X-Git-Url: http://git.pjr.cc/?a=blobdiff_plain;f=gwvpmini%2Fgwvpmini_user.php;h=799ef3718dd151d12574f26408a26d0e75278c5c;hb=eaa989c5b3d6534276be3c32e089d4ec2b45e395;hp=c495552a82aba1ad5a03dc960d06f2617ec2dda7;hpb=6199d5d80142803ee8f8b85bcaa1594a837076a7;p=gwvp-mini.git

diff --git a/gwvpmini/gwvpmini_user.php b/gwvpmini/gwvpmini_user.php
index c495552..799ef37 100644
--- a/gwvpmini/gwvpmini_user.php
+++ b/gwvpmini/gwvpmini_user.php
@@ -15,6 +15,21 @@ if($IS_WEB_REQUEST) {
 	}
 	
 	global $use_gravatar;
+	
+	$reg = gwvpmini_getConfigVal("forcessl");
+
+	$force_ssl = false;
+	if($reg == null) {
+		// dont force ssl by default
+		gwvpmini_setConfigVal("forcessl", "0");
+	} else if($reg == 1) {
+		$force_ssl = true;
+	} else {
+		$force_ssl = false;
+	}
+
+	global $force_ssl;
+	
 }
 
 
@@ -22,7 +37,7 @@ function gwvpmini_UserViewCallMe()
 {
 	global $user_view_call;
 	
-	error_log("in admin callme");
+	// error_log("in admin callme");
 	if(isset($_REQUEST["q"])) {
 		$query = $_REQUEST["q"];
 		$qspl = explode("/", $query);
@@ -33,8 +48,20 @@ function gwvpmini_UserViewCallMe()
 					if(!gwvpmini_GetUserId($user_view_call)) {
 						gwvpmini_SendMessage("error", "No such user, $user_view_call");
 						return false;
+					} else {
+						if(isset($qspl[2])) {
+							if($qspl[2] == "updateuserdesc") {
+								return "gwvpmini_ViewUpdateUserDesc";
+							}
+							if($qspl[2] == "updateuserpassword") {
+								return "gwvpmini_ViewUpdateUserPassword";
+							}
+							if($qspl[2] == "updateuseremail") {
+								return "gwvpmini_ViewUpdateUserEmail";
+							}
+						}
+						return "gwvpmini_UserViewPage";
 					}
-					return "gwvpmini_UserViewPage";
 				} else return false;
 			} else return false;
 		}
@@ -62,7 +89,7 @@ function gwvpmini_UserViewPageBody()
 	
 	
 	$dets = gwvpmini_getUser($user_view_call);
-	//error_log("show view of user with $user_view_call: ". print_r($dets, true));
+	//// error_log("show view of user with $user_view_call: ". print_r($dets, true));
 
 	echo "<h2>".$dets["fullname"]."</h2><br>";
 	echo gwvpmini_HtmlGravatar($dets["email"],80);
@@ -76,13 +103,13 @@ function gwvpmini_UserViewPageBody()
 	}
 	
 	if($isme || gwvpmini_isUserAdmin()) {
-		echo "<form method=\"post\" action=\"$BASE_URL/user/updateuserdesc\">";
+		echo "<form method=\"post\" action=\"$BASE_URL/user/$user_view_call/updateuserdesc\">";
 		echo "Your Description<br><textarea name=\"desc\" cols=\"100\" rows=\"4\">".$dets["desc"]."</textarea><br>";
 		echo "<input type=\"submit\" name=\"Update\" value=\"Update\">";
 		echo "</form>";
 		
 		echo "<h3>New Password</h3>";
-		echo "<form method=\"post\" action=\"$BASE_URL/user/updateuserpassword\">";
+		echo "<form method=\"post\" action=\"$BASE_URL/user/$user_view_call/updateuserpassword\">";
 		echo "<table>";
 		if($isme) echo "<tr><td>Old Password</td><td><input type=\"password\" name=\"oldpassword\"></td></tr>";
 		echo "<tr><td>New Password</td><td><input type=\"password\" name=\"newpassword1\"></td></tr>";
@@ -91,9 +118,9 @@ function gwvpmini_UserViewPageBody()
 		echo "</form>";
 		
