Send emails in user locale

This commit is contained in:
grandeljay 2022-06-27 10:33:01 +02:00
parent 44be915d35
commit 00ec36bd7f
22 changed files with 223 additions and 170 deletions

View file

@ -37,6 +37,31 @@ spl_autoload_register(
} }
); );
/**
* Session
*/
$sessionLifetime = 2592000; // 1 Month
session_set_cookie_params($sessionLifetime, '/');
session_start();
/** Refresh lifetime */
$session = session_get_cookie_params();
setcookie(
session_name(),
session_id(),
time() + $sessionLifetime,
$session['path'],
$session['domain'],
$session['secure'],
$session['httponly']
);
if (!isset($_SESSION['user'])) {
$_SESSION['user'] = new User();
}
/** /**
* Config * Config
*/ */
@ -71,34 +96,6 @@ if (
$options = new Options($database); $options = new Options($database);
} }
/**
* Session
*/
$sessionLifetime = 2592000; // 1 Month
session_set_cookie_params($sessionLifetime, '/');
session_start();
/** Refresh lifetime */
$session = session_get_cookie_params();
setcookie(
session_name(),
session_id(),
time() + $sessionLifetime,
$session['path'],
$session['domain'],
$session['secure'],
$session['httponly']
);
/**
* User
*/
if ($options) {
$user = new User();
}
/** /**
* Language * Language
*/ */
@ -118,16 +115,8 @@ $locales = array_filter(
scandir(ROOT . '/translations') scandir(ROOT . '/translations')
) )
); );
$locale = \Locale::lookup($locales, $user->locale, false, DEFAULT_LOCALE);
/** Load Translation */ $locale = isset($_REQUEST['locale']) ? $_REQUEST['locale'] : \Locale::lookup($locales, $_SESSION['user']->getLocale(), false, 'en_GB');
$translationFilepath = ROOT . '/translations/' . $locale . '.po';
$translations = null;
if (file_exists($translationFilepath)) {
$loader = new \Gettext\Loader\PoLoader();
$translations = $loader->loadFile($translationFilepath);
}
/** /**
* Wish * Wish

View file

@ -16,7 +16,7 @@ require '../../index.php';
$response = array(); $response = array();
$dateFormatter = new \IntlDateFormatter( $dateFormatter = new \IntlDateFormatter(
$user->locale, $_SESSION['user']->getLocale(),
\IntlDateFormatter::MEDIUM, \IntlDateFormatter::MEDIUM,
\IntlDateFormatter::NONE \IntlDateFormatter::NONE
); );

View file

@ -18,7 +18,7 @@ switch ($_SERVER['REQUEST_METHOD']) {
/** /**
* Get * Get
*/ */
$response['data'] = $user->getSavedWishlists(); $response['data'] = $_SESSION['user']->getSavedWishlists();
break; break;
case 'POST': case 'POST':
@ -45,7 +45,7 @@ switch ($_SERVER['REQUEST_METHOD']) {
`user`, `user`,
`wishlist` `wishlist`
) VALUES ( ) VALUES (
' . $user->id . ', ' . $_SESSION['user']->id . ',
' . Sanitiser::getNumber($_POST['wishlist']) . ' ' . Sanitiser::getNumber($_POST['wishlist']) . '
) )
;'); ;');

