PrivateCoffee/wishthis
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Send emails in user locale

Browse source
This commit is contained in:
grandeljay 2022-06-27 10:33:01 +02:00
parent 44be915d35
commit 00ec36bd7f
22 changed files with 223 additions and 170 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

63
index.php
View file

@ -37,6 +37,31 @@ spl_autoload_register(
} }
); );
/**
* Session
*/
$sessionLifetime = 2592000; // 1 Month
session_set_cookie_params($sessionLifetime, '/');
session_start();
/** Refresh lifetime */
$session = session_get_cookie_params();
setcookie(
session_name(),
session_id(),
time() + $sessionLifetime,
$session['path'],
$session['domain'],
$session['secure'],
$session['httponly']
);
if (!isset($_SESSION['user'])) {
$_SESSION['user'] = new User();
}
/** /**
* Config * Config
*/ */
@ -71,34 +96,6 @@ if (
$options = new Options($database); $options = new Options($database);
} }
/**
* Session
*/
$sessionLifetime = 2592000; // 1 Month
session_set_cookie_params($sessionLifetime, '/');
session_start();
/** Refresh lifetime */
$session = session_get_cookie_params();
setcookie(
session_name(),
session_id(),
time() + $sessionLifetime,
$session['path'],
$session['domain'],
$session['secure'],
$session['httponly']
);
/**
* User
*/
if ($options) {
$user = new User();
}
/** /**
* Language * Language
*/ */
@ -118,16 +115,8 @@ $locales = array_filter(
scandir(ROOT . '/translations') scandir(ROOT . '/translations')
) )
); );
$locale = \Locale::lookup($locales, $user->locale, false, DEFAULT_LOCALE);
/** Load Translation */ $locale = isset($_REQUEST['locale']) ? $_REQUEST['locale'] : \Locale::lookup($locales, $_SESSION['user']->getLocale(), false, 'en_GB');
$translationFilepath = ROOT . '/translations/' . $locale . '.po';
$translations = null;
if (file_exists($translationFilepath)) {
$loader = new \Gettext\Loader\PoLoader();
$translations = $loader->loadFile($translationFilepath);
}
/** /**
* Wish * Wish

2
src/api/blog.php
View file

@ -16,7 +16,7 @@ require '../../index.php';
$response = array(); $response = array();
$dateFormatter = new \IntlDateFormatter( $dateFormatter = new \IntlDateFormatter(
$user->locale, $_SESSION['user']->getLocale(),
\IntlDateFormatter::MEDIUM, \IntlDateFormatter::MEDIUM,
\IntlDateFormatter::NONE \IntlDateFormatter::NONE
); );

4
src/api/wishlists-saved.php
View file

@ -18,7 +18,7 @@ switch ($_SERVER['REQUEST_METHOD']) {
/** /**
* Get * Get
*/ */
$response['data'] = $user->getSavedWishlists(); $response['data'] = $_SESSION['user']->getSavedWishlists();
break; break;
case 'POST': case 'POST':
@ -45,7 +45,7 @@ switch ($_SERVER['REQUEST_METHOD']) {
`user`, `user`,
`wishlist` `wishlist`
) VALUES ( ) VALUES (
' . $user->id . ', ' . $_SESSION['user']->id . ',
' . Sanitiser::getNumber($_POST['wishlist']) . ' ' . Sanitiser::getNumber($_POST['wishlist']) . '
) )
;'); ;');

