forked from oxguy3/coebot-www
-
Notifications
You must be signed in to change notification settings - Fork 0
/
settings.php
109 lines (83 loc) · 3.47 KB
/
settings.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
<?php
require_once('common.php');
$errorMessage = false;
$successMessage = false;
if (isset($_POST['edit'])) {
if (!isset($_POST['xsrf']) || $_POST['xsrf'] != $_SESSION['settingsEditXSRF']) {
$errorMessage = "A security check failed!";
} else if (!isset($_POST['channel']) || $_POST['channel'] != $_SESSION['channel']) {
$errorMessage = "Editing other people's channels isn't available yet.";
} else if (!isset($_POST['youtube']) || !isset($_POST['twitter'])) {
$errorMessage = "A required value was missing.";
} else {
$channel = $_POST['channel'];
$youtube = $_POST['youtube'];
$twitter = $_POST['twitter'];
$shouldShowOffensiveWords = isset($_POST['shouldShowOffensiveWords']) ? 1 : 0;
$shouldShowBoir = isset($_POST['shouldShowBoir']) ? 1 : 0;
if (!validateChannel($channel)) {
$errorMessage = "Invalid channel";
} else if (!validateYoutubeUsername($youtube) && $youtube!="") {
$errorMessage = "Invalid YouTube username";
} else if (!validateTwitterUsername($twitter) && $twitter!="") {
$errorMessage = "Invalid Twitter username";
} else {
if (dbUpdateChannel($channel, $youtube, $twitter, $shouldShowOffensiveWords, $shouldShowBoir)) {
$successMessage = "Settings successfully updated!";
} else {
$errorMessage = "Failed to update database!";
}
}
}
}
$editingChannel = $_SESSION['channel'];
$dbChannel = dbGetChannel($editingChannel);
$_SESSION['settingsEditXSRF'] = randString(32);
printHead("Settings");
printNav();
?>
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<h1>Settings</h1>
<?php if ($successMessage !== false) { ?>
<div class="alert alert-success"><?php echo $successMessage; ?></div>
<?php } ?>
<?php if ($errorMessage !== false) { ?>
<div class="alert alert-danger"><?php echo $errorMessage; ?></div>
<?php } ?>
<?php if (!$dbChannel) { ?>
<p>You don't have a channel tied to your account! There is nothing for you to edit (yet).</p>
<?php } else { ?>
<form method="post" action="/settings">
<input type="hidden" name="edit" value="1">
<input type="hidden" name="xsrf" value="<?php echo $_SESSION['settingsEditXSRF'];?>">
<input type="hidden" name="channel" value="<?php echo $editingChannel; ?>">
<div class="form-group">
<label for="settingsYoutube">YouTube username</label>
<input type="text" class="form-control" id="settingsYoutube" name="youtube" value="<?php echo $dbChannel['youtube']; ?>">
</div>
<div class="form-group">
<label for="settingsTwitter">Twitter handle</label>
<input type="text" class="form-control" id="settingsTwitter" name="twitter" value="<?php echo $dbChannel['twitter']; ?>">
</div>
<div class="checkbox">
<label>
<input type="checkbox" name="shouldShowOffensiveWords"<?php if($dbChannel['shouldShowOffensiveWords']==1) { echo " checked"; } ?>> Publicly list offensive words
</label>
</div>
<div class="checkbox">
<label>
<input type="checkbox" name="shouldShowBoir"<?php if($dbChannel['shouldShowBoir']==1) { echo " checked"; } ?>> Show Binding of Isaac: Rebirth run data
</label>
</div>
<button type="submit" class="btn btn-default">Submit</button>
</form>
<?php } ?>
</div>
</div>
</div>
<?php
printFooter();
printFoot();
?>