user settings

main
Philip Häusler 14 years ago
parent 72d8f6bb13
commit d381f57951

@ -3,7 +3,7 @@
-- http://www.phpmyadmin.net
--
-- Host: localhost
-- Erstellungszeit: 02. Juni 2011 um 15:48
-- Erstellungszeit: 02. Juni 2011 um 18:17
-- Server Version: 5.1.44
-- PHP-Version: 5.3.1
@ -25,7 +25,7 @@ CREATE TABLE IF NOT EXISTS `AngelTypes` (
`Man` text,
PRIMARY KEY (`TID`),
UNIQUE KEY `Name` (`Name`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=5 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=6 ;
--
-- Daten für Tabelle `AngelTypes`
@ -33,7 +33,8 @@ CREATE TABLE IF NOT EXISTS `AngelTypes` (
INSERT INTO `AngelTypes` (`TID`, `Name`, `Man`) VALUES
(1, 'Sex', ''),
(4, 'Audio', '');
(4, 'Audio', ''),
(5, 'Massage', '');
-- --------------------------------------------------------
@ -70,15 +71,16 @@ CREATE TABLE IF NOT EXISTS `Counter` (
--
INSERT INTO `Counter` (`URL`, `Anz`) VALUES
('news', 39),
('login', 5),
('logout', 2),
('start', 8),
('news', 44),
('login', 12),
('logout', 5),
('start', 13),
('faq', 4),
('credits', 2),
('register', 1),
('admin_rooms', 64),
('admin_angel_types', 58);
('credits', 3),
('register', 3),
('admin_rooms', 70),
('admin_angel_types', 68),
('user_settings', 109);
-- --------------------------------------------------------
@ -122,7 +124,7 @@ CREATE TABLE IF NOT EXISTS `GroupPrivileges` (
`privilege_id` int(11) NOT NULL,
PRIMARY KEY (`id`),
KEY `group_id` (`group_id`,`privilege_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=9 ;
--
-- Daten für Tabelle `GroupPrivileges`
@ -135,7 +137,8 @@ INSERT INTO `GroupPrivileges` (`id`, `group_id`, `privilege_id`) VALUES
(4, -2, 4),
(5, -1, 5),
(6, -4, 6),
(7, -4, 7);
(7, -4, 7),
(8, -2, 8);
-- --------------------------------------------------------
@ -241,7 +244,7 @@ CREATE TABLE IF NOT EXISTS `Privileges` (
`desc` varchar(1024) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `name` (`name`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ;
) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=9 ;
--
-- Daten für Tabelle `Privileges`
@ -254,7 +257,8 @@ INSERT INTO `Privileges` (`id`, `name`, `desc`) VALUES
(4, 'logout', 'User darf sich ausloggen'),
(5, 'register', 'Einen neuen Engel registerieren'),
(6, 'admin_rooms', 'Räume administrieren'),
(7, 'admin_angel_types', 'Engel Typen administrieren');
(7, 'admin_angel_types', 'Engel Typen administrieren'),
(8, 'user_settings', 'User profile settings');
-- --------------------------------------------------------
@ -606,7 +610,7 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES
('pub_menu_Wecken', 'DE', 'Wecken'),
('pub_menu_mySchichtplan', 'DE', 'Mein Schichtplan'),
('pub_menu_questionEngel', 'DE', 'Anfragen an die Dispatcher'),
('pub_menu_Einstellungen', 'DE', 'Einstellungen'),
('user_settings', 'DE', 'Einstellungen'),
('pub_menu_Engelbesprechung', 'EN', 'Drone meeting'),
('logout', 'DE', 'Abmelden'),
('pub_menu_Schichtplan', 'EN', 'Available Shifts'),
@ -615,7 +619,7 @@ INSERT INTO `Sprache` (`TextID`, `Sprache`, `Text`) VALUES
('pub_menu_mySchichtplan', 'EN', 'My Shifts'),
('pub_menu_questionEngel', 'EN', 'Questions for the Dispatcher'),
('logout', 'EN', 'Logout'),
('pub_menu_Einstellungen', 'EN', 'Options'),
('user_settings', 'EN', 'Settings'),
('menu_Name', 'DE', 'Garage'),
('menu_Name', 'EN', 'Garage'),
('menu_MakeUser', 'DE', 'Benutzer anlegen'),
@ -1022,7 +1026,7 @@ CREATE TABLE IF NOT EXISTS `User` (
--
INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES
(1, 'admin', '', '', 0, '', '', '', '', NULL, NULL, '', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307029663, '0000-00-00 00:00:00', '', '', ''),
(1, 'admin', '', '', 0, '', '', '', '', '', '', 'L', '21232f297a57a5a743894a0e4a801fc3', 0, 0, 0, 10, 'DE', 115, 'L', 1307038600, '0000-00-00 00:00:00', '', '', ''),
(147, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', 'L', 'e10adc3949ba59abbe56e057f20f883e', 0, 0, 0, 6, 'EN', 0, 'L', 1306971362, '2011-06-02 00:55:09', '', '', '');
-- --------------------------------------------------------

