186 lines
9.8 KiB
PHP
186 lines
9.8 KiB
PHP
<?php
|
|
/*
|
|
* Copyright (C) 2018 josh.north
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
ini_set('session.gc_maxlifetime', 24*60*60); // MIN SESSION
|
|
ini_set('session.gc_probability', 1); // GC RATES
|
|
ini_set('session.gc_divisor', 100); // TIMES
|
|
ini_set('session.use_cookies', '1');
|
|
ini_set('session.use_only_cookies', '1');
|
|
ini_set('session.cookie_secure', '0');
|
|
ini_set('session.cookie_httponly', '0');
|
|
ini_set('session.cookie_samesite', 'Lax');
|
|
session_save_path('.tmp'); // TEMP
|
|
session_start(); // START
|
|
require_once __DIR__ . '/autoload.php'; // AUTOLOAD
|
|
use App\LobbySIO\Config\Registry;
|
|
$Users = new \App\LobbySIO\Database\Users();
|
|
if (Registry::AUTHMETHOD == 'SAML') {
|
|
//simplesaml
|
|
require_once('../simplesamlphp/lib/_autoload.php');
|
|
$auth = new \SimpleSAML\Auth\Simple(Registry::AUTHIDP);
|
|
//$auth->requireAuth();
|
|
$auth->isAuthenticated();
|
|
if (!$auth->isAuthenticated()) {
|
|
$attributes = 'none';
|
|
} else {
|
|
$attributes = $auth->getAttributes();
|
|
$saml_user_email = $attributes['http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress'][0];
|
|
$saml_user_info = $Users->getUserInfoByEmail($saml_user_email, "1", "0");
|
|
$saml_user_id = $saml_user_info["0"]["users_id"];
|
|
}
|
|
$session = \SimpleSAML\Session::getSessionFromRequest();
|
|
$session->cleanup();
|
|
}
|
|
$StaticFunctions = new \App\LobbySIO\Misc\StaticFunctions(); // DEFAULT CLASSES
|
|
$SiteInfo = new \App\LobbySIO\Database\SiteInfo();
|
|
if (isset($_SESSION['user_id'])) { // LOGGED IN? GET USER OBJECT
|
|
if (isset($saml_user_id)) {
|
|
$sessuserid=$saml_user_id;
|
|
} else {
|
|
$sessuserid=$_SESSION['user_id'];
|
|
}
|
|
} elseif (!isset($_SESSION['user_id'])) {
|
|
if (isset($saml_user_id)) {
|
|
$sessuserid=$saml_user_id;
|
|
} else {
|
|
$sessuserid='2';
|
|
}
|
|
$session_user = $Users->getUserInfo($sessuserid, "1", "0"); }
|
|
if (isset($session_user)) { // GET UID OR SET TO KIOSK
|
|
$uid = $session_user["0"]["users_id"];} else { $uid = "2"; }
|
|
$app_disp_lang = filter_input(INPUT_COOKIE, 'app_disp_lang'); // SETUP LANGUAGE
|
|
if(!isset($app_disp_lang)) {
|
|
$app_disp_lang=$StaticFunctions->getDefaultLanguage(); }
|
|
$siteidcookie = filter_input(INPUT_COOKIE, 'app_site'); // SETUP SITE
|
|
foreach($SiteInfo->getSite("0", $uid, "0", "0") as $arr) {
|
|
$lookup_array[$arr['sites_id']]=1; }
|
|
if(isset($lookup_array[$siteidcookie])) {
|
|
$siteid = $siteidcookie; } else { $siteid = "1"; }
|
|
if(!isset($siteid)) { $siteid="1"; }
|
|
$Translate = new \App\LobbySIO\Language\Translate($app_disp_lang); // SETUP TRANSLATOR
|
|
$transLang = $Translate->userLanguage();
|
|
$app_current_pagename = $transLang['ACCOUNT']; // PAGE SETUP
|
|
$app_current_pageicon = '<i class="fas fa-user-circle"></i> ';
|
|
require_once("inc/header.inc.php");
|
|
if ($StaticFunctions->getUserSessionStatus() == false) { // CHECK STATUS
|
|
echo $StaticFunctions->killSession(); // ELSE DIE
|
|
} else { ?>
|
|
|
|
|
|
<!-- START CONTENT -->
|
|
<?php
|
|
$minpasslength = $StaticFunctions->getMinPass();
|
|
if (isset($_POST['saveprofile'])):
|
|
if (empty($_POST['password']) && empty($_POST['newpassword2'])):
|
|
$Users->setUserInfo($session_user["0"]["users_id"], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $session_user["0"]["users_usertypeid"], $session_user["0"]["users_password"]);
|
|
header('Location: ' . $_SERVER['PHP_SELF']);
|
|
elseif (strlen($_POST['password']) < $minpasslength):
|
|
echo "Password must be at least $minpasslength characters.";
|
|
elseif (!empty($_POST['password']) && empty($_POST['newpassword2'])):
|
|
echo "Please confirm password if you wish to change it";
|
|
elseif ($_POST['password'] != $_POST['newpassword2']):
|
|
echo "New passwords do not match";
|
|
elseif (!empty($_POST['password']) && ($_POST['password'] = $_POST['newpassword2'])):
|
|
// change pass
|
|
require_once("src/Misc/PasswordHash.php");
|
|
$hasher = new PasswordHash(8, FALSE);
|
|
$password = $hasher->HashPassword($_POST['password']);
|
|
$Users->setUserInfo($session_user["0"]["users_id"], $_POST['firstname'], $_POST['lastname'], $_POST['email'], $session_user["0"]["users_usertypeid"], $password);
