mirror of
https://github.com/ChronosX88/psyced.git
synced 2024-11-10 04:21:02 +00:00
214 lines
5.2 KiB
C
214 lines
5.2 KiB
C
// $Id: profile.c,v 1.3 2008/04/22 22:43:14 lynx Exp $ vim:syntax=lpc
|
|
//
|
|
// <kuchn> profile.c, a web based user settings/profile changer,
|
|
// called from net/http/server.
|
|
//
|
|
// TODO: please make use of the new convert_profile(vars, 0, "set") and
|
|
// convert_profile(settings, "set", 0) to convert a mapping of settings
|
|
// into a mapping of PSYC variables and back. this should make a lot of
|
|
// code in here unnecessary. avoiding replication is g00000d.
|
|
//
|
|
// i'm unhappy with the way of authing.. first i thought this could be
|
|
// inherited somehow to be a part of the user object, but thats schmarn.
|
|
// but i think psyc auth would be a nice way here..
|
|
// using checkPassword() the way you do is fine! we are not planning
|
|
// to use a web-based editor for remote PSYC items.. and the
|
|
// asynchronicity of it isn't something HTTP can easily handle.
|
|
// HTTP isn't as cool as PSYC you know? hahahahahahahahahahah
|
|
|
|
// as long as this is in development it could cause security breaches
|
|
// in production servers. so please only use this on experimental servers.
|
|
#ifdef EXPERIMENTAL
|
|
|
|
#include <ht/http.h>
|
|
#include <net.h>
|
|
#include <text.h>
|
|
#include <person.h>
|
|
|
|
object user;
|
|
|
|
create() {
|
|
sTextPath(0, 0, "html");
|
|
}
|
|
|
|
htget(prot, query, headers, qs) {
|
|
htok3(prot, "text/html", "Cache-Control: no-cache\n");
|
|
w("_PAGES_user_header");
|
|
|
|
auth(prot, query, headers, qs);
|
|
}
|
|
|
|
checkAuth(val, prot, query, headers, qs, user) {
|
|
if(! val)
|
|
{
|
|
w("_PAGES_user_login_failed");
|
|
return;
|
|
}
|
|
|
|
w("_PAGES_user_header");
|
|
|
|
switch(query["action"]) {
|
|
case "settings":
|
|
if(query["set"] == "1")
|
|
settings(prot, query, headers, qs, user);
|
|
else
|
|
w("_PAGES_user_settings_body", ([
|
|
"_username" : query["username"],
|
|
"_password" : query["password"],
|
|
|
|
"_speakaction" : user->v("speakaction") ? user->v("speakaction") : "",
|
|
"_commandcharacter" : user->v("commandcharacter") ? user->v("commandcharacter") : ""
|
|
]) );
|
|
break;
|
|
case "profile":
|
|
if(query["set"] == "1")
|
|
profile(prot, query, headers, qs, user);
|
|
else
|
|
w("_PAGES_user_profile_body", ([
|
|
"_username" : query["username"],
|
|
"_password" : query["password"],
|
|
|
|
"_me" : user->v("me") ? user->v("me") : "",
|
|
"_publicpage" : user->v("publicpage") ? user->v("publicpage") : "",
|
|
"_publictext" : user->v("publictext") ? user->v("publictext") : "",
|
|
"_publicname" : user->v("publicname") ? user->v("publicname") : "",
|
|
"_animalfave" : user->v("animalfave") ? user->v("animalfave") : "",
|
|
"_popstarfave" : user->v("popstarfave") ? user->v("popstarfave") : "",
|
|
"_musicfave" : user->v("musicfave") ? user->v("musicfave") : "",
|
|
