diff options
| author | Andrew Dolgov <[email protected]> | 2021-03-02 13:20:41 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2021-03-02 13:20:41 +0300 |
| commit | 982bd838bf2b8e8add559744f19ba65d397e51d1 (patch) | |
| tree | 3c2281b0a1531e646239fdc7887946a6d974c555 | |
| parent | 30b94fb19467c023cf299a2c37f5063e85c4bb18 (diff) | |
use orm when setting personal data; fix some warnings in mailer class
| -rw-r--r-- | classes/mailer.php | 9 | ||||
| -rw-r--r-- | classes/pref/prefs.php | 53 |
2 files changed, 25 insertions, 37 deletions
diff --git a/classes/mailer.php b/classes/mailer.php index a4270ba88..968caf54a 100644 --- a/classes/mailer.php +++ b/classes/mailer.php @@ -10,11 +10,10 @@ class Mailer { $to_address = $params["to_address"]; $subject = $params["subject"]; $message = $params["message"]; - $message_html = $params["message_html"]; - $from_name = $params["from_name"] ? $params["from_name"] : Config::get(Config::SMTP_FROM_NAME); - $from_address = $params["from_address"] ? $params["from_address"] : Config::get(Config::SMTP_FROM_ADDRESS); - - $additional_headers = $params["headers"] ? $params["headers"] : []; + $message_html = $params["message_html"] ?? ""; + $from_name = $params["from_name"] ?? Config::get(Config::SMTP_FROM_NAME); + $from_address = $params["from_address"] ?? Config::get(Config::SMTP_FROM_ADDRESS); + $additional_headers = $params["headers"] ?? []; $from_combined = $from_name ? "$from_name <$from_address>" : $from_address; $to_combined = $to_name ? "$to_name <$to_address>" : $to_address; diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index 91707553f..eaf724199 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -212,48 +212,45 @@ class Pref_Prefs extends Handler_Protected { } } - function changeemail() { + function changePersonalData() { - $email = clean($_POST["email"]); - $full_name = clean($_POST["full_name"]); - $active_uid = $_SESSION["uid"]; + $user = ORM::for_table('ttrss_users')->find_one($_SESSION['uid']); + $new_email = clean($_POST['email']); - $sth = $this->pdo->prepare("SELECT email, login, full_name FROM ttrss_users WHERE id = ?"); - $sth->execute([$active_uid]); + if ($user) { + $user->full_name = clean($_POST['full_name']); - if ($row = $sth->fetch()) { - $old_email = $row["email"]; + if ($user->email != $new_email) + Logger::log(E_USER_NOTICE, "Email address of user ".$user->login." has been changed to ${new_email}."); + + if ($user->email && $user->email != $new_email) { - if ($old_email != $email) { $mailer = new Mailer(); $tpl = new Templator(); $tpl->readTemplateFromFile("mail_change_template.txt"); - $tpl->setVariable('LOGIN', $row["login"]); - $tpl->setVariable('NEWMAIL', $email); + $tpl->setVariable('LOGIN', $user->login); + $tpl->setVariable('NEWMAIL', $new_email); $tpl->setVariable('TTRSS_HOST', Config::get(Config::SELF_URL_PATH)); $tpl->addBlock('message'); $tpl->generateOutputToString($message); - $mailer->mail(["to_name" => $row["login"], - "to_address" => $row["email"], - "subject" => "[tt-rss] Mail address change notification", + $mailer->mail(["to_name" => $user->login, + "to_address" => $user->email, + "subject" => "[tt-rss] Email address change notification", "message" => $message]); + $user->email = $new_email; } - } - $sth = $this->pdo->prepare("UPDATE ttrss_users SET email = ?, - full_name = ? WHERE id = ?"); - $sth->execute([$email, $full_name, $active_uid]); + $user->save(); + } print __("Your personal data has been saved."); - - return; } function resetconfig() { @@ -264,21 +261,13 @@ class Pref_Prefs extends Handler_Protected { private function index_auth_personal() { - $sth = $this->pdo->prepare("SELECT email,full_name,otp_enabled, - access_level FROM ttrss_users - WHERE id = ?"); - $sth->execute([$_SESSION["uid"]]); - $row = $sth->fetch(); - - $email = htmlspecialchars($row["email"]); - $full_name = htmlspecialchars($row["full_name"]); - $otp_enabled = sql_bool_to_bool($row["otp_enabled"]); + $user = ORM::for_table('ttrss_users')->find_one($_SESSION['uid']); ?> <form dojoType='dijit.form.Form'> <?= \Controls\hidden_tag("op", "pref-prefs") ?> - <?= \Controls\hidden_tag("method", "changeemail") ?> + <?= \Controls\hidden_tag("method", "changePersonalData") ?> <script type="dojo/method" event="onSubmit" args="evt"> evt.preventDefault(); @@ -292,12 +281,12 @@ class Pref_Prefs extends Handler_Protected { <fieldset> <label><?= __('Full name:') ?></label> - <input dojoType='dijit.form.ValidationTextBox' name='full_name' required='1' value="<?= $full_name ?>"> + <input dojoType='dijit.form.ValidationTextBox' name='full_name' required='1' value="<?= htmlspecialchars($user->full_name) ?>"> </fieldset> <fieldset> <label><?= __('E-mail:') ?></label> - <input dojoType='dijit.form.ValidationTextBox' name='email' required='1' value="<?= $email ?>"> + <input dojoType='dijit.form.ValidationTextBox' name='email' required='1' value="<?= htmlspecialchars($user->email) ?>"> </fieldset> <hr/> |