@ -0,0 +1,252 @@
<?php
function user_settings() {
global $user;
if (!isset ($_REQUEST['action'])) {
$tshirt_html = template_render('../templates/user_settings_tshirt.html', array (
'label_size' => Get_Text("makeuser_T-Shirt"),
'size_select' => ($user['Tshirt'] == 0) ? html_select_key('size', array (
'S' => "S",
'M' => "M",
'L' => "L",
'XL' => "XL",
'2XL' => "2XL",
'3XL' => "3XL",
'4XL' => "4XL",
'5XL' => "5XL",
'S-G' => "S Girl",
'M-G' => "M Girl",
'L-G' => "L Girl",
'XL-G' => "XL Girl"
), $user['Size']) : $user['Size']
));
return template_render('../templates/user_settings.html', array (
'link' => page_link_to("user_settings"),
'greeting' => Get_Text("Hallo") . $user['Nick'] . ",<br />" . Get_Text(13),
'text_user_data' => Get_Text("pub_einstellungen_Text_UserData"),
'label_nick' => Get_Text("pub_einstellungen_Nick"),
'label_name' => Get_Text("pub_einstellungen_Name"),
'label_prename' => Get_Text("pub_einstellungen_Vorname"),
'label_age' => Get_Text("pub_einstellungen_Alter"),
'label_tel' => Get_Text("pub_einstellungen_Telefon"),
'label_mobile' => Get_Text("pub_einstellungen_Handy"),
'label_dect' => Get_Text("pub_einstellungen_DECT"),
'label_mail' => Get_Text("pub_einstellungen_Email"),
'label_hometown' => Get_Text("pub_einstellungen_Hometown"),
'nick' => $user['Nick'],
'name' => $user['Name'],
'prename' => $user['Vorname'],
'age' => $user['Alter'],
'tel' => $user['Telefon'],
'mobile' => $user['Handy'],
'dect' => $user['DECT'],
'mail' => $user['email'],
'icq' => $user['ICQ'],
'jabber' => $user['jabber'],
'hometown' => $user['Hometown'],
'label_save' => Get_Text("save"),
'tshirts' => $tshirt_html,
'text_password' => Get_Text(14),
'current_pw_label' => Get_Text(15),
'new_pw_label' => Get_Text(16),
'new_pw2_label' => Get_Text(17),
'text_theme' => Get_Text(18),
'theme_label' => Get_Text(19),
'theme_select' => html_select_key('theme', array (
"1" => "Standard-Style",
"2" => "ot/Gelber Style",
"3" => "Club-Mate Style",
"5" => "Debian Style",
"6" => "c-base Style",
"7" => "Blau/Gelber Style",
"8" => "Pastel Style",
"4" => "Test Style",
"9" => "Test Style 21c3",
"10" => "msquare (cccamp2011)"
), $user['color']),
'text_language' => Get_Text(20),
'language_label' => Get_Text(21),
'language_select' => html_select_key('language', array (
'DE' => "Deutsch",
'EN' => "English"
), $user['Sprache'])
));
} else {
switch ($_REQUEST['action']) {
case 'sprache' :
if (isset ($_REQUEST['language']) && preg_match("/^DE|EN$/", $_REQUEST['language']))
$language = $_REQUEST['language'];
else
$language = "EN";
sql_query("UPDATE `User` SET " . "`Sprache`='" . sql_escape($language) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
$_SESSION['Sprache'] = $language;
header("Location: " . page_link_to("user_settings"));
break;
case 'colour' :
$theme = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['theme']));
sql_query("UPDATE `User` SET " . "`color`='" . sql_escape($theme) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
header("Location: " . page_link_to("user_settings"));
break;
case 'set' :
$html = "";
