3
* This file updates the current user's subscriptions!
5
* This file is part of Quam Plures - {@link http://quamplures.net/}
6
* See also {@link https://launchpad.net/quam-plures}.
8
* @copyright (c) 2009 - 2011 by the Quam Plures developers - {@link http://quamplures.net/}
9
* @copyright (c)2003-2009 by Francois PLANQUE - {@link http://fplanque.net/}
11
* {@internal License choice
12
* - If you have received this file as part of a package, please find the license.txt file in
13
* the same folder or the closest folder above for complete license terms.
14
* - If you have received this file individually (e-g: from http://evocms.cvs.sourceforge.net/)
15
* then you must choose one of the following licenses before using the file:
16
* - GNU General Public License 2 (GPL) - http://www.opensource.org/licenses/gpl-license.php
17
* - Mozilla Public License 1.1 (MPL) - http://www.opensource.org/licenses/mozilla1.1.php
20
* {@internal Open Source relicensing agreement:
23
* {@internal Below is a list of authors who have contributed to design/coding of this file: }}
24
* @author fplanque: Francois PLANQUE
26
* @todo integrate it into the templates to avoid ugly die() on error and confusing redirect on success.
3
* This file updates the current user's subscriptions
5
* This file implements the XML-RPC handler, to be called by remote clients.
6
* @author {@link http://wonderwinds.com/ Ed Bennett}
7
* @author {@link http://fplanque.net/ Francois PLANQUE}
8
* @copyright (c) 2009 by {@link http://quamplures.net/ the Quam Plures project}
9
* @license http://www.gnu.org/licenses/gpl.txt GNU General Public License v3
32
* Initialize everything:
14
* Load the configuration minimum
34
16
require_once dirname(__FILE__).'/../qp_config/_config.php';
19
* Main initialization, without a specific blog identified
36
21
require_once $inc_path.'_main.inc.php';
38
23
// Getting GET or POST parameters:
41
26
param( 'newuser_notify', 'integer', 0 );
42
27
param( 'subs_blog_IDs', 'string', true );
45
* Basic security checks:
29
// Basic security checks
47
30
if( ! is_logged_in() )
48
{ // must be logged in!
49
33
bad_request_die( T_('You are not logged in.') );
52
36
if( $checkuser_id != $current_User->ID )
53
{ // Can only edit your own profile
38
// Can only edit your own profile
54
39
bad_request_die( 'You are not logged in under the same account you are trying to modify.' );
60
45
|| $current_User->login == 'demospecial') )
62
47
bad_request_die( 'Demo mode: you cannot edit the admin\'s or any demo-name\'s profile!<br />[<a href="javascript:history.go(-1)">'
63
. T_('Back to profile') . '</a>]' );
48
.T_('Back to profile').'</a>]' );
69
profile_check_params( array( 'email' => array($newuser_email, 'newuser_email') ) );
52
profile_check_params( array(
53
'email' => array( $newuser_email, 'newuser_email'),
72
56
if( $Messages->count( 'error' ) )
74
// TODO: (legacy) dh> display errors with the form itself
75
58
header_content_type( 'text/html' ); // sets charset
76
59
$Messages->display( T_('Cannot update profile. Please correct the following errors:'),
77
'[<a href="javascript:history.go(-1)">' . T_('Back to profile') . '</a>]' );
60
'[<a href="javascript:history.go(-1)">'.T_('Back to profile').'</a>]' );
82
// Do the profile update:
64
// Do the profile update
83
65
$current_User->set_email( $newuser_email );
84
66
$current_User->set( 'notify', $newuser_notify );
86
68
$current_User->dbupdate();
90
71
$subscription_values = array();
91
72
$unsubscribed = array();
92
73
$subs_blog_IDs = explode( ',', $subs_blog_IDs );
95
76
// Make sure no dirty hack is coming in here:
96
77
$loop_blog_ID = intval( $loop_blog_ID );
98
// Get checkbox values:
79
// Get checkbox values
99
80
$sub_items = param( 'sub_items_'.$loop_blog_ID, 'integer', 0 );
100
81
$sub_comments = param( 'sub_comments_'.$loop_blog_ID, 'integer', 0 );
102
83
if( $sub_items || $sub_comments )
103
{ // We have a subscription for this blog
85
// We have a subscription for this blog
104
86
$subscription_values[] = "( $loop_blog_ID, $current_User->ID, $sub_items, $sub_comments )";
107
{ // No subscription here:
90
// No subscription here
108
91
$unsubscribed[] = $loop_blog_ID;
112
95
// Note: we do not check if subscriptions are allowed here, but we check at the time we're about to send something
113
if( count($subscription_values) )
114
{ // We need to record values:
115
$DB->query( 'REPLACE INTO T_subscriptions( sub_coll_ID, sub_user_ID, sub_items, sub_comments )
116
VALUES '.implode( ', ', $subscription_values ) );
96
if( count( $subscription_values ) )
98
// We need to record values
99
$DB->query( 'REPLACE INTO T_subscriptions( sub_blog_ID, sub_user_ID, sub_items, sub_comments )
100
VALUES '.implode( ', ', $subscription_values ) );
119
if( count($unsubscribed) )
120
{ // We need to make sure some values are cleared:
103
if( count( $unsubscribed ) )
105
// We need to make sure some values are cleared
121
106
$DB->query( 'DELETE FROM T_subscriptions
122
WHERE sub_user_ID = '.$current_User->ID.'
123
AND sub_coll_ID IN ('.implode( ', ', $unsubscribed ).')' );
107
WHERE sub_user_ID = '.$current_User->ID.'
108
AND sub_blog_ID IN ('.implode( ', ', $unsubscribed ).')' );
127
111
$Messages->add( T_('Your profile & subscriptions have been updated.'), 'success' );
130
113
header_nocache();
131
114
// redirect Will save $Messages into Session:
132
115
header_redirect();
b'\\ No newline at end of file'