18
src/api/wishlists.php
View file

@ -17,11 +17,11 @@ require '../../index.php';
switch ($_SERVER['REQUEST_METHOD']) { switch ($_SERVER['REQUEST_METHOD']) {
case 'POST': case 'POST':
if (isset($_POST['wishlist-name'], $_SESSION['user']['id'])) { if (isset($_POST['wishlist-name'], $_SESSION['user']->id)) {
/** /**
* Create * Create
*/ */
$user_id = Sanitiser::getNumber($_SESSION['user']['id']); $user_id = Sanitiser::getNumber($_SESSION['user']->id);
$wish_name = Sanitiser::getTitle($_POST['wishlist-name']); $wish_name = Sanitiser::getTitle($_POST['wishlist-name']);
$database->query('INSERT INTO `wishlists` $database->query('INSERT INTO `wishlists`
@ -61,18 +61,18 @@ switch ($_SERVER['REQUEST_METHOD']) {
$href = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'] . Page::PAGE_WISHLISTS . '&id=' . $wishlist['id']; $href = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'] . Page::PAGE_WISHLISTS . '&id=' . $wishlist['id'];
/** Send email */ /** Send email */
$user = new User($wishlist['user']); $user = User::getFromID($wishlist['user']);
$email = new Email($user->email, __('Wish request'), 'default', 'wishlist-request-wishes'); $email = new Email($user->email, __('Wish request', null, $user), 'default', 'wishlist-request-wishes');
$email->setPlaceholder('TEXT_HELLO', __('Hello,')); $email->setPlaceholder('TEXT_HELLO', __('Hello,', null, $user));
$email->setPlaceholder( $email->setPlaceholder(
'TEXT_WISHLIST_REQUEST_WISHES', 'TEXT_WISHLIST_REQUEST_WISHES',
sprintf( sprintf(
/** TRANSLATORS: %s: Wishlist name */ /** TRANSLATORS: %s: Wishlist name */
__('somebody has requested that you add more wishes to your wishlist %s.'), __('somebody has requested that you add more wishes to your wishlist %s.', null, $user),
'<a href="' . $href . '">' . $wishlist['name'] . '</a>' '<a href="' . $href . '">' . $wishlist['name'] . '</a>'
) )
); );
$email->setPlaceholder('TEXT_WISH_ADD', __('Add wish')); $email->setPlaceholder('TEXT_WISH_ADD', __('Add wish', null, $user));
$email->setPlaceholder('LINK_WISH_ADD', $href . '&wish_add=true'); $email->setPlaceholder('LINK_WISH_ADD', $href . '&wish_add=true');
$success = $email->send(); $success = $email->send();
@ -118,11 +118,11 @@ switch ($_SERVER['REQUEST_METHOD']) {
); );
$response['results'] = $wishlist->getCards($options); $response['results'] = $wishlist->getCards($options);
} elseif (isset($_GET['userid']) || isset($_SESSION['user']['id'])) { } elseif (isset($_GET['userid']) || isset($_SESSION['user']->id)) {
/** /**
* Get user wishlists * Get user wishlists
*/ */
$user = isset($_GET['userid']) ? new User($_GET['userid']) : new User(); $user = isset($_GET['userid']) ? User::getFromID($_GET['userid']) : $_SESSION['user'];
$wishlists = $user->getWishlists(); $wishlists = $user->getWishlists();
$wishlists = array_map( $wishlists = array_map(

6
src/assets/js/wishlist.js
View file

@ -144,11 +144,13 @@ $(function() {
* Request more wishes * Request more wishes
*/ */
$(document).on('click', '.ui.button.wishlist-request-wishes', function() { $(document).on('click', '.ui.button.wishlist-request-wishes', function() {
var buttonRequest = $(this); var buttonRequest = $(this);
var wishlist_id = $('.wishlist-cards[data-wishlist]').attr('data-wishlist'); var wishlist_id = $('.wishlist-cards[data-wishlist]').attr('data-wishlist');
var wishlist_locale = buttonRequest.attr('data-locale');
var formData = new URLSearchParams({ var formData = new URLSearchParams({
'wishlist-id' : wishlist_id, 'wishlist-id' : wishlist_id,
'locale' : wishlist_locale
}); });
buttonRequest.addClass('disabled loading'); buttonRequest.addClass('disabled loading');

5
src/classes/email.php
View file

@ -30,6 +30,11 @@ class Email
$this->contentsPart = file_get_contents(ROOT . '/src/mjml/parts/' . $this->part . '.mjml'); $this->contentsPart = file_get_contents(ROOT . '/src/mjml/parts/' . $this->part . '.mjml');
$this->mjml = str_replace('<mj-include path="MJML_PART" />', $this->contentsPart, $this->contentsTemplate); $this->mjml = str_replace('<mj-include path="MJML_PART" />', $this->contentsPart, $this->contentsTemplate);
/** Set Locale */
global $locale;
$this->mjml = preg_replace('/<mjml lang="(.+?)">/', '<mjml lang="' . $locale . '">', $this->mjml);
} }
public function setPlaceholder(string $placeholder, string $replacement): void public function setPlaceholder(string $placeholder, string $replacement): void

9
src/classes/page.php
View file

@ -135,8 +135,9 @@ class Page
/** /**
* Session * Session
*/ */
global $user, $options; global $options;
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$ignorePower = array( $ignorePower = array(
'home', 'home',
'blog', 'blog',
@ -150,9 +151,9 @@ class Page
); );
if ( if (
!isset($_SESSION['user']) false === $user->isLoggedIn()
&& isset($_GET['page']) && isset($_GET['page'])
&& !in_array($_GET['page'], $ignorePower) && false === in_array($_GET['page'], $ignorePower)
) { ) {
redirect(Page::PAGE_LOGIN); redirect(Page::PAGE_LOGIN);
} }
@ -461,7 +462,7 @@ class Page
public function navigation(): void public function navigation(): void
{ {
$user = new User(); $user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$wishlists = Navigation::Wishlists->value; $wishlists = Navigation::Wishlists->value;
$blog = Navigation::Blog->value; $blog = Navigation::Blog->value;

