From e37bdfa8d7720bbf2ba5245e32f8f57df50c17f2 Mon Sep 17 00:00:00 2001
From: Imran Hussain <imranh@sucs.org>
Date: Sun, 30 Mar 2014 13:06:01 +0000
Subject: [PATCH] Reverted back to 575

---
 components/options.php | 83 ++++++++++++++++++++++++++++++++++++------
 1 file changed, 71 insertions(+), 12 deletions(-)

diff --git a/components/options.php b/components/options.php
index c999164..b21ebb3 100644
--- a/components/options.php
+++ b/components/options.php
@@ -26,12 +26,7 @@ function changePassword ($oldpass, $newpass1, $newpass2) {
 		trigger_error("New passwords do not match", E_USER_WARNING);
 		return FALSE;
 	}
-/*
-	if (!strongPassword($newpass1)) {
-		trigger_error("New password is too weak.", E_USER_WARNING);
-		return FALSE;
-	}
-*/
+
 	$reason = weakPassword($newpass1);
 	if ($reason !== FALSE) {
 		trigger_error("New password is weak: $reason", E_USER_WARNING);
@@ -141,7 +136,7 @@ function clearHackergotchi() {
 	global $session;
 	$imagefilepath = hackergotchiPath($session->username);
 
-	if (unlink(realpath($imagefilepath))) {
+	if (unlink($imagefilepath)) {
 		return true;
 	} else { 
 		trigger_error("Unable to remove hackergotchi file", E_USER_ERROR);
@@ -159,8 +154,15 @@ function hackergotchiPath($username) {
 // Takes an entry from $_FILES and makes this the new hackergotchi
 function updateHackergotchi($fileDetails) {
 	global $session;
-	if ( ((list($width, $height, $type, $attr) = @getimagesize($fileDetails['tmp_name'])) !== false) && 
-	     ($type == IMAGETYPE_PNG) && ($width <= 128) && ($height <= 128)) {
+	if ( ((list($width, $height, $type, $attr) = @getimagesize($fileDetails['tmp_name'])) !== false)) { 
+	    
+		if ($type != IMAGETYPE_PNG) {
+			trigger_error("Uploaded hackergotchi is not in PNG format. Please convert your image to PNG and try again.", E_USER_ERROR);
+			return FALSE;
+		} else if (($width > 128) || ($height > 128)) {
+			trigger_error("Uploaded hackergotchi is too large. Hackergotchis must be 128x128 pixels or smaller.", E_USER_ERROR);
+			return FALSE;
+		}
 
 		$imagefilepath = hackergotchiPath($session->username);
 
@@ -168,12 +170,40 @@ function updateHackergotchi($fileDetails) {
 		if( move_uploaded_file($fileDetails['tmp_name'], $imagefilepath) && chmod($imagefilepath, 0644) ) {
 			return TRUE;
 		}
-	}
+	} 
 	// We should have returned True by now
 	trigger_error("There was an error updating your hackergotchi. Please contact admin.", E_USER_ERROR);
 	return FALSE;
 }
 
+function changeBlogFeed($type, $feed, $syndicate) {
+	global $sucsDB, $session, $smarty;
+	if ($type == "sucs") {
+		$feed="http://sucs.org/blog/feed/atom/".$session->username;
+	}
+	
+	if ($syndicate=="on") {
+		$syndicate = "t";
+	} else {
+		$syndicate = "f";
+	}
+
+	// try to read up to 100KB of the provided feed uri
+	if (@file_get_contents($feed,FALSE,null,0,100000) == FALSE) {
+		trigger_error("Unable to read from provided blog feed URL", E_USER_WARNING);
+		return FALSE;
+	}
+
+	if ($sucsDB->Execute("UPDATE members SET blogfeed=?,syndicateblog=? WHERE username=?", 
+		array($feed, $syndicate, $session->username)) == FALSE) {
+		return FALSE;
+		}	
+
+
+	include("planetconfig.php"); 
+	return TRUE;
+}
+
 function updateRenew() {
 	global $sucsDB, $session, $error;
 	global $paydate;
@@ -212,8 +242,9 @@ $smarty->assign('session', $session);
 if ($session->loggedin === TRUE) {
 
 	$sucsDB = NewADOConnection('postgres8');
-	$sucsDB->Connect('dbname='.$sucsdbname);
+	$sucsDB->Connect('dbname='.$sucsdbname.' user=apache');
 	$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
+//	$sucsDB->debug = true;
 	
 	$newGuestNetMAC = getGuestNetMAC();
 
@@ -248,6 +279,13 @@ if ($session->loggedin === TRUE) {
 					message_flash('Hackergotchi Cleared');
 				}
 				break;
+			case 'changeblogfeed' :
+				if (changeBlogFeed($_POST['blogtype'], $_POST['bloguri'], $_POST['syndicateblog'])){
+					message_flash("Blog Feed Updated");
+				} else {
+					trigger_error("Blog Feed has not been updated", E_USER_NOTICE);
+				}
+				break;
 			case 'renew' :
 				if (updateRenew()) {
 					message_flash('Account renewed');
@@ -265,7 +303,6 @@ if ($session->loggedin === TRUE) {
 
 
 	$member = $sucsDB->GetRow("select * from members left join member_type on members.type=member_type.id where username='".$session->username."'");
-	$smarty->assign('member', $member);
 	$smarty->assign('paydate', $paydate);
 
 	if(($currentGuestNetMAC = $sucsDB->GetOne('SELECT * FROM guestnet WHERE uid=?', array((int)$member['uid']))) !== FALSE) {
@@ -279,6 +316,28 @@ if ($session->loggedin === TRUE) {
 	}
 
 
+// connect to Blog DB to see if user has a SUCS blog	
+	require_once("/usr/share/php/adodb/adodb.inc.php");
+	$BlogDB = NewADOConnection('postgres8');
+	$BlogDB->Connect('dbname=blogs user=apache');
+	$BlogDB->SetFetchMode(ADODB_FETCH_ASSOC); 
+	require_once('../lib/blog/validation.lib.php');
+	if (blogger($session->username)) {
+		$smarty->assign("sucsblogger", TRUE);
+		$feed="http://sucs.org/blog/feed/atom/".$session->username;
+		if ($member['blogfeed'] == $feed) {
+			$smarty->assign("sucsblogfeed", TRUE);
+		}
+	}
+
+	// change postgresql boolean to PHP boolean
+	if ($member['syndicateblog'] == 't') {
+		$member['syndicateblog'] = true;
+	} else {
+		$member['syndicateblog'] = false;
+	}
+	$smarty->assign('member', $member);
+
 }
 
 $smarty->assign('url', $component['path']);
-- 
GitLab