Send emails in user locale

This commit is contained in:
grandeljay 2022-06-27 10:33:01 +02:00
parent 44be915d35
commit 00ec36bd7f
22 changed files with 223 additions and 170 deletions

View file

@ -37,6 +37,31 @@ spl_autoload_register(
}
);
/**
* Session
*/
$sessionLifetime = 2592000; // 1 Month
session_set_cookie_params($sessionLifetime, '/');
session_start();
/** Refresh lifetime */
$session = session_get_cookie_params();
setcookie(
session_name(),
session_id(),
time() + $sessionLifetime,
$session['path'],
$session['domain'],
$session['secure'],
$session['httponly']
);
if (!isset($_SESSION['user'])) {
$_SESSION['user'] = new User();
}
/**
* Config
*/
@ -71,34 +96,6 @@ if (
$options = new Options($database);
}
/**
* Session
*/
$sessionLifetime = 2592000; // 1 Month
session_set_cookie_params($sessionLifetime, '/');
session_start();
/** Refresh lifetime */
$session = session_get_cookie_params();
setcookie(
session_name(),
session_id(),
time() + $sessionLifetime,
$session['path'],
$session['domain'],
$session['secure'],
$session['httponly']
);
/**
* User
*/
if ($options) {
$user = new User();
}
/**
* Language
*/
@ -118,16 +115,8 @@ $locales = array_filter(
scandir(ROOT . '/translations')
)
);
$locale = \Locale::lookup($locales, $user->locale, false, DEFAULT_LOCALE);
/** Load Translation */
$translationFilepath = ROOT . '/translations/' . $locale . '.po';
$translations = null;
if (file_exists($translationFilepath)) {
$loader = new \Gettext\Loader\PoLoader();
$translations = $loader->loadFile($translationFilepath);
}
$locale = isset($_REQUEST['locale']) ? $_REQUEST['locale'] : \Locale::lookup($locales, $_SESSION['user']->getLocale(), false, 'en_GB');
/**
* Wish

View file

@ -16,7 +16,7 @@ require '../../index.php';
$response = array();
$dateFormatter = new \IntlDateFormatter(
$user->locale,
$_SESSION['user']->getLocale(),
\IntlDateFormatter::MEDIUM,
\IntlDateFormatter::NONE
);

View file

@ -18,7 +18,7 @@ switch ($_SERVER['REQUEST_METHOD']) {
/**
* Get
*/
$response['data'] = $user->getSavedWishlists();
$response['data'] = $_SESSION['user']->getSavedWishlists();
break;
case 'POST':
@ -45,7 +45,7 @@ switch ($_SERVER['REQUEST_METHOD']) {
`user`,
`wishlist`
) VALUES (
' . $user->id . ',
' . $_SESSION['user']->id . ',
' . Sanitiser::getNumber($_POST['wishlist']) . '
)
;');

