You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
482 lines
15 KiB
482 lines
15 KiB
<?php |
|
|
|
|
|
/* |
|
|
|
Copyright 2018 Murray Hayes |
|
|
|
Redistribution and use in source and binary forms, with or without |
|
modification, are permitted provided that the following conditions |
|
are met: |
|
|
|
1. Redistributions of source code must retain the above copyright |
|
notice, this list of conditions and the following disclaimer. |
|
|
|
2. Redistributions in binary form must reproduce the above copyright |
|
notice, this list of conditions and the following disclaimer in the |
|
documentation and/or other materials provided with the distribution. |
|
|
|
3. Neither the name of the copyright holder nor the names of its |
|
contributors may be used to endorse or promote products derived from |
|
this software without specific prior written permission. |
|
|
|
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
|
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
|
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
|
FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
|
COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
|
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
|
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
|
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
|
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
POSSIBILITY OF SUCH DAMAGE. |
|
|
|
*/ |
|
|
|
|
|
session_start(); |
|
|
|
include_once "utils.php"; |
|
include_once "DOMUtils.php"; |
|
include_once "consts.php"; |
|
include_once "database.php"; |
|
include_once "text.php"; |
|
include_once "adminUtils.php"; |
|
|
|
$doc = returnDoc(); |
|
$root = returnRoot($doc); |
|
|
|
//if (!isset($_SESSION['login']) || !isset($_SESSION['MemberID'])) |
|
if (!validateSession()) |
|
if (!isset($_SESSION['cookieMonster'])) |
|
generateCookieMonster(); |
|
else |
|
generateLoginRedirect(); |
|
else |
|
if (($_SESSION['login'] === TRUE)) |
|
{ |
|
$changed = FALSE; |
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') |
|
{ |
|
/* |
|
* Process form here |
|
*/ |
|
|
|
if (isset($_POST[$text0007]) && $_POST[$text0007] === $text0007) |
|
{ |
|
if ($_FILES['cssfile']['error'] === UPLOAD_ERR_OK) |
|
{ |
|
$finfo = finfo_open(FILEINFO_MIME); |
|
$destination = tempnam("usercss", "user"); |
|
$destination .= ".css"; |
|
if (move_uploaded_file($_FILES['cssfile']['tmp_name'], $destination)); |
|
{ |
|
$fileInfo = finfo_file($finfo, $destination); |
|
//print($destination); |
|
|
|
if (registerNewUserCSSFile($_SESSION['MemberID'], basename($destination), $_FILES['cssfile']['name'], $fileInfo) === FALSE) |
|
{ |
|
print("User CSS file not added to database."); |
|
} |
|
} |
|
} |
|
else |
|
{ |
|
print($_FILES['cssfile']['error']); |
|
} |
|
} |
|
//print_r ($_POST); |
|
else |
|
if (isset($_POST[$text0005]) && $_POST[$text0005] === $text0005) |
|
{ |
|
if ((int) $_POST['style'] !== (int) $_SESSION['prefCSS']) |
|
{ |
|
switch ((int) $_POST['style']) |
|
{ |
|
case 0: |
|
$_SESSION['prefCSS'] = 0; |
|
$changed = TRUE; |
|
break; |
|
case 1: |
|
$_SESSION['prefCSS'] = 1; |
|
$changed = TRUE; |
|
break; |
|
} |
|
} |
|
if ($_POST['language'] !== $_SESSION['language']) |
|
{ |
|
switch (cleanInput($_POST['language'])) |
|
{ |
|
case 'en': |
|
$_SESSION['language'] = 'en'; |
|
$changed = TRUE; |
|
break; |
|
case 'fr': |
|
$_SESSION['language'] = 'fr'; |
|
$changed = TRUE; |
|
break; |
|
case 'es': |
|
$_SESSION['language'] = 'es'; |
|
$changed = TRUE; |
|
break; |
|
} |
|
} |
|
if (isset($_POST['xml']) && $_POST['xml'] === 'xml') |
