body<= underage) { return BML::redirect("$LJ::SITEROOT/agecheck/?s=1"); } my $authas = $GET{'authas'} || $remote->{'user'}; my $u = LJ::get_authas_user($authas); return LJ::bad_input("You could not be authenticated as the specified user.") unless $u; return $LJ::MSG_READONLY_USER if $u->readonly; # extra arguments for get requests my $getextra = $authas ne $remote->{'user'} ? "?authas=$authas" : ''; ### user is now authenticated ### my $dbr = LJ::get_db_reader(); my $sth; # load user props LJ::load_user_props($u, { use_master => 1 }, "opt_whatemailshow", "country", "state", "city", "zip", "icq", "aolim", "yahoo", "msn", "url", "urlname", "gender", "jabber", "opt_blockrobots", "opt_logcommentips", "howhear", "opt_bdaymail", "opt_hidefriendofs", "sidx_bdate", "sidx_loc", "mailencoding", "opt_nctalklinks", "opt_whoscreened", "journaltitle", "journalsubtitle", "friendspagetitle", "opt_weblogscom", "opt_stylemine", "opt_imagelinks", "opt_getselfemail", "external_foaf_url", "opt_showmutualfriends", ); # to store values before they undergo normalisation my %saved = (); $saved{'name'} = $u->{'name'}; # clean userprops foreach (values %$u) { LJ::text_out(\$_); } # load and clean bio $u->{'bio'} = LJ::get_bio($u); $saved{'bio'} = $u->{'bio'}; LJ::text_out(\$u->{'bio'}, "force"); # load interests my $uints = LJ::get_interests($u, { forceids => 1 }); my %interests = (); foreach (@$uints) { $interests{$_->[1]} = $_->[0]; # $interests{name} = intid } # load state and country codes my %countries; my %states; LJ::load_codes({ "country" => \%countries, "state" => \%states }); ### ### no post, show edit form ### unless (LJ::did_post()) { my $ret; # user switcher $ret .= "
\n\n"; $ret .= "\n"; return $ret; } ### ### we have a post, process edits ### if (LJ::did_post()) { return "" unless LJ::check_form_auth(); $POST{'unban'} =~ s/\0/,/g; return "" unless LJ::text_in(\%POST); my @errors = (); # name unless ($POST{'name'} || defined($POST{'name_absent'})) { push @errors, $ML{'.error.noname'}; } # state and zip my ($zipcity, $zipstate); if ($POST{'country'} eq "US") { $sth = $dbr->prepare("SELECT city, state FROM zip WHERE zip=?"); $sth->execute($POST{'zip'}); ($zipcity, $zipstate) = $sth->fetchrow_array; } # country if ($POST{'country'} ne "US" && $POST{'zip'}) { push @errors, $ML{'.error.locale.zip_requires_us'}; } if ($POST{'country'} eq "US" && $POST{'stateother'}) { push @errors, $ML{'.error.locale.country_ne_state'}; } elsif ($POST{'country'} && $POST{'country'} ne "US" && $POST{'statedrop'}) { push @errors, $ML{'.error.locale.state_ne_country'}; } # zip-code validation stuff if ($POST{'country'} eq "US") { if ($POST{'statedrop'} && $zipstate && $POST{'statedrop'} ne $zipstate) { push @errors, $ML{'.error.locale.zip_ne_state'}; } if ($zipcity) { $POST{'statedrop'} = $zipstate; $POST{'city'} = $zipcity; } } if ($POST{'country'} && !defined($countries{$POST{'country'}})) { push @errors, $ML{'.error.locale.invalid_country'}; } # birthday my $this_year = (localtime())[5]+1900; if ($POST{'year'} && $POST{'year'} < 100) { push @errors, $ML{'.error.year.notenoughdigits'}; } if ($POST{'year'} && $POST{'year'} >= 100 && ($POST{'year'} < 1890 || $POST{'year'} > $this_year)) { push @errors, $ML{'.error.year.outofrange'}; } if ($POST{'month'} && ($POST{'month'} < 1 || $POST{'month'} > 12)) { push @errors, $ML{'.error.month.outofrange'}; } if ($POST{'day'} && ($POST{'day'} < 1 || $POST{'day'} > 31)) { push @errors, $ML{'.error.day.outofrange'}; } if (@errors == 0 && $POST{'day'} > LJ::days_in_month($POST{'month'}, $POST{'year'})) { push @errors, $ML{'.error.day.notinmonth'}; } # email unless ($POST{'email'}) { push @errors, $ML{'.error.email.none'}; } if ($LJ::USER_EMAIL and $POST{'email'} =~ /\@\Q$LJ::USER_DOMAIN\E$/i) { push @errors, BML::ml(".error.email.lj_domain", { 'user' => $u->{'user'}, 'domain' => $LJ::USER_DOMAIN, }); } if ($POST{'email'} =~ /\s/) { push @errors, $ML{'.error.email.no_space'}; } unless (@errors) { LJ::check_email($POST{'email'}, \@errors); } # text messaging if ($POST{'use_txtmsg'}) { unless ($POST{'txtmsg_provider'}) { push @errors, $ML{'.error.tm.require_provider'}; } unless ($POST{'txtmsg_number'}) { push @errors, $ML{'.error.tm.require.number'}; } } return LJ::bad_input(@errors) if @errors; ### no errors my $dbh = LJ::get_db_writer(); my $email_changed = ($u->{'email'} ne $POST{'email'}); if ($email_changed) { # record old email address; LJ::infohistory_add($u, 'email', $u->{email}, $u->{status}); } $POST{'url'} =~ s/\s+$//; $POST{'url'} =~ s/^\s+//; if ($POST{'url'} && $POST{'url'} !~ /^https?:\/\//) { $POST{'url'} =~ s/^http\W*//; $POST{'url'} = "http://$POST{'url'}"; } my $newname = defined $POST{'name_absent'} ? $saved{'name'} : $POST{'name'}; $newname =~ s/[\n\r]//g; $newname = LJ::text_trim($newname, LJ::BMAX_NAME, LJ::CMAX_NAME); my $newbio = defined($POST{'bio_absent'}) ? $saved{'bio'} : $POST{'bio'}; my $has_bio = ($newbio =~ /\S/) ? "Y" : "N"; my $txtmsg_status = $POST{'use_txtmsg'} ? "on" : "off"; # setup what we're gonna update in the user table: my %update = ( 'name' => $newname, 'bdate' => sprintf("%04d-%02d-%02d", $POST{'year'}, $POST{'month'}, $POST{'day'}), 'email' => $POST{'email'}, 'status' => ($email_changed && $u->{'status'} eq "A") ? "T" : $u->{'status'}, 'has_bio' => $has_bio, 'allow_infoshow' => $POST{'allow_infoshow'} ? "Y" : "N", 'allow_getljnews' => $POST{'allow_getljnews'} ? "Y" : "N", 'opt_showtalklinks' => $POST{'opt_showtalklinks'} ? "Y" : "N", 'opt_gettalkemail' => $POST{'opt_gettalkemail'} ? "Y" : "N", 'opt_htmlemail' => $POST{'opt_htmlemail'} ? "Y" : "N", 'opt_mangleemail' => $POST{'opt_mangleemail'} ? "Y" : "N", 'opt_whocanreply' => $POST{'opt_whocanreply'}, 'txtmsg_status' => $txtmsg_status, ); if ($POST{'allow_contactshow'}) { $update{'allow_contactshow'} = "Y"; $update{'allow_contactshow'} = "F" if $POST{'contactshow_sec'} eq "F"; } else { $update{'allow_contactshow'} = "N"; } if (defined $POST{'oldenc'}) { $update{'oldenc'} = $POST{'oldenc'}; } LJ::update_user($u, \%update); ### change any of the userprops ? { # journal / friends titles $POST{'journaltitle'} = LJ::text_trim($POST{'journaltitle'}, 0, 80) if $POST{'journaltitle'}; $POST{'journalsubtitle'} = LJ::text_trim($POST{'journalsubtitle'}, 0, 80) if $POST{'journalsubtitle'}; $POST{'friendspagetitle'} = LJ::text_trim($POST{'friendspagetitle'}, 0, 80) if $POST{'friendspagetitle'}; # opts $POST{'opt_showmutualfriends'} = $POST{'opt_showmutualfriends'} ? 1 : 0; $POST{'opt_getselfemail'} = $POST{'opt_getselfemail'} ? 1 : 0; $POST{'opt_stylemine'} = $POST{'opt_stylemine'} ? 1 : 0; $POST{'opt_blockrobots'} = $POST{'opt_blockrobots'} ? 1 : 0; $POST{'opt_bdaymail'} = $POST{'opt_bdaymail'} ? 1 : 0; $POST{'opt_hidefriendofs'} = $POST{'opt_hidefriendofs'} ? 1 : 0; $POST{'opt_nctalklinks'} = $POST{'opt_nctalklinks'} ? 1 : 0; $POST{'opt_weblogscom'} = $POST{'opt_weblogscom'} ? 