1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
<?php
/*
Copyright (c) 2001 - 2007 Ampache.org
All rights reserved.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
require 'lib/init.php';
/* Scrub in the needed mojo */
if (!$_REQUEST['tab']) { $_REQUEST['tab'] = 'interface'; }
// Switch on the action
switch($_REQUEST['action']) {
case 'update_preferences':
if (($_REQUEST['method'] == 'admin' OR $_REQUEST['method'] == 'user') && !$GLOBALS['user']->has_access('100')) {
access_denied();
exit;
}
/* Reset the Theme */
if ($_REQUEST['method'] == 'admin') {
$user_id = '-1';
$fullname = _('Server');
}
elseif ($_REQUEST['method'] == 'user') {
$user_id = $_REQUEST['user_id'];
$client = new User($user_id);
$fullname = $client->fullname;
}
else {
$user_id = $GLOBALS['user']->id;
$fullname = $GLOBALS['user']->fullname;
}
/* Update and reset preferences */
update_preferences($user_id);
init_preferences();
$preferences = $GLOBALS['user']->get_preferences($user_id,$_REQUEST['tab']);
break;
case 'admin':
// Make sure only admins here
if (!$GLOBALS['user']->has_access('100')) {
access_denied();
exit;
}
$fullname= _('Server');
$preferences = $GLOBALS['user']->get_preferences(-1,$_REQUEST['tab']);
break;
case 'user':
if (!$GLOBALS['user']->has_access('100')) {
access_denied();
exit;
}
$client = new User($_REQUEST['user_id']);
$fullname = $client->fullname;
$preferences = $client->get_preferences(0,$_REQUEST['tab']);
break;
case 'update_user':
// Make sure we're a user and they came from the form
if (!$GLOBALS['user']->has_access('25') || $_POST['form_string'] != $_SESSION['forms']['account']) {
access_denied();
exit;
}
// Remove the value
unset($_SESSION['forms']['account']);
// Don't let them change access, or username here
unset($_POST['access']);
$_POST['username'] = $GLOBALS['user']->username;
if (!$GLOBALS['user']->update($_POST)) {
Error::add('general',_('Error Update Failed'));
}
else {
$_REQUEST['action'] = 'confirm';
$title = _('Updated');
$text = _('Your Account has been updated');
$next_url = Config::get('web_path') . '/preferences.php?tab=account';
}
break;
default:
$fullname = $GLOBALS['user']->fullname;
$preferences = $GLOBALS['user']->get_preferences(0,$_REQUEST['tab']);
break;
} // End Switch Action
show_header();
/**
* switch on the view
*/
switch ($_REQUEST['action']) {
case 'confirm':
show_confirmation($title,$text,$next_url,$cancel);
break;
default:
// Show the default preferences page
require Config::get('prefix') . '/templates/show_preferences.inc.php';
break;
} // end switch on action
show_footer();
?>
|