|
{ |
|
if ($_SESSION['prefXML'] === FALSE) |
|
{ |
|
$_SESSION['prefXML'] = TRUE; |
|
$changed = TRUE; |
|
} |
|
} |
|
else |
|
{ |
|
if ($_SESSION['prefXML'] === TRUE) |
|
{ |
|
$_SESSION['prefXML'] = FALSE; |
|
$changed = TRUE; |
|
} |
|
} |
|
if (isset($_POST['mobile']) && $_POST['mobile'] === 'mobile') |
|
{ |
|
if ($_SESSION['despizeMobile'] === FALSE) |
|
{ |
|
$_SESSION['despizeMobile'] = TRUE; |
|
$changed = TRUE; |
|
} |
|
} |
|
else |
|
{ |
|
if ($_SESSION['despizeMobile'] === TRUE) |
|
{ |
|
$_SESSION['despizeMobile'] = FALSE; |
|
$changed = TRUE; |
|
} |
|
} |
|
if (isset($_POST['customCSS']) && $_POST['customCSS'] === 'customCSS') |
|
{ |
|
print ("bonk"); |
|
if ((boolean) $_SESSION['useCustomCSS'] === FALSE) |
|
{ |
|
$_SESSION['useCustomCSS'] = TRUE; |
|
$changed = TRUE; |
|
} |
|
} |
|
else |
|
{ |
|
if ((boolean) $_SESSION['useCustomCSS'] === TRUE) |
|
{ |
|
$_SESSION['useCustomCSS'] = FALSE; |
|
$changed = TRUE; |
|
} |
|
} |
|
|
|
|
|
} |
|
else |
|
if (isset($_POST[$text0006]) && $_POST[$text0006] === $text0006) |
|
{ |
|
$set_lang = 'en'; |
|
$set_xml = FALSE; |
|
$set_mobi = FALSE; |
|
$set_style = 0; |
|
if (isset($_POST['xml']) && $_POST['xml'] === 'xml') |
|
$set_xml = TRUE; |
|
if (isset($_POST['mobile']) && $_POST['mobile'] === 'mobile') |
|
$set_mobi = TRUE; |
|
if (isset($_POST['language'])) |
|
{ |
|
switch (cleanInput($_POST['language'])) |
|
{ |
|
case 'en': |
|
$set_lang = 'en'; |
|
break; |
|
case 'fr': |
|
$set_lang = 'fr'; |
|
break; |
|
case 'es': |
|
$set_lang = 'es'; |
|
break; |
|
} |
|
} |
|
if (isset($_POST['style']) && is_numeric($_POST['style'])) |
|
{ |
|
$cleaned =(int) cleanInput($_POST['style']); |
|
if ($cleaned >= 0 && $cleaned <= 1) |
|
$set_style = $cleaned; |
|
} |
|
|
|
try |
|
{ |
|
$dbh = returnDatabaseHandel(); |
|
$dbh->beginTransaction(); |
|
$sth = $dbh->prepare($statement255); |
|
$sth->execute(array($set_lang, $set_xml, $set_mobi, $set_style, $_SESSION['MemberID'])); |
|
$dbh->commit(); |
|
|
|
} |
|
catch (Exception $e) |
|
{ |
|
print("Failed ut update user_options " . $e->getMessage()); |
|
$dbh->rollBack(); |
|
} |
|
|
|
} |
|
} |
|
|
|
|
|
$root = $doc->appendChild($root); |
|
$root->appendChild(generateHead($doc)); |
|
|
|
$body = $doc->createElement('body'); |
|
$root->appendChild($body); |
|
|
|
$body->appendChild(generateMastHead($doc, $baseDir)); |
|
|
|
//$body->appendChild($doc->createElement('hr')); |
|
|
|
$_SESSION['subNav'] = NULL; |
|
|
|
$body->appendChild(generateSelectedMenuBar($doc)); |
|
|
|
|
|
/* |
|
* Insert content here. |
|
*/ |
|
|
|
$db_lang = 'en'; |
|
$db_xml = TRUE; |
|
$db_mobi = TRUE; |
|
$db_set = 0; |
|
|
|
try |
|
{ |
|
$dbh = returnDatabaseHandel(); |
|
$sth = $dbh->prepare($statement254); |
|
$count = 0; |
|
if ($sth->execute(array($_SESSION['MemberID']))) |
|
{ |
|
while ($row = $sth->fetch(PDO::FETCH_ASSOC)) // && ($row['start_datetime'] > date(''))) |
|
{ |
|
$count++; |
|
$db_lang = $row['language']; |
|
$db_xml = $row['prefer_xml']; |
|
$db_mobi = $row['despize_mobile']; |
|
$db_set = $row['prefered_css']; |
|
} |
|
} |
|
} |
|
catch (Exception $e) |
|
{ |
|
|
|
} |
|
|
|
|
|
$h3 = $doc->createElement('h3'); |
|
$h3->appendChild($doc->createTextNode($text0100)); |
|
$body->appendChild($h3); |
|
|
|
$form = createForm($doc, "preferences.php"); |
|
$fieldSet = $doc->createElement('fieldset'); |
|
|
|
$label = $doc->createElement('label', $text0101); |
|
$label->setAttribute('for', 'xml'); |
|
$label->setAttribute('class', 'MemberEditorInputLabel'); |
|
$fieldSet->appendChild($label); |
|