1 : 0; if ($POST{'opt_logcommentips'} ne "N" && $POST{'opt_logcommentips'} ne "S" && $POST{'opt_logcommentips'} ne "A") { $POST{'opt_logcommentips'} = "N"; } $POST{'opt_whoscreened'} = "N" unless $POST{'opt_whoscreened'} =~ m/^(N|R|F|A)$/; $POST{'opt_imagelinks'} = 0 unless $POST{'opt_imagelinks_on'} && $POST{'opt_imagelinks'} =~ m/^(\d+)\|(\d+)$/; # for the directory. $POST{'sidx_bdate'} = ""; $POST{'sidx_loc'} = ""; $POST{'state'} = $POST{'statedrop'} || $POST{'stateother'}; if ($update{'allow_infoshow'} eq 'Y') { if ($POST{'year'}) { $POST{'sidx_bdate'} = sprintf("%04d-%02d-%02d", map { $POST{$_} } qw(year month day)); } if ($POST{'country'}) { my $state; if ($POST{'country'} eq "US") { $state = $POST{'statedrop'}; } else { $state = $POST{'stateother'}; } $POST{'sidx_loc'} = sprintf("%2s-%s-%s", $POST{'country'}, $state, $POST{'city'}); } } my @uprops = ( "opt_whatemailshow", "country", "state", "city", "zip", "icq", "aolim", "yahoo", "msn", "url", "urlname", "gender", "jabber", "opt_blockrobots", "opt_logcommentips", "opt_bdaymail", "opt_hidefriendofs", "sidx_bdate", "sidx_loc", "mailencoding", "opt_nctalklinks", "opt_whoscreened", "journaltitle", "journalsubtitle", "friendspagetitle", "opt_stylemine", "opt_imagelinks", "opt_getselfemail", "external_foaf_url", "opt_showmutualfriends", ); # weblogs.com requires a special cap push @uprops, 'opt_weblogscom' if LJ::get_cap($u, 'weblogscom'); # this is only done once, then never appears again. push @uprops, 'howhear' if $POST{'howhear'}; # set userprops foreach my $uprop (@uprops) { my $eff_val = $POST{$uprop}; # effective value, since 0 isn't stored $eff_val = "" unless $eff_val; my $mem_only = $eff_val eq $u->{$uprop}; LJ::set_userprop($u, $uprop, $eff_val, $mem_only); } } # update their bio text if (($u->{'bio'} ne $POST{'bio'}) && !defined($POST{'bio_absent'})) { if ($has_bio eq "N") { $u->do("DELETE FROM userbio WHERE userid=?", undef, $u->{'userid'}); $u->dudata_set('B', 0, 0); } else { $u->do("REPLACE INTO userbio (userid, bio) VALUES (?, ?)", undef, $u->{'userid'}, $POST{'bio'}); $u->dudata_set('B', 0, length($POST{'bio'})); } LJ::MemCache::set([$u->{'userid'}, "bio:$u->{'userid'}"], $POST{'bio'}); } # update their text messaging info if ($txtmsg_status eq "off" && $u->{'txtmsg_status'} eq "on") { $dbh->do("DELETE FROM txtmsg WHERE userid=?", undef, $u->{'userid'}); } elsif ($txtmsg_status eq "on") { $dbh->do("REPLACE INTO txtmsg (userid, provider, number, security) VALUES (?, ?, ?, ?)", undef, $u->{'userid'}, $POST{'txtmsg_provider'}, $POST{'txtmsg_number'}, $POST{'txtmsg_security'}); } # update interests unless ($POST{'interests_absent'}) { $POST{'interests'} =~ s/^\s+//; $POST{'interests'} =~ s/\s+$//; $POST{'interests'} =~ s/\n/,/g; $POST{'interests'} =~ s/\s+/ /g; #Strip duplicate spaces from the interest my @ints = split (/\s*,\s*/, $POST{'interests'}); my $intcount = scalar(@ints); if ($intcount > 150) { return LJ::bad_input(BML::ml(".error.excessive_int", {'intcount' => $intcount})); } LJ::set_interests($u, \%interests, \@ints); } # now unban users they selected to be unbanned if ($POST{'unban'}) { my $bannedin = join(",", map { $dbh->quote($_); } split(/,/, $POST{'unban'})); $dbh->do("DELETE FROM reluser WHERE userid=? AND type='B' AND targetid IN ($bannedin)", undef, $u->{'userid'}); } # actions if email changed if ($email_changed) { my $aa = {}; $aa = LJ::register_authaction($u->{'userid'}, "validateemail", $POST{'email'}); LJ::send_mail({ 'to' => $POST{'email'}, 'from' => $LJ::ADMIN_EMAIL, 'charset' => 'utf-8', 'subject' => $ML{'.newemail.subject'}, 'body' => BML::ml('.newemail.body2', { username => $u->{user}, sitename => $LJ::SITENAME, sitelink => $LJ::SITEROOT, conflink => "$LJ::SITEROOT/confirm/$aa->{'aaid'}.$aa->{'authcode'}" }), }); } # tell the user all is well return "\n" . " $u->{'user'}, }) . " p?>"; } # should never happen return ""; } _code?> <=body page?> lib: LJ::TextMessage, cgi-bin/ljlib.pl, cgi-bin/ljlang.pl link: htdocs/legal/privacy.bml, htdocs/support/faqbrowse.bml, htdocs/tools/textmessage.bml, htdocs/uploadpic.bml link: htdocs/paidaccounts/index.bml, htdocs/users, htdocs/userinfo.bml post: htdocs/editinfo.bml img: htdocs/userpic _c?>