aboutsummaryrefslogtreecommitdiff
path: root/www/functions/func_user.php
diff options
context:
space:
mode:
Diffstat (limited to 'www/functions/func_user.php')
-rwxr-xr-xwww/functions/func_user.php337
1 files changed, 337 insertions, 0 deletions
diff --git a/www/functions/func_user.php b/www/functions/func_user.php
new file mode 100755
index 0000000..d9e202d
--- /dev/null
+++ b/www/functions/func_user.php
@@ -0,0 +1,337 @@
+<?php
+function account($db, $var){
+
+ if(empty($_GET["id"])){
+ $info_db = $db->query("SELECT * FROM user WHERE name='".$_SESSION["username"]."';");
+ $info_ar = $info_db->fetchArray(SQLITE3_NUM);
+
+ $ls_db = $db->query("SELECT login FROM log WHERE user=".$info_ar[0]." ORDER BY id DESC");
+ $last_seen = $ls_db->fetchArray(SQLITE3_NUM);
+ }
+
+ echo "
+ <!doctype html>
+
+ <html>
+ <head>
+ <title>Account :: Junge Gemeinde Adlershof</title>
+ <meta http-equiv='Content-type' content='text/html; charset=utf-8' />
+ <link rel='stylesheet' type='text/css' href='/static/hyperstyle.css' />
+ <link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'>
+ <script>
+ function showChangeUsername(){
+ document.getElementById(\"newUsername\").style.visibility = \"visible\";
+
+ return;
+ }
+
+ function showNewPassword(){
+ document.getElementById(\"newPassword\").style.visibility = \"visible\";
+
+ return;
+ }
+ </script>
+ <style type='text/css'>
+ #newUsername{
+ width: 100%;
+ height: 100%;
+ background: #ecece1;
+ position: fixed;
+ z-index: 99;
+ top: 0px;
+ opacity: 0.85;
+ visibility: hidden;
+ }
+
+ #newUsername-area{
+ height: 190px;
+ width: 400px;
+ position: fixed;
+ top: 50%;
+ margin-top: -100px;
+ padding: 10px;
+ left: 50%;
+ margin-left: -200px;
+ border: 1px solid black;
+ }
+
+ #newPassword{
+ width: 100%;
+ height: 100%;
+ background: #ecece1;
+ position: fixed;
+ z-index: 99;
+ top: 0px;
+ opacity: 0.85;
+ visibility: hidden;
+ }
+
+ #newPassword-area{
+ height: 190px;
+ width: 400px;
+ position: fixed;
+ top: 50%;
+ margin-top: -100px;
+ padding: 10px;
+ left: 50%;
+ margin-left: -200px;
+ border: 1px solid black;
+ }
+
+ #UserData-area{
+ width: 20%;
+ height: 120%;
+ /*opacity: 0.75;*/
+ /*background: white;*/
+
+ }
+
+ </style>
+ </head>
+ ";
+ include("static/head.php");
+// echo "loged in as: " . $_SESSION["username"];
+/*
+ echo "<center>
+
+ <table width='400px' border='1' rules='group'>
+ <thead>
+ <tr>
+ <th>Name</th>
+ <th>E-Mail</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr><td align='center'>".$info_ar[1]."</td><td align='center'>".$info_ar[3]."</td></tr>
+
+ ";
+*/
+
+ switch($var){
+ case("password"):
+ $passage = "<font color='red'>Falsches Passwort.</font><br>";
+ break;
+ case(PASSWORD_SUCCESS):
+ $passage = "<font color='red'>Dein Passwort wurde erfolgreich geändert.</font><br>";
+ break;
+ case(CH_USERNAME_SUCCESS):
+ $passage = "<font color='red'>Erfolg! Ab sofort bist du unter ".$_SESSION["username"]." bekannt.</font><br>";
+ break;
+ case(CH_EMAIL_SUCCESS):
+ $passage = "<font color='red'>Deine E-Mail Adresse wurde erfolgreich geändert.</font><br>";
+ break;
+ case(CH_EMAIL_EXISTS):
+ $passage = "<font color='red'>Diese E-Mail Adresse ist schon in Benutzung.</font><br>";
+ break;
+ case(CH_USERNAME_EXISTS):
+ $passage = "<font color='red'>Dieser Name ist schon in Benutzung.</font><br>";
+ break;
+ default:
+ $passage = "";
+ break;
+ }
+
+ echo "<center>
+
+ <br><br>
+ <div id='content_container' align='center'>
+ <div class='kleineschrift'><div class='ueberschrift'><p>Account Informationen</p></div></div>
+ <br>
+ ".$passage."
+ <br>
+
+ <div id='UserData-area'>
+ <p>Deine Daten: (<a href='#' onclick='showChangeUsername()' style='text-decoration:underline; font-size:15px'>ändern?</a>)</p>
+ <br>
+ <table >
+ <tr><td>
+ Name:
+ </td><td>
+ &#160;
+ </td><td>
+ ".$info_ar[1]."
+ </td><td>
+ <tr><td>
+ E-Mail:
+ </td><td>
+ &#160;
+ </td><td>
+ ".$info_ar[3]."