82
src/classes/user.php
View file

@ -15,45 +15,83 @@ class User
/** /**
* Static * Static
*/ */
public static function getFromID(int $user_id): self
{
global $database;
$userQuery = $database
->query(
'SELECT *
FROM `users`
WHERE `id` = ' . $user_id
);
if (false !== $userQuery) {
$fields = $userQuery->fetch();
$user = new User($fields);
return $user;
}
throw new Exception('Unable to find user with ID ' . $user_id . '. Does it exist?');
}
public static function generatePassword(string $plainPassword): string public static function generatePassword(string $plainPassword): string
{ {
return sha1($plainPassword); return sha1($plainPassword);
} }
/**
* Private
*/
private string $locale;
/** /**
* Non-Static * Non-Static
*/ */
public int $power = 0; public int $power = 0;
public ?\Gettext\Translations $translations = null;
public function __construct(int $id = -1) public function __construct(array $fields = array())
{ {
if (-1 === $id) { if (!empty($fields)) {
if (isset($_SESSION['user']['id'])) { foreach ($fields as $key => $value) {
$this->id = $_SESSION['user']['id']; $this->$key = $value;
} }
} else {
$this->id = $id;
} }
$this->locale = \Locale::acceptFromHttp( /** Set Locale */
isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : DEFAULT_LOCALE if (!isset($this->locale)) {
); $this->locale = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? \Locale::acceptFromHttp($_SERVER['HTTP_ACCEPT_LANGUAGE']) : DEFAULT_LOCALE;
if (!isset($this->id)) {
return null;
} }
global $database; $this->setLocale($this->locale);
}
$user = $database /**
->query('SELECT * * Set the users locale
FROM `users` *
WHERE `id` = ' . $this->id . ';') * @param string $locale
->fetch(); *
* @return void
*/
public function setLocale(string $locale): void
{
/** Load Translation */
$translationFilepath = ROOT . '/translations/' . $locale . '.po';
foreach ($user as $key => $value) { if (file_exists($translationFilepath)) {
$this->$key = $value; $loader = new \Gettext\Loader\PoLoader();
$this->translations = $loader->loadFile($translationFilepath);
} }
/** Set locale */
$this->locale = $locale;
}
public function getLocale(): string
{
return $this->locale;
} }
/** /**
@ -63,7 +101,7 @@ class User
*/ */
public function isLoggedIn(): bool public function isLoggedIn(): bool
{ {
return isset($_SESSION['user']); return isset($_SESSION['user']->id) && $_SESSION['user']->id >= 1;
} }
/** /**

6
src/classes/wish.php
View file

@ -115,13 +115,13 @@ class Wish
{ {
ob_start(); ob_start();
$userCard = new User($ofUser); $userCard = User::getFromID($ofUser);
$numberFormatter = new \NumberFormatter( $numberFormatter = new \NumberFormatter(
$userCard->locale, $userCard->getLocale(),
\NumberFormatter::CURRENCY \NumberFormatter::CURRENCY
); );
$userIsCurrent = isset($_SESSION['user']['id']) && intval($_SESSION['user']['id']) === $userCard->id; $userIsCurrent = isset($_SESSION['user']->id) && $_SESSION['user']->id === $userCard->id;
/** /**
* Card * Card

3
src/functions/getWishlistNameSuggestion.php
View file

@ -8,8 +8,7 @@
function getWishlistNameSuggestion(): string function getWishlistNameSuggestion(): string
{ {
global $user; $user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$now = time(); $now = time();
$month = date('n'); $month = date('n');
$name = ''; $name = '';

14
src/functions/gettext.php
View file

@ -6,14 +6,16 @@
* @author Jay Trees <github.jay@grandel.anonaddy.me> * @author Jay Trees <github.jay@grandel.anonaddy.me>
*/ */
function __(string $text, string $context = null): string use wishthis\User;
function __(string $text, string $context = null, User $user = null): string
{ {
global $translations; if (null === $user) {
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
}
$translation = null; if (null !== $user->translations) {
$translation = $user->translations->find($context, $text);
if ($translations) {
$translation = $translations->find($context, $text);
if ($translation) { if ($translation) {
$translationText = $translation->getTranslation(); $translationText = $translation->getTranslation();

