<?php
/**
* iLP System Benutzereinstellungen
*
* Autor: Florian "ApoY2k" Peschka
* Projekt: iLP System
* Paket: apoy2k.ilp.wrynn
* Lizenz: CreativeCommons (by-nc-sa)
* Kontakt: hide@address.com
* Version: 2.1.1
*/
// Benutzer-Login prüfen
if (isset($_SESSION['user']['login']))
{
// Zusätzliche Header laden
$tpl['headincludes'][] = 'settings.form';
// Benutzereinstellungen ändern
if (isset($tpl['url'][1]) && 'do' == $tpl['url'][1])
{
if ('' != $_POST['settings_password'] && '' != $_POST['settings_login'])
{
// Ãberprüfung des Passwortes
$get_user = $db->prepare("SELECT * FROM ilp_users WHERE id = ?");
$get_user->execute(array($tpl['user']['id']));
$user_arr = $get_user->fetch(PDO::FETCH_ASSOC);
if ($user_arr['pw'] == md5(sha1($_POST['settings_password'])))
{
// Kontrollvariable, wieviele Ãnderungen insgesamt vorgenommen wurden.
$changes = 0;
// Ãnderung des Benutzernamens
if ($user_arr['login'] != $_POST['settings_login'])
{
$changes++;
$change_login = $db->prepare("UPDATE ilp_users SET login = ? WHERE id = ?");
$change_login->execute(array($_POST['settings_login'], $user_arr['id']));
// Wenn die Ãnderung erfolgreich gespeichert wurde, den Benutzer ausloggen
if (1 == $change_login->rowCount())
{
writeLog($tpl['user']['id'], $tpl['user']['id'], 'user_edit_login', array('old_login' => $user_arr['login'], 'new_login' => $_POST['settings_login']));
header('Location: logout.php');
}
else
{
$tpl['error']['action'] = 'Benutzername ändern';
$tpl['error']['actor'] = $tpl['user']['id'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'settings.php:46';
$tpl['error']['result'] = var_dump($change_login->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
// Ãnderung des Passwortes
if ('' != $_POST['settings_new_password'])
{
if ($user_arr['pw'] != md5(sha1($_POST['settings_new_password'])))
{
if ($_POST['settings_new_password'] == $_POST['settings_new_password_confirm'])
{
$changes++;
$change_pw = $db->prepare("UPDATE ilp_users SET pw = ? WHERE id = ?");
$change_pw->execute(array(md5(sha1($_POST['settings_new_password'])), $user_arr['id']));
// Wenn die Ãnderung erfolgreich gespeichert wurde, den Benutzer ausloggen
if (1 == $change_pw->rowCount())
{
writeLog($tpl['user']['id'], $tpl['user']['id'], 'user_edit_pw');
header('Location: logout.php');
}
else
{
$tpl['error']['action'] = 'Passwort ändern';
$tpl['error']['actor'] = $tpl['user']['id'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'settings.php:71';
$tpl['error']['result'] = var_dump($change_pw->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
else
{
$tpl['error']['message'] = $lang['settings']['pw_confirmnote'];
$tpl['error']['ref'] = 'settings';
}
}
}
// Ãnderung der E-Mail Adresse
if ($user_arr['email'] != $_POST['settings_new_email'])
{
$changes++;
$change_email = $db->prepare("UPDATE ilp_users SET email = ? WHERE id = ?");
$change_email->execute(array($_POST['settings_new_email'], $user_arr['id']));
// Erfolg der Ãnderung
if (1 == $change_email->rowCount())
{
writeLog($tpl['user']['id'], $tpl['user']['id'], 'user_edit_email', array('old_email' => $user_arr['email'], 'new_email' => $_POST['settings_new_email']));
$tpl['settings']['success'] = true;
}
else
{
$tpl['error']['action'] = 'E-Mail Adresse ändern';
$tpl['error']['actor'] = $tpl['user']['id'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'settings.php:95';
$tpl['error']['result'] = var_dump($change_email->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
// Ãnderung der Systemsprache
if ($user_arr['lang'] != $_POST['settings_lang'])
{
$changes++;
$change_lang = $db->prepare("UPDATE ilp_users SET lang = ? WHERE id = ?");
$change_lang->execute(array($_POST['settings_lang'], $user_arr['id']));
// Erfolg der Ãnderung
if (1 == $change_lang->rowCount())