if ($_REQUEST["new_pw"] == $_REQUEST["new_pw2"]) {
if (PassCrypt($_REQUEST["current_pw"]) == $user['Passwort']) {
sql_query("UPDATE `User` SET `Passwort`='" . sql_escape(PassCrypt($_REQUEST['new_pw'])) . "' WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
header("Location: " . page_link_to("user_settings"));
} else {
$html .= error(Get_Text(30));
}
} else {
$html .= error(Get_Text(31));
}
return $html;
break;
case "setUserData" :
$nick = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['nick']));
$name = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['name']));
$prename = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['prename']));
$age = preg_replace("/([^0-9]{1,})/ui", '', strip_tags($_REQUEST['age']));
$tel = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['tel']));
$mobile = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['mobile']));
$dect = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['dect']));
$mail = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['mail']));
$icq = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['icq']));
$jabber = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['jabber']));
$hometown = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['hometown']));
$size = ($user['TShirt'] == 0) ? preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}]{1,})/ui", '', strip_tags($_REQUEST['size'])) : $user['Size'];
sql_query("UPDATE `User` SET " .
"`Nick`='" . sql_escape($nick) . "', " .
"`Name`='" . sql_escape($name) . "', " .
"`Vorname`='" . sql_escape($prename) . "', " .
"`Alter`='" . sql_escape($age) . "', " .
"`Telefon`='" . sql_escape($tel) . "', " .
"`Handy`='" . sql_escape($mobile) . "', " .
"`DECT`='" . sql_escape($dect) . "', " .
"`email`='" . sql_escape($mail) . "', " .
"`ICQ`='" . sql_escape($icq) . "', " .
"`jabber`='" . sql_escape($jabber) . "', " .
"`Hometown`='" . sql_escape($hometown) . "', " .
"`Size`='" . sql_escape($size) . "' " .
"WHERE `UID`=" . sql_escape($user['UID']) . " LIMIT 1");
header("Location: " . page_link_to("user_settings"));
break;
}
}
// AVATARE
/*
if (get_cfg_var("file_uploads")) {
echo "<br />\n<hr width=\"100%\">\n<br />\n\n";
echo Get_Text('pub_einstellungen_PictureUpload') . "<br />";
echo "<form action=\"./einstellungen.php\" method=\"post\" enctype=\"multipart/form-data\">\n";
echo "<input type=\"hidden\" name=\"action\" value=\"sendPicture\">\n";
echo "<input name=\"file\" type=\"file\" size=\"50\" maxlength=\"" . get_cfg_var("post_max_size") . "\">\n";
echo "(max " . get_cfg_var("post_max_size") . "Byte)<br />\n";
echo "<input type=\"submit\" value=\"" . Get_Text("upload"), "\">\n";
echo "</form>\n";
}
switch (GetPicturShow($_SESSION['UID'])) {
case 'Y' :
echo Get_Text('pub_einstellungen_PictureShow') . "<br />";
echo displayPictur($_SESSION['UID'], 0);
echo "<form action=\"./einstellungen.php\" method=\"post\">\n";
echo "<input type=\"hidden\" name=\"action\" value=\"delPicture\">\n";
echo "<input type=\"submit\" value=\"" . Get_Text("delete"), "\">\n";
echo "</form>\n";
break;
