Index: private/templates/adminlist.tpl =================================================================== --- private/templates/adminlist.tpl (revision 23878) +++ private/templates/adminlist.tpl (working copy) @@ -1,6 +1,11 @@ {assign var="self" value="handle themes for $target"} -{assign var="parent" value="admin.php|Admin frontpage"} -{include file="header.tpl" title="Admin - $self"} +{if $user} + {assign var="parent" value="user.php|User frontpage"} + {include file="header.tpl" title="User - $self"} +{else} + {assign var="parent" value="admin.php|Admin frontpage"} + {include file="header.tpl" title="Admin - $self"} +{/if}

{$self|capitalize}

{include file="breadcrumbs.tpl"} @@ -48,7 +53,11 @@ {if $themes[i].release_pass}
Works with release {$themes[i].release_version} {/if} + {if $user} +
Edit theme + {else}
Edit theme + {/if}

Index: private/templates/edittheme.tpl =================================================================== --- private/templates/edittheme.tpl (revision 23878) +++ private/templates/edittheme.tpl (working copy) @@ -1,6 +1,11 @@ {assign var="self" value="Edit theme `$theme.name`"} +{if $user} +{assign var="parent" value="user.php?target=`$smarty.request.parenttarget`|Edit themes for `$theme.mainlcd`"} +{assign var="grandparent" value="user.php|User frontpage"} +{else} {assign var="parent" value="admin.php?target=`$smarty.request.parenttarget`|Edit themes for `$theme.mainlcd`"} {assign var="grandparent" value="admin.php|Admin frontpage"} +{/if} {include file="header.tpl" title=$self}

{$self}

Index: private/templates/frontpage.tpl =================================================================== --- private/templates/frontpage.tpl (revision 23878) +++ private/templates/frontpage.tpl (working copy) @@ -6,6 +6,9 @@ {if $admin}

Admin area

Pick a device below to manage themes for that target/screen size

+{elseif $user} +

User area

+

Pick a device below to manage your themes for that target/screen size

{else}

Rockbox themes

@@ -13,6 +16,7 @@

Have you made a theme that is not listed on this site? Please read the theme guidelines and then upload your theme.

+

Or login to the User area to manage your Themes.

{/if}

Downloading themes

All themes on this website can be downloaded and Index: private/templates/userlogin.tpl =================================================================== --- private/templates/userlogin.tpl (revision 0) +++ private/templates/userlogin.tpl (revision 0) @@ -0,0 +1,49 @@ +{include file="header.tpl" title="User area"} + +

User login

+ +{if $msg}

{$msg}

{/if} + +
+ + + + + + + + + + + + +
User:
Pass:
+
+ +

Register account.

