X-Git-Url: https://ruin.nu/git/?a=blobdiff_plain;f=lib%2FNDWeb%2FController%2FSettings.pm;h=16358444618efe089b44f12be74ee43e7ce8edbf;hb=27a84187a27390a65531888c0068a11f69f6d2cf;hp=9277c7fadc2d2519cc82465981d165693907642b;hpb=15e271f8e65bfc35d311f9b9cad581e3a1c70def;p=ndwebbie.git diff --git a/lib/NDWeb/Controller/Settings.pm b/lib/NDWeb/Controller/Settings.pm index 9277c7f..1635844 100644 --- a/lib/NDWeb/Controller/Settings.pm +++ b/lib/NDWeb/Controller/Settings.pm @@ -2,10 +2,15 @@ package NDWeb::Controller::Settings; use strict; use warnings; +use feature ":5.10"; use parent 'Catalyst::Controller'; use NDWeb::Include; +use DateTime::TimeZone; +use Mail::Sendmail; +use Email::Valid; + =head1 NAME NDWeb::Controller::Settings - Catalyst Controller @@ -37,10 +42,23 @@ sub index :Path :Args(0) { } } $c->stash(stylesheets => \@stylesheets); - $c->stash(birthday => $dbh->selectrow_array(q{ - SELECT birthday FROM users WHERE uid = $1 - },undef,$c->user->id) - ); + + my ($birthday,$timezone,$email,$discord_id) = $dbh->selectrow_array(q{ +SELECT birthday,timezone,email,discord_id FROM users WHERE uid = $1 + },undef,$c->user->id); + $c->stash(birthday => $birthday); + $c->stash(email => $c->flash->{email} // $email); + $c->stash(discord_id => $c->flash->{discord_id} // $discord_id); + + my @timezone = split m{/},$timezone,2; + $c->stash(timezone => \@timezone); + + my @cat = DateTime::TimeZone->categories; + unshift @cat, 'GMT'; + $c->stash(tzcategories => \@cat); + + my @countries = DateTime::TimeZone->names_in_category($timezone[0]); + $c->stash(tzcountries => \@countries); } sub changeStylesheet : Local { @@ -75,16 +93,156 @@ sub changeBirthday : Local { $c->res->redirect($c->uri_for('')); } +sub changeTimezone : Local { + my ( $self, $c ) = @_; + my $dbh = $c->model; + + my $timezone = $c->req->param('timezone'); + my $query = $dbh->prepare(q{UPDATE users SET timezone = $2 WHERE uid = $1}); + eval{ + $dbh->selectrow_array(q{SELECT NOW() AT TIME ZONE $1},undef,$timezone); + $query->execute($c->user->id,$timezone ); + }; + if ($@){ + $c->flash(error => $@); + } + $c->res->redirect($c->uri_for('')); +} sub changePassword : Local { my ( $self, $c ) = @_; my $dbh = $c->model; - my $query = $dbh->prepare(q{UPDATE users SET password = MD5($1) - WHERE password = MD5($2) AND uid = $3 + if (length $c->req->param('pass') < 4) { + $c->flash(error => "Your password need to be at least 4 characters"); + } else { + my $query = $dbh->prepare(q{UPDATE users SET password = $1 + WHERE password = crypt($2,password) AND uid = $3 }); - $query->execute($c->req->param('pass'),$c->req->param('oldpass'),$c->user->id); + $query->execute($c->req->param('pass'),$c->req->param('oldpass'),$c->user->id); + + $c->flash(error => "Old password was invalid") unless $query->rows; + } + + $c->res->redirect($c->uri_for('')); +} + +sub changeEmail : Local { + my ( $self, $c ) = @_; + my $dbh = $c->model; + + my $email = $c->req->param('email'); + + if ($email =~ /^s?$/) { + my $update = $dbh->prepare(q{ +UPDATE users SET email = NULL WHERE uid = $1; + }); + $update->execute($c->user->id); + $c->flash(error => 'email cleared'); + $c->res->redirect($c->uri_for('')); + return, + } + + unless (Email::Valid->address($email)){ + $c->flash(email => $email); + $c->flash(error => 'Invalid email address'); + $c->res->redirect($c->uri_for('')); + return, + } + + eval{ + my $insert = $dbh->prepare(q{ +INSERT INTO email_change (uid,email) VALUES ($1,$2) RETURNING id; + }); + $insert->execute($c->user->id,$email); + + my ($id) = $insert->fetchrow_array; + my %mail = ( + smtp => 'localhost', + To => $email, + From => 'NewDawn Command ', + 'Content-type' => 'text/plain; charset="UTF-8"', + Subject => 'Change email address', + Message => qq{ +You have requested to change email address on the NewDawn website. +If that is not the case, then feel free to ignore this email. Otherwise +use the following url to confirm the change: + +}.$c->uri_for('confirmEmail',$id)."\n", + ); + + if (sendmail %mail) { + $c->flash(error => 'Sent mail for confirmation.'); + }else { + $c->flash(error => $Mail::Sendmail::error); + } + }; + if($@){ + if($@ =~ /duplicate key value violates unique constraint/){ + $c->flash(email => $email); + $c->flash(error => 'Something went wrong, try to set the email again'); + }else{ + die $@; + } + } + $c->res->redirect($c->uri_for('')); +} + +sub changeDiscordId : Local { + my ( $self, $c ) = @_; + my $dbh = $c->model; + + my $discord_id = $c->req->param('discord_id'); + + if ($discord_id =~ /^\s*$/) { + my $update = $dbh->prepare(q{ +UPDATE users SET discord_id = NULL WHERE uid = $1; + }); + $update->execute($c->user->id); + $c->flash(error => 'discord id cleared'); + $c->res->redirect($c->uri_for('')); + return, + } + + eval{ + my $update = $dbh->prepare(q{ +UPDATE users SET discord_id = $2 WHERE uid = $1; + }); + $update->execute($c->user->id,$discord_id); + }; + if($@){ + if($@ =~ /duplicate key value violates unique constraint/){ + $c->flash(discord_id => $discord_id); + $c->flash(error => 'Someone else is using this discord id, duplicate account?'); + }else{ + die $@; + } + } + $c->res->redirect($c->uri_for('')); +} + +sub confirmEmail : Local { + my ( $self, $c, $id ) = @_; + my $dbh = $c->model; + + $dbh->begin_work; + my $query = $dbh->prepare(q{ +UPDATE email_change SET confirmed = TRUE +WHERE uid = $1 AND id = $2 AND NOT confirmed +RETURNING email + }); + $query->execute($c->user->id,$id); + my ($email) = $query->fetchrow_array; + + if ($email){ + $dbh->do(q{UPDATE users SET email = $2 WHERE uid = $1} + ,undef,$c->user->id,$email); + $c->flash(error => "Email updated."); + }else{ + $c->flash(error => "$id is not a valid change id for your account, or already confirmed"); + } + $dbh->commit; $c->res->redirect($c->uri_for('')); }