psyced/world/net/http/profile.c

214 lines
5.2 KiB
C
Raw Normal View History

2009-01-26 20:12:53 +00:00
// $Id: profile.c,v 1.3 2008/04/22 22:43:14 lynx Exp $ vim:syntax=lpc
//
// <kuchn> profile.c, a web based user settings/profile changer,
// called from net/http/server.
//
// TODO: please make use of the new convert_profile(vars, 0, "set") and
// convert_profile(settings, "set", 0) to convert a mapping of settings
// into a mapping of PSYC variables and back. this should make a lot of
// code in here unnecessary. avoiding replication is g00000d.
//
// i'm unhappy with the way of authing.. first i thought this could be
// inherited somehow to be a part of the user object, but thats schmarn.
// but i think psyc auth would be a nice way here..
// using checkPassword() the way you do is fine! we are not planning
// to use a web-based editor for remote PSYC items.. and the
// asynchronicity of it isn't something HTTP can easily handle.
// HTTP isn't as cool as PSYC you know? hahahahahahahahahahah
// as long as this is in development it could cause security breaches
// in production servers. so please only use this on experimental servers.
#ifdef EXPERIMENTAL
#include <ht/http.h>
#include <net.h>
#include <text.h>
#include <person.h>
object user;
create() {
sTextPath(0, 0, "html");
}
htget(prot, query, headers, qs) {
htok3(prot, "text/html", "Cache-Control: no-cache\n");
w("_PAGES_user_header");
auth(prot, query, headers, qs);
}
checkAuth(val, prot, query, headers, qs, user) {
if(! val)
{
w("_PAGES_user_login_failed");
return;
}
w("_PAGES_user_header");
switch(query["action"]) {
case "settings":
if(query["set"] == "1")
settings(prot, query, headers, qs, user);
else
w("_PAGES_user_settings_body", ([
"_username" : query["username"],
"_password" : query["password"],
"_speakaction" : user->v("speakaction") ? user->v("speakaction") : "",
"_commandcharacter" : user->v("commandcharacter") ? user->v("commandcharacter") : ""
]) );
break;
case "profile":
if(query["set"] == "1")
profile(prot, query, headers, qs, user);
else
w("_PAGES_user_profile_body", ([
"_username" : query["username"],
"_password" : query["password"],
"_me" : user->v("me") ? user->v("me") : "",
"_publicpage" : user->v("publicpage") ? user->v("publicpage") : "",
"_publictext" : user->v("publictext") ? user->v("publictext") : "",
"_publicname" : user->v("publicname") ? user->v("publicname") : "",
"_animalfave" : user->v("animalfave") ? user->v("animalfave") : "",
"_popstarfave" : user->v("popstarfave") ? user->v("popstarfave") : "",
"_musicfave" : user->v("musicfave") ? user->v("musicfave") : "",
"_privatetext" : user->v("privatetext") ? user->v("privatetext") : "",
"_likestext" : user->v("likestext") ? user->v("likestext") : "",
"_dislikestext" : user->v("dislikestext") ? user->v("dislikestext") : "",
"_privatepage" : user->v("privatepage") ? user->v("privatepage") : "",
"_email" : user->v("email") ? user->v("email") : "",
"_color" : user->v("color") ? user->v("color") : "",
"_language" : user->v("language") ? user->v("language") : "",
"_telephone" : user->v("telephone") ? user->v("telephone") : ""
]) );
break;
default:
w("_PAGES_user_index", ([ "_username" : query["username"], "_password" : query["password"] ]));
break;
}
w("_PAGES_user_footer");
}
auth(prot, query, headers, qs) {
if(! stringp(query["username"]) || ! stringp(query["password"]))
{
w("_PAGES_user_login_body");
return 0;
}
if(query["username"] == "" || query["password"] == "")
{
w("_PAGES_user_login_empty");
return 0;
}
user = summon_person(query["username"]);
if(!user || user->isNewbie())
{
w("_PAGES_user_login_notregistered");
return 0;
}
int ok = 1;
user->checkPassword(query["password"], "plain", "", "", #'checkAuth, prot, query, headers, qs, user);
}
settings(prot, query, headers, qs, user) {
foreach(string k, string v : query) {
int ok = 0;
switch(k) {
case "password":
ok = 1;
break;
case "speakaction":
ok = 1;
break;
case "commandcharacter":
ok = 1;
break;
}
if(! ok)
continue;
if(v == "")
{
//if(v != "password")
// user->vDel(k);
// do nothing? maybe every setting is needed.. then this would be bad.
}
else
user->vSet(k, v); // password won't be set? humm.
}
w("_PAGES_user_settings_changed", ([ "_username" : query["username"], "_password" : query["password"] ]) );
}
profile(prot, query, headers, qs, user) {
foreach(string k, string v : query) {
int ok = 0;
switch(k)
{
case "me":
ok = 1;
break;
case "publicpage":
ok = 1;
break;
case "publictext":
ok = 1;
break;
case "publicname":
ok = 1;
break;
case "animalfave":
ok = 1;
break;
case "popstarfave":
ok = 1;
break;
case "musicfave":
ok = 1;
break;
case "privatetext":
ok = 1;
break;
case "likestext":
ok = 1;
break;
case "dislikestext":
ok = 1;
break;
case "privatepage":
ok = 1;
break;
case "email":
ok = 1;
break;
case "telephone":
ok = 1;
break;
}
if(! ok)
continue;
if(v == "")
user->vDel(k);
else
user->vSet(k, v);
}
w("_PAGES_user_profile_changed", ([ "_username" : query["username"], "_password" : query["password"] ]) );
}
w(mc, vars) { write(psyctext(T(mc, ""), vars)); }
#endif