View file

@ -17,11 +17,11 @@ require '../../index.php';
switch ($_SERVER['REQUEST_METHOD']) { switch ($_SERVER['REQUEST_METHOD']) {
case 'POST': case 'POST':
if (isset($_POST['wishlist-name'], $_SESSION['user']['id'])) { if (isset($_POST['wishlist-name'], $_SESSION['user']->id)) {
/** /**
* Create * Create
*/ */
$user_id = Sanitiser::getNumber($_SESSION['user']['id']); $user_id = Sanitiser::getNumber($_SESSION['user']->id);
$wish_name = Sanitiser::getTitle($_POST['wishlist-name']); $wish_name = Sanitiser::getTitle($_POST['wishlist-name']);
$database->query('INSERT INTO `wishlists` $database->query('INSERT INTO `wishlists`
@ -61,18 +61,18 @@ switch ($_SERVER['REQUEST_METHOD']) {
$href = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'] . Page::PAGE_WISHLISTS . '&id=' . $wishlist['id']; $href = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'] . Page::PAGE_WISHLISTS . '&id=' . $wishlist['id'];
/** Send email */ /** Send email */
$user = new User($wishlist['user']); $user = User::getFromID($wishlist['user']);
$email = new Email($user->email, __('Wish request'), 'default', 'wishlist-request-wishes'); $email = new Email($user->email, __('Wish request', null, $user), 'default', 'wishlist-request-wishes');
$email->setPlaceholder('TEXT_HELLO', __('Hello,')); $email->setPlaceholder('TEXT_HELLO', __('Hello,', null, $user));
$email->setPlaceholder( $email->setPlaceholder(
'TEXT_WISHLIST_REQUEST_WISHES', 'TEXT_WISHLIST_REQUEST_WISHES',
sprintf( sprintf(
/** TRANSLATORS: %s: Wishlist name */ /** TRANSLATORS: %s: Wishlist name */
__('somebody has requested that you add more wishes to your wishlist %s.'), __('somebody has requested that you add more wishes to your wishlist %s.', null, $user),
'<a href="' . $href . '">' . $wishlist['name'] . '</a>' '<a href="' . $href . '">' . $wishlist['name'] . '</a>'
) )
); );
$email->setPlaceholder('TEXT_WISH_ADD', __('Add wish')); $email->setPlaceholder('TEXT_WISH_ADD', __('Add wish', null, $user));
$email->setPlaceholder('LINK_WISH_ADD', $href . '&wish_add=true'); $email->setPlaceholder('LINK_WISH_ADD', $href . '&wish_add=true');
$success = $email->send(); $success = $email->send();
@ -118,11 +118,11 @@ switch ($_SERVER['REQUEST_METHOD']) {
); );
$response['results'] = $wishlist->getCards($options); $response['results'] = $wishlist->getCards($options);
} elseif (isset($_GET['userid']) || isset($_SESSION['user']['id'])) { } elseif (isset($_GET['userid']) || isset($_SESSION['user']->id)) {
/** /**
* Get user wishlists * Get user wishlists
*/ */
$user = isset($_GET['userid']) ? new User($_GET['userid']) : new User(); $user = isset($_GET['userid']) ? User::getFromID($_GET['userid']) : $_SESSION['user'];
$wishlists = $user->getWishlists(); $wishlists = $user->getWishlists();
$wishlists = array_map( $wishlists = array_map(

View file

@ -146,9 +146,11 @@ $(function() {
$(document).on('click', '.ui.button.wishlist-request-wishes', function() { $(document).on('click', '.ui.button.wishlist-request-wishes', function() {
var buttonRequest = $(this); var buttonRequest = $(this);
var wishlist_id = $('.wishlist-cards[data-wishlist]').attr('data-wishlist'); var wishlist_id = $('.wishlist-cards[data-wishlist]').attr('data-wishlist');
var wishlist_locale = buttonRequest.attr('data-locale');
var formData = new URLSearchParams({ var formData = new URLSearchParams({
'wishlist-id' : wishlist_id, 'wishlist-id' : wishlist_id,
'locale' : wishlist_locale
}); });
buttonRequest.addClass('disabled loading'); buttonRequest.addClass('disabled loading');

View file

@ -30,6 +30,11 @@ class Email
$this->contentsPart = file_get_contents(ROOT . '/src/mjml/parts/' . $this->part . '.mjml'); $this->contentsPart = file_get_contents(ROOT . '/src/mjml/parts/' . $this->part . '.mjml');
$this->mjml = str_replace('<mj-include path="MJML_PART" />', $this->contentsPart, $this->contentsTemplate); $this->mjml = str_replace('<mj-include path="MJML_PART" />', $this->contentsPart, $this->contentsTemplate);
/** Set Locale */
global $locale;
$this->mjml = preg_replace('/<mjml lang="(.+?)">/', '<mjml lang="' . $locale . '">', $this->mjml);
} }
public function setPlaceholder(string $placeholder, string $replacement): void public function setPlaceholder(string $placeholder, string $replacement): void

View file

@ -135,8 +135,9 @@ class Page
/** /**
* Session * Session
*/ */
global $user, $options; global $options;
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$ignorePower = array( $ignorePower = array(
'home', 'home',
'blog', 'blog',
@ -150,9 +151,9 @@ class Page
); );
if ( if (
!isset($_SESSION['user']) false === $user->isLoggedIn()
&& isset($_GET['page']) && isset($_GET['page'])
&& !in_array($_GET['page'], $ignorePower) && false === in_array($_GET['page'], $ignorePower)
) { ) {
redirect(Page::PAGE_LOGIN); redirect(Page::PAGE_LOGIN);
} }
@ -461,7 +462,7 @@ class Page
public function navigation(): void public function navigation(): void
{ {
$user = new User(); $user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$wishlists = Navigation::Wishlists->value; $wishlists = Navigation::Wishlists->value;
$blog = Navigation::Blog->value; $blog = Navigation::Blog->value;

