Teknik is a suite of services with attractive and functional interfaces. https://www.teknik.io/
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符

update_profile.php 7.2KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219
  1. <?php
  2. require_once('config.php');
  3. //initialize php variables used in the form
  4. $current_password = "";
  5. $password = "";
  6. $password_confirm = "";
  7. $theme = "";
  8. $public_key = "";
  9. $minecraft = "";
  10. $website = "";
  11. $profile_image = "";
  12. $quote = "";
  13. $about = "";
  14. $blog_title = "";
  15. $blog_description = "";
  16. $error = "";
  17. //check to see that the form has been submitted
  18. if(isset($_POST))
  19. {
  20. array_filter($_POST, 'trim_value'); // the data in $_POST is trimmed
  21. $postfilter = // set up the filters to be used with the trimmed post array
  22. array(
  23. 'website' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW),
  24. 'quote' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW),
  25. 'about' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => !FILTER_FLAG_STRIP_LOW),
  26. 'blog_title' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => FILTER_FLAG_STRIP_LOW),
  27. 'blog_desc' => array('filter' => FILTER_SANITIZE_STRING, 'flags' => !FILTER_FLAG_STRIP_LOW)
  28. );
  29. $revised_post_array = filter_var_array($_POST, $postfilter); // must be referenced via a variable which is now an array that takes the place of $_POST[]
  30. //retrieve the $_POST variables
  31. $current_password = rawurldecode($_POST['current_password']);
  32. $password = rawurldecode($_POST['password']);
  33. $password_confirm = rawurldecode($_POST['password_confirm']);
  34. $theme = rawurldecode($_POST['theme']);
  35. $public_key = rawurldecode($_POST['public_key']);
  36. //$minecraft = rawurldecode($revised_post_array['minecraft']);
  37. $website = rawurldecode($revised_post_array['website']);
  38. $quote = rawurldecode($revised_post_array['quote']);
  39. $about = rawurldecode($revised_post_array['about']);
  40. $blog_title = rawurldecode($revised_post_array['blog_title']);
  41. $blog_description = rawurldecode($revised_post_array['blog_desc']);
  42. //initialize variables for form validation
  43. $success = true;
  44. if($success && !$logged_in)
  45. {
  46. $error = "You must be logged in to update your profile.";
  47. $success = false;
  48. }
  49. if($success && strlen($quote) > 140)
  50. {
  51. $error = "The maximum length for your quote is 140 characters.";
  52. $success = false;
  53. }
  54. if($success && strlen($blog_title) > 50)
  55. {
  56. $error = "The maximum length for your blog title is 50 characters.";
  57. $success = false;
  58. }
  59. if($success && strlen($blog_description) > 140)
  60. {
  61. $error = "The maximum length for your blog description is 140 characters.";
  62. $success = false;
  63. }
  64. $change_password = false;
  65. if($success && $current_password)
  66. {
  67. //check to see if passwords match
  68. if($success && hashPassword($current_password, $CONF) != $user->hashedPassword)
  69. {
  70. $error = "Current Password does not match.";
  71. $success = false;
  72. }
  73. //check to see if passwords match
  74. if($success && !$password)
  75. {
  76. $error = "You need to specify a new password.";
  77. $success = false;
  78. }
  79. //check to see if passwords match
  80. if($success && $password != $password_confirm)
  81. {
  82. $error = "New Passwords do not match.";
  83. $success = false;
  84. }
  85. if($success)
  86. {
  87. $change_password = true;
  88. }
  89. }
  90. if(!array_key_exists($theme, $CONF['themes']))
  91. {
  92. $error = "Invalid Theme Choice.";
  93. $success = false;
  94. }
  95. $keys = explode(",", $public_key);
  96. foreach ($keys as $key)
  97. {
  98. $pattern = "/^(ssh-rsa)\s([0-9A-Za-z\/\+]+)([=]*)((\s.*)|())$/";
  99. if($success && $key && !preg_match($pattern, $key))
  100. {
  101. $error = "Invalid Public Key.<br />Please make sure it follows this format.<br /><b>ssh-rsa [0-9A-Za-z/+ ]</b>";
  102. $success = false;
  103. break;
  104. }
  105. }
  106. if($success)
  107. {
  108. //prep the data for saving in a new user object
  109. if ($change_password)
  110. {
  111. $user->hashedPassword = hashPassword($password, $CONF); //encrypt the password for storage
  112. if (!$CONF['dev_env'])
  113. {
  114. $obBaseApp = new COM("hMailServer.Application");
  115. $obBaseApp->Connect();
  116. $obBaseApp->Authenticate($CONF['mail_admin_user'], $CONF['mail_admin_pass']);
  117. $domain = $obBaseApp->Domains->ItemByName($CONF['host']);
  118. $account = $domain->Accounts->ItemByAddress($user->username . "@" . $CONF['host']);
  119. $account->Password = $password;
  120. $account->Save();
  121. }
  122. }
  123. // Add the user's keys to his git account
  124. if ($public_key != $user->public_key)
  125. {
  126. $dir = $CONF['git_key_dir'].'u\\'.$user->username;
  127. if (is_dir($dir))
  128. {
  129. foreach (glob($dir."\\*") as $filename)
  130. {
  131. if (is_file($filename))
  132. {
  133. unlink($filename);
  134. }
  135. }
  136. }
  137. if (!is_dir($dir))
  138. {
  139. mkdir($dir, 0777, true);
  140. }
  141. $index = 0;
  142. $keys = explode(",", $public_key);
  143. foreach ($keys as $key)
  144. {
  145. preg_match($pattern, $key, $matches);
  146. if (trim($matches[2]) != "")
  147. {
  148. $key = "ssh-rsa " . $matches[2];
  149. $keyFileName = $dir."\\".$user->username."@Key".$index.".pub";
  150. $fileHandle = fopen($keyFileName, 'w');
  151. fwrite($fileHandle, $key);
  152. fclose($fileHandle);
  153. $index++;
  154. }
  155. }
  156. putenv("HOME=/home/git");
  157. $result = shell_exec('bash --login -c "'.$CONF['gitolite_path'].'gitolite trigger SSH_AUTHKEYS"');
  158. }
  159. /*
  160. if ($minecraft != $user->minecraft_user)
  161. {
  162. // code to add/remove user from permissionsex
  163. // Connect to the server
  164. $r = new minecraftRcon($CONF['minecraft_server'], $CONF['rcon_port'], $CONF['rcon_pass']);
  165. // Authenticate, and if so, execute command(s)
  166. if ( $r->Auth() ) {
  167. $r->mcRconCommand('pex user '.$user->minecraft_user." group remove Member");
  168. $r->mcRconCommand('pex user '.$minecraft." group add Member");
  169. }
  170. }
  171. */
  172. $user->theme = $theme;
  173. $user->public_key = $public_key;
  174. //$user->minecraft_user = $minecraft;
  175. $user->website = $website;
  176. $user->quote = $quote;
  177. $user->about = $about;
  178. $user->blog_title = $blog_title;
  179. $user->blog_desc = $blog_description;
  180. //update the user in the database
  181. $user->save($db);
  182. unset($_POST);
  183. echo "true";
  184. }
  185. else
  186. {
  187. unset($_POST);
  188. echo $error;
  189. }
  190. }
  191. else
  192. {
  193. echo "$_POST is not set.";
  194. }
  195. ?>