case 'N' :
echo Get_Text('pub_einstellungen_PictureNoShow') . "<br />";
echo displayPictur($_SESSION['UID'], 0);
echo "<form action=\"./einstellungen.php\" method=\"post\">\n";
echo "<input type=\"hidden\" name=\"action\" value=\"delPicture\">\n";
echo "<input type=\"submit\" value=\"" . Get_Text("delete"), "\">\n";
echo "</form>\n";
echo "<br />\n<hr width=\"100%\">\n<br />\n\n";
case '' :
echo "<br />\n<hr width=\"100%\">\n<br />\n\n";
echo Get_Text(22) . "<br />";
echo "\n<form action=\"./einstellungen.php\" method=\"post\">\n";
echo "<input type=\"hidden\" name=\"action\" value=\"avatar\">\n";
echo "<table>\n";
echo "<tr>\n<td>" . Get_Text(23) . "<br /></td>\n</tr>\n";
echo "<tr>\n";
echo "<td>\n";
echo "<select name=\"eAvatar\" onChange=\"document.avatar.src = '" . $url . $ENGEL_ROOT . "pic/avatar/avatar' + this.value + '.gif'\" onKeyup=\"document.avatar.src = '" . $url . $ENGEL_ROOT . "pic/avatar/avatar' + this.value + '.gif'\">\n";
for ($i = 1; file_exists("../pic/avatar/avatar" . $i . ".gif"); $i++)
echo "<option value=\"" . $i . "\"" . ($_SESSION['Avatar'] == $i ? " selected" : "") . ">avatar" . $i . "</option>\n";
echo "</select>&nbsp;&nbsp;\n";
echo "<img src=\"" . $url . $ENGEL_ROOT . "pic/avatar/avatar" . $_SESSION['Avatar'] . ".gif\" name=\"avatar\" border=\"0\" align=\"top\">\n";
echo "</td>\n</tr>\n";
echo "</table>\n";
echo "<input type=\"submit\" value=\"" . Get_Text("save") . "\">\n";
echo "</form>\n";
break;
} //CASE
} else {
switch ($_POST["action"]) {
case 'avatar' :
$chsql = "UPDATE `User` SET `Avatar`='" . $_POST["eAvatar"] . "' WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1";
$Erg = mysql_query($chsql, $con);
$_SESSION['Avatar'] = $_POST["eAvatar"];
if ($Erg == 1)
Print_Text(34);
else
Print_Text(29);
break;
case 'setUserData' :
break;
case 'sendPicture' :
if ($_FILES["file"]["size"] > 0) {
if (($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/gif")) {
$data = addslashes(fread(fopen($_FILES["file"]["tmp_name"], "r"), filesize($_FILES["file"]["tmp_name"])));
if (GetPicturShow($_SESSION['UID']) == "")
$SQL = "INSERT INTO `UserPicture` " .
"( `UID`,`Bild`, `ContentType`, `show`) " .
"VALUES ('" . $_SESSION['UID'] . "', '$data', '" . $_FILES["file"]["type"] . "', 'N')";
else
$SQL = "UPDATE `UserPicture` SET " .
"`Bild`='$data', " .
"`ContentType`='" . $_FILES["file"]["type"] . "', " .
"`show`='N' " .
"WHERE `UID`='" . $_SESSION['UID'] . "'";
$res = mysql_query($SQL, $con);
if ($res)
Print_Text("pub_einstellungen_send_OK");
else
Print_Text("pub_einstellungen_send_KO");
echo "<h6>('" . $_FILES["file"]["name"] . "', MIME-Type: " . $_FILES["file"]["type"] . ", " . $_FILES["file"]["size"] . " Byte)</h6>";
} else
Print_Text("pub_einstellungen_send_KO");
} else
Print_Text("pub_einstellungen_send_KO");
break;
case 'delPicture' :
$chsql = "DELETE FROM `UserPicture` WHERE `UID`='" . $_SESSION['UID'] . "' LIMIT 1";
$Erg = mysql_query($chsql, $con);
if ($Erg == 1)
Print_Text("pub_einstellungen_del_OK");
else
Print_Text("pub_einstellungen_del_KO");
Break;
}
}
*/
}
?>