View file

@ -15,47 +15,85 @@ class User
/** /**
* Static * Static
*/ */
public static function getFromID(int $user_id): self
{
global $database;
$userQuery = $database
->query(
'SELECT *
FROM `users`
WHERE `id` = ' . $user_id
);
if (false !== $userQuery) {
$fields = $userQuery->fetch();
$user = new User($fields);
return $user;
}
throw new Exception('Unable to find user with ID ' . $user_id . '. Does it exist?');
}
public static function generatePassword(string $plainPassword): string public static function generatePassword(string $plainPassword): string
{ {
return sha1($plainPassword); return sha1($plainPassword);
} }
/**
* Private
*/
private string $locale;
/** /**
* Non-Static * Non-Static
*/ */
public int $power = 0; public int $power = 0;
public ?\Gettext\Translations $translations = null;
public function __construct(int $id = -1) public function __construct(array $fields = array())
{ {
if (-1 === $id) { if (!empty($fields)) {
if (isset($_SESSION['user']['id'])) { foreach ($fields as $key => $value) {
$this->id = $_SESSION['user']['id'];
}
} else {
$this->id = $id;
}
$this->locale = \Locale::acceptFromHttp(
isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : DEFAULT_LOCALE
);
if (!isset($this->id)) {
return null;
}
global $database;
$user = $database
->query('SELECT *
FROM `users`
WHERE `id` = ' . $this->id . ';')
->fetch();
foreach ($user as $key => $value) {
$this->$key = $value; $this->$key = $value;
} }
} }
/** Set Locale */
if (!isset($this->locale)) {
$this->locale = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? \Locale::acceptFromHttp($_SERVER['HTTP_ACCEPT_LANGUAGE']) : DEFAULT_LOCALE;
}
$this->setLocale($this->locale);
}
/**
* Set the users locale
*
* @param string $locale
*
* @return void
*/
public function setLocale(string $locale): void
{
/** Load Translation */
$translationFilepath = ROOT . '/translations/' . $locale . '.po';
if (file_exists($translationFilepath)) {
$loader = new \Gettext\Loader\PoLoader();
$this->translations = $loader->loadFile($translationFilepath);
}
/** Set locale */
$this->locale = $locale;
}
public function getLocale(): string
{
return $this->locale;
}
/** /**
* Return whether the current user is logged in. * Return whether the current user is logged in.
* *
@ -63,7 +101,7 @@ class User
*/ */
public function isLoggedIn(): bool public function isLoggedIn(): bool
{ {
return isset($_SESSION['user']); return isset($_SESSION['user']->id) && $_SESSION['user']->id >= 1;
} }
/** /**

View file

@ -115,13 +115,13 @@ class Wish
{ {
ob_start(); ob_start();
$userCard = new User($ofUser); $userCard = User::getFromID($ofUser);
$numberFormatter = new \NumberFormatter( $numberFormatter = new \NumberFormatter(
$userCard->locale, $userCard->getLocale(),
\NumberFormatter::CURRENCY \NumberFormatter::CURRENCY
); );
$userIsCurrent = isset($_SESSION['user']['id']) && intval($_SESSION['user']['id']) === $userCard->id; $userIsCurrent = isset($_SESSION['user']->id) && $_SESSION['user']->id === $userCard->id;
/** /**
* Card * Card

View file

@ -8,8 +8,7 @@
function getWishlistNameSuggestion(): string function getWishlistNameSuggestion(): string
{ {
global $user; $user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$now = time(); $now = time();
$month = date('n'); $month = date('n');
$name = ''; $name = '';

View file

@ -6,14 +6,16 @@
* @author Jay Trees <github.jay@grandel.anonaddy.me> * @author Jay Trees <github.jay@grandel.anonaddy.me>
*/ */
function __(string $text, string $context = null): string use wishthis\User;
function __(string $text, string $context = null, User $user = null): string
{ {
global $translations; if (null === $user) {
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
}
$translation = null; if (null !== $user->translations) {
$translation = $user->translations->find($context, $text);
if ($translations) {
$translation = $translations->find($context, $text);
if ($translation) { if ($translation) {
$translationText = $translation->getTranslation(); $translationText = $translation->getTranslation();

