We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

user-edit.php 6.22 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
<?php

/* Libre.fm -- a free network service for sharing your music listening habits

   Copyright (C) 2009 Libre.fm Project

   This program is free software: you can redistribute it and/or modify
   it under the terms of the GNU Affero General Public License as published by
   the Free Software Foundation, either version 3 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU Affero General Public License for more details.

   You should have received a copy of the GNU Affero General Public License
   along with this program.  If not, see <http://www.gnu.org/licenses/>.

*/

require_once('database.php');
require_once('templating.php');
require_once('data/User.php');
require_once('data/TagCloud.php');

if($logged_in == false)
{
	$smarty->assign('error', 'Error!');
	$smarty->assign('details', 'Not logged in! You shouldn\'t be here!');
	$smarty->display('error.tpl');
	die();
}

tobyink's avatar
tobyink committed
35 36
# Doesn't seem to work - $user = $_SESSION['user'];
$user = new User($_SESSION['user']->name);
37 38 39

$errors = array();

40
if ($_POST['submit'])
41
{
42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71
	if (!empty($_POST['id']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['id']) )
			$errors[] = "WebID must be a URI.";
		if ( preg_match('/\s/', $_POST['id']) )
			$errors[] = "WebID must be a URI. Valid URIs cannot contain whitespace.";
	}

	if (!empty($_POST['homepage']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['homepage']) )
			$errors[] = "Homepage must be a URI.";
		if ( preg_match('/\s/', $_POST['homepage']) )
			$errors[] = "Homepage must be a URI. Valid URIs cannot contain whitespace.";
	}

	if (!empty($_POST['avatar_uri']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['avatar_uri']) )
			$errors[] = "Avatar must be a URI.";
		if ( preg_match('/\s/', $_POST['avatar_uri']) )
			$errors[] = "Avatar must be a URI. Valid URIs cannot contain whitespace.";
	}

tobyink's avatar
tobyink committed
72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91
	if (!empty($_POST['laconica_profile']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['laconica_profile']) )
			$errors[] = "Laconica profile must be a URI.";
		if ( preg_match('/\s/', $_POST['laconica_profile']) )
			$errors[] = "Laconica profile must be a URI. Valid URIs cannot contain whitespace.";
	}

	if (!empty($_POST['journal_rss']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['journal_rss']) )
			$errors[] = "Journal RSS must be a URI.";
		if ( preg_match('/\s/', $_POST['journal_rss']) )
			$errors[] = "Journal RSS must be a URI. Valid URIs cannot contain whitespace.";
	}

tobyink's avatar
tobyink committed
92 93 94 95 96 97
	if (!empty($_POST['password_1']))
	{
		if ($_POST['password_1'] != $_POST['password_2'])
			$errors[] = "Passwords do not match.";
	}

98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116
	if (!empty($_POST['location_uri']))
	{
		# Currently only allow geonames URIs, but there's no reason we can't accept
		# others at some point in the future. (e.g. dbpedia)
		if ( !preg_match('/^http:\/\/sws.geonames.org\/[0-9]+\/$/', $_POST['location_uri']) )
			$errors[] = "This should be a geonames.org semantic web service URI.";
	}

	if (!isset($errors[0]))
	{
		# Currently we don't allow them to change e-mail as we probably should
		# have some kind of confirmation login to do so.
		$user->id           = $_POST['id'];
		$user->fullname     = $_POST['fullname'];
		$user->homepage     = $_POST['homepage'];
		$user->bio          = $_POST['bio'];
		$user->location     = $_POST['location'];
		$user->location_uri = $_POST['location_uri'];
		$user->avatar_uri   = $_POST['avatar_uri'];
tobyink's avatar
tobyink committed
117 118
		$user->laconica_profile = $_POST['laconica_profile'];
		$user->journal_rss  = $_POST['journal_rss'];
tobyink's avatar
tobyink committed
119
		
tobyink's avatar
tobyink committed
120
		if (!empty( $_POST['password_1'] ))
121
			$user->password = md5($_POST['password_1']);
tobyink's avatar
tobyink committed
122
		
tobyink's avatar
tobyink committed
123
		$user->save();
tobyink's avatar
tobyink committed
124

tobyink's avatar
tobyink committed
125
		header("Location: " . $user->getURL());
tobyink's avatar
tobyink committed
126
		exit;
127
	}
128

tobyink's avatar
tobyink committed
129 130 131 132 133 134
	if (isset($errors[0]))
	{
		header("Content-Type: text/plain");
		print_r($errors);
		exit;
	}
135 136 137 138 139 140 141 142 143 144 145 146 147 148 149
}

if(isset($user->name))
{
	# Stuff which cannot be changed.
	$smarty->assign("acctid", $user->acctid);
	$smarty->assign('avatar', $user->getAvatar());
	$smarty->assign('user',   $user->name);

	# Stuff which cannot be changed *here*
	$smarty->assign('userlevel', $user->userlevel);
	
	# Stuff which cannot be changed *yet*
	$smarty->assign('email', $user->email);
	
150 151 152 153 154 155 156 157 158
	if ($_POST['submit'])
	{
		$smarty->assign("id",           $_POST['id']);
		$smarty->assign('fullname',     $_POST['fullname']);
		$smarty->assign('bio',          $_POST['bio']);
		$smarty->assign('homepage',     $_POST['homepage']);
		$smarty->assign('location',     $_POST['location']);
		$smarty->assign('location_uri', $_POST['location_uri']);
		$smarty->assign('avatar_uri',   $_POST['avatar_uri']);
tobyink's avatar
tobyink committed
159 160
		$smarty->assign('laconica_profile', $_POST['laconica_profile']);
		$smarty->assign('journal_rss',  $_POST['journal_rss']);
161 162 163
	}
	else
	{
tobyink's avatar
tobyink committed
164
		$smarty->assign("id",           ($user->webid_uri));
165 166 167 168 169 170
		$smarty->assign('fullname',     ($user->fullname));
		$smarty->assign('bio',          ($user->bio));
		$smarty->assign('homepage',     ($user->homepage));
		$smarty->assign('location',     ($user->location));
		$smarty->assign('location_uri', ($user->location_uri));
		$smarty->assign('avatar_uri',   ($user->avatar_uri));
tobyink's avatar
tobyink committed
171 172
		$smarty->assign('laconica_profile', ($user->laconica_profile));
		$smarty->assign('journal_rss',  ($user->journal_rss));
173
	}
174 175

	# And display the page.
176 177 178 179 180
	$aTagCloud = TagCloud::GenerateTagCloud('Scrobbles', 'artist');
	if (!PEAR::isError ($aTagCloud))
	{
		$smarty->assign('tagcloud', $aTagCloud);
	}
181
	$smarty->assign('errors', $errors);
182
	$smarty->display('user-edit.tpl');
183 184 185 186 187 188 189 190 191
}

else
{
	$smarty->assign('error', 'User not found');
	$smarty->assign('details', 'Shall I call in a missing persons report? This shouldn\'t happen.');
	$smarty->display('error.tpl');
}