1 package NDWeb::Controller::Settings;
6 use parent 'Catalyst::Controller';
10 use DateTime::TimeZone;
16 NDWeb::Controller::Settings - Catalyst Controller
31 sub index :Path :Args(0) {
32 my ( $self, $c ) = @_;
35 $c->stash(error => $c->flash->{error});
37 my @stylesheets = ('Default');
38 my $dir = $c->path_to('root/static/css/black.css')->dir;
39 while (my $file = $dir->next){
40 if(!$file->is_dir && $file->basename =~ m{^(\w+)\.css$}){
44 $c->stash(stylesheets => \@stylesheets);
46 my ($birthday,$timezone,$email,$discord_id) = $dbh->selectrow_array(q{
47 SELECT birthday,timezone,email,discord_id FROM users WHERE uid = $1
48 },undef,$c->user->id);
49 $c->stash(birthday => $birthday);
50 $c->stash(email => $c->flash->{email} // $email);
51 $c->stash(discord_id => $c->flash->{discord_id} // $discord_id);
53 my @timezone = split m{/},$timezone,2;
54 $c->stash(timezone => \@timezone);
56 my @cat = DateTime::TimeZone->categories;
58 $c->stash(tzcategories => \@cat);
60 my @countries = DateTime::TimeZone->names_in_category($timezone[0]);
61 $c->stash(tzcountries => \@countries);
64 sub changeStylesheet : Local {
65 my ( $self, $c ) = @_;
68 my $query = $dbh->prepare(q{UPDATE users SET css = NULLIF($2,'Default')
71 my $css = html_escape $c->req->param('stylesheet');
72 $query->execute($c->user->id,$css);
74 $c->res->redirect($c->uri_for(''));
77 sub changeBirthday : Local {
78 my ( $self, $c ) = @_;
81 my $query = $dbh->prepare(q{UPDATE users SET birthday = NULLIF($2,'')::date
85 my $birthday = html_escape $c->req->param('birthday');
86 $query->execute($c->user->id,$birthday);
89 if ($@ =~ /invalid input syntax for type date/){
90 $c->flash(error => 'Bad syntax for day, use YYYY-MM-DD.');
92 $c->flash(error => $@);
95 $c->res->redirect($c->uri_for(''));
98 sub changeTimezone : Local {
99 my ( $self, $c ) = @_;
102 my $timezone = $c->req->param('timezone');
103 my $query = $dbh->prepare(q{UPDATE users SET timezone = $2 WHERE uid = $1});
105 $dbh->selectrow_array(q{SELECT NOW() AT TIME ZONE $1},undef,$timezone);
106 $query->execute($c->user->id,$timezone );
109 $c->flash(error => $@);
111 $c->res->redirect($c->uri_for(''));
114 sub changePassword : Local {
115 my ( $self, $c ) = @_;
118 my $pass = $c->req->param('pass');
119 if (length $pass < 4) {
120 $c->flash(error => "Your password need to be at least 4 characters");
122 my $query = $dbh->prepare(q{UPDATE users SET password = $1
123 WHERE password = crypt($2,password) AND uid = $3
125 my $oldpass = $c->req->param('oldpass');
126 $query->execute($pass,$oldpass,$c->user->id);
128 $c->flash(error => "Old password was invalid") unless $query->rows;
131 $c->res->redirect($c->uri_for(''));
134 sub changeEmail : Local {
135 my ( $self, $c ) = @_;
138 my $email = $c->req->param('email');
140 if ($email =~ /^\s*$/) {
141 my $update = $dbh->prepare(q{
142 UPDATE users SET email = NULL WHERE uid = $1;
144 $update->execute($c->user->id);
145 $c->flash(error => 'email cleared');
146 $c->res->redirect($c->uri_for(''));
150 unless (Email::Valid->address($email)){
151 $c->flash(email => $email);
152 $c->flash(error => 'Invalid email address');
153 $c->res->redirect($c->uri_for(''));
158 my $insert = $dbh->prepare(q{
159 INSERT INTO email_change (uid,email) VALUES ($1,$2) RETURNING id;
161 $insert->execute($c->user->id,$email);
163 my ($id) = $insert->fetchrow_array;
168 From => 'NewDawn Command <nd@ruin.nu>',
169 'Content-type' => 'text/plain; charset="UTF-8"',
170 Subject => 'Change email address',
172 You have requested to change email address on the NewDawn website.
173 If that is not the case, then feel free to ignore this email. Otherwise
174 use the following url to confirm the change:
176 }.$c->uri_for('confirmEmail',$id)."\n",
179 if (sendmail %mail) {
180 $c->flash(error => 'Sent mail for confirmation.');
182 $c->flash(error => $Mail::Sendmail::error);
186 if($@ =~ /duplicate key value violates unique constraint/){
187 $c->flash(email => $email);
188 $c->flash(error => 'Something went wrong, try to set the email again');
193 $c->res->redirect($c->uri_for(''));
196 sub changeDiscordId : Local {
197 my ( $self, $c ) = @_;
200 my $discord_id = $c->req->param('discord_id');
202 if ($discord_id =~ /^\s*$/) {
203 my $update = $dbh->prepare(q{
204 UPDATE users SET discord_id = NULL WHERE uid = $1;
206 $update->execute($c->user->id);
207 $c->flash(error => 'discord id cleared');
208 $c->res->redirect($c->uri_for(''));
213 my $update = $dbh->prepare(q{
214 UPDATE users SET discord_id = $2 WHERE uid = $1;
216 $update->execute($c->user->id,$discord_id);
219 if($@ =~ /duplicate key value violates unique constraint/){
220 $c->flash(discord_id => $discord_id);
221 $c->flash(error => 'Someone else is using this discord id, duplicate account?');
226 $c->res->redirect($c->uri_for(''));
229 sub confirmEmail : Local {
230 my ( $self, $c, $id ) = @_;
234 my $query = $dbh->prepare(q{
235 UPDATE email_change SET confirmed = TRUE
236 WHERE uid = $1 AND id = $2 AND NOT confirmed
239 $query->execute($c->user->id,$id);
240 my ($email) = $query->fetchrow_array;
243 $dbh->do(q{UPDATE users SET email = $2 WHERE uid = $1}
244 ,undef,$c->user->id,$email);
245 $c->flash(error => "Email updated.");
247 $c->flash(error => "$id is not a valid change id for your account, or already confirmed");
250 $c->res->redirect($c->uri_for(''));
256 Michael Andreen (harv@ruin.nu)