View file

@ -6,9 +6,11 @@
* @author Jay Trees <github.jay@grandel.anonaddy.me> * @author Jay Trees <github.jay@grandel.anonaddy.me>
*/ */
use wishthis\User;
function redirect(string $target) function redirect(string $target)
{ {
global $user; $user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
/** /**
* Redirect user based on channel setting * Redirect user based on channel setting

View file

@ -1,4 +1,4 @@
<mjml> <mjml lang="en_GB">
<mj-head> <mj-head>
<mj-attributes> <mj-attributes>
<mj-all font-family="Raleway, sans-serif" <mj-all font-family="Raleway, sans-serif"

View file

@ -15,7 +15,7 @@ $page->navigation();
$posts = Blog::getPosts(); $posts = Blog::getPosts();
if ('en' !== \Locale::getPrimaryLanguage($user->locale)) { if ('en' !== \Locale::getPrimaryLanguage($_SESSION['user']->getLocale())) {
$page->messages[] = Page::warning( $page->messages[] = Page::warning(
sprintf( sprintf(
/** TRANSLATORS: %s: Language, most likely English */ /** TRANSLATORS: %s: Language, most likely English */
@ -37,7 +37,7 @@ if ('en' !== \Locale::getPrimaryLanguage($user->locale)) {
<?php foreach ($posts as $post) { ?> <?php foreach ($posts as $post) { ?>
<?php <?php
$dateFormatter = new \IntlDateFormatter( $dateFormatter = new \IntlDateFormatter(
$user->locale, $_SESSION['user']->getLocale(),
\IntlDateFormatter::MEDIUM, \IntlDateFormatter::MEDIUM,
\IntlDateFormatter::NONE \IntlDateFormatter::NONE
); );

View file

@ -26,7 +26,7 @@ $page->navigation();
<p><?= __('wishthis is a simple, intuitive and modern wishlist platform to create, manage and view your wishes for any kind of occasion.') ?></p> <p><?= __('wishthis is a simple, intuitive and modern wishlist platform to create, manage and view your wishes for any kind of occasion.') ?></p>
<div class="ui two column doubling stackable centered grid"> <div class="ui two column doubling stackable centered grid">
<?php if ($user->isLoggedIn()) { ?> <?php if ($_SESSION['user']->isLoggedIn()) { ?>
<div class="column"> <div class="column">
<a class="ui fluid primary button" <a class="ui fluid primary button"
href="<?= Page::PAGE_WISHLISTS ?>" href="<?= Page::PAGE_WISHLISTS ?>"
@ -43,7 +43,7 @@ $page->navigation();
FROM `wishes` FROM `wishes`
JOIN `wishlists` ON `wishes`.`wishlist` = `wishlists`.`id` JOIN `wishlists` ON `wishes`.`wishlist` = `wishlists`.`id`
JOIN `users` ON `wishlists`.`user` = `users`.`id` JOIN `users` ON `wishlists`.`user` = `users`.`id`
WHERE `users`.`id` = ' . $user->id . ' WHERE `users`.`id` = ' . $_SESSION['user']->id . '
ORDER BY `wishes`.`edited` DESC ORDER BY `wishes`.`edited` DESC
LIMIT 1;' LIMIT 1;'
); );

View file

@ -13,18 +13,19 @@ $page = new Page(__FILE__, __('Login as'), 100);
if (isset($_POST['email'])) { if (isset($_POST['email'])) {
$email = Sanitiser::getEmail($_POST['email']); $email = Sanitiser::getEmail($_POST['email']);
$user = $database $userQuery = $database
->query( ->query(
'SELECT * 'SELECT *
FROM `users` FROM `users`
WHERE `email` = "' . $email . '";' WHERE `email` = "' . $email . '";'
) );
->fetch();
$success = false !== $user; $success = false !== $userQuery;
if ($success) { if ($success) {
$_SESSION['user'] = $user; $fields = $userQuery->fetch();
$_SESSION['user'] = new User($fields);
} }
} }