 		echo "<h3>New Email Address</h3>";
-		echo "<form method=\"post\" action=\"$BASE_URL/user/updateuseremail\">";
-		echo "<table><tr><td>New Email Address</td><td><input type=\"password\" name=\"newemail1\"></td></tr>";
-		echo "<tr><td>Confirm New Email Address</td><td><input type=\"password\" name=\"newemail2\"></td></tr></table>";
+		echo "<form method=\"post\" action=\"$BASE_URL/user/$user_view_call/updateuseremail\">";
+		echo "<table><tr><td>New Email Address</td><td><input type=\"text\" name=\"newemail1\"></td></tr>";
+		echo "<tr><td>Confirm New Email Address</td><td><input type=\"text\" name=\"newemail2\"></td></tr></table>";
 		echo "<input type=\"submit\" name=\"Update\" value=\"Update\">";
 		echo "</form>";
 	} else {
@@ -101,4 +128,95 @@ function gwvpmini_UserViewPageBody()
 	}
 }
 
+function gwvpmini_ViewUpdateUserPassword()
+{
+	global $user_view_call, $BASE_URL;
+	
+	$newpass1 = $_REQUEST["newpassword1"];
+	$newpass2 = $_REQUEST["newpassword2"];
+	$oldpass = $_REQUEST["oldpassword"];
+	
+	$authd = gwvpmini_authUserPass($user_view_call, $oldpass);
+		
+	$doupdate = false;
+	
+	if(isset($_SESSION["username"])) if($_SESSION["username"] == $user_view_call && $authd !== false) {
+		$doupdate = true;
+	}
+	
+	if(gwvpmini_isUserAdmin()) {
+		$doupdate = true;
+	}
+	
+	
+	if($newpass1 != $newpass2) {
+		gwvpmini_SendMessage("error", "Password and confirmation dont match");
+	} else if(!$doupdate) {
+		gwvpmini_SendMessage("error", "Could not update user desc, are you logged in?");
+	} else {
+		// do update
+		$uid = gwvpmini_GetUserId($user_view_call);
+		gwvpmini_UpdateUserPassword($uid, $newpass1);
+		gwvpmini_SendMessage("info", "Password Updated");
+	}
+	
+	header("Location: $BASE_URL/user/$user_view_call");
+}
+
+function gwvpmini_ViewUpdateUserDesc()
+{
+	global $user_view_call, $BASE_URL;
+	
+	$newdesc = $_REQUEST["desc"];
+	$doupdate = false;
+	
+	if(isset($_SESSION["username"])) if($_SESSION["username"] == $user_view_call) {
+		$doupdate = true;
+	}
+	
+	if(gwvpmini_isUserAdmin()) {
+		$doupdate = true;
+	}
+	
+	if(!$doupdate) {
+		gwvpmini_SendMessage("error", "Could not update user desc, are you logged in?");
+	} else {
+		$uid = gwvpmini_GetUserId($user_view_call);
+		gwvpmini_UpdateUserDesc($uid, $newdesc);
+		gwvpmini_SendMessage("info", "Description Updated");
+	}
+	
+	header("Location: $BASE_URL/user/$user_view_call");
+	}
+
+function gwvpmini_ViewUpdateUserEmail()
+{
+	global $user_view_call, $BASE_URL;
+	
+	$newem1 = $_REQUEST["newemail1"];
+	$newem2 = $_REQUEST["newemail2"];
+	$doupdate = false;
+	
+	if(isset($_SESSION["username"])) if($_SESSION["username"] == $user_view_call) {
+		$doupdate = true;
+	}
+	
+	if(gwvpmini_isUserAdmin()) {
+		$doupdate = true;
+	}
+	
+	if($newem1 != $newem2) {
+		gwvpmini_SendMessage("error", "Email and confirmation did not match");
+	} else if(!$doupdate) {
+		gwvpmini_SendMessage("error", "Could not update user desc, are you logged in?");
+	} else {
+		$uid = gwvpmini_GetUserId($user_view_call);
+		gwvpmini_UpdateUserEmail($uid, $newem1);
+		gwvpmini_SendMessage("info", "Email Address Updated");
+	}
+	
+	header("Location: $BASE_URL/user/$user_view_call");
+	
+}
+
 ?>
\ No newline at end of file