S2OJ/web/app/controllers/user_info_edit.php

<?php
	requireLib('bootstrap5');
	requireLib('md5');
	requirePHPLib('form');

	if (!Auth::check()) {
		redirectToLogin();
	}

	if (!validateUsername($_GET['username']) || !($user = queryUser($_GET['username']))) {
		become404Page();
	}

	if (!isSuperUser($myUser) && $myUser['username'] != $user['username']) {
		become403Page();
	}

	if (isset($_GET['tab'])) {
		$cur_tab = $_GET['tab'];
	} else {
		$cur_tab = 'profile';
	}
	
	$tabs_info = [
		'profile' => [
			'name' => '<i class="bi bi-person-fill"></i> 个人资料',
			'url' => "/user/{$user['username']}/edit/profile",
		],
		'password' => [
			'name' => '<i class="bi bi-lock-fill"></i> 修改密码',
			'url' => "/user/{$user['username']}/edit/password",
		],
		'privilege' => [
			'name' => '<i class="bi bi-key-fill"></i> 特权',
			'url' => "/user/{$user['username']}/edit/privilege",
		]
	];
	
	if (!isset($tabs_info[$cur_tab])) {
		become404Page();
	}

	if ($cur_tab == 'profile') {
		$update_profile_form = new UOJForm('update_profile');
		$username = UOJLocale::get('username');
		$avatar = UOJLocale::get('avatar');
		$update_profile_form->appendHTML(<<<EOD
	<div class="mb-3">
		<label for="input-username" class="form-label">$username</label>
		<input type="text" class="form-control" id="input-username" aria-describedby="help-username" value="{$user['username']}" disabled>
		<div id="help-username" class="form-text">用户名不能被修改。</div>
	</div>
EOD);
		$update_profile_form->addVCheckboxes('avatar_source', [
			'gravatar' => 'Gravatar',
			'qq' => 'QQ',
		], UOJLocale::get('user::avatar source'), $user['avatar_source']);
		$change_avatar_help = UOJLocale::get('change avatar help');
		$update_profile_form->appendHTML(<<<EOD
	<div style="margin-top: -1.25rem;" class="mb-3 small text-muted">
		$change_avatar_help
		</div>
EOD);
		$update_profile_form->addVInput('email', 'email', UOJLocale::get('email'), $user['email'],
			function($email, &$vdata) {
				if (!validateEmail($email)) {
					return 'Email 格式不合法。';
				}

				$vdata['email'] = $email;

				return '';
			}, null);
		$update_profile_form->addVInput('qq', 'text', UOJLocale::get('QQ'), $user['qq'] == 0 ? '' : $user['qq'],
			function($qq, &$vdata) {
				if ($qq && !validateQQ($qq)) {
					return 'QQ 格式不合法。';
				}

				$vdata['qq'] = $qq;

				return '';
			}, null);
		$update_profile_form->addVInput('github', 'text', 'GitHub', $user['github'],
			function($github, &$vdata) {
				if ($github && !validateGitHubUsername($github)) {
					return 'GitHub 用户名不合法。';
				}

				$vdata['github'] = $github;

				return '';
			}, null);
		if (isSuperUser($myUser)) {
			$update_profile_form->addVInput('school', 'text', UOJLocale::get('school'), $user['school'],
				function($school, &$vdata) {
					$vdata['school'] = $school;

					return '';
				}, null);
		} else {
			$school = UOJLocale::get('school');
			$update_profile_form->appendHTML(<<<EOD
	<div class="mb-3">
		<label for="input-school" class="form-label">$school</label>
		<input type="text" class="form-control" id="input-school" aria-describedby="help-school" value="{$user['school']}" disabled>
		<div id="help-school" class="form-text">只有管理员才能修改用户所属学校。</div>
	</div>
EOD);
		}
		$update_profile_form->addVCheckboxes('sex', [
				'U' => UOJLocale::get('refuse to answer'),
				'M' => UOJLocale::get('male'),
				'F' => UOJLocale::get('female'),
			], UOJLocale::get('sex'), $user['sex']);
		$update_profile_form->addVInput('motto', 'text', UOJLocale::get('motto'), $user['motto'],
			function($motto, &$vdata) {
				if (!validateMotto($motto)) {
					return '格言格式不合法';
				}

				$vdata['motto'] = $motto;

				return '';
			}, null);
		$update_profile_form->addVInput('codeforces_handle', 'text', UOJLocale::get('codeforces handle'), $user['codeforces_handle'],
			function($codeforces_handle, &$vdata) {
				if ($codeforces_handle && !validateUsername($codeforces_handle)) {
					return 'Codeforces 用户名格式不合法。';
				}

				$vdata['codeforces_handle'] = $codeforces_handle;

				return '';
			}, null);
		$update_profile_form->addVInput('website', 'text', UOJLocale::get('user::website'), $user['website'],
			function($url, &$vdata) {
				if ($url && !validateURL($url)) {
					return '链接格式不合法。';
				}