View file

@ -17,20 +17,28 @@ if (isset($_POST['login'], $_POST['email'], $_POST['password'])) {
$email = Sanitiser::getEmail($_POST['email']); $email = Sanitiser::getEmail($_POST['email']);
$password = User::generatePassword($_POST['password']); $password = User::generatePassword($_POST['password']);
$database->query('UPDATE `users` $database
->query(
'UPDATE `users`
SET `last_login` = NOW() SET `last_login` = NOW()
WHERE `email` = "' . $email . '" WHERE `email` = "' . $email . '"
AND `password` = "' . $password . '" AND `password` = "' . $password . '";'
;'); );
$user = $database->query('SELECT * FROM `users`
WHERE `email` = "' . $email . '"
AND `password` = "' . $password . '";')
->fetch();
$success = false !== $user; $userQuery = $database
->query(
'SELECT *
FROM `users`
WHERE `email` = "' . $email . '"
AND `password` = "' . $password . '";'
);
$success = false !== $userQuery;
if ($success) { if ($success) {
$_SESSION['user'] = $user; $fields = $userQuery->fetch();
$_SESSION['user'] = new User($fields);
} else { } else {
$page->messages[] = Page::error( $page->messages[] = Page::error(
__('No user could be found with the credentials you provided.'), __('No user could be found with the credentials you provided.'),
@ -39,7 +47,7 @@ if (isset($_POST['login'], $_POST['email'], $_POST['password'])) {
} }
} }
if (isset($_SESSION['user'])) { if ($_SESSION['user']->isLoggedIn()) {
if (isset($_SESSION['REDIRECT_URL'])) { if (isset($_SESSION['REDIRECT_URL'])) {
redirect($_SESSION['REDIRECT_URL']); redirect($_SESSION['REDIRECT_URL']);
} else { } else {
@ -51,40 +59,44 @@ if (isset($_SESSION['user'])) {
* Reset * Reset
*/ */
if (isset($_POST['reset'], $_POST['email'])) { if (isset($_POST['reset'], $_POST['email'])) {
$user = $database $userQuery = $database
->query('SELECT * ->query(
'SELECT *
FROM `users` FROM `users`
WHERE `email` = "' . Sanitiser::getEmail($_POST['email']) . '";') WHERE `email` = "' . Sanitiser::getEmail($_POST['email']) . '";'
->fetch(); );
if ($user) { $user = false !== $userQuery ? new User($userQuery->fetch()) : new User();
if (isset($user->id)) {
$token = sha1(time() . rand(0, 999999)); $token = sha1(time() . rand(0, 999999));
$validUntil = time() + 3600; $validUntil = time() + 3600;
$database $database
->query('UPDATE `users` ->query(
'UPDATE `users`
SET `password_reset_token` = "' . $token . '", SET `password_reset_token` = "' . $token . '",
`password_reset_valid_until` = "' . date('Y-m-d H:i:s', $validUntil) . '" `password_reset_valid_until` = "' . date('Y-m-d H:i:s', $validUntil) . '"
WHERE `id` = ' . $user['id'] . ' WHERE `id` = ' . $user->id . ';'
;'); );
$emailReset = new Email($user['email'], __('Password reset link'), 'default', 'password-reset'); $emailReset = new Email($_POST['email'], __('Password reset link', null, $user), 'default', 'password-reset');
$emailReset->setPlaceholder('TEXT_HELLO', __('Hello,')); $emailReset->setPlaceholder('TEXT_HELLO', __('Hello,', null, $user));
$emailReset->setPlaceholder( $emailReset->setPlaceholder(
'TEXT_PASSWORD_RESET', 'TEXT_PASSWORD_RESET',
sprintf( sprintf(
/** TRANSLATORS: %s: The wishthis domain */ /** TRANSLATORS: %s: The wishthis domain */
__('somebody has requested a password reset for this email address from %s. If this was you, click the button below to invalidate your current password and set a new one.'), __('somebody has requested a password reset for this email address from %s. If this was you, click the button below to invalidate your current password and set a new one.', null, $user),
'<mj-raw><a href="https://wishthis.online">wishthis.online</a></mj-raw>' '<mj-raw><a href="https://wishthis.online">wishthis.online</a></mj-raw>'
) )
); );
$emailReset->setPlaceholder('TEXT_SET_NEW_PASSWORD', __('Set new password')); $emailReset->setPlaceholder('TEXT_SET_NEW_PASSWORD', __('Set new password', null, $user));
$emailReset->setPlaceholder('wishthis.online', $_SERVER['HTTP_HOST']); $emailReset->setPlaceholder('wishthis.online', $_SERVER['HTTP_HOST']);
$emailReset->setPlaceholder( $emailReset->setPlaceholder(
'password-reset-link', 'password-reset-link',
$_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['REQUEST_SCHEME'] . '://' .
$_SERVER['HTTP_HOST'] . $_SERVER['HTTP_HOST'] .
Page::PAGE_REGISTER . '&password-reset=' . $user['email'] . '&token=' . $token Page::PAGE_REGISTER . '&password-reset=' . $user->email . '&token=' . $token
); );
$emailReset->send(); $emailReset->send();

