gwvpmini/gwvpmini_user.php

   1 <?php
   2 $CALL_ME_FUNCTIONS["userview"] = "gwvpmini_UserViewCallMe";
   3
   4 if($IS_WEB_REQUEST) {
   5         $reg = gwvpmini_getConfigVal("gravatarenabled");\r
   6         \r
   7         $use_gravatar = false;\r
   8         if($reg == null) {
   9                 // disable grav's by default\r
  10                 gwvpmini_setConfigVal("gravatarenabled", "0");\r
  11         } else if($reg == 1) {\r
  12                 $use_gravatar = true;\r
  13         } else {\r
  14                 $use_gravatar = false;\r
  15         }\r
  16         \r
  17         global $use_gravatar;
  18
  19         $reg = gwvpmini_getConfigVal("forcessl");\r
  20 \r
  21         $force_ssl = false;\r
  22         if($reg == null) {\r
  23                 // dont force ssl by default\r
  24                 gwvpmini_setConfigVal("forcessl", "0");\r
  25         } else if($reg == 1) {\r
  26                 $force_ssl = true;\r
  27         } else {\r
  28                 $force_ssl = false;\r
  29         }\r
  30 \r
  31         global $force_ssl;\r
  32
  33 }\r
  34
  35
  36 function gwvpmini_UserViewCallMe()
  37 {
  38         global $user_view_call;
  39
  40         // error_log("in admin callme");
  41         if(isset($_REQUEST["q"])) {
  42                 $query = $_REQUEST["q"];
  43                 $qspl = explode("/", $query);
  44                 if(isset($qspl[0])) {
  45                         if($qspl[0] == "user") {
  46                                 if(isset($qspl[1])) {
  47                                         $user_view_call = $qspl[1];
  48                                         if(!gwvpmini_GetUserId($user_view_call)) {
  49                                                 gwvpmini_SendMessage("error", "No such user, $user_view_call");
  50                                                 return false;
  51                                         } else {
  52                                                 if(isset($qspl[2])) {
  53                                                         if($qspl[2] == "updateuserdesc") {
  54                                                                 return "gwvpmini_ViewUpdateUserDesc";
  55                                                         }
  56                                                         if($qspl[2] == "updateuserpassword") {\r
  57                                                                 return "gwvpmini_ViewUpdateUserPassword";\r
  58                                                         }\r
  59                                                         if($qspl[2] == "updateuseremail") {
  60                                                                 return "gwvpmini_ViewUpdateUserEmail";
  61                                                         }
  62                                                 }
  63                                                 return "gwvpmini_UserViewPage";
  64                                         }
  65                                 } else return false;
  66                         } else return false;
  67                 }
  68                 else return false;
  69         }
  70
  71         return false;
  72
  73
  74 }
  75
  76 function gwvpmini_UserViewPage()
  77 {
  78         global $user_view_call, $MENU_ITEMS, $BASE_URL;
  79
  80         $MENU_ITEMS["40thisuser"]["text"] = "$user_view_call";
  81         $MENU_ITEMS["40thisuser"]["link"] = "$BASE_URL/user/$user_view_call";
  82
  83         gwvpmini_goMainPage("gwvpmini_UserViewPageBody");
  84 }
  85
  86 function gwvpmini_UserViewPageBody()
  87 {
  88         global $user_view_call, $BASE_URL;
  89
  90
  91         $dets = gwvpmini_getUser($user_view_call);
  92         //// error_log("show view of user with $user_view_call: ". print_r($dets, true));\r
  93
  94         echo "<h2>".$dets["fullname"]."</h2><br>";
  95         echo gwvpmini_HtmlGravatar($dets["email"],80);
  96         echo "<br>";
  97
  98         $isme = false;
  99         if(isset($_SESSION["id"])) {
 100                 if($_SESSION["id"] == $dets["id"]) {
 101                         $isme = true;
 102                 }
 103         }
 104
 105         if($isme || gwvpmini_isUserAdmin()) {
 106                 echo "<form method=\"post\" action=\"$BASE_URL/user/$user_view_call/updateuserdesc\">";
 107                 echo "Your Description<br><textarea name=\"desc\" cols=\"100\" rows=\"4\">".$dets["desc"]."</textarea><br>";
 108                 echo "<input type=\"submit\" name=\"Update\" value=\"Update\">";
 109                 echo "</form>";
 110