View file

@ -17,11 +17,11 @@ require '../../index.php';
switch ($_SERVER['REQUEST_METHOD']) {
case 'POST':
if (isset($_POST['wishlist-name'], $_SESSION['user']['id'])) {
if (isset($_POST['wishlist-name'], $_SESSION['user']->id)) {
/**
* Create
*/
$user_id = Sanitiser::getNumber($_SESSION['user']['id']);
$user_id = Sanitiser::getNumber($_SESSION['user']->id);
$wish_name = Sanitiser::getTitle($_POST['wishlist-name']);
$database->query('INSERT INTO `wishlists`
@ -61,18 +61,18 @@ switch ($_SERVER['REQUEST_METHOD']) {
$href = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'] . Page::PAGE_WISHLISTS . '&id=' . $wishlist['id'];
/** Send email */
$user = new User($wishlist['user']);
$email = new Email($user->email, __('Wish request'), 'default', 'wishlist-request-wishes');
$email->setPlaceholder('TEXT_HELLO', __('Hello,'));
$user = User::getFromID($wishlist['user']);
$email = new Email($user->email, __('Wish request', null, $user), 'default', 'wishlist-request-wishes');
$email->setPlaceholder('TEXT_HELLO', __('Hello,', null, $user));
$email->setPlaceholder(
'TEXT_WISHLIST_REQUEST_WISHES',
sprintf(
/** TRANSLATORS: %s: Wishlist name */
__('somebody has requested that you add more wishes to your wishlist %s.'),
__('somebody has requested that you add more wishes to your wishlist %s.', null, $user),
'<a href="' . $href . '">' . $wishlist['name'] . '</a>'
)
);
$email->setPlaceholder('TEXT_WISH_ADD', __('Add wish'));
$email->setPlaceholder('TEXT_WISH_ADD', __('Add wish', null, $user));
$email->setPlaceholder('LINK_WISH_ADD', $href . '&wish_add=true');
$success = $email->send();
@ -118,11 +118,11 @@ switch ($_SERVER['REQUEST_METHOD']) {
);
$response['results'] = $wishlist->getCards($options);
} elseif (isset($_GET['userid']) || isset($_SESSION['user']['id'])) {
} elseif (isset($_GET['userid']) || isset($_SESSION['user']->id)) {
/**
* Get user wishlists
*/
$user = isset($_GET['userid']) ? new User($_GET['userid']) : new User();
$user = isset($_GET['userid']) ? User::getFromID($_GET['userid']) : $_SESSION['user'];
$wishlists = $user->getWishlists();
$wishlists = array_map(

View file

@ -146,9 +146,11 @@ $(function() {
$(document).on('click', '.ui.button.wishlist-request-wishes', function() {
var buttonRequest = $(this);
var wishlist_id = $('.wishlist-cards[data-wishlist]').attr('data-wishlist');
var wishlist_locale = buttonRequest.attr('data-locale');
var formData = new URLSearchParams({
'wishlist-id' : wishlist_id,
'locale' : wishlist_locale
});
buttonRequest.addClass('disabled loading');

View file

@ -30,6 +30,11 @@ class Email
$this->contentsPart = file_get_contents(ROOT . '/src/mjml/parts/' . $this->part . '.mjml');
$this->mjml = str_replace('<mj-include path="MJML_PART" />', $this->contentsPart, $this->contentsTemplate);
/** Set Locale */
global $locale;
$this->mjml = preg_replace('/<mjml lang="(.+?)">/', '<mjml lang="' . $locale . '">', $this->mjml);
}
public function setPlaceholder(string $placeholder, string $replacement): void

View file

@ -135,8 +135,9 @@ class Page
/**
* Session
*/
global $user, $options;
global $options;
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$ignorePower = array(
'home',
'blog',
@ -150,9 +151,9 @@ class Page
);
if (
!isset($_SESSION['user'])
false === $user->isLoggedIn()
&& isset($_GET['page'])
&& !in_array($_GET['page'], $ignorePower)
&& false === in_array($_GET['page'], $ignorePower)
) {
redirect(Page::PAGE_LOGIN);
}
@ -461,7 +462,7 @@ class Page
public function navigation(): void
{
$user = new User();
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$wishlists = Navigation::Wishlists->value;
$blog = Navigation::Blog->value;