				$vdata['website'] = $url;

				return '';
			}, null);
		$update_profile_form->handle = function(&$vdata) use ($user, $myUser) {
			$esc_email = DB::escape($vdata['email']);
			$esc_qq = DB::escape($vdata['qq']);
			$esc_github = DB::escape($vdata['github']);
			$esc_sex = DB::escape($_POST['sex']);
			$esc_motto = DB::escape($vdata['motto']);
			$esc_codeforces_handle = DB::escape($vdata['codeforces_handle']);
			$esc_website = DB::escape($vdata['website']);
			$esc_avatar_source = DB::escape($_POST['avatar_source']);

			if (isSuperUser($myUser)) {
				$esc_school = DB::escape($vdata['school']);

				DB::update("UPDATE user_info SET school = '$esc_school' WHERE username = '{$user['username']}'");
			}

			DB::update("UPDATE user_info SET email = '$esc_email', qq = '$esc_qq', sex = '$esc_sex', motto = '$esc_motto', codeforces_handle = '$esc_codeforces_handle', github = '$esc_github', website = '$esc_website', avatar_source = '$esc_avatar_source' WHERE username = '{$user['username']}'");
		};
		$update_profile_form->submit_button_config['margin_class'] = 'mt-3';
		$update_profile_form->submit_button_config['text'] = '更新';
		$update_profile_form->runAtServer();
	} elseif ($cur_tab == 'password') {
		if (isset($_POST['submit-change_password']) && $_POST['submit-change_password'] == 'change_password') {
			header('Content-Type: application/json');

			$old_password = $_POST['current_password'];
			$new_password = $_POST['new_password'];

			if (!validatePassword($old_password) || !checkPassword($user, $old_password)) {
				die(json_encode(['status' => 'error', 'message' => '旧密码错误']));
			}

			if (!validatePassword($new_password)) {
				die(json_encode(['status' => 'error', 'message' => '新密码不合法']));
			}

			if ($old_password == $new_password) {
				die(json_encode(['status' => 'error', 'message' => '新密码不能与旧密码相同']));
			}

			$password = getPasswordToStore($new_password, $user['username']);
			DB::update("UPDATE `user_info` SET `password` = '$password' where `username` = '{$user['username']}'");
			die(json_encode(['status' => 'success', 'message' => '密码修改成功']));
		}
	} elseif ($cur_tab == 'privilege') {
		if (isset($_POST['submit-privilege']) && $_POST['submit-privilege'] == 'privilege' && isSuperUser($myUser)) {
			header('Content-Type: application/json');

			$user['usertype'] = 'student';

			if ($_POST['user_type'] == 'teacher') {
				removeUserType($user, 'student');
				addUserType($user, 'teacher');
			} else {
				addUserType($user, 'student');
			}

			if ($_POST['problem_uploader'] == 'yes') {
				addUserType($user, 'problem_uploader');
			}

			if ($_POST['problem_manager'] == 'yes') {
				addUserType($user, 'problem_manager');
			}

			if ($_POST['contest_judger'] == 'yes') {
				addUserType($user, 'contest_judger');
			}

			if ($_POST['contest_only'] == 'yes') {
				addUserType($user, 'contest_only');
			}

			DB::update("UPDATE `user_info` SET `usertype` = '{$user['usertype']}' where `username` = '{$user['username']}'");

			die(json_encode(['status' => 'success', 'message' => '权限修改成功']));
		}
	}

	$pageTitle = $user['username'] == $myUser['username']
		? UOJLocale::get('modify my profile')
		: UOJLocale::get('modify his profile', $user['username'])
	?>

<?php echoUOJPageHeader($pageTitle) ?>

<h1 class="h2">
	<?= $pageTitle ?>
</h1>

<div class="row mt-4">
<!-- left col -->
<div class="col-md-3">

<div class="list-group">
	<?php foreach ($tabs_info as $id => $tab): ?>
	<a
		role="button"
		class="list-group-item list-group-item-action <?= $cur_tab == $id ? 'active' : '' ?>"
		href="<?= $tab['url'] ?>">
		<?= $tab['name'] ?>
	</a>
	<?php endforeach ?>
</div>

<a
	class="btn btn-light d-block mt-2 w-100 text-start text-primary"
	style="--bs-btn-hover-bg: #d3d4d570; --bs-btn-hover-border-color: transparent;"
	href="<?= HTML::url("/user/{$user['username']}") ?>">
	<i class="bi bi-arrow-left"></i> 返回
</a>

<?php if (isSuperUser($myUser) && $user['username'] != $myUser['username']): ?>
<div class="alert alert-warning mt-3 small" role="alert">
	您正在使用管理特权查看并编辑其它用户的资料。
</div>
<?php endif ?>