 111                 echo "<h3>New Password</h3>";
 112                 echo "<form method=\"post\" action=\"$BASE_URL/user/$user_view_call/updateuserpassword\">";
 113                 echo "<table>";
 114                 if($isme) echo "<tr><td>Old Password</td><td><input type=\"password\" name=\"oldpassword\"></td></tr>";
 115                 echo "<tr><td>New Password</td><td><input type=\"password\" name=\"newpassword1\"></td></tr>";
 116                 echo "<tr><td>Confirm New Password</td><td><input type=\"password\" name=\"newpassword2\"></td></tr></table>";
 117                 echo "<input type=\"submit\" name=\"Update\" value=\"Update\">";
 118                 echo "</form>";
 119
 120                 echo "<h3>New Email Address</h3>";
 121                 echo "<form method=\"post\" action=\"$BASE_URL/user/$user_view_call/updateuseremail\">";
 122                 echo "<table><tr><td>New Email Address</td><td><input type=\"text\" name=\"newemail1\"></td></tr>";
 123                 echo "<tr><td>Confirm New Email Address</td><td><input type=\"text\" name=\"newemail2\"></td></tr></table>";
 124                 echo "<input type=\"submit\" name=\"Update\" value=\"Update\">";
 125                 echo "</form>";
 126         } else {
 127                 echo $dets["desc"]."<br>";
 128         }
 129 }
 130
 131 function gwvpmini_ViewUpdateUserPassword()
 132 {
 133         global $user_view_call, $BASE_URL;
 134
 135         $newpass1 = $_REQUEST["newpassword1"];
 136         $newpass2 = $_REQUEST["newpassword2"];
 137         $oldpass = $_REQUEST["oldpassword"];
 138
 139         $authd = gwvpmini_authUserPass($user_view_call, $oldpass);\r
 140
 141         $doupdate = false;
 142
 143         if(isset($_SESSION["username"])) if($_SESSION["username"] == $user_view_call && $authd !== false) {
 144                 $doupdate = true;
 145         }
 146
 147         if(gwvpmini_isUserAdmin()) {
 148                 $doupdate = true;
 149         }
 150
 151
 152         if($newpass1 != $newpass2) {
 153                 gwvpmini_SendMessage("error", "Password and confirmation dont match");
 154         } else if(!$doupdate) {
 155                 gwvpmini_SendMessage("error", "Could not update user desc, are you logged in?");
 156         } else {
 157                 // do update
 158                 $uid = gwvpmini_GetUserId($user_view_call);
 159                 gwvpmini_UpdateUserPassword($uid, $newpass1);
 160                 gwvpmini_SendMessage("info", "Password Updated");
 161         }
 162
 163         header("Location: $BASE_URL/user/$user_view_call");
 164 }
 165
 166 function gwvpmini_ViewUpdateUserDesc()
 167 {
 168         global $user_view_call, $BASE_URL;
 169
 170         $newdesc = $_REQUEST["desc"];
 171         $doupdate = false;
 172
 173         if(isset($_SESSION["username"])) if($_SESSION["username"] == $user_view_call) {
 174                 $doupdate = true;
 175         }
 176
 177         if(gwvpmini_isUserAdmin()) {
 178                 $doupdate = true;
 179         }
 180
 181         if(!$doupdate) {
 182                 gwvpmini_SendMessage("error", "Could not update user desc, are you logged in?");
 183         } else {
 184                 $uid = gwvpmini_GetUserId($user_view_call);\r
 185                 gwvpmini_UpdateUserDesc($uid, $newdesc);
 186                 gwvpmini_SendMessage("info", "Description Updated");
 187         }
 188
 189         header("Location: $BASE_URL/user/$user_view_call");
 190         }
 191
 192 function gwvpmini_ViewUpdateUserEmail()
 193 {
 194         global $user_view_call, $BASE_URL;\r
 195         \r
 196         $newem1 = $_REQUEST["newemail1"];
 197         $newem2 = $_REQUEST["newemail2"];
 198         $doupdate = false;\r
 199         \r
 200         if(isset($_SESSION["username"])) if($_SESSION["username"] == $user_view_call) {\r
 201                 $doupdate = true;\r
 202         }\r
 203         \r
 204         if(gwvpmini_isUserAdmin()) {\r
 205                 $doupdate = true;\r
 206         }\r
 207
 208         if($newem1 != $newem2) {
 209                 gwvpmini_SendMessage("error", "Email and confirmation did not match");
 210         } else if(!$doupdate) {\r
 211                 gwvpmini_SendMessage("error", "Could not update user desc, are you logged in?");\r
 212         } else {\r
 213                 $uid = gwvpmini_GetUserId($user_view_call);\r
 214                 gwvpmini_UpdateUserEmail($uid, $newem1);
 215                 gwvpmini_SendMessage("info", "Email Address Updated");\r
 216         }\r
 217         \r
 218         header("Location: $BASE_URL/user/$user_view_call");\r
 219
 220 }
 221
 222 ?>