4
src/functions/redirect.php
View file

@ -6,9 +6,11 @@
* @author Jay Trees <github.jay@grandel.anonaddy.me> * @author Jay Trees <github.jay@grandel.anonaddy.me>
*/ */
use wishthis\User;
function redirect(string $target) function redirect(string $target)
{ {
global $user; $user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
/** /**
* Redirect user based on channel setting * Redirect user based on channel setting

2
src/mjml/default.mjml
View file

@ -1,4 +1,4 @@
<mjml> <mjml lang="en_GB">
<mj-head> <mj-head>
<mj-attributes> <mj-attributes>
<mj-all font-family="Raleway, sans-serif" <mj-all font-family="Raleway, sans-serif"

4
src/pages/blog.php
View file

@ -15,7 +15,7 @@ $page->navigation();
$posts = Blog::getPosts(); $posts = Blog::getPosts();
if ('en' !== \Locale::getPrimaryLanguage($user->locale)) { if ('en' !== \Locale::getPrimaryLanguage($_SESSION['user']->getLocale())) {
$page->messages[] = Page::warning( $page->messages[] = Page::warning(
sprintf( sprintf(
/** TRANSLATORS: %s: Language, most likely English */ /** TRANSLATORS: %s: Language, most likely English */
@ -37,7 +37,7 @@ if ('en' !== \Locale::getPrimaryLanguage($user->locale)) {
<?php foreach ($posts as $post) { ?> <?php foreach ($posts as $post) { ?>
<?php <?php
$dateFormatter = new \IntlDateFormatter( $dateFormatter = new \IntlDateFormatter(
$user->locale, $_SESSION['user']->getLocale(),
\IntlDateFormatter::MEDIUM, \IntlDateFormatter::MEDIUM,
\IntlDateFormatter::NONE \IntlDateFormatter::NONE
); );

12
src/pages/home.php
View file

@ -26,7 +26,7 @@ $page->navigation();
<p><?= __('wishthis is a simple, intuitive and modern wishlist platform to create, manage and view your wishes for any kind of occasion.') ?></p> <p><?= __('wishthis is a simple, intuitive and modern wishlist platform to create, manage and view your wishes for any kind of occasion.') ?></p>
<div class="ui two column doubling stackable centered grid"> <div class="ui two column doubling stackable centered grid">
<?php if ($user->isLoggedIn()) { ?> <?php if ($_SESSION['user']->isLoggedIn()) { ?>
<div class="column"> <div class="column">
<a class="ui fluid primary button" <a class="ui fluid primary button"
href="<?= Page::PAGE_WISHLISTS ?>" href="<?= Page::PAGE_WISHLISTS ?>"
@ -40,11 +40,11 @@ $page->navigation();
$lastWishlist = null; $lastWishlist = null;
$lastWishlistQuery = $database->query( $lastWishlistQuery = $database->query(
' SELECT `wishlists`.* ' SELECT `wishlists`.*
FROM `wishes` FROM `wishes`
JOIN `wishlists` ON `wishes`.`wishlist` = `wishlists`.`id` JOIN `wishlists` ON `wishes`.`wishlist` = `wishlists`.`id`
JOIN `users` ON `wishlists`.`user` = `users`.`id` JOIN `users` ON `wishlists`.`user` = `users`.`id`
WHERE `users`.`id` = ' . $user->id . ' WHERE `users`.`id` = ' . $_SESSION['user']->id . '
ORDER BY `wishes`.`edited` DESC ORDER BY `wishes`.`edited` DESC
LIMIT 1;' LIMIT 1;'
); );

13
src/pages/login-as.php
View file

@ -13,18 +13,19 @@ $page = new Page(__FILE__, __('Login as'), 100);
if (isset($_POST['email'])) { if (isset($_POST['email'])) {
$email = Sanitiser::getEmail($_POST['email']); $email = Sanitiser::getEmail($_POST['email']);
$user = $database $userQuery = $database
->query( ->query(
'SELECT * 'SELECT *
FROM `users` FROM `users`
WHERE `email` = "' . $email . '";' WHERE `email` = "' . $email . '";'
) );
->fetch();
$success = false !== $user; $success = false !== $userQuery;
if ($success) { if ($success) {
$_SESSION['user'] = $user; $fields = $userQuery->fetch();
$_SESSION['user'] = new User($fields);
} }
} }