</div>
<!-- end left col -->

<!-- right col -->
<div class="col-md-9">
<?php if ($cur_tab == 'profile'): ?>
	<div class="card">
		<div class="card-body">
			<?php $update_profile_form->printHTML() ?>
		</div>
	</div>
<?php elseif ($cur_tab == 'password'): ?>
	<div class="card">
		<div class="card-body">
			<div id="result-alert" class="alert" role="alert" style="display: none"></div>
			<form method="post" id="form-change_password">
				<div class="mb-3">
					<label for="input-current_password" class="form-label">
						<?= UOJLocale::get('current password') ?>
					</label>
					<input type="password" class="form-control" id="input-current_password" placeholder="<?= UOJLocale::get('enter your password') ?>" maxlength="20">
					<div id="help-current_password" class="invalid-feedback"></div>
				</div>
				<div class="mb-3">
					<label for="input-new_password" class="form-label">
						<?= UOJLocale::get('new password') ?>
					</label>
					<input type="password" class="form-control" id="input-new_password" placeholder="<?= UOJLocale::get('enter your new password') ?>" maxlength="20">
					<div id="help-new_password" class="invalid-feedback"></div>
				</div>
				<div class="mb-3">
					<label for="input-confirm_password" class="form-label">
						<?= UOJLocale::get('confirm new password') ?>
					</label>
					<input type="password" class="form-control" id="input-confirm_password" placeholder="<?= UOJLocale::get('re-enter your new password') ?>" maxlength="20">
					<div id="help-confirm_password" class="invalid-feedback"></div>
				</div>
				<?php if (isSuperUser($myUser) && $user['username'] != $myUser['username']): ?>
				<div class="alert alert-warning mb-0" role="alert">
					如需修改其他用户的密码，请前往 <a href="/super-manage/users" class="alert-link">系统管理</a> 页面操作。
				</div>
				<?php endif ?>

				<div class="text-center">
					<button type="submit" id="button-submit-change_password" name="submit-change_password" value="change_password" class="mt-3 btn btn-secondary">更新</button>
				</div>
			</form>
		</div>
	</div>
	<script>
		$('#form-change_password').submit(function() {
			var ok = true;

			ok &= getFormErrorAndShowHelp('current_password', validatePassword);
			ok &= getFormErrorAndShowHelp('new_password', validateSettingPassword);

			if (ok) {
				$.ajax({
					method: 'POST',
					data: {
						'submit-change_password': 'change_password',
						'current_password': md5($('#input-current_password').val(), "<?= getPasswordClientSalt() ?>"),
						'new_password': md5($('#input-new_password').val(), "<?= getPasswordClientSalt() ?>"),
					},
					success: function(res) {
						if (res.status === 'success') {
							$('#result-alert')
								.html('密码修改成功！')
								.addClass('alert-success')
								.removeClass('alert-danger')
								.show();
						} else {
							$('#result-alert')
								.html('密码修改失败。' + (res.message || ''))
								.removeClass('alert-success')
								.addClass('alert-danger')
								.show();
						}
					},
					error: function() {
						$('#result-alert')
							.html('密码修改失败：请求失败。')
							.removeClass('alert-success')
							.addClass('alert-danger')
							.show();
					}
				});
			}

			return false;
		});
	</script>
<?php elseif ($cur_tab == 'privilege'): ?>
	<div class="card">
		<div class="card-body">
			<div id="result-alert" class="alert" role="alert" style="display: none"></div>
			<form id="form-privilege" method="post">
				<?php if (isSuperUser($myUser)): ?>
				<fieldset>
				<?php else: ?>
				<fieldset disabled>
				<?php endif ?>
				<div class="input-group mb-3">
					<label for="input-user_type" class="form-label">
						<?= UOJLocale::get('user::user type') ?>
					</label>
					<div class="form-check ms-3">
						<input class="form-check-input" type="radio" name="user_type" value="student" id="input-user_type" <?= hasUserType($user, 'student') && !hasUserType($user, 'teacher') ? 'checked' : '' ?>>
						<label class="form-check-label" for="input-user_type">
							<?= UOJLocale::get('user::student') ?>
						</label>
					</div>
					<div class="form-check ms-2">
						<input class="form-check-input" type="radio" name="user_type" value="teacher" id="input-user_type_2" <?= hasUserType($user, 'teacher') ? 'checked' : '' ?>>
						<label class="form-check-label" for="input-user_type_2">
							<?= UOJLocale::get('user::teacher') ?>
						</label>
					</div>
				</div>

				<div class="form-check form-switch">
					<input class="form-check-input" type="checkbox" role="switch" name="problem_uploader" id="input-problem_uploader" <?= hasUserType($user, 'problem_uploader') ? 'checked' : '' ?>>
					<label class="form-check-label" for="input-problem_uploader">
						<?= UOJLocale::get('user::problem uploader') ?>
					</label>
				</div>