+ +{if $regmsg}

{$regmsg}

{/if} + +
+ + + + + + + + + + + + + + + + +
User:
Pass:
Email:
+
+ + + +{include file="footer.tpl"} Index: private/themesite.class.php =================================================================== --- private/themesite.class.php (revision 23878) +++ private/themesite.class.php (working copy) @@ -47,16 +47,17 @@ $this->db->query($sql); } - private function targetlist($orderby) { + private function targetlist($orderby,$onlyemail = '') { $sql = sprintf(" SELECT targets.shortname AS shortname, fullname, pic, targets.mainlcd AS mainlcd, depth, targets.remotelcd AS remotelcd, COUNT(themes.name) AS numthemes FROM targets LEFT OUTER JOIN (SELECT DISTINCT themes.name AS name,checkwps.target AS target FROM themes,checkwps - WHERE themes.rowid=checkwps.themeid AND checkwps.pass=1 AND approved=1 AND emailverification=1) themes + WHERE themes.rowid=checkwps.themeid AND checkwps.pass=1 AND approved=1 AND emailverification=1 %s) themes ON targets.shortname=themes.target GROUP BY targets.shortname||targets.mainlcd ORDER BY %s ", + $onlyemail, $orderby ); return $this->db->query($sql); @@ -71,6 +72,22 @@ return $ret; } + public function listusertargets($user,$orderby = 'LOWER(fullname) ASC') { + /* we match by email, so get the emil to the user */ + $sql = sprintf("SELECT email FROM users WHERE name='%s'", + db::quote($user) + ); + $result = $this->db->query($sql)->next(); + $onlyemail = sprintf("AND email='%s'",$result['email']); + + $targets = $this->targetlist($orderby,$onlyemail); + $ret = array(); + while ($target = $targets->next()) { + $ret[] = $target; + } + return $ret; + } + /* * Run checkwps on all our themes */ @@ -133,6 +150,15 @@ $result = $this->db->query($sql)->next(); return $result['count'] == 1 ? true : false; } + + public function userlogin($user, $pass) { + $sql = sprintf("SELECT COUNT(*) as count FROM users WHERE name='%s' AND pass='%s' AND emailverification='1'", + db::quote($user), + db::quote(md5($pass)) + ); + $result = $this->db->query($sql)->next(); + return $result['count'] == 1 ? true : false; + } public function target2fullname($shortname) { $sql = sprintf("SELECT fullname FROM targets WHERE shortname='%s'", @@ -188,7 +214,7 @@ return $theme; } - public function listthemes($target = false, $orderby = 'timestamp DESC', $approved = 'approved', $onlyverified = true) { + public function listthemes($target = false, $orderby = 'timestamp DESC', $approved = 'approved', $onlyverified = true, $user = '') { $ret = array(); switch($approved) { case 'any': @@ -209,6 +235,18 @@ $verified = ""; } + if($user == '') + { + $userclause = ""; + } + else + { + $sql = sprintf("SELECT email FROM users WHERE name='%s'", + db::quote($user) ); + $result = $this->db->query($sql)->next(); + $userclause = sprintf("AND email='%s'",$result['email']); + } + if ($target === false) { $sql = "SELECT DISTINCT themes.name AS name, author, timestamp, mainlcd, approved, reason, description, shortname, zipfile, sshot_wps, sshot_menu, emailverification = 1 as verified, themes.RowId as id FROM themes,checkwps WHERE themes.rowid=checkwps.themeid AND checkwps.pass=1 AND approved=1 AND emailverification=1 ORDER BY " . $orderby; } @@ -226,13 +264,14 @@ LEFT OUTER JOIN checkwps c ON (themes.rowid=c.themeid and c.version_type='current' and c.target='%s') LEFT OUTER JOIN checkwps r ON (themes.rowid=r.themeid and r.version_type='release' and r.target='%s') - WHERE 1 %s %s AND (current_pass=1 OR release_pass=1) + WHERE 1 %s %s %s AND (current_pass=1 OR release_pass=1) ORDER BY %s ", db::quote($target), db::quote($target), $verified, $approved_clause, + $userclause, $orderby ); } @@ -264,7 +303,61 @@ $result = $this->db->query($sql)->next(); return $result['count'] > 0 ? true : false; } + + public function usernameexists($name) { + $sql = sprintf("SELECT COUNT(*) as count FROM users WHERE name='%s'", + db::quote($name) + ); + $result = $this->db->query($sql)->next(); + return $result['count'] > 0 ? true : false; + } + public function useremailexists($name) { + $sql = sprintf("SELECT COUNT(*) as count FROM users WHERE email='%s'", + db::quote($name) + ); + $result = $this->db->query($sql)->next(); + return $result['count'] > 0 ? true : false; + } + + public function registeruser($name,$pass,$email) { + $token = md5(uniqid()); + $sql_f = "INSERT INTO users (name, pass, email, emailverification) VALUES ('%s', '%s', '%s', '%s')"; + $sql = sprintf($sql_f, + db::quote($name), + db::quote(md5($pass)), + db::quote($email), + $token + ); + $result = $this->db->query($sql); + $id = $result->insertid(); + $this->log(sprintf("Added user %d (email: %s)", $id, $email)); + + /* send email */ + $url = sprintf("%s%s/verify.php?t=%s", config::hostname, config::path, $token); + /* xxx: Someone rewrite this message to not sound horrible */ + $msg = <<", $name, $email); + $this->send_mail($subject, $to, $msg); + return true; + } + public function changestatus($themeid, $newstatus, $oldstatus, $reason) { $status_text = array('1' => 'Approved', '0' => 'hidden', '-1' => 'deleted'); $this->log(sprintf("Changing status of theme %d from %s to %s - Reason: %s", @@ -399,6 +492,14 @@ db::quote($token) ); $res = $this->db->query($sql); + /* update user table if no theme row was affected */ + if($res->rowsaffected() == 0) + { + $sql = sprintf("UPDATE users SET emailverification=1 WHERE emailverification='%s'", + db::quote($token) + ); + $res = $this->db->query($sql); + } return $res->rowsaffected(); } Index: public/user.php =================================================================== --- public/user.php (revision 0) +++ public/user.php (revision 0) @@ -0,0 +1,150 @@ + ) \___| < | \_\ ( <_> > < < + * Firmware |____|_ /\____/ \___ >__|_ \|___ /\____/__/\_ \ + * \/ \/ \/ \/ \/ + * $Id$ + * + * Copyright (C) 2009 Dominik Wenger + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ****************************************************************************/ + +require_once('preconfig.inc.php'); +session_start(); + +function changestatuses(&$site) { + foreach($_REQUEST['prevstatus'] as $id => $prevstatus) { + $newstatus = $_REQUEST['status'][$id]; + $oldstatus = $_REQUEST['prevstatus'][$id]; + $reason = $_REQUEST['reason'][$id]; + if ($oldstatus != $newstatus) { + $site->changestatus($id, $newstatus, $oldstatus, $reason); + } + } +} + +function checkregisterfields(&$site, &$err) +{ + foreach($_REQUEST as $field => $value) { + switch($field) { + case 'user': + if (strpos($value, ' ') === false) { + $err= sprintf("This doesn't look like a proper full name (should contain at least one whitespace character): %s", $value); + } + elseif ($site->usernameexists($value)) { + $err= "This username is already registered."; + } + break; + case 'email': + if (!preg_match("/.*@.*\..*/", $value)) { + $err = sprintf("This doesn't look like an email I can reach: %s", $value); + } + elseif ($site->useremailexists($value)) { + $err= "This email is already registered."; + } + break; + case 'pass': + if (trim($value) == '') { + $err = sprintf("You need to provide a password."); + } + break; + } + } +} + + +/* First, check if the user is logged in and handle logins */ +if (isset($_REQUEST['logout'])) { + unset($_SESSION['user']); + $t->assign('msg', 'Logged out.'); +} +if (isset($_REQUEST['Login'])) { + if ($site->userlogin($_REQUEST['user'], $_REQUEST['pass'])) { + $_SESSION['user'] = $_REQUEST['user']; + } + else { + $t->assign('msg', 'Login failed. Please try again'); + } +} +if (isset($_REQUEST['Register'])) { + checkregisterfields($site, $err); + if( empty($err)) + { + if( $site->registeruser($_REQUEST['user'], $_REQUEST['pass'], $_REQUEST['email'])) { + $t->assign('regmsg', 'Registered Successfully. An email has been sent to your address.

