valvin
/
ttrss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

use orm when setting personal data; fix some warnings in mailer class

This commit is contained in:
Andrew Dolgov 2021-03-02 13:20:41 +03:00
parent 30b94fb194
commit 982bd838bf
2 changed files with 25 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
classes/mailer.php
View File

@ -10,11 +10,10 @@ class Mailer {
$to_address = $params["to_address"]; $to_address = $params["to_address"];
$subject = $params["subject"]; $subject = $params["subject"];
$message = $params["message"]; $message = $params["message"];
$message_html = $params["message_html"]; $message_html = $params["message_html"] ?? "";
$from_name = $params["from_name"] ? $params["from_name"] : Config::get(Config::SMTP_FROM_NAME); $from_name = $params["from_name"] ?? Config::get(Config::SMTP_FROM_NAME);
$from_address = $params["from_address"] ? $params["from_address"] : Config::get(Config::SMTP_FROM_ADDRESS); $from_address = $params["from_address"] ?? Config::get(Config::SMTP_FROM_ADDRESS);
$additional_headers = $params["headers"] ?? [];
$additional_headers = $params["headers"] ? $params["headers"] : [];
$from_combined = $from_name ? "$from_name <$from_address>" : $from_address; $from_combined = $from_name ? "$from_name <$from_address>" : $from_address;
$to_combined = $to_name ? "$to_name <$to_address>" : $to_address; $to_combined = $to_name ? "$to_name <$to_address>" : $to_address;

53
classes/pref/prefs.php
View File

@ -212,48 +212,45 @@ class Pref_Prefs extends Handler_Protected {
} }
} }
function changeemail() { function changePersonalData() {
$email = clean($_POST["email"]); $user = ORM::for_table('ttrss_users')->find_one($_SESSION['uid']);
$full_name = clean($_POST["full_name"]); $new_email = clean($_POST['email']);
$active_uid = $_SESSION["uid"];
$sth = $this->pdo->prepare("SELECT email, login, full_name FROM ttrss_users WHERE id = ?"); if ($user) {
$sth->execute([$active_uid]); $user->full_name = clean($_POST['full_name']);
if ($row = $sth->fetch()) { if ($user->email != $new_email)
$old_email = $row["email"]; Logger::log(E_USER_NOTICE, "Email address of user ".$user->login." has been changed to ${new_email}.");
if ($user->email && $user->email != $new_email) {
if ($old_email != $email) {
$mailer = new Mailer(); $mailer = new Mailer();
$tpl = new Templator(); $tpl = new Templator();
$tpl->readTemplateFromFile("mail_change_template.txt"); $tpl->readTemplateFromFile("mail_change_template.txt");
$tpl->setVariable('LOGIN', $row["login"]); $tpl->setVariable('LOGIN', $user->login);
$tpl->setVariable('NEWMAIL', $email); $tpl->setVariable('NEWMAIL', $new_email);
$tpl->setVariable('TTRSS_HOST', Config::get(Config::SELF_URL_PATH)); $tpl->setVariable('TTRSS_HOST', Config::get(Config::SELF_URL_PATH));
$tpl->addBlock('message'); $tpl->addBlock('message');
$tpl->generateOutputToString($message); $tpl->generateOutputToString($message);
$mailer->mail(["to_name" => $row["login"], $mailer->mail(["to_name" => $user->login,
"to_address" => $row["email"], "to_address" => $user->email,
"subject" => "[tt-rss] Mail address change notification", "subject" => "[tt-rss] Email address change notification",
"message" => $message]); "message" => $message]);
$user->email = $new_email;
} }
$user->save();
} }
$sth = $this->pdo->prepare("UPDATE ttrss_users SET email = ?,
full_name = ? WHERE id = ?");
$sth->execute([$email, $full_name, $active_uid]);
print __("Your personal data has been saved."); print __("Your personal data has been saved.");
return;
} }
function resetconfig() { function resetconfig() {
@ -264,21 +261,13 @@ class Pref_Prefs extends Handler_Protected {
private function index_auth_personal() { private function index_auth_personal() {
$sth = $this->pdo->prepare("SELECT email,full_name,otp_enabled, $user = ORM::for_table('ttrss_users')->find_one($_SESSION['uid']);
access_level FROM ttrss_users
WHERE id = ?");
$sth->execute([$_SESSION["uid"]]);
$row = $sth->fetch();
$email = htmlspecialchars($row["email"]);
$full_name = htmlspecialchars($row["full_name"]);
$otp_enabled = sql_bool_to_bool($row["otp_enabled"]);
?> ?>
<form dojoType='dijit.form.Form'> <form dojoType='dijit.form.Form'>
<?= \Controls\hidden_tag("op", "pref-prefs") ?> <?= \Controls\hidden_tag("op", "pref-prefs") ?>
<?= \Controls\hidden_tag("method", "changeemail") ?> <?= \Controls\hidden_tag("method", "changePersonalData") ?>
<script type="dojo/method" event="onSubmit" args="evt"> <script type="dojo/method" event="onSubmit" args="evt">
evt.preventDefault(); evt.preventDefault();
@ -292,12 +281,12 @@ class Pref_Prefs extends Handler_Protected {
<fieldset> <fieldset>
<label><?= __('Full name:') ?></label> <label><?= __('Full name:') ?></label>
<input dojoType='dijit.form.ValidationTextBox' name='full_name' required='1' value="<?= $full_name ?>"> <input dojoType='dijit.form.ValidationTextBox' name='full_name' required='1' value="<?= htmlspecialchars($user->full_name) ?>">
</fieldset> </fieldset>
<fieldset> <fieldset>
<label><?= __('E-mail:') ?></label> <label><?= __('E-mail:') ?></label>
<input dojoType='dijit.form.ValidationTextBox' name='email' required='1' value="<?= $email ?>"> <input dojoType='dijit.form.ValidationTextBox' name='email' required='1' value="<?= htmlspecialchars($user->email) ?>">
</fieldset> </fieldset>
<hr/> <hr/>