View file

@ -15,47 +15,85 @@ class User
/**
* Static
*/
public static function getFromID(int $user_id): self
{
global $database;
$userQuery = $database
->query(
'SELECT *
FROM `users`
WHERE `id` = ' . $user_id
);
if (false !== $userQuery) {
$fields = $userQuery->fetch();
$user = new User($fields);
return $user;
}
throw new Exception('Unable to find user with ID ' . $user_id . '. Does it exist?');
}
public static function generatePassword(string $plainPassword): string
{
return sha1($plainPassword);
}
/**
* Private
*/
private string $locale;
/**
* Non-Static
*/
public int $power = 0;
public ?\Gettext\Translations $translations = null;
public function __construct(int $id = -1)
public function __construct(array $fields = array())
{
if (-1 === $id) {
if (isset($_SESSION['user']['id'])) {
$this->id = $_SESSION['user']['id'];
}
} else {
$this->id = $id;
}
$this->locale = \Locale::acceptFromHttp(
isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : DEFAULT_LOCALE
);
if (!isset($this->id)) {
return null;
}
global $database;
$user = $database
->query('SELECT *
FROM `users`
WHERE `id` = ' . $this->id . ';')
->fetch();
foreach ($user as $key => $value) {
if (!empty($fields)) {
foreach ($fields as $key => $value) {
$this->$key = $value;
}
}
/** Set Locale */
if (!isset($this->locale)) {
$this->locale = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? \Locale::acceptFromHttp($_SERVER['HTTP_ACCEPT_LANGUAGE']) : DEFAULT_LOCALE;
}
$this->setLocale($this->locale);
}
/**
* Set the users locale
*
* @param string $locale
*
* @return void
*/
public function setLocale(string $locale): void
{
/** Load Translation */
$translationFilepath = ROOT . '/translations/' . $locale . '.po';
if (file_exists($translationFilepath)) {
$loader = new \Gettext\Loader\PoLoader();
$this->translations = $loader->loadFile($translationFilepath);
}
/** Set locale */
$this->locale = $locale;
}
public function getLocale(): string
{
return $this->locale;
}
/**
* Return whether the current user is logged in.
*
@ -63,7 +101,7 @@ class User
*/
public function isLoggedIn(): bool
{
return isset($_SESSION['user']);
return isset($_SESSION['user']->id) && $_SESSION['user']->id >= 1;
}
/**

View file

@ -115,13 +115,13 @@ class Wish
{
ob_start();
$userCard = new User($ofUser);
$userCard = User::getFromID($ofUser);
$numberFormatter = new \NumberFormatter(
$userCard->locale,
$userCard->getLocale(),
\NumberFormatter::CURRENCY
);
$userIsCurrent = isset($_SESSION['user']['id']) && intval($_SESSION['user']['id']) === $userCard->id;
$userIsCurrent = isset($_SESSION['user']->id) && $_SESSION['user']->id === $userCard->id;
/**
* Card

View file

@ -8,8 +8,7 @@
function getWishlistNameSuggestion(): string
{
global $user;
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$now = time();
$month = date('n');
$name = '';

View file

@ -6,14 +6,16 @@
* @author Jay Trees <github.jay@grandel.anonaddy.me>
*/
function __(string $text, string $context = null): string
use wishthis\User;
function __(string $text, string $context = null, User $user = null): string
{
global $translations;
if (null === $user) {
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
}
$translation = null;
if ($translations) {
$translation = $translations->find($context, $text);
if (null !== $user->translations) {
$translation = $user->translations->find($context, $text);
if ($translation) {
$translationText = $translation->getTranslation();

View file

@ -6,9 +6,11 @@
* @author Jay Trees <github.jay@grandel.anonaddy.me>
*/
use wishthis\User;
function redirect(string $target)
{
global $user;
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
/**
* Redirect user based on channel setting

View file

@ -1,4 +1,4 @@
<mjml>
<mjml lang="en_GB">
<mj-head>
<mj-attributes>
<mj-all font-family="Raleway, sans-serif"

View file

@ -15,7 +15,7 @@ $page->navigation();
$posts = Blog::getPosts();
if ('en' !== \Locale::getPrimaryLanguage($user->locale)) {
if ('en' !== \Locale::getPrimaryLanguage($_SESSION['user']->getLocale())) {
$page->messages[] = Page::warning(
sprintf(
/** TRANSLATORS: %s: Language, most likely English */
@ -37,7 +37,7 @@ if ('en' !== \Locale::getPrimaryLanguage($user->locale)) {
<?php foreach ($posts as $post) { ?>
<?php
$dateFormatter = new \IntlDateFormatter(
$user->locale,
$_SESSION['user']->getLocale(),
\IntlDateFormatter::MEDIUM,
\IntlDateFormatter::NONE
);

