We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

user-edit.php 6.29 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
<?php

/* Libre.fm -- a free network service for sharing your music listening habits

   Copyright (C) 2009 Libre.fm Project

   This program is free software: you can redistribute it and/or modify
   it under the terms of the GNU Affero General Public License as published by
   the Free Software Foundation, either version 3 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU Affero General Public License for more details.

   You should have received a copy of the GNU Affero General Public License
   along with this program.  If not, see <http://www.gnu.org/licenses/>.

*/

require_once('database.php');
require_once('templating.php');
require_once('data/User.php');
require_once('data/TagCloud.php');

if($logged_in == false)
{
	$smarty->assign('error', 'Error!');
	$smarty->assign('details', 'Not logged in! You shouldn\'t be here!');
	$smarty->display('error.tpl');
	die();
}

$errors = array();

37
if ($_POST['submit'])
38
{
39 40 41 42 43
	if (!empty($_POST['id']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['id']) )
elleo's avatar
elleo committed
44
			$errors[] = 'WebID must be a URI.';
45
		if ( preg_match('/\s/', $_POST['id']) )
elleo's avatar
elleo committed
46
			$errors[] = 'WebID must be a URI. Valid URIs cannot contain whitespace.';
47 48 49 50 51 52 53
	}

	if (!empty($_POST['homepage']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['homepage']) )
elleo's avatar
elleo committed
54
			$errors[] = 'Homepage must be a URI.';
55
		if ( preg_match('/\s/', $_POST['homepage']) )
elleo's avatar
elleo committed
56
			$errors[] = 'Homepage must be a URI. Valid URIs cannot contain whitespace.';
57 58 59 60 61 62 63
	}

	if (!empty($_POST['avatar_uri']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['avatar_uri']) )
elleo's avatar
elleo committed
64
			$errors[] = 'Avatar must be a URI.';
65
		if ( preg_match('/\s/', $_POST['avatar_uri']) )
elleo's avatar
elleo committed
66
			$errors[] = 'Avatar must be a URI. Valid URIs cannot contain whitespace.';
67 68
	}

tobyink's avatar
tobyink committed
69 70 71 72 73
	if (!empty($_POST['laconica_profile']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['laconica_profile']) )
elleo's avatar
elleo committed
74
			$errors[] = 'Laconica profile must be a URI.';
tobyink's avatar
tobyink committed
75
		if ( preg_match('/\s/', $_POST['laconica_profile']) )
elleo's avatar
elleo committed
76
			$errors[] = 'Laconica profile must be a URI. Valid URIs cannot contain whitespace.';
tobyink's avatar
tobyink committed
77 78 79 80 81 82 83
	}

	if (!empty($_POST['journal_rss']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['journal_rss']) )
elleo's avatar
elleo committed
84
			$errors[] = 'Journal RSS must be a URI.';
tobyink's avatar
tobyink committed
85
		if ( preg_match('/\s/', $_POST['journal_rss']) )
elleo's avatar
elleo committed
86
			$errors[] = 'Journal RSS must be a URI. Valid URIs cannot contain whitespace.';
tobyink's avatar
tobyink committed
87 88
	}

tobyink's avatar
tobyink committed
89 90 91
	if (!empty($_POST['password_1']))
	{
		if ($_POST['password_1'] != $_POST['password_2'])
elleo's avatar
elleo committed
92
			$errors[] = 'Passwords do not match.';
tobyink's avatar
tobyink committed
93 94
	}

95 96 97 98 99
	if (!empty($_POST['location_uri']))
	{
		# Currently only allow geonames URIs, but there's no reason we can't accept
		# others at some point in the future. (e.g. dbpedia)
		if ( !preg_match('/^http:\/\/sws.geonames.org\/[0-9]+\/$/', $_POST['location_uri']) )
elleo's avatar
elleo committed
100
			$errors[] = 'This should be a geonames.org semantic web service URI.';
101 102 103 104 105 106
	}

