We are no longer offering accounts on this server. Consider https://gitlab.freedesktop.org/ as a place to host projects.

Commit 5fa8a299 authored by tobyink's avatar tobyink

Tearing my hair out. Maybe I was trying to be too clever before.

parent 8c7b913c
......@@ -24,15 +24,6 @@ require_once('templating.php');
require_once('data/User.php');
require_once('data/TagCloud.php');
# This function tends to be quite useful. Might move it somewhere else so
# that it can be included and reused in other files.
function getPostVar ($postvar, $fallback)
{
if (isset($_POST[$postvar]))
return $_POST[$postvar];
return $fallback;
}
if($logged_in == false)
{
$smarty->assign('error', 'Error!');
......@@ -46,55 +37,59 @@ $user = new User($_SESSION['user']->name);
$errors = array();
if (!empty($_POST['id']))
{
# Need better URI validation, but this will do for now. I think
# PEAR has a suitable module to help out here.
if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['id']) )
$errors[] = "WebID must be a URI.";
if ( preg_match('/\s/', $_POST['id']) )
$errors[] = "WebID must be a URI. Valid URIs cannot contain whitespace.";
}
if (!empty($_POST['homepage']))
{
# Need better URI validation, but this will do for now. I think
# PEAR has a suitable module to help out here.
if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['homepage']) )
$errors[] = "Homepage must be a URI.";
if ( preg_match('/\s/', $_POST['homepage']) )
$errors[] = "Homepage must be a URI. Valid URIs cannot contain whitespace.";
}
if (!empty($_POST['avatar_uri']))
if ($_POST['submit'])
{
# Need better URI validation, but this will do for now. I think
# PEAR has a suitable module to help out here.
if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['avatar_uri']) )
$errors[] = "Avatar must be a URI.";
if ( preg_match('/\s/', $_POST['avatar_uri']) )
$errors[] = "Avatar must be a URI. Valid URIs cannot contain whitespace.";
}
if (!empty($_POST['id']))
{
# Need better URI validation, but this will do for now. I think
# PEAR has a suitable module to help out here.
if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['id']) )
$errors[] = "WebID must be a URI.";
if ( preg_match('/\s/', $_POST['id']) )
$errors[] = "WebID must be a URI. Valid URIs cannot contain whitespace.";
}
if (!empty($_POST['homepage']))
{
# Need better URI validation, but this will do for now. I think
# PEAR has a suitable module to help out here.
if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['homepage']) )
$errors[] = "Homepage must be a URI.";
if ( preg_match('/\s/', $_POST['homepage']) )
$errors[] = "Homepage must be a URI. Valid URIs cannot contain whitespace.";
}
if (!empty($_POST['avatar_uri']))
{
# Need better URI validation, but this will do for now. I think
# PEAR has a suitable module to help out here.
if ( !preg_match('/^[a-z0-9\+\.\-]+\:/i', $_POST['avatar_uri']) )
$errors[] = "Avatar must be a URI.";
if ( preg_match('/\s/', $_POST['avatar_uri']) )
$errors[] = "Avatar must be a URI. Valid URIs cannot contain whitespace.";
}
if (!empty($_POST['location_uri']))
{
# Currently only allow geonames URIs, but there's no reason we can't accept
# others at some point in the future. (e.g. dbpedia)
if ( !preg_match('/^http:\/\/sws.geonames.org\/[0-9]+\/$/', $_POST['location_uri']) )
$errors[] = "This should be a geonames.org semantic web service URI.";
}
if (!isset($errors[0]))
{
# Currently we don't allow them to change e-mail as we probably should
# have some kind of confirmation login to do so.
$user->id = $_POST['id'];
$user->fullname = $_POST['fullname'];
$user->homepage = $_POST['homepage'];
$user->bio = $_POST['bio'];
$user->location = $_POST['location'];
$user->location_uri = $_POST['location_uri'];
$user->avatar_uri = $_POST['avatar_uri'];
}
if (!empty($_POST['location_uri']))
{
# Currently only allow geonames URIs, but there's no reason we can't accept
# others at some point in the future. (e.g. dbpedia)
if ( !preg_match('/^http:\/\/sws.geonames.org\/[0-9]+\/$/', $_POST['location_uri']) )
$errors[] = "This should be a geonames.org semantic web service URI.";
}
if (!isset($errors[0]))
{
# Currently we don't allow them to change e-mail as we probably should
# have some kind of confirmation login to do so.
$user->id = $_POST['id'];
$user->fullname = $_POST['fullname'];
$user->homepage = $_POST['homepage'];
$user->bio = $_POST['bio'];
$user->location = $_POST['location'];
$user->location_uri = $_POST['location_uri'];
$user->avatar_uri = $_POST['avatar_uri'];
}
if(isset($user->name))
......@@ -110,14 +105,26 @@ if(isset($user->name))
# Stuff which cannot be changed *yet*
$smarty->assign('email', $user->email);
# This is what we're going to let them change.
$smarty->assign("id", getPostVar('id', $user->id));
$smarty->assign('fullname', getPostVar('fullname', $user->fullname));
$smarty->assign('bio', getPostVar('bio', $user->bio));
$smarty->assign('homepage', getPostVar('homepage', $user->homepage));
$smarty->assign('location', getPostVar('location', $user->location));
$smarty->assign('location_uri', getPostVar('location_uri', $user->location_uri));
$smarty->assign('avatar_uri', getPostVar('avatar_uri', $user->avatar_uri));
if ($_POST['submit'])
{
$smarty->assign("id", $_POST['id']);
$smarty->assign('fullname', $_POST['fullname']);
$smarty->assign('bio', $_POST['bio']);
$smarty->assign('homepage', $_POST['homepage']);
$smarty->assign('location', $_POST['location']);
$smarty->assign('location_uri', $_POST['location_uri']);
$smarty->assign('avatar_uri', $_POST['avatar_uri']);
}
else
{
$smarty->assign("id", ($user->id));
$smarty->assign('fullname', ($user->fullname));
$smarty->assign('bio', ($user->bio));
$smarty->assign('homepage', ($user->homepage));
$smarty->assign('location', ($user->location));
$smarty->assign('location_uri', ($user->location_uri));
$smarty->assign('avatar_uri', ($user->avatar_uri));
}
# And display the page.
$smarty->assign('errors', $errors);
......
......@@ -40,6 +40,7 @@
<tr>
<td colspan="2" align="center">
<input type="submit" value="Change" />
<input name="submit" value="1" type="hidden" />
</td>
</tr>
</table>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment