105 lines
3.2 KiB
PHP
105 lines
3.2 KiB
PHP
<?php
|
|
/**
|
|
* Observium
|
|
*
|
|
* This file is part of Observium.
|
|
*
|
|
* @package observium
|
|
* @subpackage web
|
|
* @copyright (C) Adam Armstrong
|
|
*
|
|
*/
|
|
|
|
register_html_title("User Profile");
|
|
|
|
$navbar['class'] = 'navbar-narrow';
|
|
$navbar['brand'] = 'Profile';
|
|
|
|
$pages = [
|
|
'general' => 'Information',
|
|
'settings' => 'Settings',
|
|
'authentication' => 'Authentication',
|
|
'authlog' => 'Sessions'
|
|
];
|
|
|
|
if (!auth_can_change_password($_SESSION['username'])) {
|
|
unset($pages['authentication']);
|
|
}
|
|
|
|
if (!isset($pages[$vars['section']])) {
|
|
$vars['section'] = "general";
|
|
}
|
|
|
|
foreach ($pages as $page_name => $page_desc) {
|
|
if ($vars['section'] === $page_name) {
|
|
$navbar['options'][$page_name]['class'] = "active";
|
|
}
|
|
|
|
$navbar['options'][$page_name]['url'] = generate_url(['page' => 'preferences', 'section' => $page_name]);
|
|
$navbar['options'][$page_name]['text'] = escape_html($page_desc);
|
|
}
|
|
|
|
// Print out the navbar defined above
|
|
print_navbar($navbar);
|
|
unset($navbar);
|
|
|
|
/* Start actions */
|
|
// Change password
|
|
if ($vars['password'] === "save" && request_token_valid($vars)) {
|
|
// Check for CSRF attach (error showed inside request_token_valid())
|
|
if (authenticate($_SESSION['username'], $vars['old_pass'])) {
|
|
if (safe_empty($vars['new_pass']) || safe_empty($vars['new_pass2'])) {
|
|
print_warning("Password must not be blank.");
|
|
} elseif ($vars['new_pass'] === $vars['new_pass2']) {
|
|
auth_change_password($_SESSION['username'], $vars['new_pass']);
|
|
print_success("Password Changed.");
|
|
} else {
|
|
print_warning("Passwords don't match.");
|
|
}
|
|
} else {
|
|
print_warning("Incorrect password");
|
|
}
|
|
}
|
|
|
|
unset($prefs);
|
|
if (is_numeric($_SESSION['user_id'])) {
|
|
$user_id = $_SESSION['user_id'];
|
|
$prefs = get_user_prefs($user_id);
|
|
|
|
// Reset RSS/Atom key
|
|
if ($vars['atom_key'] === "toggle" && request_token_valid($vars)) {
|
|
if (set_user_pref($user_id, 'atom_key', md5(random_string()))) {
|
|
print_success('RSS/Atom key updated.');
|
|
$prefs = get_user_prefs($user_id);
|
|
} else {
|
|
print_error('Error generating RSS/Atom key.');
|
|
}
|
|
}
|
|
|
|
// Reset API key
|
|
if ($vars['api_key'] === "toggle" && request_token_valid($vars)) {
|
|
if (set_user_pref($user_id, 'api_key', md5(random_string()))) {
|
|
print_success('API key updated.');
|
|
$prefs = get_user_prefs($user_id);
|
|
} else {
|
|
print_error('Error generating API key.');
|
|
}
|
|
}
|
|
}
|
|
$atom_key_updated = (isset($prefs['atom_key']['updated']) ? format_uptime(time() - strtotime($prefs['atom_key']['updated']), 'shorter') . ' ago' : 'Never');
|
|
$api_key_updated = (isset($prefs['api_key']['updated']) ? format_uptime(time() - strtotime($prefs['api_key']['updated']), 'shorter') . ' ago' : 'Never');
|
|
|
|
/* End actions */
|
|
|
|
$filename = $config['html_dir'] . '/pages/preferences/' . $vars['section'] . '.inc.php';
|
|
if (is_file($filename)) {
|
|
$vars = get_vars('POST'); // Note, on edit pages use only method POST!
|
|
|
|
include($filename);
|
|
} else {
|
|
print_error('<h4>Page does not exist</h4>
|
|
The requested page does not exist. Please correct the URL and try again.');
|
|
}
|
|
|
|
// EOF
|