68
src/pages/login.php
View file

@ -17,20 +17,28 @@ if (isset($_POST['login'], $_POST['email'], $_POST['password'])) {
$email = Sanitiser::getEmail($_POST['email']); $email = Sanitiser::getEmail($_POST['email']);
$password = User::generatePassword($_POST['password']); $password = User::generatePassword($_POST['password']);
$database->query('UPDATE `users` $database
SET `last_login` = NOW() ->query(
WHERE `email` = "' . $email . '" 'UPDATE `users`
AND `password` = "' . $password . '" SET `last_login` = NOW()
;'); WHERE `email` = "' . $email . '"
$user = $database->query('SELECT * FROM `users` AND `password` = "' . $password . '";'
WHERE `email` = "' . $email . '" );
AND `password` = "' . $password . '";')
->fetch();
$success = false !== $user; $userQuery = $database
->query(
'SELECT *
FROM `users`
WHERE `email` = "' . $email . '"
AND `password` = "' . $password . '";'
);
$success = false !== $userQuery;
if ($success) { if ($success) {
$_SESSION['user'] = $user; $fields = $userQuery->fetch();
$_SESSION['user'] = new User($fields);
} else { } else {
$page->messages[] = Page::error( $page->messages[] = Page::error(
__('No user could be found with the credentials you provided.'), __('No user could be found with the credentials you provided.'),
@ -39,7 +47,7 @@ if (isset($_POST['login'], $_POST['email'], $_POST['password'])) {
} }
} }
if (isset($_SESSION['user'])) { if ($_SESSION['user']->isLoggedIn()) {
if (isset($_SESSION['REDIRECT_URL'])) { if (isset($_SESSION['REDIRECT_URL'])) {
redirect($_SESSION['REDIRECT_URL']); redirect($_SESSION['REDIRECT_URL']);
} else { } else {
@ -51,40 +59,44 @@ if (isset($_SESSION['user'])) {
* Reset * Reset
*/ */
if (isset($_POST['reset'], $_POST['email'])) { if (isset($_POST['reset'], $_POST['email'])) {
$user = $database $userQuery = $database
->query('SELECT * ->query(
FROM `users` 'SELECT *
WHERE `email` = "' . Sanitiser::getEmail($_POST['email']) . '";') FROM `users`
->fetch(); WHERE `email` = "' . Sanitiser::getEmail($_POST['email']) . '";'
);
if ($user) { $user = false !== $userQuery ? new User($userQuery->fetch()) : new User();
if (isset($user->id)) {
$token = sha1(time() . rand(0, 999999)); $token = sha1(time() . rand(0, 999999));
$validUntil = time() + 3600; $validUntil = time() + 3600;
$database $database
->query('UPDATE `users` ->query(
SET `password_reset_token` = "' . $token . '", 'UPDATE `users`
`password_reset_valid_until` = "' . date('Y-m-d H:i:s', $validUntil) . '" SET `password_reset_token` = "' . $token . '",
WHERE `id` = ' . $user['id'] . ' `password_reset_valid_until` = "' . date('Y-m-d H:i:s', $validUntil) . '"
;'); WHERE `id` = ' . $user->id . ';'
);
$emailReset = new Email($user['email'], __('Password reset link'), 'default', 'password-reset'); $emailReset = new Email($_POST['email'], __('Password reset link', null, $user), 'default', 'password-reset');
$emailReset->setPlaceholder('TEXT_HELLO', __('Hello,')); $emailReset->setPlaceholder('TEXT_HELLO', __('Hello,', null, $user));
$emailReset->setPlaceholder( $emailReset->setPlaceholder(
'TEXT_PASSWORD_RESET', 'TEXT_PASSWORD_RESET',
sprintf( sprintf(
/** TRANSLATORS: %s: The wishthis domain */ /** TRANSLATORS: %s: The wishthis domain */
__('somebody has requested a password reset for this email address from %s. If this was you, click the button below to invalidate your current password and set a new one.'), __('somebody has requested a password reset for this email address from %s. If this was you, click the button below to invalidate your current password and set a new one.', null, $user),
'<mj-raw><a href="https://wishthis.online">wishthis.online</a></mj-raw>' '<mj-raw><a href="https://wishthis.online">wishthis.online</a></mj-raw>'
) )
); );
$emailReset->setPlaceholder('TEXT_SET_NEW_PASSWORD', __('Set new password')); $emailReset->setPlaceholder('TEXT_SET_NEW_PASSWORD', __('Set new password', null, $user));
$emailReset->setPlaceholder('wishthis.online', $_SERVER['HTTP_HOST']); $emailReset->setPlaceholder('wishthis.online', $_SERVER['HTTP_HOST']);
$emailReset->setPlaceholder( $emailReset->setPlaceholder(
'password-reset-link', 'password-reset-link',
$_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['REQUEST_SCHEME'] . '://' .
$_SERVER['HTTP_HOST'] . $_SERVER['HTTP_HOST'] .
Page::PAGE_REGISTER . '&password-reset=' . $user['email'] . '&token=' . $token Page::PAGE_REGISTER . '&password-reset=' . $user->email . '&token=' . $token
); );
$emailReset->send(); $emailReset->send();