@ -21,7 +21,8 @@ function make_navigation() {
// Engel Navigation
$menu .= make_navigation_for(Get_Text('inc_schicht_engel'), array (
"news"
"news",
"user_settings"
));
// Admin Navigation

@ -22,4 +22,15 @@ function html_options($name, $options, $selected = "") {
return $html;
}
function html_select_key($name, $rows, $selected) {
$html = '<select name="' . $name . '">';
foreach ($rows as $key => $row)
if (($key == $selected) || ($row == $selected))
$html .= '<option value="' . $key . '" selected="selected">' . $row . '</option>';
else
$html .= '<option value="' . $key . '">' . $row . '</option>';
$html .= '</select>';
return $html;
}
?>

@ -0,0 +1,106 @@
%greeting%
<hr width="100%">
%text_user_data%
<form action="%link%&action=setUserData" method="post">
<table>
<tr>
<td>%label_nick%</td>
<td><input type="text" name="nick" size="23" value="%nick%"></td>
</tr>
<tr>
<td>%label_name%</td>
<td><input type="text" name="name" size="23" value="%name%"></td>
</tr>
<tr>
<td>%label_prename%</td>
<td><input type="text" name="prename" size="23" value="%prename%"></td>
</tr>
<tr>
<td>%label_age%</td>
<td><input type="text" name="age" size="3" value="%age%"></td>
</tr>
<tr>
<td>%label_tel%</td>
<td><input type="text" name="tel" size="40" value="%tel%"></td>
</tr>
<tr>
<td>%label_mobile%</td>
<td><input type="text" name="mobile" size="40" value="%mobile%"></td>
</tr>
<tr>
<td>%label_dect%</td>
<td><input type="text" name="dect" size="4" value="%dect%"></td>
</tr>
<tr>
<td>%label_mail%</td>
<td><input type="text" name="mail" size="40" value="%mail%"></td>
</tr>
<tr>
<td>ICQ</td>
<td><input type="text" name="icq" size="40" value="%icq%"></td>
</tr>
<tr>
<td>jabber</td>
<td><input type="text" name="jabber" size="40" value="%jabber%"></td>
</tr>
<tr>
<td>%label_hometown%</td>
<td><input type="text" name="hometown" size="40" value="%hometown%"></td>
</tr>
%tshirts%
</table>
<input type="submit" value="%label_save%">
</form>
<hr />
%text_password%
<form action="%link%&action=set" method="post">
<table>
<tr><td>%current_pw_label%</td><td><input type="password" name="current_pw" size="20"></td></tr>
<tr><td>%new_pw_label%</td><td><input type="password" name="new_pw" size="20"></td></tr>
<tr><td>%new_pw2_label%</td><td><input type="password" name="new_pw2" size="20"></td></tr>
</table>
<input type="submit" value="%label_save%">
</form>
<hr />
%text_theme%
<form action="%link%&action=colour" method="post">
<table>
<tr>
<td>%theme_label%</td>
<td>
%theme_select%
</td>
</tr>
</table>
<input type="submit" value="%label_save%">
</form>
<hr />
%text_language%
<form action="%link%&action=sprache" method="post">
<table>
<tr>
<td>%language_label%</td>
<td>
%language_select%
</td>
</tr>
</table>
<input type="submit" value="%label_save%">
</form>

@ -0,0 +1,4 @@
<tr>
<td>%label_size%</td>
<td>%size_select%</td>
</tr>

@ -1,3 +1,8 @@
* MD5-Passwörter mit Salt speichern
* Passwort-Mindestanforderungen stellen
* Avatare
* schichten ueber monatsgrenzen einbaue im moment werden die tage nur
hochgezaehlt und die monatzgrenzen werden ignoriert
* verify use of dect_clear.php and jabberserver.php

@ -101,10 +101,6 @@ table {
border-collapse: collapse;
}
tr:hover > td {
background: #f0f0f0;
}
th {
background: #f0f0f0;
}

@ -5,3 +5,7 @@
margin: 10px auto;
width: 523px;
}
tr:hover > td {
background: #f0f0f0;
}

@ -33,6 +33,10 @@ if (in_array($p, $privileges)) {
require_once ('includes/pages/user_news.php');
$content = user_news();
}
elseif ($p == "user_settings") {
require_once ('includes/pages/user_settings.php');
$content = user_settings();
}
elseif ($p == "login") {
require_once ('includes/pages/guest_login.php');
$content = guest_login();

@ -1,3 +0,0 @@
<?php
header("Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REDIRECT_URL']);
?>

@ -1,3 +0,0 @@
<?php
header("Location: https://" . $_SERVER['HTTP_HOST'] . "/");
?>
Loading…
Cancel
Save