|
|
header('Location: ' . $_SERVER['PHP_SELF']);
|
|
endif;
|
|
endif;
|
|
?>
|
|
<div class="container">
|
|
<div class="row row-cols-1">
|
|
<div class="col d-grid gap-2">
|
|
<h2><i class="fas fa-user-circle"></i> <?php echo $transLang['EDIT_PROFILE']; ?></h2>
|
|
</div>
|
|
</div>
|
|
<?php if (Registry::AUTHMETHOD == 'INTERNAL') { ?>
|
|
<p class="lead"><?php echo $transLang['ACCOUNT_INFO_DESC'] . $minpasslength; ?></p>
|
|
<?php } ?>
|
|
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
|
|
<fieldset>
|
|
<div class="row row-cols-3">
|
|
<div class="col">
|
|
<div class="input-group input-group-sm mb-0">
|
|
<span class="input-group-text bg-info text-dark"><?php echo $transLang['USER-USERNAME']; ?></span>
|
|
<input class="form-control form-control-sm" type="text" name="username" id="username" maxlength="50" value="<?php echo $session_user["0"]["users_username"]; ?>" readonly />
|
|
</div>
|
|
</div>
|
|
<div class="col">
|
|
<div class="input-group input-group-sm mb-0">
|
|
<span class="input-group-text bg-info text-dark"><?php echo $transLang['CREATED']; ?></span>
|
|
<input class="form-control form-control-sm" type="text" name="created" id="created" value="<?php echo $session_user["0"]["users_created"]; ?>" readonly />
|
|
</div>
|
|
</div>
|
|
<div class="col">
|
|
<div class="input-group input-group-sm mb-0">
|
|
<span class="input-group-text bg-info text-dark"><?php echo $transLang['USER-TYPE']; ?></span>
|
|
<input class="form-control form-control-sm" type="text" name="usertype" id="usertype" maxlength="50" value="<?php echo $transLang[$session_user["0"]["users_usertype"]]; ?>" readonly />
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<div class="row row-cols-3">
|
|
<div class="col">
|
|
<div class="input-group input-group-sm mb-0">
|
|
<span class="input-group-text bg-info text-dark"><?php echo $transLang['FIRSTNAME']; ?></span>
|
|
<input class="form-control" type="text" name="firstname" id="firstname" maxlength="50" value="<?php echo $session_user["0"]["users_firstname"]; ?>" <?php if (Registry::AUTHMETHOD == 'SAML') { echo "readonly "; } ?>/>
|
|
</div>
|
|
</div>
|
|
<div class="col">
|
|
<div class="input-group input-group-sm mb-0">
|
|
<span class="input-group-text bg-info text-dark"><?php echo $transLang['LASTNAME']; ?></span>
|
|
<input class="form-control" type="text" name="lastname" id="lastname" maxlength="50" value="<?php echo $session_user["0"]["users_lastname"]; ?>" <?php if (Registry::AUTHMETHOD == 'SAML') { echo "readonly "; } ?>/>
|
|
</div>
|
|
</div>
|
|
<div class="col">
|
|
<div class="input-group input-group-sm mb-0">
|
|
<span class="input-group-text bg-info text-dark"><?php echo $transLang['EMAIL']; ?></span>
|
|
<input class="form-control" type="text" name="email" id="email" maxlength="100" value="<?php echo $session_user["0"]["users_email"]; ?>" <?php if (Registry::AUTHMETHOD == 'SAML') { echo "readonly "; } ?>/>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<?php if (Registry::AUTHMETHOD == 'INTERNAL') { ?>
|
|
<div class="row row-cols-3">
|
|
<div class="col">
|
|
<div class="input-group input-group-sm mb-0">
|
|
<span class="input-group-text bg-info text-dark"><?php echo $transLang['NEW'] . " " . $transLang['PASSWORD']; ?></span>
|
|
<input class="form-control" type="password" name="password" id="password" />
|
|
</div>
|
|
</div>
|
|
<div class="col">
|
|
<div class="input-group input-group-sm mb-0">
|
|
<span class="input-group-text bg-info text-dark"><?php echo $transLang['CONFIRM'] . " " . $transLang['NEW'] . " " . $transLang['PASSWORD']; ?></span>
|
|
<input class="form-control" type="password" name="newpassword2" id="newpassword2" />
|
|
</div>
|
|
</div>
|
|
<div class="col d-grid gap-2">
|
|
<div class="input-group input-group-sm mb-0">
|
|
<button type="submit" name="saveprofile" id="saveprofile" class="form-control btn btn-primary"><i class="fas fa-save"></i> <?php echo $transLang['SAVE']; ?></button>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<?php } ?>
|
|
</fieldset>
|
|
</form>
|
|
</div>
|
|
<!-- END CONTENT -->
|
|
|
|
<?php }; require_once("inc/footer.inc.php"); ?>
|