View file

@ -26,7 +26,7 @@ $page->navigation();
<p><?= __('wishthis is a simple, intuitive and modern wishlist platform to create, manage and view your wishes for any kind of occasion.') ?></p>
<div class="ui two column doubling stackable centered grid">
<?php if ($user->isLoggedIn()) { ?>
<?php if ($_SESSION['user']->isLoggedIn()) { ?>
<div class="column">
<a class="ui fluid primary button"
href="<?= Page::PAGE_WISHLISTS ?>"
@ -43,7 +43,7 @@ $page->navigation();
FROM `wishes`
JOIN `wishlists` ON `wishes`.`wishlist` = `wishlists`.`id`
JOIN `users` ON `wishlists`.`user` = `users`.`id`
WHERE `users`.`id` = ' . $user->id . '
WHERE `users`.`id` = ' . $_SESSION['user']->id . '
ORDER BY `wishes`.`edited` DESC
LIMIT 1;'
);

View file

@ -13,18 +13,19 @@ $page = new Page(__FILE__, __('Login as'), 100);
if (isset($_POST['email'])) {
$email = Sanitiser::getEmail($_POST['email']);
$user = $database
$userQuery = $database
->query(
'SELECT *
FROM `users`
WHERE `email` = "' . $email . '";'
)
->fetch();
);
$success = false !== $user;
$success = false !== $userQuery;
if ($success) {
$_SESSION['user'] = $user;
$fields = $userQuery->fetch();
$_SESSION['user'] = new User($fields);
}
}

View file

@ -17,20 +17,28 @@ if (isset($_POST['login'], $_POST['email'], $_POST['password'])) {
$email = Sanitiser::getEmail($_POST['email']);
$password = User::generatePassword($_POST['password']);
$database->query('UPDATE `users`
$database
->query(
'UPDATE `users`
SET `last_login` = NOW()
WHERE `email` = "' . $email . '"
AND `password` = "' . $password . '"
;');
$user = $database->query('SELECT * FROM `users`
WHERE `email` = "' . $email . '"
AND `password` = "' . $password . '";')
->fetch();
AND `password` = "' . $password . '";'
);
$success = false !== $user;
$userQuery = $database
->query(
'SELECT *
FROM `users`
WHERE `email` = "' . $email . '"
AND `password` = "' . $password . '";'
);
$success = false !== $userQuery;
if ($success) {
$_SESSION['user'] = $user;
$fields = $userQuery->fetch();
$_SESSION['user'] = new User($fields);
} else {
$page->messages[] = Page::error(
__('No user could be found with the credentials you provided.'),
@ -39,7 +47,7 @@ if (isset($_POST['login'], $_POST['email'], $_POST['password'])) {
}
}
if (isset($_SESSION['user'])) {
if ($_SESSION['user']->isLoggedIn()) {
if (isset($_SESSION['REDIRECT_URL'])) {
redirect($_SESSION['REDIRECT_URL']);
} else {
@ -51,40 +59,44 @@ if (isset($_SESSION['user'])) {
* Reset
*/
if (isset($_POST['reset'], $_POST['email'])) {
$user = $database
->query('SELECT *
$userQuery = $database
->query(
'SELECT *
FROM `users`
WHERE `email` = "' . Sanitiser::getEmail($_POST['email']) . '";')
->fetch();
WHERE `email` = "' . Sanitiser::getEmail($_POST['email']) . '";'
);
if ($user) {
$user = false !== $userQuery ? new User($userQuery->fetch()) : new User();
if (isset($user->id)) {
$token = sha1(time() . rand(0, 999999));
$validUntil = time() + 3600;
$database
->query('UPDATE `users`
->query(
'UPDATE `users`
SET `password_reset_token` = "' . $token . '",
`password_reset_valid_until` = "' . date('Y-m-d H:i:s', $validUntil) . '"
WHERE `id` = ' . $user['id'] . '
;');
WHERE `id` = ' . $user->id . ';'
);
$emailReset = new Email($user['email'], __('Password reset link'), 'default', 'password-reset');
$emailReset->setPlaceholder('TEXT_HELLO', __('Hello,'));
$emailReset = new Email($_POST['email'], __('Password reset link', null, $user), 'default', 'password-reset');
$emailReset->setPlaceholder('TEXT_HELLO', __('Hello,', null, $user));
$emailReset->setPlaceholder(
'TEXT_PASSWORD_RESET',
sprintf(
/** TRANSLATORS: %s: The wishthis domain */
__('somebody has requested a password reset for this email address from %s. If this was you, click the button below to invalidate your current password and set a new one.'),
__('somebody has requested a password reset for this email address from %s. If this was you, click the button below to invalidate your current password and set a new one.', null, $user),
'<mj-raw><a href="https://wishthis.online">wishthis.online</a></mj-raw>'
)
);
$emailReset->setPlaceholder('TEXT_SET_NEW_PASSWORD', __('Set new password'));
$emailReset->setPlaceholder('TEXT_SET_NEW_PASSWORD', __('Set new password', null, $user));
$emailReset->setPlaceholder('wishthis.online', $_SERVER['HTTP_HOST']);
$emailReset->setPlaceholder(
'password-reset-link',
$_SERVER['REQUEST_SCHEME'] . '://' .
$_SERVER['HTTP_HOST'] .
Page::PAGE_REGISTER . '&password-reset=' . $user['email'] . '&token=' . $token
Page::PAGE_REGISTER . '&password-reset=' . $user->email . '&token=' . $token
);
$emailReset->send();

