{$lang['account']['log_in']}"; $q = "SELECT count(*) FROM users LIMIT 1;"; if ($signups !== false) { echo " - {$lang['account']['sign_up']}"; } include "boilerplate/foot.php"; exit(); } else if ($_SERVER["REQUEST_METHOD"] === "POST") { $intent = $_POST["intent"]; $show_settings = true; // TODO: update-texts if ($intent === "create-section") { $section_id = generate_id(); pg_insert( $db, "section", array( "id" => $section_id, "users" => $user["id"], "name" => $default_section_name, "show_subtitle" => false ) ); pg_insert( $db, "row", array( "id" => generate_id(), "section" => $section_id, "name" => $default_row_name, "display_format" => $default_format ) ); } else if ($intent === "create-row") { $section_id = $_POST["section"]; if (strlen($section_id) !== 64 || !preg_match("/^[a-f0-9]{64}$/", $section_id)) { $err = $lang["add"]["errors"]["invalid_id"]; } else { pg_insert( $db, "row", array( "id" => generate_id(), "section" => $section_id, "name" => $default_row_name, "display_format" => $default_format ) ); } } else if ($intent === "create-item") { $show_settings = false; $row_id = $_POST["row"]; $date = strtotime($_POST["date"]); $description = $_POST["description"]; if (strlen($row_id) !== 64 || !preg_match("/^[a-f0-9]{64}$/", $row_id)) { $err = $lang["add"]["errors"]["invalid_id"]; } else if ($date === false) { $err = $lang["add"]["errors"]["date"]; } else if (strlen($description) === 0 || strlen($description) > 256) { $err = $lang["add"]["errors"]["description_length"]; } else { $repopulate = array( "row_id" => $row_id, "date" => $date ); pg_insert( $db, "item", array( "id" => generate_id(), "row" => $row_id, "description" => $description, "date" => date("Y-m-d", $date) ) ); } } else if ($intent === "delete-account") { $pw = $_POST["password"]; if (!$pw) { $err = $lang["account"]["errors"]["bad_request"]; } else if (password_verify($pw, $user["password_hash"])) { pg_delete( $db, "users", array("username" => $user["username"]) ); header("Location: logout.php"); http_response_code(302); exit(); } else { $err = $lang["account"]["errors"]["incorrect_password"]; } } else if ($intent === "update-texts") { foreach ($_POST as $ident => $value) { if (preg_match("/^(?:section-[a-f0-9]{64}-name)|(?:row-[a-f0-9]{64}-(?:name|format))$/", $ident)) { $table_name = explode("-", $ident)[0]; $table_id = explode("-", $ident)[1]; $action = explode("-", $ident)[2]; if ($action === "name") { if (strlen($value) !== 0 && strlen($value) <= 128) { if ($table_name === "section") { $v = array( "name" => $value, "show_subtitle" => (bool) $_POST["$table_name-$table_id-subtitle"] ); } else { $v = array("name" => $value); } pg_update( $db, $table_name, $v, array("id" => $table_id) ); } } else if ($action === "format") { if (strlen($value) !== 0 && strlen($value) <= 128) { pg_update( $db, $table_name, array("display_format" => $value), array("id" => $table_id) ); } } } } } else if ($intent === "set-threshold") { $yellow = (int) $_POST["yellow"]; $gray = (int) $_POST["gray"]; if ($yellow <= 0) { $yellow = -1; } if ($gray < 0) { $gray = -1; } pg_update( $db, "user", array( "yellow_threshold" => $yellow, "gray_threshold" => $gray ), array("id" => $user["id"]) ); $user["yellow_threshold"] = $yellow; $user["gray_threshold"] = $gray; } else if ($intent === "change-password") { $old_pw = $_POST["old"]; $new_pw = $_POST["new"]; $confirm_pw = $_POST["confirm"]; if (!($old_pw && $new_pw && $confirm_pw)) { $err = $lang["account"]["errors"]["bad_request"]; } else if ($new_pw !== $confirm_pw) { $err = $lang["account"]["errors"]["password_match"]; } else if (password_verify($old_pw, $user["password_hash"])) { $pw_hash = password_hash($new_pw, PASSWORD_DEFAULT); pg_update( $db, "users", array("password_hash" => $pw_hash), array("id" => $user["id"]) ); $token = get_token($user["username"], $pw_hash); setcookie( "token", $token, time() + 60 * 60 * 24 * 365 ); $conf = $lang["account"]["errors"]["password_changed"]; } else { $err = $lang["account"]["errors"]["incorrect_password"]; } } else { $err = $lang["errors"]["intent"]; } } else if ($_GET["del"]) { $del_type = explode("-", $_GET["del"])[0]; $del_id = explode("-", $_GET["del"])[1]; $show_settings = $del_type !== "item"; if (strlen($del_id) === 64 && preg_match("/^[a-f0-9]{64}$/", $del_id) && ($del_type === "item" || $del_type === "row" || $del_type === "section")) { pg_query($db, "DELETE FROM $del_type WHERE id='$del_id';"); } } include "boilerplate/head.php"; $select_options = ""; $todo_list = ""; $section_conf = ""; $section_forms = ""; $q = "SELECT * FROM section WHERE users='{$user['id']}' ORDER BY LOWER(name) ASC, id ASC;"; $sections = pg_fetch_all(pg_query($db, $q)); foreach ($sections as $section) { $show_subtitle = $section["show_subtitle"] === "t"; $q = "SELECT * FROM row WHERE section='{$section['id']}' ORDER BY LOWER(name) ASC, id ASC;"; $rows = pg_fetch_all(pg_query($db, $q)); $enable_optgroup = $show_subtitle || count($rows) !== 1; $todo_list .= "

" . strip_name($section["name"]) . "

"; $section_conf .= "
"; if ($enable_optgroup) { $select_options .= ""; } $first = true; foreach ($rows as $row) { if ($repopulate["row_id"] == $row["id"]) { $select_options .= ""; $first = false; } $section_forms .= "
"; $section_conf .= "
"; if ($enable_optgroup) { $select_options .= ""; } } ?>

type="date" name="date" id="date" required>
" name="description" id="description" required>
">

>

"> ">

    • %t -
    • %d -
    • %C -
    • %c -

", $lang["settings"]["cosmetic"]["threshold"]["days_less"] ); ?>
", $lang["settings"]["cosmetic"]["threshold"]["days_more"] ); ?>
">

{$user['username']}", $lang["settings"]["account"]["current"]); ?>

">
">
">
">

" required>
">

{$lang['admin']['title']}"; } ?>