				<div class="form-check form-switch">
					<input class="form-check-input" type="checkbox" role="switch" name="problem_manager" id="input-problem_manager" <?= hasUserType($user, 'problem_manager') ? 'checked' : '' ?>>
					<label class="form-check-label" for="input-problem_manager">
						<?= UOJLocale::get('user::problem manager') ?>
					</label>
				</div>

				<div class="form-check form-switch">
					<input class="form-check-input" type="checkbox" role="switch" name="contest_judger" id="input-contest_judger" <?= hasUserType($user, 'contest_judger') ? 'checked' : '' ?>>
					<label class="form-check-label" for="input-contest_judger">
						<?= UOJLocale::get('user::contest judger') ?>
					</label>
				</div>

				<div class="form-check form-switch">
					<input class="form-check-input" type="checkbox" role="switch" name="contest_only" id="input-contest_only" <?= hasUserType($user, 'contest_only') ? 'checked' : '' ?>>
					<label class="form-check-label" for="input-contest_only">
						<?= UOJLocale::get('user::contest only') ?>
					</label>
				</div>
				</fieldset>

				<?php if (isSuperUser($myUser)): ?>
				<div class="text-center">
					<button type="submit" id="button-submit-privilege" name="submit-privilege" value="privilege" class="mt-3 btn btn-secondary">更新</button>
				</div>
				<?php endif ?>
			</form>
			<script>
				$('#form-privilege').submit(function(e) {
					$.post('', {
						user_type: $('input[name=user_type]:checked').val(),
						problem_uploader: $('input[name=problem_uploader]').prop('checked') ? 'yes' : 'no',
						problem_manager: $('input[name=problem_manager]').prop('checked') ? 'yes' : 'no',
						contest_judger: $('input[name=contest_judger]').prop('checked') ? 'yes' : 'no',
						contest_only: $('input[name=contest_only]').prop('checked') ? 'yes' : 'no',
						'submit-privilege': 'privilege',
					}, function(res) {
						if (res && res.status === 'success') {
							$('#result-alert')
								.html('权限修改成功！')
								.addClass('alert-success')
								.removeClass('alert-danger')
								.show();
						} else {
							$('#result-alert')
								.html('权限修改失败。' + (res.message || ''))
								.removeClass('alert-success')
								.addClass('alert-danger')
								.show();
						}
					});

					return false;
				});
			</script>
		</div>
	</div>
<?php endif ?>
<!-- end right col -->
</div>
</div>

<?php echoUOJPageFooter() ?>
Initial commit 2016-07-18 16:39:37 +00:00			`<?php`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`requireLib('bootstrap5');`
			`requireLib('md5');`
			`requirePHPLib('form');`

Initial commit 2016-07-18 16:39:37 +00:00			`if (!Auth::check()) {`
			`redirectToLogin();`
			`}`
feat(web): add contest only user type 2022-04-03 10:18:17 +00:00
feat(web/user): allow admins to edit user info and read system msgs 2022-10-17 14:13:08 +00:00			`if (!validateUsername($_GET['username']) \|\| !($user = queryUser($_GET['username']))) {`
			`become404Page();`
			`}`

			`if (!isSuperUser($myUser) && $myUser['username'] != $user['username']) {`
			`become403Page();`
			`}`

refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`if (isset($_GET['tab'])) {`
			`$cur_tab = $_GET['tab'];`
			`} else {`
			`$cur_tab = 'profile';`
			`}`

			`$tabs_info = [`
			`'profile' => [`
			`'name' => '<i class="bi bi-person-fill"></i> 个人资料',`
			`'url' => "/user/{$user['username']}/edit/profile",`
			`],`
			`'password' => [`
feat(web/user/edit): user privilege 2022-10-20 01:32:34 +00:00			`'name' => '<i class="bi bi-lock-fill"></i> 修改密码',`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`'url' => "/user/{$user['username']}/edit/password",`
			`],`
feat(web/user/edit): user privilege 2022-10-20 01:32:34 +00:00			`'privilege' => [`
			`'name' => '<i class="bi bi-key-fill"></i> 特权',`
			`'url' => "/user/{$user['username']}/edit/privilege",`
			`]`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`];`