"_privatetext" : user->v("privatetext") ? user->v("privatetext") : "",
|
|
"_likestext" : user->v("likestext") ? user->v("likestext") : "",
|
|
"_dislikestext" : user->v("dislikestext") ? user->v("dislikestext") : "",
|
|
"_privatepage" : user->v("privatepage") ? user->v("privatepage") : "",
|
|
"_email" : user->v("email") ? user->v("email") : "",
|
|
"_color" : user->v("color") ? user->v("color") : "",
|
|
"_language" : user->v("language") ? user->v("language") : "",
|
|
"_telephone" : user->v("telephone") ? user->v("telephone") : ""
|
|
]) );
|
|
break;
|
|
default:
|
|
w("_PAGES_user_index", ([ "_username" : query["username"], "_password" : query["password"] ]));
|
|
break;
|
|
}
|
|
|
|
w("_PAGES_user_footer");
|
|
}
|
|
|
|
auth(prot, query, headers, qs) {
|
|
if(! stringp(query["username"]) || ! stringp(query["password"]))
|
|
{
|
|
w("_PAGES_user_login_body");
|
|
return 0;
|
|
}
|
|
|
|
if(query["username"] == "" || query["password"] == "")
|
|
{
|
|
w("_PAGES_user_login_empty");
|
|
return 0;
|
|
}
|
|
|
|
user = summon_person(query["username"]);
|
|
if(!user || user->isNewbie())
|
|
{
|
|
w("_PAGES_user_login_notregistered");
|
|
return 0;
|
|
}
|
|
|
|
int ok = 1;
|
|
user->checkPassword(query["password"], "plain", "", "", #'checkAuth, prot, query, headers, qs, user);
|
|
}
|
|
|
|
settings(prot, query, headers, qs, user) {
|
|
foreach(string k, string v : query) {
|
|
int ok = 0;
|
|
|
|
switch(k) {
|
|
case "password":
|
|
ok = 1;
|
|
break;
|
|
case "speakaction":
|
|
ok = 1;
|
|
break;
|
|
case "commandcharacter":
|
|
ok = 1;
|
|
break;
|
|
}
|
|
|
|
if(! ok)
|
|
continue;
|
|
|
|
if(v == "")
|
|
{
|
|
//if(v != "password")
|
|
// user->vDel(k);
|
|
// do nothing? maybe every setting is needed.. then this would be bad.
|
|
}
|
|
else
|
|
user->vSet(k, v); // password won't be set? humm.
|
|
}
|
|
|
|
w("_PAGES_user_settings_changed", ([ "_username" : query["username"], "_password" : query["password"] ]) );
|
|
}
|
|
|
|
profile(prot, query, headers, qs, user) {
|
|
foreach(string k, string v : query) {
|
|
int ok = 0;
|
|
|
|
switch(k)
|
|
{
|
|
case "me":
|
|
ok = 1;
|
|
break;
|
|
case "publicpage":
|
|
ok = 1;
|
|
break;
|
|
case "publictext":
|
|
ok = 1;
|
|
break;
|
|
case "publicname":
|
|
ok = 1;
|
|
break;
|
|
case "animalfave":
|
|
ok = 1;
|
|
break;
|
|
case "popstarfave":
|
|
ok = 1;
|
|
break;
|
|
case "musicfave":
|
|
ok = 1;
|
|
break;
|
|
case "privatetext":
|
|
ok = 1;
|
|
break;
|
|
case "likestext":
|
|
ok = 1;
|
|
break;
|
|
case "dislikestext":
|
|
ok = 1;
|
|
break;
|
|
case "privatepage":
|
|
ok = 1;
|
|
break;
|
|
case "email":
|
|
ok = 1;
|
|
break;
|
|
case "telephone":
|
|
ok = 1;
|
|
break;
|
|
}
|
|
|
|
if(! ok)
|
|
continue;
|
|
|
|
if(v == "")
|
|
user->vDel(k);
|
|
else
|
|
user->vSet(k, v);
|
|
}
|
|
|
|
w("_PAGES_user_profile_changed", ([ "_username" : query["username"], "_password" : query["password"] ]) );
|
|
}
|
|
|
|
w(mc, vars) { write(psyctext(T(mc, ""), vars)); }
|
|
|
|
#endif
|