type_name, ttrss_prefs_sections.order_id, def_value,section_id @@ -518,6 +547,22 @@ class Pref_Prefs extends Handler_Protected { print "

".$section_name."

"; $lnum = 0; + + if ($active_section == 2) { + print ""; + + print ""; + print ""; + + print ""; + print_select_hash("language", $_COOKIE["ttrss_lang"], get_translations(), + "style='width : 220px; margin : 0px' dojoType='dijit.form.Select'"); + print ""; + print ""; + } + } print ""; @@ -643,8 +688,14 @@ class Pref_Prefs extends Handler_Protected { print ""; print ""; - print " "; + print "
+ ".__('Save configuration')." +
+
". + __("Save and exit preferences")."
+
+
"; print " "; @@ -716,9 +767,9 @@ class Pref_Prefs extends Handler_Protected { ".__('Author').""; $system_enabled = array_map("trim", explode(",", PLUGINS)); - $user_enabled = array_map("trim", explode(",", get_pref($this->link, "_ENABLED_PLUGINS"))); + $user_enabled = array_map("trim", explode(",", get_pref( "_ENABLED_PLUGINS"))); - $tmppluginhost = new PluginHost($this->link); + $tmppluginhost = new PluginHost(); $tmppluginhost->load_all($tmppluginhost::KIND_ALL, $_SESSION["uid"]); $tmppluginhost->load_data(true); @@ -846,7 +897,7 @@ class Pref_Prefs extends Handler_Protected { require_once "lib/otphp/lib/totp.php"; require_once "lib/phpqrcode/phpqrcode.php"; - $result = db_query($this->link, "SELECT login,salt,otp_enabled + $result = db_query( "SELECT login,salt,otp_enabled FROM ttrss_users WHERE id = ".$_SESSION["uid"]); @@ -863,35 +914,52 @@ class Pref_Prefs extends Handler_Protected { } function otpenable() { - $password = db_escape_string($this->link, $_REQUEST["password"]); - $enable_otp = $_REQUEST["enable_otp"] == "on"; + require_once "lib/otphp/vendor/base32.php"; + require_once "lib/otphp/lib/otp.php"; + require_once "lib/otphp/lib/totp.php"; + + $password = $_REQUEST["password"]; + $otp = $_REQUEST["otp"]; global $pluginhost; $authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]); if ($authenticator->check_password($_SESSION["uid"], $password)) { - if ($enable_otp) { - db_query($this->link, "UPDATE ttrss_users SET otp_enabled = true WHERE + $result = db_query( "SELECT salt + FROM ttrss_users + WHERE id = ".$_SESSION["uid"]); + + $base32 = new Base32(); + + $secret = $base32->encode(sha1(db_fetch_result($result, 0, "salt"))); + $topt = new \OTPHP\TOTP($secret); + + $otp_check = $topt->now(); + + if ($otp == $otp_check) { + db_query( "UPDATE ttrss_users SET otp_enabled = true WHERE id = " . $_SESSION["uid"]); print "OK"; + } else { + print "ERROR:".__("Incorrect one time password"); } } else { - print "ERROR: ".__("Incorrect password"); + print "ERROR:".__("Incorrect password"); } } function otpdisable() { - $password = db_escape_string($this->link, $_REQUEST["password"]); + $password = db_escape_string( $_REQUEST["password"]); global $pluginhost; $authenticator = $pluginhost->get_plugin($_SESSION["auth_module"]); if ($authenticator->check_password($_SESSION["uid"], $password)) { - db_query($this->link, "UPDATE ttrss_users SET otp_enabled = false WHERE + db_query( "UPDATE ttrss_users SET otp_enabled = false WHERE id = " . $_SESSION["uid"]); print "OK"; @@ -907,18 +975,18 @@ class Pref_Prefs extends Handler_Protected { else $plugins = ""; - set_pref($this->link, "_ENABLED_PLUGINS", $plugins); + set_pref( "_ENABLED_PLUGINS", $plugins); } function clearplugindata() { - $name = db_escape_string($this->link, $_REQUEST["name"]); + $name = db_escape_string( $_REQUEST["name"]); global $pluginhost; $pluginhost->clear_data($pluginhost->get_plugin($name)); } function customizeCSS() { - $value = get_pref($this->link, "USER_STYLESHEET"); + $value = get_pref( "USER_STYLESHEET"); $value = str_replace("
", "\n", $value); @@ -966,7 +1034,7 @@ class Pref_Prefs extends Handler_Protected { print ""; - $result = db_query($this->link, "SELECT title,id FROM ttrss_settings_profiles + $result = db_query( "SELECT title,id FROM ttrss_settings_profiles WHERE owner_uid = ".$_SESSION["uid"]." ORDER BY title"); print "
";