Please click on the link in it to confirm your account.'); + } + else { + $t->assign('regmsg', 'Register failed. Please try again'); + } + } + else + { + $t->assign('regmsg', $err); + } +} + +/* If not logged in, show the login form */ +if (!isset($_SESSION['user'])) { + $template = 'userlogin.tpl'; +} +else { + /* figure out what todo */ + /* show theme list */ + if (isset($_REQUEST['target'])) { + if (isset($_REQUEST['changestatuses'])) { + changestatuses($site); + } + $approved = isset($_REQUEST['approved']) ? $_REQUEST['approved'] : 'any'; + $template = 'adminlist.tpl'; + $themes = $site->listthemes($_REQUEST['target'], 'timestamp DESC',$approved, $onlyverified = false,$_SESSION['user']); + $t->assign('themes', $themes); + $t->assign('approved', $approved); + $t->assign('user', true); + $t->assign('target', $site->target2fullname($_REQUEST['target'])); + } + /* Show a theme's details, possibly updating it as result of an admin + * submitting changes */ + elseif (isset($_REQUEST['edittheme'])) { + /* Update the theme TODO: check if it is really them which belongs to this user */ + if (isset($_REQUEST['themename'])) { + $site->updatetheme( + $_REQUEST['edittheme'], + $_REQUEST['themename'], + $_REQUEST['mainlcd'], + $_REQUEST['author'], + $_REQUEST['email'], + $_REQUEST['description'] + ); + } + $theme = $site->themedetails($_REQUEST['edittheme']); + $targets = array(); + foreach($site->listtargets() as $target) { + $targets[$target['shortname']] = $target['fullname']; + } + $t->assign('targets', $targets); + $t->assign('theme', $theme); + $t->assign('user', true); + $template = 'edittheme.tpl'; + } + /* Or just show the front page */ + if (!isset($template)) { + $t->assign('title', 'User'); + $t->assign('targets', $site->listusertargets($_SESSION['user'])); + $t->assign('user', true); + $template = 'frontpage.tpl'; + } +} + +$t->render($template); +?>