{
writeLog($tpl['user']['id'], $tpl['user']['id'], 'user_edit_lang', array('old_lang' => $user_arr['lang'], 'new_lang' => $_POST['settings_lang']));
$tpl['settings']['success'] = true;
}
else
{
$tpl['error']['action'] = 'Systemsprache ändern';
$tpl['error']['actor'] = $tpl['user']['id'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'settings.php:118';
$tpl['error']['result'] = var_dump($change_lang->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
// Ãnderung der Tooltipsprache
if ($user_arr['tooltip_locale'] != $_POST['settings_tooltip_locale'])
{
$changes++;
$change_tooltip = $db->prepare("UPDATE ilp_users SET tooltip_locale = ? WHERE id = ?");
$change_tooltip->execute(array($_POST['settings_tooltip_locale'], $user_arr['id']));
// Erfolg der Ãnderung
if (1 == $change_tooltip->rowCount())
{
writeLog($tpl['user']['id'], $tpl['user']['id'], 'user_edit_tooltip', array('old_tooltip' => $user_arr['tooltip_locale'], 'new_tooltip' => $_POST['settings_tooltip_locale']));
$tpl['settings']['success'] = true;
}
else
{
$tpl['error']['action'] = 'Tooltipsprache ändern';
$tpl['error']['actor'] = $tpl['user']['id'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'settings.php:141';
$tpl['error']['result'] = var_dump($change_tooltip->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
if (0 == $changes)
{
$tpl['settings']['info'] = true;
}
}
else
{
$tpl['error']['message'] = $lang['error']['password'];
$tpl['error']['ref'] = 'settings';
}
}
else
{
$tpl['error']['message'] = $lang['error']['incomplete'];
$tpl['error']['ref'] = 'settings';
}
}
// Charakteränderung
elseif (isset($tpl['url'][1]) && 'req' == $tpl['url'][1])
{
if ('' != $_POST['settings_char_name'] && '' != $_POST['settings_char_msg'])
{
// Daten der Anfrage sammeln
$req_values = array(
'user_id' => $tpl['user']['id'],
'new_class' => substr($_POST['settings_char_class'], 0, -1),
'new_spec' => substr($_POST['settings_char_class'], -1, 1),
'new_name' => $_POST['settings_char_name'],
'old_class' => $tpl['user']['char']['class'],
'old_spec' => $tpl['user']['char']['spec'],
'old_name' => $tpl['user']['char']['name']
);
$req_values = serialize($req_values);
// Anfrage speichern
$req_ins = $db->prepare("INSERT INTO ilp_reqs (type, sent_id, req_values, req_msg) VALUES (?, ?, ?, ?)");
$req_ins->execute(array('2', $tpl['user']['id'], $req_values, $_POST['settings_char_msg']));
// Wenn die Anfrage gespeichert wurde, den Benutzer auf seine Anfragen umleiten
if (1 == $req_ins->rowCount())
{
writeLog($tpl['user']['id'], $tpl['user']['id'], 'user_req_char', array('old_char' => $tpl['user']['char']['name'], 'new_char' => $_POST['settings_char_name']));
header('Location: index.php?ilp='.ilpUrlEncode('start;reqs'));
}
else
{
$tpl['error']['action'] = 'Charakteranfrage schicken';
$tpl['error']['actor'] = $tpl['user']['id'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'settings.php:196';
$tpl['error']['result'] = var_dump($req_ins->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
else
{
$tpl['error']['message'] = $lang['error']['incomplete'];
$tpl['error']['ref'] = 'settings';
}
}
// Wenn keine Aktion ausgeführt wird, einige Arrays speichern, um die bereits ausgewählten Daten anzuzeigen
else
{
$tpl['settings']['tooltip_locale_array'] = array(
'de' => 'Deutsch',
'en' => 'English',
'fr' => 'Français',
'es' => 'Español',
'ru' => 'ÑÑÑÑкий'
);
$tpl['settings']['lang_array'] = $tpl['system']['lang_array'];
}
}
// Wenn der Benutzer nicht eingeloggt ist, Fehlerausgabe erzeugen
else
{
$tpl['error']['action'] = 'Seite aufrufen: Einstellungen';
$tpl['error']['actor'] = $_SERVER['REMOTE_ADDR'];
$tpl['error']['location'] = 'settings.php';
$tpl['error']['result'] = 'Zugriff verweigert';
$tpl['error']['module'] = '0 (base-php)';
}
?>