1 package NDWeb::Controller::Settings;
6 use parent 'Catalyst::Controller';
10 use DateTime::TimeZone;
16 NDWeb::Controller::Settings - Catalyst Controller
31 sub index :Path :Args(0) {
32 my ( $self, $c ) = @_;
35 $c->stash(error => $c->flash->{error});
37 my @stylesheets = ('Default');
38 my $dir = $c->path_to('root/static/css/black.css')->dir;
39 while (my $file = $dir->next){
40 if(!$file->is_dir && $file->basename =~ m{^(\w+)\.css$}){
44 $c->stash(stylesheets => \@stylesheets);
46 my ($birthday,$timezone,$email,$discord_id) = $dbh->selectrow_array(q{
47 SELECT birthday,timezone,email,discord_id FROM users WHERE uid = $1
48 },undef,$c->user->id);
49 $c->stash(birthday => $birthday);
50 $c->stash(email => $c->flash->{email} // $email);
51 $c->stash(discord_id => $c->flash->{discord_id} // $discord_id);
53 my @timezone = split m{/},$timezone,2;
54 $c->stash(timezone => \@timezone);
56 my @cat = DateTime::TimeZone->categories;
58 $c->stash(tzcategories => \@cat);
60 my @countries = DateTime::TimeZone->names_in_category($timezone[0]);
61 $c->stash(tzcountries => \@countries);
64 sub changeStylesheet : Local {
65 my ( $self, $c ) = @_;
68 my $query = $dbh->prepare(q{UPDATE users SET css = NULLIF($2,'Default')
71 $query->execute($c->user->id,html_escape $c->req->param('stylesheet'));
73 $c->res->redirect($c->uri_for(''));
76 sub changeBirthday : Local {
77 my ( $self, $c ) = @_;
80 my $query = $dbh->prepare(q{UPDATE users SET birthday = NULLIF($2,'')::date
84 $query->execute($c->user->id,html_escape $c->req->param('birthday'));
87 if ($@ =~ /invalid input syntax for type date/){
88 $c->flash(error => 'Bad syntax for day, use YYYY-MM-DD.');
90 $c->flash(error => $@);
93 $c->res->redirect($c->uri_for(''));
96 sub changeTimezone : Local {
97 my ( $self, $c ) = @_;
100 my $timezone = $c->req->param('timezone');
101 my $query = $dbh->prepare(q{UPDATE users SET timezone = $2 WHERE uid = $1});
103 $dbh->selectrow_array(q{SELECT NOW() AT TIME ZONE $1},undef,$timezone);
104 $query->execute($c->user->id,$timezone );
107 $c->flash(error => $@);
109 $c->res->redirect($c->uri_for(''));
112 sub changePassword : Local {
113 my ( $self, $c ) = @_;
116 if (length $c->req->param('pass') < 4) {
117 $c->flash(error => "Your password need to be at least 4 characters");
119 my $query = $dbh->prepare(q{UPDATE users SET password = $1
120 WHERE password = crypt($2,password) AND uid = $3
122 $query->execute($c->req->param('pass'),$c->req->param('oldpass'),$c->user->id);
124 $c->flash(error => "Old password was invalid") unless $query->rows;
127 $c->res->redirect($c->uri_for(''));
130 sub changeEmail : Local {
131 my ( $self, $c ) = @_;
134 my $email = $c->req->param('email');
136 if ($email =~ /^s?$/) {
137 my $update = $dbh->prepare(q{
138 UPDATE users SET email = NULL WHERE uid = $1;
140 $update->execute($c->user->id);
141 $c->flash(error => 'email cleared');
142 $c->res->redirect($c->uri_for(''));
146 unless (Email::Valid->address($email)){
147 $c->flash(email => $email);
148 $c->flash(error => 'Invalid email address');
149 $c->res->redirect($c->uri_for(''));
154 my $insert = $dbh->prepare(q{
155 INSERT INTO email_change (uid,email) VALUES ($1,$2) RETURNING id;
157 $insert->execute($c->user->id,$email);
159 my ($id) = $insert->fetchrow_array;
164 From => 'NewDawn Command <nd@ruin.nu>',
165 'Content-type' => 'text/plain; charset="UTF-8"',
166 Subject => 'Change email address',
168 You have requested to change email address on the NewDawn website.
169 If that is not the case, then feel free to ignore this email. Otherwise
170 use the following url to confirm the change:
172 }.$c->uri_for('confirmEmail',$id)."\n",
175 if (sendmail %mail) {
176 $c->flash(error => 'Sent mail for confirmation.');
178 $c->flash(error => $Mail::Sendmail::error);
182 if($@ =~ /duplicate key value violates unique constraint/){
183 $c->flash(email => $email);
184 $c->flash(error => 'Something went wrong, try to set the email again');
189 $c->res->redirect($c->uri_for(''));
192 sub changeDiscordId : Local {
193 my ( $self, $c ) = @_;
196 my $discord_id = $c->req->param('discord_id');
198 if ($discord_id =~ /^\s*$/) {
199 my $update = $dbh->prepare(q{
200 UPDATE users SET discord_id = NULL WHERE uid = $1;
202 $update->execute($c->user->id);
203 $c->flash(error => 'discord id cleared');
204 $c->res->redirect($c->uri_for(''));
209 my $update = $dbh->prepare(q{
210 UPDATE users SET discord_id = $2 WHERE uid = $1;
212 $update->execute($c->user->id,$discord_id);
215 if($@ =~ /duplicate key value violates unique constraint/){
216 $c->flash(discord_id => $discord_id);
217 $c->flash(error => 'Someone else is using this discord id, duplicate account?');
222 $c->res->redirect($c->uri_for(''));
225 sub confirmEmail : Local {
226 my ( $self, $c, $id ) = @_;
230 my $query = $dbh->prepare(q{
231 UPDATE email_change SET confirmed = TRUE
232 WHERE uid = $1 AND id = $2 AND NOT confirmed
235 $query->execute($c->user->id,$id);
236 my ($email) = $query->fetchrow_array;
239 $dbh->do(q{UPDATE users SET email = $2 WHERE uid = $1}
240 ,undef,$c->user->id,$email);
241 $c->flash(error => "Email updated.");
243 $c->flash(error => "$id is not a valid change id for your account, or already confirmed");
246 $c->res->redirect($c->uri_for(''));
252 Michael Andreen (harv@ruin.nu)