			`if (!isset($tabs_info[$cur_tab])) {`
			`become404Page();`
			`}`

			`if ($cur_tab == 'profile') {`
			`$update_profile_form = new UOJForm('update_profile');`
			`$username = UOJLocale::get('username');`
			`$avatar = UOJLocale::get('avatar');`
			`$update_profile_form->appendHTML(<<<EOD`
			`<div class="mb-3">`
			`<label for="input-username" class="form-label">$username</label>`
			`<input type="text" class="form-control" id="input-username" aria-describedby="help-username" value="{$user['username']}" disabled>`
			`<div id="help-username" class="form-text">用户名不能被修改。</div>`
			`</div>`
feat(web/user): qq avatar 2022-10-20 02:02:53 +00:00			`EOD);`
			`$update_profile_form->addVCheckboxes('avatar_source', [`
			`'gravatar' => 'Gravatar',`
			`'qq' => 'QQ',`
			`], UOJLocale::get('user::avatar source'), $user['avatar_source']);`
			`$change_avatar_help = UOJLocale::get('change avatar help');`
			`$update_profile_form->appendHTML(<<<EOD`
			`<div style="margin-top: -1.25rem;" class="mb-3 small text-muted">`
			`$change_avatar_help`
			`</div>`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`EOD);`
			`$update_profile_form->addVInput('email', 'email', UOJLocale::get('email'), $user['email'],`
			`function($email, &$vdata) {`
			`if (!validateEmail($email)) {`
			`return 'Email 格式不合法。';`
			`}`

			`$vdata['email'] = $email;`

			`return '';`
			`}, null);`
			`$update_profile_form->addVInput('qq', 'text', UOJLocale::get('QQ'), $user['qq'] == 0 ? '' : $user['qq'],`
			`function($qq, &$vdata) {`
			`if ($qq && !validateQQ($qq)) {`
			`return 'QQ 格式不合法。';`
			`}`

			`$vdata['qq'] = $qq;`

feat(web/user/edit): github 2022-10-19 14:16:10 +00:00			`return '';`
			`}, null);`
			`$update_profile_form->addVInput('github', 'text', 'GitHub', $user['github'],`
			`function($github, &$vdata) {`
			`if ($github && !validateGitHubUsername($github)) {`
			`return 'GitHub 用户名不合法。';`
			`}`

			`$vdata['github'] = $github;`

refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`return '';`
			`}, null);`
			`if (isSuperUser($myUser)) {`
			`$update_profile_form->addVInput('school', 'text', UOJLocale::get('school'), $user['school'],`
			`function($school, &$vdata) {`
			`$vdata['school'] = $school;`

			`return '';`
			`}, null);`
			`} else {`
			`$school = UOJLocale::get('school');`
			`$update_profile_form->appendHTML(<<<EOD`
			`<div class="mb-3">`
			`<label for="input-school" class="form-label">$school</label>`
			`<input type="text" class="form-control" id="input-school" aria-describedby="help-school" value="{$user['school']}" disabled>`
			`<div id="help-school" class="form-text">只有管理员才能修改用户所属学校。</div>`
			`</div>`
			`EOD);`
			`}`
feat(web/user): qq avatar 2022-10-20 02:02:53 +00:00			`$update_profile_form->addVCheckboxes('sex', [`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`'U' => UOJLocale::get('refuse to answer'),`
			`'M' => UOJLocale::get('male'),`
			`'F' => UOJLocale::get('female'),`
			`], UOJLocale::get('sex'), $user['sex']);`
			`$update_profile_form->addVInput('motto', 'text', UOJLocale::get('motto'), $user['motto'],`
			`function($motto, &$vdata) {`
			`if (!validateMotto($motto)) {`
			`return '格言格式不合法';`
			`}`

			`$vdata['motto'] = $motto;`

			`return '';`
			`}, null);`
			`$update_profile_form->addVInput('codeforces_handle', 'text', UOJLocale::get('codeforces handle'), $user['codeforces_handle'],`
			`function($codeforces_handle, &$vdata) {`
			`if ($codeforces_handle && !validateUsername($codeforces_handle)) {`
			`return 'Codeforces 用户名格式不合法。';`
			`}`

			`$vdata['codeforces_handle'] = $codeforces_handle;`

feat(web/user): website 2022-10-20 00:45:23 +00:00			`return '';`
			`}, null);`
			`$update_profile_form->addVInput('website', 'text', UOJLocale::get('user::website'), $user['website'],`
			`function($url, &$vdata) {`
			`if ($url && !validateURL($url)) {`
			`return '链接格式不合法。';`
			`}`

			`$vdata['website'] = $url;`

refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`return '';`
			`}, null);`
			`$update_profile_form->handle = function(&$vdata) use ($user, $myUser) {`
			`$esc_email = DB::escape($vdata['email']);`
			`$esc_qq = DB::escape($vdata['qq']);`
feat(web/user/edit): github 2022-10-19 14:16:10 +00:00			`$esc_github = DB::escape($vdata['github']);`
fix(web/user/edit): sex 2022-10-19 22:28:57 +00:00			`$esc_sex = DB::escape($_POST['sex']);`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`$esc_motto = DB::escape($vdata['motto']);`
			`$esc_codeforces_handle = DB::escape($vdata['codeforces_handle']);`
feat(web/user): website 2022-10-20 00:45:23 +00:00			`$esc_website = DB::escape($vdata['website']);`
feat(web/user): qq avatar 2022-10-20 02:02:53 +00:00			`$esc_avatar_source = DB::escape($_POST['avatar_source']);`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00
			`if (isSuperUser($myUser)) {`
			`$esc_school = DB::escape($vdata['school']);`