2
src/pages/power.php
View file

@ -20,7 +20,7 @@ $page->navigation();
<div class="ui segment"> <div class="ui segment">
<h2 class="ui header"><?= __('Restricted access') ?></h2> <h2 class="ui header"><?= __('Restricted access') ?></h2>
<p><?= sprintf(__('You do not have enough power to view this page. You need %s to see this page, but only have %s.'), '<strong>' . $_GET['required'] . '</strong>', '<strong>' . $user->power . '</strong>') ?></p> <p><?= sprintf(__('You do not have enough power to view this page. You need %s to see this page, but only have %s.'), '<strong>' . $_GET['required'] . '</strong>', '<strong>' . $_SESSION['user']->power . '</strong>') ?></p>
</div> </div>
</div> </div>
</main> </main>

48
src/pages/profile.php
View file

@ -39,13 +39,13 @@ if (isset($_POST['user-id'], $_POST['section'])) {
'label' => __('Language'), 'label' => __('Language'),
), ),
); );
$loginRequired = false; $loginRequired = false;
foreach ($formFieldsString as $field) { foreach ($formFieldsString as $field) {
if (!empty($_POST[$field['key']]) && $_POST[$field['key']] !== $user->{$field['column']}) { if (!empty($_POST[$field['key']]) && $_POST[$field['key']] !== $_SESSION['user']->{$field['column']}) {
$set[] = '`' . $field['column'] . '` = "' . $_POST[$field['key']] . '"'; $set[] = '`' . $field['column'] . '` = "' . $_POST[$field['key']] . '"';
$user->{$field['column']} = $_POST[$field['key']]; $_SESSION['user']->{$field['column']} = $_POST[$field['key']];
$page->messages[] = Page::success( $page->messages[] = Page::success(
sprintf( sprintf(
@ -57,7 +57,7 @@ if (isset($_POST['user-id'], $_POST['section'])) {
} }
} }
if (!empty($_POST['user-email']) && $_POST['user-email'] !== $user->email) { if (!empty($_POST['user-email']) && $_POST['user-email'] !== $_SESSION['user']->email) {
$loginRequired = true; $loginRequired = true;
} }
@ -66,13 +66,13 @@ if (isset($_POST['user-id'], $_POST['section'])) {
*/ */
if (isset($_POST['user-birthdate'])) { if (isset($_POST['user-birthdate'])) {
if (empty($_POST['user-birthdate'])) { if (empty($_POST['user-birthdate'])) {
$user->birthdate = null; $_SESSION['user']->birthdate = null;
$set[] = '`birthdate` = NULL'; $set[] = '`birthdate` = NULL';
} else { } else {
$user->birthdate = date('Y-m-d', strtotime($_POST['user-birthdate'])); $_SESSION['user']->birthdate = date('Y-m-d', strtotime($_POST['user-birthdate']));
$set[] = '`birthdate` = "' . $user->birthdate . '"'; $set[] = '`birthdate` = "' . $_SESSION['user']->birthdate . '"';
} }
} }
@ -92,15 +92,15 @@ if (isset($_POST['user-id'], $_POST['section'])) {
/** /**
* Preferences * Preferences
*/ */
if (isset($_POST['user-channel']) && $_POST['user-channel'] !== $user->channel) { if (isset($_POST['user-channel']) && $_POST['user-channel'] !== $_SESSION['user']->channel) {
if (empty($_POST['user-channel'])) { if (empty($_POST['user-channel'])) {
$user->channel = null; $_SESSION['user']->channel = null;
$set[] = '`channel` = NULL'; $set[] = '`channel` = NULL';
} else { } else {
$user->channel = $_POST['user-channel']; $_SESSION['user']->channel = $_POST['user-channel'];
$set[] = '`channel` = "' . $user->channel . '"'; $set[] = '`channel` = "' . $_SESSION['user']->channel . '"';
} }
} }
@ -156,26 +156,26 @@ $page->navigation();
<div class="ui segment"> <div class="ui segment">
<form class="ui form" method="POST"> <form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $user->id ?>" /> <input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="section" value="personal" /> <input type="hidden" name="section" value="personal" />
<div class="three fields"> <div class="three fields">
<div class="field"> <div class="field">
<label><?= __('First name') ?></label> <label><?= __('First name') ?></label>
<input type="text" name="user-name-first" value="<?= $user->name_first ?>" /> <input type="text" name="user-name-first" value="<?= $_SESSION['user']->name_first ?>" />
</div> </div>
<div class="field"> <div class="field">