View file

@ -20,7 +20,7 @@ $page->navigation();
<div class="ui segment"> <div class="ui segment">
<h2 class="ui header"><?= __('Restricted access') ?></h2> <h2 class="ui header"><?= __('Restricted access') ?></h2>
<p><?= sprintf(__('You do not have enough power to view this page. You need %s to see this page, but only have %s.'), '<strong>' . $_GET['required'] . '</strong>', '<strong>' . $user->power . '</strong>') ?></p> <p><?= sprintf(__('You do not have enough power to view this page. You need %s to see this page, but only have %s.'), '<strong>' . $_GET['required'] . '</strong>', '<strong>' . $_SESSION['user']->power . '</strong>') ?></p>
</div> </div>
</div> </div>
</main> </main>

View file

@ -42,10 +42,10 @@ if (isset($_POST['user-id'], $_POST['section'])) {
$loginRequired = false; $loginRequired = false;
foreach ($formFieldsString as $field) { foreach ($formFieldsString as $field) {
if (!empty($_POST[$field['key']]) && $_POST[$field['key']] !== $user->{$field['column']}) { if (!empty($_POST[$field['key']]) && $_POST[$field['key']] !== $_SESSION['user']->{$field['column']}) {
$set[] = '`' . $field['column'] . '` = "' . $_POST[$field['key']] . '"'; $set[] = '`' . $field['column'] . '` = "' . $_POST[$field['key']] . '"';
$user->{$field['column']} = $_POST[$field['key']]; $_SESSION['user']->{$field['column']} = $_POST[$field['key']];
$page->messages[] = Page::success( $page->messages[] = Page::success(
sprintf( sprintf(
@ -57,7 +57,7 @@ if (isset($_POST['user-id'], $_POST['section'])) {
} }
} }
if (!empty($_POST['user-email']) && $_POST['user-email'] !== $user->email) { if (!empty($_POST['user-email']) && $_POST['user-email'] !== $_SESSION['user']->email) {
$loginRequired = true; $loginRequired = true;
} }
@ -66,13 +66,13 @@ if (isset($_POST['user-id'], $_POST['section'])) {
*/ */
if (isset($_POST['user-birthdate'])) { if (isset($_POST['user-birthdate'])) {
if (empty($_POST['user-birthdate'])) { if (empty($_POST['user-birthdate'])) {
$user->birthdate = null; $_SESSION['user']->birthdate = null;
$set[] = '`birthdate` = NULL'; $set[] = '`birthdate` = NULL';
} else { } else {
$user->birthdate = date('Y-m-d', strtotime($_POST['user-birthdate'])); $_SESSION['user']->birthdate = date('Y-m-d', strtotime($_POST['user-birthdate']));
$set[] = '`birthdate` = "' . $user->birthdate . '"'; $set[] = '`birthdate` = "' . $_SESSION['user']->birthdate . '"';
} }
} }
@ -92,15 +92,15 @@ if (isset($_POST['user-id'], $_POST['section'])) {
/** /**
* Preferences * Preferences
*/ */
if (isset($_POST['user-channel']) && $_POST['user-channel'] !== $user->channel) { if (isset($_POST['user-channel']) && $_POST['user-channel'] !== $_SESSION['user']->channel) {
if (empty($_POST['user-channel'])) { if (empty($_POST['user-channel'])) {
$user->channel = null; $_SESSION['user']->channel = null;
$set[] = '`channel` = NULL'; $set[] = '`channel` = NULL';
} else { } else {
$user->channel = $_POST['user-channel']; $_SESSION['user']->channel = $_POST['user-channel'];
$set[] = '`channel` = "' . $user->channel . '"'; $set[] = '`channel` = "' . $_SESSION['user']->channel . '"';
} }
} }
@ -156,26 +156,26 @@ $page->navigation();
<div class="ui segment"> <div class="ui segment">
<form class="ui form" method="POST"> <form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $user->id ?>" /> <input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="section" value="personal" /> <input type="hidden" name="section" value="personal" />
<div class="three fields"> <div class="three fields">
<div class="field"> <div class="field">
<label><?= __('First name') ?></label> <label><?= __('First name') ?></label>
<input type="text" name="user-name-first" value="<?= $user->name_first ?>" /> <input type="text" name="user-name-first" value="<?= $_SESSION['user']->name_first ?>" />
</div> </div>
<div class="field"> <div class="field">
<label><?= __('Last name') ?></label> <label><?= __('Last name') ?></label>