			`DB::update("UPDATE user_info SET school = '$esc_school' WHERE username = '{$user['username']}'");`
feat(web/user): allow admins to edit user info and read system msgs 2022-10-17 14:13:08 +00:00			`}`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00
feat(web/user): qq avatar 2022-10-20 02:02:53 +00:00			`DB::update("UPDATE user_info SET email = '$esc_email', qq = '$esc_qq', sex = '$esc_sex', motto = '$esc_motto', codeforces_handle = '$esc_codeforces_handle', github = '$esc_github', website = '$esc_website', avatar_source = '$esc_avatar_source' WHERE username = '{$user['username']}'");`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`};`
			`$update_profile_form->submit_button_config['margin_class'] = 'mt-3';`
			`$update_profile_form->submit_button_config['text'] = '更新';`
			`$update_profile_form->runAtServer();`
			`} elseif ($cur_tab == 'password') {`
			`if (isset($_POST['submit-change_password']) && $_POST['submit-change_password'] == 'change_password') {`
			`header('Content-Type: application/json');`

			`$old_password = $_POST['current_password'];`
			`$new_password = $_POST['new_password'];`

feat(web/user): allow admins to edit user info and read system msgs 2022-10-17 14:13:08 +00:00			`if (!validatePassword($old_password) \|\| !checkPassword($user, $old_password)) {`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`die(json_encode(['status' => 'error', 'message' => '旧密码错误']));`
Initial commit 2016-07-18 16:39:37 +00:00			`}`

refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`if (!validatePassword($new_password)) {`
			`die(json_encode(['status' => 'error', 'message' => '新密码不合法']));`
			`}`
Initial commit 2016-07-18 16:39:37 +00:00
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`if ($old_password == $new_password) {`
			`die(json_encode(['status' => 'error', 'message' => '新密码不能与旧密码相同']));`
Initial commit 2016-07-18 16:39:37 +00:00			`}`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00
			`$password = getPasswordToStore($new_password, $user['username']);`
			DB::update("UPDATE `user_info` SET `password` = '$password' where `username` = '{$user['username']}'");
			`die(json_encode(['status' => 'success', 'message' => '密码修改成功']));`
Initial commit 2016-07-18 16:39:37 +00:00			`}`
feat(web/user/edit): user privilege 2022-10-20 01:32:34 +00:00			`} elseif ($cur_tab == 'privilege') {`
			`if (isset($_POST['submit-privilege']) && $_POST['submit-privilege'] == 'privilege' && isSuperUser($myUser)) {`
			`header('Content-Type: application/json');`

			`$user['usertype'] = 'student';`

			`if ($_POST['user_type'] == 'teacher') {`
			`removeUserType($user, 'student');`
			`addUserType($user, 'teacher');`
			`} else {`
			`addUserType($user, 'student');`
			`}`

			`if ($_POST['problem_uploader'] == 'yes') {`
			`addUserType($user, 'problem_uploader');`
			`}`

			`if ($_POST['problem_manager'] == 'yes') {`
			`addUserType($user, 'problem_manager');`
			`}`

			`if ($_POST['contest_judger'] == 'yes') {`
			`addUserType($user, 'contest_judger');`
			`}`

			`if ($_POST['contest_only'] == 'yes') {`
			`addUserType($user, 'contest_only');`
			`}`

			DB::update("UPDATE `user_info` SET `usertype` = '{$user['usertype']}' where `username` = '{$user['username']}'");

			`die(json_encode(['status' => 'success', 'message' => '权限修改成功']));`
			`}`
Initial commit 2016-07-18 16:39:37 +00:00			`}`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00
			`$pageTitle = $user['username'] == $myUser['username']`
			`? UOJLocale::get('modify my profile')`
			`: UOJLocale::get('modify his profile', $user['username'])`
fix: style 2022-09-18 04:58:35 +00:00			`?>`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00
			`<?php echoUOJPageHeader($pageTitle) ?>`

			`<h1 class="h2">`
			`<?= $pageTitle ?>`
			`</h1>`

			`<div class="row mt-4">`
			`<!-- left col -->`
			`<div class="col-md-3">`

			`<div class="list-group">`
			`<?php foreach ($tabs_info as $id => $tab): ?>`
			`<a`
			`role="button"`
			`class="list-group-item list-group-item-action <?= $cur_tab == $id ? 'active' : '' ?>"`
			`href="<?= $tab['url'] ?>">`
			`<?= $tab['name'] ?>`
			`</a>`
			`<?php endforeach ?>`
			`</div>`