<label><?= __('Last name') ?></label> <label><?= __('Last name') ?></label>
<input type="text" name="user-name-last" value="<?= $user->name_last ?>" /> <input type="text" name="user-name-last" value="<?= $_SESSION['user']->name_last ?>" />
</div> </div>
<div class="field"> <div class="field">
<label><?= __('Nickname') ?></label> <label><?= __('Nickname') ?></label>
<input type="text" name="user-name-nick" value="<?= $user->name_nick ?>" /> <input type="text" name="user-name-nick" value="<?= $_SESSION['user']->name_nick ?>" />
</div> </div>
</div> </div>
@ -183,7 +183,7 @@ $page->navigation();
<div class="field"> <div class="field">
<label><?= __('Email') ?></label> <label><?= __('Email') ?></label>
<input type="email" name="user-email" value="<?= $user->email ?>" /> <input type="email" name="user-email" value="<?= $_SESSION['user']->email ?>" />
</div> </div>
<div class="field"> <div class="field">
@ -195,7 +195,7 @@ $page->navigation();
<input type="text" <input type="text"
name="user-birthdate" name="user-birthdate"
placeholder="<?= __('Pick a date') ?>" placeholder="<?= __('Pick a date') ?>"
value="<?= $user->birthdate ?>" value="<?= $_SESSION['user']->birthdate ?>"
/> />
</div> </div>
</div> </div>
@ -219,7 +219,7 @@ $page->navigation();
<div class="ui segment"> <div class="ui segment">
<form class="ui form" method="POST"> <form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $user->id ?>" /> <input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="section" value="password" /> <input type="hidden" name="section" value="password" />
<div class="two fields"> <div class="two fields">
@ -282,7 +282,7 @@ $page->navigation();
<div class="ui segment"> <div class="ui segment">
<form class="ui form" method="POST"> <form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $user->id ?>" /> <input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="section" value="preferences" /> <input type="hidden" name="section" value="preferences" />
<div class="two fields"> <div class="two fields">
@ -291,15 +291,15 @@ $page->navigation();
<select class="ui search dropdown locale" name="user-locale"> <select class="ui search dropdown locale" name="user-locale">
<?php if (!in_array('en_GB', $locales)) { ?> <?php if (!in_array('en_GB', $locales)) { ?>
<option value="<?= 'en_GB' ?>"><?= \Locale::getDisplayName('en_GB', $user->locale) ?></option> <option value="<?= 'en_GB' ?>"><?= \Locale::getDisplayName('en_GB', $_SESSION['user']->getLocale()) ?></option>
<?php } ?> <?php } ?>
<?php foreach ($locales as $locale) { ?> <?php foreach ($locales as $locale) { ?>
<?php if (\Locale::getRegion($locale)) { ?> <?php if (\Locale::getRegion($locale)) { ?>
<?php if ($locale === $user->locale) { ?> <?php if ($locale === $_SESSION['user']->getLocale()) { ?>
<option value="<?= $locale ?>" selected><?= \Locale::getDisplayName($locale, $user->locale) ?></option> <option value="<?= $locale ?>" selected><?= \Locale::getDisplayName($locale, $_SESSION['user']->getLocale()) ?></option>
<?php } else { ?> <?php } else { ?>
<option value="<?= $locale ?>"><?= \Locale::getDisplayName($locale, $user->locale) ?></option> <option value="<?= $locale ?>"><?= \Locale::getDisplayName($locale, $_SESSION['user']->getLocale()) ?></option>
<?php } ?> <?php } ?>
<?php } ?> <?php } ?>
<?php } ?> <?php } ?>
@ -318,7 +318,7 @@ $page->navigation();
<option value=""><?= __('Select channel') ?></option> <option value=""><?= __('Select channel') ?></option>
<?php foreach (CHANNELS as $channel) { ?> <?php foreach (CHANNELS as $channel) { ?>
<?php if ($channel['branch'] === $user->channel) { ?> <?php if ($channel['branch'] === $_SESSION['user']->channel) { ?>
<option value="<?= $channel['branch'] ?>" selected><?= $channel['label'] ?></option> <option value="<?= $channel['branch'] ?>" selected><?= $channel['label'] ?></option>
<?php } else { ?> <?php } else { ?>
<option value="<?= $channel['branch'] ?>"><?= $channel['label'] ?></option> <option value="<?= $channel['branch'] ?>"><?= $channel['label'] ?></option>