<input type="text" name="user-name-last" value="<?= $user->name_last ?>" /> <input type="text" name="user-name-last" value="<?= $_SESSION['user']->name_last ?>" />
</div> </div>
<div class="field"> <div class="field">
<label><?= __('Nickname') ?></label> <label><?= __('Nickname') ?></label>
<input type="text" name="user-name-nick" value="<?= $user->name_nick ?>" /> <input type="text" name="user-name-nick" value="<?= $_SESSION['user']->name_nick ?>" />
</div> </div>
</div> </div>
@ -183,7 +183,7 @@ $page->navigation();
<div class="field"> <div class="field">
<label><?= __('Email') ?></label> <label><?= __('Email') ?></label>
<input type="email" name="user-email" value="<?= $user->email ?>" /> <input type="email" name="user-email" value="<?= $_SESSION['user']->email ?>" />
</div> </div>
<div class="field"> <div class="field">
@ -195,7 +195,7 @@ $page->navigation();
<input type="text" <input type="text"
name="user-birthdate" name="user-birthdate"
placeholder="<?= __('Pick a date') ?>" placeholder="<?= __('Pick a date') ?>"
value="<?= $user->birthdate ?>" value="<?= $_SESSION['user']->birthdate ?>"
/> />
</div> </div>
</div> </div>
@ -219,7 +219,7 @@ $page->navigation();
<div class="ui segment"> <div class="ui segment">
<form class="ui form" method="POST"> <form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $user->id ?>" /> <input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="section" value="password" /> <input type="hidden" name="section" value="password" />
<div class="two fields"> <div class="two fields">
@ -282,7 +282,7 @@ $page->navigation();
<div class="ui segment"> <div class="ui segment">
<form class="ui form" method="POST"> <form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $user->id ?>" /> <input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="section" value="preferences" /> <input type="hidden" name="section" value="preferences" />
<div class="two fields"> <div class="two fields">
@ -291,15 +291,15 @@ $page->navigation();
<select class="ui search dropdown locale" name="user-locale"> <select class="ui search dropdown locale" name="user-locale">
<?php if (!in_array('en_GB', $locales)) { ?> <?php if (!in_array('en_GB', $locales)) { ?>
<option value="<?= 'en_GB' ?>"><?= \Locale::getDisplayName('en_GB', $user->locale) ?></option> <option value="<?= 'en_GB' ?>"><?= \Locale::getDisplayName('en_GB', $_SESSION['user']->getLocale()) ?></option>
<?php } ?> <?php } ?>
<?php foreach ($locales as $locale) { ?> <?php foreach ($locales as $locale) { ?>
<?php if (\Locale::getRegion($locale)) { ?> <?php if (\Locale::getRegion($locale)) { ?>
<?php if ($locale === $user->locale) { ?> <?php if ($locale === $_SESSION['user']->getLocale()) { ?>
<option value="<?= $locale ?>" selected><?= \Locale::getDisplayName($locale, $user->locale) ?></option> <option value="<?= $locale ?>" selected><?= \Locale::getDisplayName($locale, $_SESSION['user']->getLocale()) ?></option>
<?php } else { ?> <?php } else { ?>
<option value="<?= $locale ?>"><?= \Locale::getDisplayName($locale, $user->locale) ?></option> <option value="<?= $locale ?>"><?= \Locale::getDisplayName($locale, $_SESSION['user']->getLocale()) ?></option>
<?php } ?> <?php } ?>
<?php } ?> <?php } ?>
<?php } ?> <?php } ?>
@ -318,7 +318,7 @@ $page->navigation();
<option value=""><?= __('Select channel') ?></option> <option value=""><?= __('Select channel') ?></option>
<?php foreach (CHANNELS as $channel) { ?> <?php foreach (CHANNELS as $channel) { ?>
<?php if ($channel['branch'] === $user->channel) { ?> <?php if ($channel['branch'] === $_SESSION['user']->channel) { ?>
<option value="<?= $channel['branch'] ?>" selected><?= $channel['label'] ?></option> <option value="<?= $channel['branch'] ?>" selected><?= $channel['label'] ?></option>
<?php } else { ?> <?php } else { ?>
<option value="<?= $channel['branch'] ?>"><?= $channel['label'] ?></option> <option value="<?= $channel['branch'] ?>"><?= $channel['label'] ?></option>

