Teknik is a suite of services with attractive and functional interfaces. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

update_profile.php 7.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208
  1. <?php
  2. require_once('config.php');
  3. require_once('Git.php');
  4. //initialize php variables used in the form
  5. $current_password = "";
  6. $password = "";
  7. $password_confirm = "";
  8. $theme = "";
  9. $public_key = "";
  10. $minecraft = "";
  11. $website = "";
  12. $profile_image = "";
  13. $quote = "";
  14. $about = "";
  15. $blog_title = "";
  16. $blog_description = "";
  17. $error = "";
  18. //check to see that the form has been submitted
  19. if(isset($_POST))
  20. {
  21. array_filter($_POST, 'trim_value'); // the data in $_POST is trimmed
  22. $postfilter = // set up the filters to be used with the trimmed post array
  23. array(
  24. 'website' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW),
  25. 'quote' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW),
  26. 'about' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => !FILTER_FLAG_STRIP_LOW),
  27. 'blog_title' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW),
  28. 'blog_desc' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => !FILTER_FLAG_STRIP_LOW)
  29. );
  30. $revised_post_array = filter_var_array($_POST, $postfilter); // must be referenced via a variable which is now an array that takes the place of $_POST[]
  31. //retrieve the $_POST variables
  32. $current_password = rawurldecode($_POST['current_password']);
  33. $password = rawurldecode($_POST['password']);
  34. $password_confirm = rawurldecode($_POST['password_confirm']);
  35. $theme = rawurldecode($_POST['theme']);
  36. $public_key = rawurldecode($_POST['public_key']);
  37. //$minecraft = rawurldecode($revised_post_array['minecraft']);
  38. $website = rawurldecode($revised_post_array['website']);
  39. $quote = rawurldecode($revised_post_array['quote']);
  40. $about = rawurldecode($revised_post_array['about']);
  41. $blog_title = rawurldecode($revised_post_array['blog_title']);
  42. $blog_description = rawurldecode($revised_post_array['blog_desc']);
  43. //initialize variables for form validation
  44. $success = true;
  45. if($success && !$logged_in)
  46. {
  47. $error = "You must be logged in to update your profile.";
  48. $success = false;
  49. }
  50. if($success && strlen($quote) > 140)
  51. {
  52. $error = "The maximum length for your quote is 140 characters.";
  53. $success = false;
  54. }
  55. if($success && strlen($blog_title) > 50)
  56. {
  57. $error = "The maximum length for your blog title is 50 characters.";
  58. $success = false;
  59. }
  60. if($success && strlen($blog_description) > 140)
  61. {
  62. $error = "The maximum length for your blog description is 140 characters.";
  63. $success = false;
  64. }
  65. $change_password = false;
  66. if($success && $current_password)
  67. {
  68. //check to see if passwords match
  69. if($success && hashPassword($current_password, $CONF) != $user->hashedPassword)
  70. {
  71. $error = "Current Password does not match.";
  72. $success = false;
  73. }
  74. //check to see if passwords match
  75. if($success && !$password)
  76. {
  77. $error = "You need to specify a new password.";
  78. $success = false;
  79. }
  80. //check to see if passwords match
  81. if($success && $password != $password_confirm)
  82. {
  83. $error = "New Passwords do not match.";
  84. $success = false;
  85. }
  86. if($success)
  87. {
  88. $change_password = true;
  89. }
  90. }
  91. if(!array_key_exists($theme, $CONF['themes']))
  92. {
  93. $error = "Invalid Theme Choice.";
  94. $success = false;
  95. }
  96. $keys = explode(",", $public_key);
  97. foreach ($keys as $key)
  98. {
  99. $pattern = "/^(ssh-rsa)\s([0-9A-Za-z\/\+]+)([=]*)((\s.*)|())$/";
  100. if($success && $key && !preg_match($pattern, $key))
  101. {
  102. $error = "Invalid Public Key.<br />Please make sure it follows this format.<br /><b>ssh-rsa [0-9A-Za-z/+ ]</b>";
  103. $success = false;
  104. break;
  105. }
  106. }
  107. if($success)
  108. {
  109. //prep the data for saving in a new user object
  110. if ($change_password)
  111. {
  112. $user->hashedPassword = hashPassword($password, $CONF); //encrypt the password for storage
  113. }
  114. // Add the user's keys to his git account
  115. if ($public_key != $user->public_key)
  116. {
  117. $Git = new Git();
  118. $Git->windows_mode();
  119. $repo = $Git->open($CONF['git_repo_path'][0]."gitolite-admin\\");
  120. $repo->setenv("HOME", "/home/git");
  121. $repo->pull('origin', 'master');
  122. if (is_dir($CONF['git_repo_path'][0]."gitolite-admin\\keydir\\u\\".$user->username))
  123. {
  124. $files = glob($CONF['git_repo_path'][0]."gitolite-admin\\keydir\\u\\".$user->username."/*");
  125. foreach($files as $file){ // iterate files
  126. if(is_file($file))
  127. unlink($file); // delete file
  128. }
  129. }
  130. else
  131. {
  132. mkdir($CONF['git_repo_path'][0]."gitolite-admin\\keydir\\u\\".$user->username, 0777, true);
  133. }
  134. $index = 0;
  135. $keys = explode(",", $public_key);
  136. foreach ($keys as $key)
  137. {
  138. preg_match($pattern, $key, $matches);
  139. $key = "ssh-rsa " . $matches[2];
  140. $keyFileName = $CONF['git_repo_path'][0]."gitolite-admin\\keydir\\u\\".$user->username."\\".$user->username."@Key".$index.".pub";
  141. $fileHandle = fopen($keyFileName, 'w');
  142. fwrite($fileHandle, $key);
  143. fclose($fileHandle);
  144. $index++;
  145. }
  146. $repo->add('.');
  147. $repo->commit('Modified keys for '.$user->username);
  148. $repo->push('origin', 'master');
  149. }
  150. /*
  151. if ($minecraft != $user->minecraft_user)
  152. {
  153. // code to add/remove user from permissionsex
  154. // Connect to the server
  155. $r = new minecraftRcon($CONF['minecraft_server'], $CONF['rcon_port'], $CONF['rcon_pass']);
  156. // Authenticate, and if so, execute command(s)
  157. if ( $r->Auth() ) {
  158. $r->mcRconCommand('pex user '.$user->minecraft_user." group remove Member");
  159. $r->mcRconCommand('pex user '.$minecraft." group add Member");
  160. }
  161. }
  162. */
  163. $user->theme = $theme;
  164. $user->public_key = $public_key;
  165. //$user->minecraft_user = $minecraft;
  166. $user->website = $website;
  167. $user->quote = $quote;
  168. $user->about = $about;
  169. $user->blog_title = $blog_title;
  170. $user->blog_desc = $blog_description;
  171. //update the user in the database
  172. $user->save($db);
  173. unset($_POST);
  174. echo "true";
  175. }
  176. else
  177. {
  178. unset($_POST);
  179. echo $error;
  180. }
  181. }
  182. else
  183. {
  184. echo "$_POST is not set.";
  185. }
  186. ?>