13
src/pages/register.php
View file

@ -64,23 +64,24 @@ if (isset($_POST['email'], $_POST['password']) && !empty($_POST['planet'])) {
/** /**
* Password reset * Password reset
*/ */
$user = $database $userQuery = $database
->query( ->query(
'SELECT * FROM `users` 'SELECT * FROM `users`
WHERE `email` = "' . $user_email . '" WHERE `email` = "' . $user_email . '"
AND `password_reset_token` = "' . $user_token . '";' AND `password_reset_token` = "' . $user_token . '";'
) );
->fetch();
if (false !== $user) { if (false !== $userQuery) {
if (time() > $user['password_reset_valid_until']) { $user = new User($userQuery->fetch());
if (time() > $user->password_reset_valid_until) {
$database $database
->query( ->query(
'UPDATE `users` 'UPDATE `users`
SET `password` = "' . User::generatePassword($_POST['password']) . '", SET `password` = "' . User::generatePassword($_POST['password']) . '",
`password_reset_token` = NULL, `password_reset_token` = NULL,
`password_reset_valid_until` = NULL `password_reset_valid_until` = NULL
WHERE `id` = ' . $user['id'] . ';' WHERE `id` = ' . $user->id . ';'
); );
$page->messages[] = Page::success( $page->messages[] = Page::success(

11
src/pages/wishlist.php
View file

@ -8,8 +8,9 @@
namespace wishthis; namespace wishthis;
$wishlist = new Wishlist($_GET['hash']); $wishlist = new Wishlist($_GET['hash']);
$page = new Page(__FILE__, $wishlist->getTitle()); $page = new Page(__FILE__, $wishlist->getTitle());
$wishlist_user = User::getFromID($wishlist->user);
if (!$wishlist->exists) { if (!$wishlist->exists) {
$page->errorDocument(404, $wishlist); $page->errorDocument(404, $wishlist);
@ -27,7 +28,7 @@ $page->navigation();
<div class="ui stackable grid"> <div class="ui stackable grid">
<div class="column"> <div class="column">
<?php if ($user->isLoggedIn() && $user->id !== intval($wishlist->user)) { ?> <?php if ($_SESSION['user']->isLoggedIn() && $_SESSION['user']->id !== $wishlist->user) { ?>
<button class="ui white small basic labeled icon button save disabled loading"> <button class="ui white small basic labeled icon button save disabled loading">
<i class="heart icon"></i> <i class="heart icon"></i>
<span><?= __('Remember list') ?></span> <span><?= __('Remember list') ?></span>
@ -41,7 +42,7 @@ $page->navigation();
/** /**
* Warn the wishlist creator * Warn the wishlist creator
*/ */
if ($user->isLoggedIn() && $user->id === intval($wishlist->user) && !empty($wishlist->wishes)) { ?> if ($_SESSION['user']->isLoggedIn() && $_SESSION['user']->id === $wishlist->user && !empty($wishlist->wishes)) { ?>
<div class="ui icon warning message wishlist-own"> <div class="ui icon warning message wishlist-own">
<i class="exclamation triangle icon"></i> <i class="exclamation triangle icon"></i>
<div class="content"> <div class="content">
@ -87,7 +88,7 @@ $page->navigation();
</div> </div>
<div class="ui basic center aligned segment"> <div class="ui basic center aligned segment">
<button class="ui primary button wishlist-request-wishes"> <button class="ui primary button wishlist-request-wishes" data-locale="<?= $wishlist_user->getLocale() ?>">
<?= __('Request more wishes') ?> <?= __('Request more wishes') ?>
</button> </button>
</div> </div>

4
src/pages/wishlists-saved.php
View file

@ -13,7 +13,7 @@ $page->header();
$page->bodyStart(); $page->bodyStart();
$page->navigation(); $page->navigation();
$wishlists = $user->getSavedWishlists(); $wishlists = $_SESSION['user']->getSavedWishlists();
?> ?>
<main> <main>
<div class="ui container"> <div class="ui container">
@ -24,7 +24,7 @@ $wishlists = $user->getSavedWishlists();
<?php foreach ($wishlists as $wishlist_saved) { ?> <?php foreach ($wishlists as $wishlist_saved) { ?>
<?php <?php
$wishlist = new Wishlist($wishlist_saved['wishlist']); $wishlist = new Wishlist($wishlist_saved['wishlist']);
$wishlist_user = new User($wishlist_saved['user']); $wishlist_user = User::getFromID($wishlist_saved['user']);
$wishlist_href = Page::PAGE_WISHLIST . '&hash=' . $wishlist->hash; $wishlist_href = Page::PAGE_WISHLIST . '&hash=' . $wishlist->hash;
?> ?>
<div class="column"> <div class="column">