View file

@ -20,7 +20,7 @@ $page->navigation();
<div class="ui segment">
<h2 class="ui header"><?= __('Restricted access') ?></h2>
<p><?= sprintf(__('You do not have enough power to view this page. You need %s to see this page, but only have %s.'), '<strong>' . $_GET['required'] . '</strong>', '<strong>' . $user->power . '</strong>') ?></p>
<p><?= sprintf(__('You do not have enough power to view this page. You need %s to see this page, but only have %s.'), '<strong>' . $_GET['required'] . '</strong>', '<strong>' . $_SESSION['user']->power . '</strong>') ?></p>
</div>
</div>
</main>

View file

@ -42,10 +42,10 @@ if (isset($_POST['user-id'], $_POST['section'])) {
$loginRequired = false;
foreach ($formFieldsString as $field) {
if (!empty($_POST[$field['key']]) && $_POST[$field['key']] !== $user->{$field['column']}) {
if (!empty($_POST[$field['key']]) && $_POST[$field['key']] !== $_SESSION['user']->{$field['column']}) {
$set[] = '`' . $field['column'] . '` = "' . $_POST[$field['key']] . '"';
$user->{$field['column']} = $_POST[$field['key']];
$_SESSION['user']->{$field['column']} = $_POST[$field['key']];
$page->messages[] = Page::success(
sprintf(
@ -57,7 +57,7 @@ if (isset($_POST['user-id'], $_POST['section'])) {
}
}
if (!empty($_POST['user-email']) && $_POST['user-email'] !== $user->email) {
if (!empty($_POST['user-email']) && $_POST['user-email'] !== $_SESSION['user']->email) {
$loginRequired = true;
}
@ -66,13 +66,13 @@ if (isset($_POST['user-id'], $_POST['section'])) {
*/
if (isset($_POST['user-birthdate'])) {
if (empty($_POST['user-birthdate'])) {
$user->birthdate = null;
$_SESSION['user']->birthdate = null;
$set[] = '`birthdate` = NULL';
} else {
$user->birthdate = date('Y-m-d', strtotime($_POST['user-birthdate']));
$_SESSION['user']->birthdate = date('Y-m-d', strtotime($_POST['user-birthdate']));
$set[] = '`birthdate` = "' . $user->birthdate . '"';
$set[] = '`birthdate` = "' . $_SESSION['user']->birthdate . '"';
}
}
@ -92,15 +92,15 @@ if (isset($_POST['user-id'], $_POST['section'])) {
/**
* Preferences
*/
if (isset($_POST['user-channel']) && $_POST['user-channel'] !== $user->channel) {
if (isset($_POST['user-channel']) && $_POST['user-channel'] !== $_SESSION['user']->channel) {
if (empty($_POST['user-channel'])) {
$user->channel = null;
$_SESSION['user']->channel = null;
$set[] = '`channel` = NULL';
} else {
$user->channel = $_POST['user-channel'];
$_SESSION['user']->channel = $_POST['user-channel'];
$set[] = '`channel` = "' . $user->channel . '"';
$set[] = '`channel` = "' . $_SESSION['user']->channel . '"';
}
}
@ -156,26 +156,26 @@ $page->navigation();
<div class="ui segment">
<form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $user->id ?>" />
<input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="section" value="personal" />
<div class="three fields">
<div class="field">
<label><?= __('First name') ?></label>
<input type="text" name="user-name-first" value="<?= $user->name_first ?>" />