$input = $doc->createElement('select'); |
|
$input->setAttribute('name', 'language'); |
|
|
|
$option = $doc->createElement('option'); |
|
$option->setAttribute('value', 'zz'); |
|
if (isset($_SESSION['language']) && $_SESSION['language'] === 'zz') |
|
$option->setAttribute('selected', 'selected'); |
|
$option->appendChild($doc->createTextNode('Browser')); |
|
$input->appendChild($option); |
|
|
|
|
|
$option = $doc->createElement('option'); |
|
$option->setAttribute('value', 'en'); |
|
if (isset($_SESSION['language']) && $_SESSION['language'] === 'en') |
|
$option->setAttribute('selected', 'selected'); |
|
$option->appendChild($doc->createTextNode('English')); |
|
$input->appendChild($option); |
|
|
|
$option = $doc->createElement('option'); |
|
$option->setAttribute('value', 'fr'); |
|
if (isset($_SESSION['language']) && $_SESSION['language'] === 'fr') |
|
$option->setAttribute('selected', 'selected'); |
|
$option->appendChild($doc->createTextNode('French')); |
|
$input->appendChild($option); |
|
|
|
$option = $doc->createElement('option'); |
|
$option->setAttribute('value', 'es'); |
|
if (isset($_SESSION['language']) && $_SESSION['language'] === 'es') |
|
$option->setAttribute('selected', 'selected'); |
|
$option->appendChild($doc->createTextNode('Spanish')); |
|
$input->appendChild($option); |
|
|
|
$fieldSet->appendChild($input); |
|
$label = $doc->createElement('br'); |
|
$fieldSet->appendChild($label); |
|
|
|
|
|
$label = $doc->createElement('label', $text0102); |
|
$label->setAttribute('for', 'xml'); |
|
$label->setAttribute('class', 'MemberEditorInputLabel'); |
|
$fieldSet->appendChild($label); |
|
$input = createCheckboxInput($doc, 'xml', 'xml', NULL, NULL, FALSE); |
|
/* $input = $doc->createElement('input'); |
|
$input->setAttribute('type', 'checkbox'); |
|
$input->setAttribute('name', 'xml'); |
|
$input->setAttribute('value', 'xml'); |
|
$input->setAttribute('autocomplete', 'off'); */ |
|
|
|
if ($_SESSION['prefXML'] === TRUE) |
|
$input->setAttribute('checked', 'checked'); |
|
// else |
|
// $input->setAttribute('checked', ''); |
|
$fieldSet->appendChild($input); |
|
$label = $doc->createElement('br'); |
|
$fieldSet->appendChild($label); |
|
|
|
$label = $doc->createElement('label', $text0103); |
|
$label->setAttribute('for', 'mobile'); |
|
$label->setAttribute('class', 'MemberEditorInputLabel'); |
|
$fieldSet->appendChild($label); |
|
$input = createCheckboxInput($doc, 'mobile', 'mobile', NULL, NULL, FALSE); |
|
/* $input = $doc->createElement('input'); |
|
$input->setAttribute('type', 'checkbox'); |
|
$input->setAttribute('name', 'mobile'); |
|
$input->setAttribute('value', 'mobile'); |
|
$input->setAttribute('autocomplete', 'off'); */ |
|
if ($_SESSION['despizeMobile'] === TRUE) |
|
$input->setAttribute('checked', 'checked'); |
|
// else |
|
// $input->setAttribute('checked', ''); |
|
$fieldSet->appendChild($input); |
|
$label = $doc->createElement('br'); |
|
$fieldSet->appendChild($label); |
|
|
|
$label = $doc->createElement('label', $text0104); |
|
$label->setAttribute('for', 'style'); |
|
$label->setAttribute('class', 'MemberEditorInputLabel'); |
|
$fieldSet->appendChild($label); |
|
$input = $doc->createElement('select'); |
|
$input->setAttribute('name', 'style'); |
|
$input->setAttribute('autocomplete', 'off'); |
|
for ($i = 0; $i < 2; $i++) |
|
{ |
|
$option = $doc->createElement('option'); |
|
$option->setAttribute('value', $i); |
|
if ($i === $_SESSION['prefCSS']) |
|
$option->setAttribute('selected', 'selected'); |
|
$option->appendChild($doc->createTextNode($i)); |
|
$input->appendChild($option); |
|
} |