	if (!isset($errors[0]))
	{
		# Currently we don't allow them to change e-mail as we probably should
		# have some kind of confirmation login to do so.
107 108 109 110 111 112 113 114 115
		$this_user->id           = $_POST['id'];
		$this_user->fullname     = $_POST['fullname'];
		$this_user->homepage     = $_POST['homepage'];
		$this_user->bio          = $_POST['bio'];
		$this_user->location     = $_POST['location'];
		$this_user->location_uri = $_POST['location_uri'];
		$this_user->avatar_uri   = $_POST['avatar_uri'];
		$this_user->laconica_profile = $_POST['laconica_profile'];
		$this_user->journal_rss  = $_POST['journal_rss'];
clint's avatar
clint committed
116

tobyink's avatar
tobyink committed
117
		if (!empty( $_POST['password_1'] ))
118
			$user->password = md5($_POST['password_1']);
clint's avatar
clint committed
119

120
		$this_user->save();
tobyink's avatar
tobyink committed
121

elleo's avatar
elleo committed
122
		header('Location: ' . $this_user->getURL());
tobyink's avatar
tobyink committed
123
		exit;
124
	}
125

tobyink's avatar
tobyink committed
126 127
	if (isset($errors[0]))
	{
elleo's avatar
elleo committed
128
		header('Content-Type: text/plain');
129
		//($errors);
tobyink's avatar
tobyink committed
130 131
		exit;
	}
132 133
}

134
if(isset($this_user->name))
135 136
{
	# Stuff which cannot be changed.
elleo's avatar
elleo committed
137
	$smarty->assign('acctid', $this_user->acctid);
138 139
	$smarty->assign('avatar', $this_user->getAvatar());
	$smarty->assign('user',   $this_user->name);
140 141

	# Stuff which cannot be changed *here*
142
	$smarty->assign('userlevel', $this_user->userlevel);
clint's avatar
clint committed
143

144
	# Stuff which cannot be changed *yet*
145
	$smarty->assign('email', $this_user->email);
clint's avatar
clint committed
146

147 148
	if ($_POST['submit'])
	{
elleo's avatar
elleo committed
149
		$smarty->assign('id',           $_POST['id']);
150 151 152 153 154 155
		$smarty->assign('fullname',     $_POST['fullname']);
		$smarty->assign('bio',          $_POST['bio']);
		$smarty->assign('homepage',     $_POST['homepage']);
		$smarty->assign('location',     $_POST['location']);
		$smarty->assign('location_uri', $_POST['location_uri']);
		$smarty->assign('avatar_uri',   $_POST['avatar_uri']);
tobyink's avatar
tobyink committed
156 157
		$smarty->assign('laconica_profile', $_POST['laconica_profile']);
		$smarty->assign('journal_rss',  $_POST['journal_rss']);
158 159 160
	}
	else
	{
elleo's avatar
elleo committed
161
		$smarty->assign('id',           ($this_user->webid_uri));
162 163 164 165 166 167 168 169
		$smarty->assign('fullname',     ($this_user->fullname));
		$smarty->assign('bio',          ($this_user->bio));
		$smarty->assign('homepage',     ($this_user->homepage));
		$smarty->assign('location',     ($this_user->location));
		$smarty->assign('location_uri', ($this_user->location_uri));
		$smarty->assign('avatar_uri',   ($this_user->avatar_uri));
		$smarty->assign('laconica_profile', ($this_user->laconica_profile));
		$smarty->assign('journal_rss',  ($this_user->journal_rss));
170
	}
171 172

	# And display the page.
173
	$aTagCloud = TagCloud::GenerateTagCloud(TagCloud::scrobblesTable('user'), 'artist', 40, $this_user->name);
174 175 176 177
	if (!PEAR::isError ($aTagCloud))
	{
		$smarty->assign('tagcloud', $aTagCloud);
	}
178
	$smarty->assign('errors', $errors);
179
	$smarty->display('user-edit.tpl');
180 181 182 183 184 185 186 187 188
}

else
{
	$smarty->assign('error', 'User not found');
	$smarty->assign('details', 'Shall I call in a missing persons report? This shouldn\'t happen.');
	$smarty->display('error.tpl');
}