+ </td></tr>
+ <tr><td>&#160;</td></tr>
+ <tr><td>
+ Registrierungsdatum:
+ </td><td>
+ &#160;
+ </td><td>
+ ".date("j.n.Y / H:i:s", $info_ar[5])."
+ </td><td>
+ </td><td>
+ &#160;
+ </td></tr>
+ <tr><td>
+ Zuletzt gesehen:
+ </td><td>
+ &#160;
+ </td><td>
+ ".date("j.n.Y / H:i:s", $last_seen[0])."
+ </td></tr>
+ </table>
+ <br>
+
+ </div>
+
+ <br>
+ <div style='width:400px'><hr></div>
+ <br>
+ <br>
+ <p>Passwort Verwaltung:</p>
+ <br>
+ <table>
+ <tr><td>
+ <a href='#' onclick='showNewPassword()' style='text-decoration:underline;'>Passwort ändern?</a>
+ </td>
+ <td>
+ &#160;
+ </td>
+ <td>
+ |
+ </td>
+ <td>
+ &#160;
+ </td>
+ <td>
+ <a href='/password_recover' style='text-decoration:underline;'>Passwort vergessen?</a>
+ </td></tr>
+ </table>
+
+
+ <div id='newUsername'>
+ <div id='newUsername-area'>
+ <p>Wechsle deinen Spitznamen oder deine E-Mail Adresse. Bitte bestätige die Änderung mit deinem Passwort.</p>
+ <br>
+ <form method='POST' action='/account/change:user'>
+ <table>
+ <tr><td>
+ Name:
+ </td>
+ <td>
+ <input type='text' name='name' value='".$info_ar[1]."'>
+ </td></tr>
+ <tr><td>
+ E-Mail:
+ </td>
+ <td>
+ <input type='text' name='email' value='".$info_ar[3]."'>
+ </td></tr>
+ <tr><td>
+ Passwort:
+ </td>
+ <td>
+ <input type='password' name='pswd'>
+ </td></tr>
+ <tr><td>
+ </td>
+ <td>
+ <input type='submit' value='ändern'>
+ </td></tr>
+ </table>
+ </form>
+ </div>
+ </div>
+ <br>
+ <div id='newPassword'>
+ <div id='newPassword-area'>
+ <p>Aktualisiere deine Passwort. Bitte bestätige die Änderung mit deinem aktuell gültigen Passwort.
+ <form method='POST' action='/account/change:password'>
+ <table>
+ <tr><td>
+ Neues Passwort:
+ </td>
+ <td>
+ <input type='password' name='pswd'>
+ </td></tr>
+ <tr><td>
+ Neues Passwort wiederholen:
+ </td>
+ <td>
+ <input type='password' name='2ndpswd'>
+ </td></tr>
+ <tr><td>
+ </td>
+ <td>
+ </td></tr>
+ <tr><td>
+ Altes Passwort:
+ </td>
+ <td>
+ <input type='password' name='oldpswd'>
+ </td></tr>
+ <tr><td>
+ </td>
+ <td>
+ <input type='submit' value='ändern'>
+ </td></tr>
+ </table>
+ </form>
+ </div>
+ </div>
+ </div>
+ ";
+ return true;
+}
+
+function user_id($db, $user){
+
+ $owner_db = $db->query("SELECT id FROM user WHERE name='" . SQLite3::escapeString($user) . "';");
+ $owner_ar = $owner_db->fetchArray(SQLITE3_NUM);
+ if(empty($owner_ar[0])){
+ return false;
+ }
+
+ $owner = $owner_ar[0];
+ return $owner;
+}
+
+function change_username($db, $oldname, $newname){
+ $oldname = $db->escapeString($oldname);
+ $newname = $db->escapeString($newname);
+ $check_db = $db->query("SELECT 1 FROM user WHERE name='".$newname."'");
+ $check_ar = $check_db->fetchArray(SQLITE3_NUM);
+
+ if($check_ar[0] == 1){
+ return CH_USERNAME_EXISTS;
+ }
+
+ if($db->exec("
+ BEGIN TRANSACTION;
+ UPDATE user SET name='".$newname."'WHERE name='".$oldname."';
+ COMMIT;
+ ")){
+ $_SESSION["username"] = $newname;
+ return CH_USERNAME_SUCCESS;
+ } else {
+ return DATABASE;
+ }
+}
+
+function change_email($db, $name, $email){
+ $res_db = $db->query("SELECT 1, name FROM user WHERE email='".$db->escapeString($email)."'");
+ $res_ar = $res_db->fetchArray(SQLITE3_NUM);
+
+ if($res_ar[0] == 1){
+ if($name != $res_ar[1]){
+ return CH_EMAIL_EXISTS;
+ }
+ }
+
+ if($db->exec("
+ BEGIN TRANSACTION;
+ UPDATE user SET email='".$db->escapeString($email)."' WHERE name='".$db->escapeString($name)."';
+ COMMIT;
+ ")){
+ return CH_EMAIL_SUCCESS;
+ } else {
+ return DATABASE;
+ }
+}