|
|
|
$fieldSet->appendChild($input); |
|
$label = $doc->createElement('br'); |
|
$fieldSet->appendChild($label); |
|
|
|
/* |
|
* The order of this is unusual to provide for special labeling. |
|
*/ |
|
|
|
$extendedText = $text0105; |
|
$input = createCheckboxInput($doc,'customCSS', 'customCSS', NULL, NULL, FALSE); |
|
if (userHasRegisteredCustomCSS($_SESSION['MemberID'])) |
|
{ |
|
/* |
|
* SECURITE - if the original file name was not properly sterilized, this |
|
* is where the injection attack can occur. |
|
*/ |
|
$extendedText .= "(" . returnUserCSSOriginalFileName($_SESSION['MemberID']) . ")"; |
|
if ($_SESSION['useCustomCSS'] === TRUE) |
|
$input->setAttribute('checked', 'checked'); |
|
} |
|
else |
|
{ |
|
$input->setAttribute('disabled', 'disabled'); |
|
$extendedText .= "($text0107)"; |
|
} |
|
$label = $doc->createElement('label', $extendedText); |
|
$label->setAttribute('for', 'customCSS'); |
|
$label->setAttribute('class', 'MemberEditorInputLabel'); |
|
$fieldSet->appendChild($label); |
|
$fieldSet->appendChild($input); |
|
$label = $doc->createElement('br'); |
|
$fieldSet->appendChild($label); |
|
|
|
$label = $doc->createElement('label', $text0106); |
|
$label->setAttribute('for', 'cssfile'); |
|
$label->setAttribute('class', 'MemberEditorInputLabel'); |
|
$fieldSet->appendChild($label); |
|
$input =$doc->createElement('input'); |
|
$input->setAttribute('type', 'file'); |
|
$input->setAttribute('name', 'cssfile'); |
|
$fieldSet->appendChild($input); |
|
|
|
$input = createSubmitInput($doc, $text0007, $text0007); |
|
/* $input = $doc->createElement('input'); |
|
$input->setAttribute('type', 'submit'); |
|
$input->setAttribute('name', $text0007); |
|
$input->setAttribute('value', $text0007); */ |
|
$fieldSet->appendChild($input); |
|
$label = $doc->createElement('br'); |
|
$fieldSet->appendChild($label); |
|
|
|
if (returnMemberUseEncryptions($_SESSION['MemberID'])) |
|
$label = createLabel($doc, $text0130, 'encryptEmail', 'MemberEditorInputLabel', 'Checked'); |
|
else |
|
$label = createLabel($doc, $text0130, 'encryptEmail', 'MemberEditorInputLabel'); |
|
$fieldSet->appendChild($label); |
|
$label = createCheckboxInput($doc, 'encryptEmail'); |
|
$fieldSet->appendChild($label); |
|
$label = createBr($doc); |
|
$fieldSet->appendChild($label); |
|
|
|
|
|
$label = $doc->createElement('label', $text0131); |
|
$label->setAttribute('for', 'pgpkeyfile'); |
|
$label->setAttribute('class', 'MemberEditorInputLabel'); |
|
$fieldSet->appendChild($label); |
|
$input =$doc->createElement('input'); |
|
$input->setAttribute('type', 'file'); |
|
$input->setAttribute('name', 'pgpkeyfile'); |
|
$fieldSet->appendChild($input); |
|
|
|
$input = createSubmitInput($doc, $text0007, $text0007); |
|
|
|
$form->appendChild($fieldSet); |
|
|
|
$input = createSubmitInput($doc, $text0005, $text0005); |
|
/* $input = $doc->createElement('input'); |
|
$input->setAttribute('type', 'submit'); |
|
$input->setAttribute('name', $text0005); |
|
$input->setAttribute('value', $text0005);*/ |
|
$form->appendChild($input); |
|
|
|
if ($changed) |
|
{ |
|
$input = createSubmitInput($doc, $text0006, $text0006); |
|
/* $input = $doc->createElement('input'); |
|
$input->setAttribute('type', 'submit'); |
|
$input->setAttribute('name', $text0006); |
|
$input->setAttribute('value', $text0006); */ |
|
$form->appendChild($input); |
|
} |
|
|
|
$body->appendChild($form); |
|
|
|
$body->appendChild(generateFooter($doc)); |
|
|
|
if ($prettyPretty) |
|
$doc->formatOutput = true; |
|
outputDoc($doc); |
|
} |
|
else |
|
generateIndexRedirect(); |
|
|
|
?>
|