<input type="text" name="user-name-first" value="<?= $_SESSION['user']->name_first ?>" />
</div>
<div class="field">
<label><?= __('Last name') ?></label>
<input type="text" name="user-name-last" value="<?= $user->name_last ?>" />
<input type="text" name="user-name-last" value="<?= $_SESSION['user']->name_last ?>" />
</div>
<div class="field">
<label><?= __('Nickname') ?></label>
<input type="text" name="user-name-nick" value="<?= $user->name_nick ?>" />
<input type="text" name="user-name-nick" value="<?= $_SESSION['user']->name_nick ?>" />
</div>
</div>
@ -183,7 +183,7 @@ $page->navigation();
<div class="field">
<label><?= __('Email') ?></label>
<input type="email" name="user-email" value="<?= $user->email ?>" />
<input type="email" name="user-email" value="<?= $_SESSION['user']->email ?>" />
</div>
<div class="field">
@ -195,7 +195,7 @@ $page->navigation();
<input type="text"
name="user-birthdate"
placeholder="<?= __('Pick a date') ?>"
value="<?= $user->birthdate ?>"
value="<?= $_SESSION['user']->birthdate ?>"
/>
</div>
</div>
@ -219,7 +219,7 @@ $page->navigation();
<div class="ui segment">
<form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $user->id ?>" />
<input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="section" value="password" />
<div class="two fields">
@ -282,7 +282,7 @@ $page->navigation();
<div class="ui segment">
<form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $user->id ?>" />
<input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="section" value="preferences" />
<div class="two fields">
@ -291,15 +291,15 @@ $page->navigation();
<select class="ui search dropdown locale" name="user-locale">
<?php if (!in_array('en_GB', $locales)) { ?>
<option value="<?= 'en_GB' ?>"><?= \Locale::getDisplayName('en_GB', $user->locale) ?></option>
<option value="<?= 'en_GB' ?>"><?= \Locale::getDisplayName('en_GB', $_SESSION['user']->getLocale()) ?></option>
<?php } ?>
<?php foreach ($locales as $locale) { ?>
<?php if (\Locale::getRegion($locale)) { ?>
<?php if ($locale === $user->locale) { ?>
<option value="<?= $locale ?>" selected><?= \Locale::getDisplayName($locale, $user->locale) ?></option>
<?php if ($locale === $_SESSION['user']->getLocale()) { ?>
<option value="<?= $locale ?>" selected><?= \Locale::getDisplayName($locale, $_SESSION['user']->getLocale()) ?></option>
<?php } else { ?>
<option value="<?= $locale ?>"><?= \Locale::getDisplayName($locale, $user->locale) ?></option>
<option value="<?= $locale ?>"><?= \Locale::getDisplayName($locale, $_SESSION['user']->getLocale()) ?></option>
<?php } ?>
<?php } ?>
<?php } ?>
@ -318,7 +318,7 @@ $page->navigation();
<option value=""><?= __('Select channel') ?></option>
<?php foreach (CHANNELS as $channel) { ?>
<?php if ($channel['branch'] === $user->channel) { ?>
<?php if ($channel['branch'] === $_SESSION['user']->channel) { ?>
<option value="<?= $channel['branch'] ?>" selected><?= $channel['label'] ?></option>
<?php } else { ?>
<option value="<?= $channel['branch'] ?>"><?= $channel['label'] ?></option>