View file

@ -64,23 +64,24 @@ if (isset($_POST['email'], $_POST['password']) && !empty($_POST['planet'])) {
/** /**
* Password reset * Password reset
*/ */
$user = $database $userQuery = $database
->query( ->query(
'SELECT * FROM `users` 'SELECT * FROM `users`
WHERE `email` = "' . $user_email . '" WHERE `email` = "' . $user_email . '"
AND `password_reset_token` = "' . $user_token . '";' AND `password_reset_token` = "' . $user_token . '";'
) );
->fetch();
if (false !== $user) { if (false !== $userQuery) {
if (time() > $user['password_reset_valid_until']) { $user = new User($userQuery->fetch());
if (time() > $user->password_reset_valid_until) {
$database $database
->query( ->query(
'UPDATE `users` 'UPDATE `users`
SET `password` = "' . User::generatePassword($_POST['password']) . '", SET `password` = "' . User::generatePassword($_POST['password']) . '",
`password_reset_token` = NULL, `password_reset_token` = NULL,
`password_reset_valid_until` = NULL `password_reset_valid_until` = NULL
WHERE `id` = ' . $user['id'] . ';' WHERE `id` = ' . $user->id . ';'
); );
$page->messages[] = Page::success( $page->messages[] = Page::success(

View file

@ -10,6 +10,7 @@ namespace wishthis;
$wishlist = new Wishlist($_GET['hash']); $wishlist = new Wishlist($_GET['hash']);
$page = new Page(__FILE__, $wishlist->getTitle()); $page = new Page(__FILE__, $wishlist->getTitle());
$wishlist_user = User::getFromID($wishlist->user);
if (!$wishlist->exists) { if (!$wishlist->exists) {
$page->errorDocument(404, $wishlist); $page->errorDocument(404, $wishlist);
@ -27,7 +28,7 @@ $page->navigation();
<div class="ui stackable grid"> <div class="ui stackable grid">
<div class="column"> <div class="column">
<?php if ($user->isLoggedIn() && $user->id !== intval($wishlist->user)) { ?> <?php if ($_SESSION['user']->isLoggedIn() && $_SESSION['user']->id !== $wishlist->user) { ?>
<button class="ui white small basic labeled icon button save disabled loading"> <button class="ui white small basic labeled icon button save disabled loading">
<i class="heart icon"></i> <i class="heart icon"></i>
<span><?= __('Remember list') ?></span> <span><?= __('Remember list') ?></span>
@ -41,7 +42,7 @@ $page->navigation();
/** /**
* Warn the wishlist creator * Warn the wishlist creator
*/ */
if ($user->isLoggedIn() && $user->id === intval($wishlist->user) && !empty($wishlist->wishes)) { ?> if ($_SESSION['user']->isLoggedIn() && $_SESSION['user']->id === $wishlist->user && !empty($wishlist->wishes)) { ?>
<div class="ui icon warning message wishlist-own"> <div class="ui icon warning message wishlist-own">
<i class="exclamation triangle icon"></i> <i class="exclamation triangle icon"></i>
<div class="content"> <div class="content">
@ -87,7 +88,7 @@ $page->navigation();
</div> </div>
<div class="ui basic center aligned segment"> <div class="ui basic center aligned segment">
<button class="ui primary button wishlist-request-wishes"> <button class="ui primary button wishlist-request-wishes" data-locale="<?= $wishlist_user->getLocale() ?>">
<?= __('Request more wishes') ?> <?= __('Request more wishes') ?>
</button> </button>
</div> </div>

View file

@ -13,7 +13,7 @@ $page->header();
$page->bodyStart(); $page->bodyStart();
$page->navigation(); $page->navigation();
$wishlists = $user->getSavedWishlists(); $wishlists = $_SESSION['user']->getSavedWishlists();
?> ?>
<main> <main>
<div class="ui container"> <div class="ui container">
@ -24,7 +24,7 @@ $wishlists = $user->getSavedWishlists();
<?php foreach ($wishlists as $wishlist_saved) { ?> <?php foreach ($wishlists as $wishlist_saved) { ?>
<?php <?php
$wishlist = new Wishlist($wishlist_saved['wishlist']); $wishlist = new Wishlist($wishlist_saved['wishlist']);
$wishlist_user = new User($wishlist_saved['user']); $wishlist_user = User::getFromID($wishlist_saved['user']);
$wishlist_href = Page::PAGE_WISHLIST . '&hash=' . $wishlist->hash; $wishlist_href = Page::PAGE_WISHLIST . '&hash=' . $wishlist->hash;
?> ?>
<div class="column"> <div class="column">