			`<a`
			`class="btn btn-light d-block mt-2 w-100 text-start text-primary"`
			`style="--bs-btn-hover-bg: #d3d4d570; --bs-btn-hover-border-color: transparent;"`
			`href="<?= HTML::url("/user/{$user['username']}") ?>">`
			`<i class="bi bi-arrow-left"></i> 返回`
			`</a>`

			`<?php if (isSuperUser($myUser) && $user['username'] != $myUser['username']): ?>`
			`<div class="alert alert-warning mt-3 small" role="alert">`
			`您正在使用管理特权查看并编辑其它用户的资料。`
			`</div>`
feat(web/user): allow admins to edit user info and read system msgs 2022-10-17 14:13:08 +00:00			`<?php endif ?>`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00
			`</div>`
			`<!-- end left col -->`

			`<!-- right col -->`
			`<div class="col-md-9">`
			`<?php if ($cur_tab == 'profile'): ?>`
			`<div class="card">`
			`<div class="card-body">`
			`<?php $update_profile_form->printHTML() ?>`
Initial commit 2016-07-18 16:39:37 +00:00			`</div>`
			`</div>`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`<?php elseif ($cur_tab == 'password'): ?>`
			`<div class="card">`
			`<div class="card-body">`
			`<div id="result-alert" class="alert" role="alert" style="display: none"></div>`
			`<form method="post" id="form-change_password">`
			`<div class="mb-3">`
			`<label for="input-current_password" class="form-label">`
			`<?= UOJLocale::get('current password') ?>`
			`</label>`
			`<input type="password" class="form-control" id="input-current_password" placeholder="<?= UOJLocale::get('enter your password') ?>" maxlength="20">`
			`<div id="help-current_password" class="invalid-feedback"></div>`
			`</div>`
			`<div class="mb-3">`
			`<label for="input-new_password" class="form-label">`
			`<?= UOJLocale::get('new password') ?>`
			`</label>`
			`<input type="password" class="form-control" id="input-new_password" placeholder="<?= UOJLocale::get('enter your new password') ?>" maxlength="20">`
			`<div id="help-new_password" class="invalid-feedback"></div>`
			`</div>`
			`<div class="mb-3">`
			`<label for="input-confirm_password" class="form-label">`
			`<?= UOJLocale::get('confirm new password') ?>`
			`</label>`
			`<input type="password" class="form-control" id="input-confirm_password" placeholder="<?= UOJLocale::get('re-enter your new password') ?>" maxlength="20">`
			`<div id="help-confirm_password" class="invalid-feedback"></div>`
			`</div>`
			`<?php if (isSuperUser($myUser) && $user['username'] != $myUser['username']): ?>`
			`<div class="alert alert-warning mb-0" role="alert">`
			`如需修改其他用户的密码，请前往 <a href="/super-manage/users" class="alert-link">系统管理</a> 页面操作。`
			`</div>`
			`<?php endif ?>`
feat(web/user/edit): user privilege 2022-10-20 01:32:34 +00:00
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`<div class="text-center">`
			`<button type="submit" id="button-submit-change_password" name="submit-change_password" value="change_password" class="mt-3 btn btn-secondary">更新</button>`
			`</div>`
			`</form>`
Initial commit 2016-07-18 16:39:37 +00:00			`</div>`
			`</div>`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`<script>`
			`$('#form-change_password').submit(function() {`
			`var ok = true;`

			`ok &= getFormErrorAndShowHelp('current_password', validatePassword);`
			`ok &= getFormErrorAndShowHelp('new_password', validateSettingPassword);`