View file

@ -64,23 +64,24 @@ if (isset($_POST['email'], $_POST['password']) && !empty($_POST['planet'])) {
/**
* Password reset
*/
$user = $database
$userQuery = $database
->query(
'SELECT * FROM `users`
WHERE `email` = "' . $user_email . '"
AND `password_reset_token` = "' . $user_token . '";'
)
->fetch();
);
if (false !== $user) {
if (time() > $user['password_reset_valid_until']) {
if (false !== $userQuery) {
$user = new User($userQuery->fetch());
if (time() > $user->password_reset_valid_until) {
$database
->query(
'UPDATE `users`
SET `password` = "' . User::generatePassword($_POST['password']) . '",
`password_reset_token` = NULL,
`password_reset_valid_until` = NULL
WHERE `id` = ' . $user['id'] . ';'
WHERE `id` = ' . $user->id . ';'
);
$page->messages[] = Page::success(

View file

@ -10,6 +10,7 @@ namespace wishthis;
$wishlist = new Wishlist($_GET['hash']);
$page = new Page(__FILE__, $wishlist->getTitle());
$wishlist_user = User::getFromID($wishlist->user);
if (!$wishlist->exists) {
$page->errorDocument(404, $wishlist);
@ -27,7 +28,7 @@ $page->navigation();
<div class="ui stackable grid">
<div class="column">
<?php if ($user->isLoggedIn() && $user->id !== intval($wishlist->user)) { ?>
<?php if ($_SESSION['user']->isLoggedIn() && $_SESSION['user']->id !== $wishlist->user) { ?>
<button class="ui white small basic labeled icon button save disabled loading">
<i class="heart icon"></i>
<span><?= __('Remember list') ?></span>
@ -41,7 +42,7 @@ $page->navigation();
/**
* Warn the wishlist creator
*/
if ($user->isLoggedIn() && $user->id === intval($wishlist->user) && !empty($wishlist->wishes)) { ?>
if ($_SESSION['user']->isLoggedIn() && $_SESSION['user']->id === $wishlist->user && !empty($wishlist->wishes)) { ?>
<div class="ui icon warning message wishlist-own">
<i class="exclamation triangle icon"></i>
<div class="content">
@ -87,7 +88,7 @@ $page->navigation();
</div>
<div class="ui basic center aligned segment">
<button class="ui primary button wishlist-request-wishes">
<button class="ui primary button wishlist-request-wishes" data-locale="<?= $wishlist_user->getLocale() ?>">
<?= __('Request more wishes') ?>
</button>
</div>

View file

@ -13,7 +13,7 @@ $page->header();
$page->bodyStart();
$page->navigation();
$wishlists = $user->getSavedWishlists();
$wishlists = $_SESSION['user']->getSavedWishlists();
?>
<main>
<div class="ui container">
@ -24,7 +24,7 @@ $wishlists = $user->getSavedWishlists();
<?php foreach ($wishlists as $wishlist_saved) { ?>
<?php
$wishlist = new Wishlist($wishlist_saved['wishlist']);
$wishlist_user = new User($wishlist_saved['user']);
$wishlist_user = User::getFromID($wishlist_saved['user']);
$wishlist_href = Page::PAGE_WISHLIST . '&hash=' . $wishlist->hash;
?>
<div class="column">