We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

user-edit.php 6.26 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
<?php

/* Libre.fm -- a free network service for sharing your music listening habits

   Copyright (C) 2009 Libre.fm Project

   This program is free software: you can redistribute it and/or modify
   it under the terms of the GNU Affero General Public License as published by
   the Free Software Foundation, either version 3 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU Affero General Public License for more details.

   You should have received a copy of the GNU Affero General Public License
   along with this program.  If not, see <http://www.gnu.org/licenses/>.

*/

require_once('database.php');
require_once('templating.php');
require_once('data/User.php');
require_once('data/TagCloud.php');

if($logged_in == false)
{
	$smarty->assign('error', 'Error!');
	$smarty->assign('details', 'Not logged in! You shouldn\'t be here!');
	$smarty->display('error.tpl');
	die();
}

$errors = array();

37
if ($_POST['submit'])
38
{
39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68
	if (!empty($_POST['id']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['id']) )
			$errors[] = "WebID must be a URI.";
		if ( preg_match('/\s/', $_POST['id']) )
			$errors[] = "WebID must be a URI. Valid URIs cannot contain whitespace.";
	}

	if (!empty($_POST['homepage']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['homepage']) )
			$errors[] = "Homepage must be a URI.";
		if ( preg_match('/\s/', $_POST['homepage']) )
			$errors[] = "Homepage must be a URI. Valid URIs cannot contain whitespace.";
	}

	if (!empty($_POST['avatar_uri']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['avatar_uri']) )
			$errors[] = "Avatar must be a URI.";
		if ( preg_match('/\s/', $_POST['avatar_uri']) )
			$errors[] = "Avatar must be a URI. Valid URIs cannot contain whitespace.";
	}

tobyink's avatar
tobyink committed
69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88
	if (!empty($_POST['laconica_profile']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['laconica_profile']) )
			$errors[] = "Laconica profile must be a URI.";
		if ( preg_match('/\s/', $_POST['laconica_profile']) )
			$errors[] = "Laconica profile must be a URI. Valid URIs cannot contain whitespace.";
	}

	if (!empty($_POST['journal_rss']))
	{
		# Need better URI validation, but this will do for now. I think
		# PEAR has a suitable module to help out here.
		if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['journal_rss']) )
			$errors[] = "Journal RSS must be a URI.";
		if ( preg_match('/\s/', $_POST['journal_rss']) )
			$errors[] = "Journal RSS must be a URI. Valid URIs cannot contain whitespace.";
	}

tobyink's avatar
tobyink committed
89 90 91 92 93 94
	if (!empty($_POST['password_1']))
	{
		if ($_POST['password_1'] != $_POST['password_2'])
			$errors[] = "Passwords do not match.";
	}

95 96 97 98 99 100 101 102 103 104 105 106
	if (!empty($_POST['location_uri']))
	{
		# Currently only allow geonames URIs, but there's no reason we can't accept
		# others at some point in the future. (e.g. dbpedia)
		if ( !preg_match('/^http:\/\/sws.geonames.org\/[0-9]+\/$/', $_POST['location_uri']) )
			$errors[] = "This should be a geonames.org semantic web service URI.";
	}

	if (!isset($errors[0]))
	{
		# Currently we don't allow them to change e-mail as we probably should
		# have some kind of confirmation login to do so.
107 108 109 110 111 112 113 114 115
		$this_user->id           = $_POST['id'];
		$this_user->fullname     = $_POST['fullname'];
		$this_user->homepage     = $_POST['homepage'];
		$this_user->bio          = $_POST['bio'];
		$this_user->location     = $_POST['location'];
		$this_user->location_uri = $_POST['location_uri'];
		$this_user->avatar_uri   = $_POST['avatar_uri'];
		$this_user->laconica_profile = $_POST['laconica_profile'];
		$this_user->journal_rss  = $_POST['journal_rss'];
tobyink's avatar
tobyink committed
116
		
tobyink's avatar
tobyink committed
117
		if (!empty( $_POST['password_1'] ))
118
			$user->password = md5($_POST['password_1']);
tobyink's avatar
tobyink committed
119
		
120
		$this_user->save();
tobyink's avatar
tobyink committed
121

122
		header("Location: " . $this_user->getURL());
tobyink's avatar
tobyink committed
123
		exit;
124
	}
125

tobyink's avatar
tobyink committed
126 127 128 129 130 131
	if (isset($errors[0]))
	{
		header("Content-Type: text/plain");
		print_r($errors);
		exit;
	}
132 133
}

134
if(isset($this_user->name))
135 136
{
	# Stuff which cannot be changed.
137 138 139
	$smarty->assign("acctid", $this_user->acctid);
	$smarty->assign('avatar', $this_user->getAvatar());
	$smarty->assign('user',   $this_user->name);
140 141

	# Stuff which cannot be changed *here*
142
	$smarty->assign('userlevel', $this_user->userlevel);
143 144
	
	# Stuff which cannot be changed *yet*
145
	$smarty->assign('email', $this_user->email);
146
	
147 148 149 150 151 152 153 154 155
	if ($_POST['submit'])
	{
		$smarty->assign("id",           $_POST['id']);
		$smarty->assign('fullname',     $_POST['fullname']);
		$smarty->assign('bio',          $_POST['bio']);
		$smarty->assign('homepage',     $_POST['homepage']);
		$smarty->assign('location',     $_POST['location']);
		$smarty->assign('location_uri', $_POST['location_uri']);
		$smarty->assign('avatar_uri',   $_POST['avatar_uri']);
tobyink's avatar
tobyink committed
156 157
		$smarty->assign('laconica_profile', $_POST['laconica_profile']);
		$smarty->assign('journal_rss',  $_POST['journal_rss']);
158 159 160
	}
	else
	{
161 162 163 164 165 166 167 168 169
		$smarty->assign("id",           ($this_user->webid_uri));
		$smarty->assign('fullname',     ($this_user->fullname));
		$smarty->assign('bio',          ($this_user->bio));
		$smarty->assign('homepage',     ($this_user->homepage));
		$smarty->assign('location',     ($this_user->location));
		$smarty->assign('location_uri', ($this_user->location_uri));
		$smarty->assign('avatar_uri',   ($this_user->avatar_uri));
		$smarty->assign('laconica_profile', ($this_user->laconica_profile));
		$smarty->assign('journal_rss',  ($this_user->journal_rss));
170
	}
171 172

	# And display the page.
173
	$aTagCloud = TagCloud::GenerateTagCloud('Free_Scrobbles', 'artist');
174 175 176 177
	if (!PEAR::isError ($aTagCloud))
	{
		$smarty->assign('tagcloud', $aTagCloud);
	}
178
	$smarty->assign('errors', $errors);
179
	$smarty->display('user-edit.tpl');
180 181 182 183 184 185 186 187 188
}

else
{
	$smarty->assign('error', 'User not found');
	$smarty->assign('details', 'Shall I call in a missing persons report? This shouldn\'t happen.');
	$smarty->display('error.tpl');
}