			`if (ok) {`
			`$.ajax({`
			`method: 'POST',`
			`data: {`
			`'submit-change_password': 'change_password',`
			`'current_password': md5($('#input-current_password').val(), "<?= getPasswordClientSalt() ?>"),`
			`'new_password': md5($('#input-new_password').val(), "<?= getPasswordClientSalt() ?>"),`
			`},`
			`success: function(res) {`
			`if (res.status === 'success') {`
			`$('#result-alert')`
			`.html('密码修改成功！')`
			`.addClass('alert-success')`
			`.removeClass('alert-danger')`
			`.show();`
			`} else {`
			`$('#result-alert')`
			`.html('密码修改失败。' + (res.message \|\| ''))`
			`.removeClass('alert-success')`
			`.addClass('alert-danger')`
			`.show();`
Initial commit 2016-07-18 16:39:37 +00:00			`}`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`},`
			`error: function() {`
			`$('#result-alert')`
			`.html('密码修改失败：请求失败。')`
			`.removeClass('alert-success')`
			`.addClass('alert-danger')`
			`.show();`
Initial commit 2016-07-18 16:39:37 +00:00			`}`
			`});`
			`}`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00
			`return false;`
Initial commit 2016-07-18 16:39:37 +00:00			`});`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`</script>`
feat(web/user/edit): user privilege 2022-10-20 01:32:34 +00:00			`<?php elseif ($cur_tab == 'privilege'): ?>`
			`<div class="card">`
			`<div class="card-body">`
			`<div id="result-alert" class="alert" role="alert" style="display: none"></div>`
			`<form id="form-privilege" method="post">`
			`<?php if (isSuperUser($myUser)): ?>`
			`<fieldset>`
			`<?php else: ?>`
			`<fieldset disabled>`
			`<?php endif ?>`
			`<div class="input-group mb-3">`
			`<label for="input-user_type" class="form-label">`
			`<?= UOJLocale::get('user::user type') ?>`
			`</label>`
			`<div class="form-check ms-3">`
			`<input class="form-check-input" type="radio" name="user_type" value="student" id="input-user_type" <?= hasUserType($user, 'student') && !hasUserType($user, 'teacher') ? 'checked' : '' ?>>`
			`<label class="form-check-label" for="input-user_type">`
			`<?= UOJLocale::get('user::student') ?>`
			`</label>`
			`</div>`
			`<div class="form-check ms-2">`
			`<input class="form-check-input" type="radio" name="user_type" value="teacher" id="input-user_type_2" <?= hasUserType($user, 'teacher') ? 'checked' : '' ?>>`
			`<label class="form-check-label" for="input-user_type_2">`
			`<?= UOJLocale::get('user::teacher') ?>`
			`</label>`
			`</div>`
			`</div>`

			`<div class="form-check form-switch">`
			`<input class="form-check-input" type="checkbox" role="switch" name="problem_uploader" id="input-problem_uploader" <?= hasUserType($user, 'problem_uploader') ? 'checked' : '' ?>>`
			`<label class="form-check-label" for="input-problem_uploader">`
			`<?= UOJLocale::get('user::problem uploader') ?>`
			`</label>`
			`</div>`

			`<div class="form-check form-switch">`
			`<input class="form-check-input" type="checkbox" role="switch" name="problem_manager" id="input-problem_manager" <?= hasUserType($user, 'problem_manager') ? 'checked' : '' ?>>`
			`<label class="form-check-label" for="input-problem_manager">`
			`<?= UOJLocale::get('user::problem manager') ?>`
			`</label>`
			`</div>`

			`<div class="form-check form-switch">`
			`<input class="form-check-input" type="checkbox" role="switch" name="contest_judger" id="input-contest_judger" <?= hasUserType($user, 'contest_judger') ? 'checked' : '' ?>>`
			`<label class="form-check-label" for="input-contest_judger">`
			`<?= UOJLocale::get('user::contest judger') ?>`
			`</label>`
			`</div>`

			`<div class="form-check form-switch">`
			`<input class="form-check-input" type="checkbox" role="switch" name="contest_only" id="input-contest_only" <?= hasUserType($user, 'contest_only') ? 'checked' : '' ?>>`
			`<label class="form-check-label" for="input-contest_only">`
			`<?= UOJLocale::get('user::contest only') ?>`
			`</label>`
			`</div>`
			`</fieldset>`

			`<?php if (isSuperUser($myUser)): ?>`
			`<div class="text-center">`
			`<button type="submit" id="button-submit-privilege" name="submit-privilege" value="privilege" class="mt-3 btn btn-secondary">更新</button>`
			`</div>`
			`<?php endif ?>`
			`</form>`
			`<script>`
			`$('#form-privilege').submit(function(e) {`
			`$.post('', {`
			`user_type: $('input[name=user_type]:checked').val(),`
			`problem_uploader: $('input[name=problem_uploader]').prop('checked') ? 'yes' : 'no',`
			`problem_manager: $('input[name=problem_manager]').prop('checked') ? 'yes' : 'no',`
			`contest_judger: $('input[name=contest_judger]').prop('checked') ? 'yes' : 'no',`
			`contest_only: $('input[name=contest_only]').prop('checked') ? 'yes' : 'no',`
			`'submit-privilege': 'privilege',`
			`}, function(res) {`
			`if (res && res.status === 'success') {`
			`$('#result-alert')`
			`.html('权限修改成功！')`
			`.addClass('alert-success')`
			`.removeClass('alert-danger')`
			`.show();`
			`} else {`
			`$('#result-alert')`
			`.html('权限修改失败。' + (res.message \|\| ''))`
			`.removeClass('alert-success')`
			`.addClass('alert-danger')`
			`.show();`
			`}`
			`});`

			`return false;`
			`});`
			`</script>`
			`</div>`
			`</div>`
refactor(web/user/edit): user_edit_v2 2022-10-19 13:59:16 +00:00			`<?php endif ?>`
			`<!-- end right col -->`
			`</div>`
			`</div>`

Initial commit 2016-07-18 16:39:37 +00:00			`<?php echoUOJPageFooter() ?>`