From 982bd838bf2b8e8add559744f19ba65d397e51d1 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Tue, 2 Mar 2021 13:20:41 +0300 Subject: use orm when setting personal data; fix some warnings in mailer class --- classes/mailer.php | 9 ++++----- classes/pref/prefs.php | 53 ++++++++++++++++++++------------------------------ 2 files changed, 25 insertions(+), 37 deletions(-) diff --git a/classes/mailer.php b/classes/mailer.php index a4270ba88..968caf54a 100644 --- a/classes/mailer.php +++ b/classes/mailer.php @@ -10,11 +10,10 @@ class Mailer { $to_address = $params["to_address"]; $subject = $params["subject"]; $message = $params["message"]; - $message_html = $params["message_html"]; - $from_name = $params["from_name"] ? $params["from_name"] : Config::get(Config::SMTP_FROM_NAME); - $from_address = $params["from_address"] ? $params["from_address"] : Config::get(Config::SMTP_FROM_ADDRESS); - - $additional_headers = $params["headers"] ? $params["headers"] : []; + $message_html = $params["message_html"] ?? ""; + $from_name = $params["from_name"] ?? Config::get(Config::SMTP_FROM_NAME); + $from_address = $params["from_address"] ?? Config::get(Config::SMTP_FROM_ADDRESS); + $additional_headers = $params["headers"] ?? []; $from_combined = $from_name ? "$from_name <$from_address>" : $from_address; $to_combined = $to_name ? "$to_name <$to_address>" : $to_address; diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index 91707553f..eaf724199 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -212,48 +212,45 @@ class Pref_Prefs extends Handler_Protected { } } - function changeemail() { + function changePersonalData() { - $email = clean($_POST["email"]); - $full_name = clean($_POST["full_name"]); - $active_uid = $_SESSION["uid"]; + $user = ORM::for_table('ttrss_users')->find_one($_SESSION['uid']); + $new_email = clean($_POST['email']); - $sth = $this->pdo->prepare("SELECT email, login, full_name FROM ttrss_users WHERE id = ?"); - $sth->execute([$active_uid]); + if ($user) { + $user->full_name = clean($_POST['full_name']); - if ($row = $sth->fetch()) { - $old_email = $row["email"]; + if ($user->email != $new_email) + Logger::log(E_USER_NOTICE, "Email address of user ".$user->login." has been changed to ${new_email}."); + + if ($user->email && $user->email != $new_email) { - if ($old_email != $email) { $mailer = new Mailer(); $tpl = new Templator(); $tpl->readTemplateFromFile("mail_change_template.txt"); - $tpl->setVariable('LOGIN', $row["login"]); - $tpl->setVariable('NEWMAIL', $email); + $tpl->setVariable('LOGIN', $user->login); + $tpl->setVariable('NEWMAIL', $new_email); $tpl->setVariable('TTRSS_HOST', Config::get(Config::SELF_URL_PATH)); $tpl->addBlock('message'); $tpl->generateOutputToString($message); - $mailer->mail(["to_name" => $row["login"], - "to_address" => $row["email"], - "subject" => "[tt-rss] Mail address change notification", + $mailer->mail(["to_name" => $user->login, + "to_address" => $user->email, + "subject" => "[tt-rss] Email address change notification", "message" => $message]); + $user->email = $new_email; } - } - $sth = $this->pdo->prepare("UPDATE ttrss_users SET email = ?, - full_name = ? WHERE id = ?"); - $sth->execute([$email, $full_name, $active_uid]); + $user->save(); + } print __("Your personal data has been saved."); - - return; } function resetconfig() { @@ -264,21 +261,13 @@ class Pref_Prefs extends Handler_Protected { private function index_auth_personal() { - $sth = $this->pdo->prepare("SELECT email,full_name,otp_enabled, - access_level FROM ttrss_users - WHERE id = ?"); - $sth->execute([$_SESSION["uid"]]); - $row = $sth->fetch(); - - $email = htmlspecialchars($row["email"]); - $full_name = htmlspecialchars($row["full_name"]); - $otp_enabled = sql_bool_to_bool($row["otp_enabled"]); + $user = ORM::for_table('ttrss_users')->find_one($_SESSION['uid']); ?>
- +