From 440d0bad17201149d2924a390c615b1f7be05a3f Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Sun, 20 Apr 2014 15:27:38 +0200 Subject: [PATCH 1/6] [ADDED] Timezone support for user accounts --- public/include/bootstrap.php | 10 ++++++- public/include/classes/user.class.php | 12 ++++---- public/include/pages/account/edit.inc.php | 6 +++- public/include/version.inc.php | 2 +- .../bootstrap/account/edit/detail.tpl | 9 ++++++ upgrade/definitions/0.0.8_to_0.0.9.inc.php | 30 +++++++++++++++++++ 6 files changed, 60 insertions(+), 9 deletions(-) create mode 100755 upgrade/definitions/0.0.8_to_0.0.9.inc.php diff --git a/public/include/bootstrap.php b/public/include/bootstrap.php index fe6a9d02..241fccca 100644 --- a/public/include/bootstrap.php +++ b/public/include/bootstrap.php @@ -29,6 +29,14 @@ if (!$session_start) { } @setcookie(session_name(), session_id(), time()+$config['cookie']['duration'], $config['cookie']['path'], $config['cookie']['domain'], $config['cookie']['secure'], $config['cookie']['httponly']); +// Set the timezone if a user has it set, default UTC +if (isset($_SESSION['USERDATA']['timezone'])) { + $aTimezones = DateTimeZone::listIdentifiers(); + date_default_timezone_set($aTimezones[$_SESSION['USERDATA']['timezone']]); +} else { + date_default_timezone_set('UTC'); +} + // Our default template to load, pages can overwrite this later $master_template = 'master.tpl'; @@ -36,4 +44,4 @@ $master_template = 'master.tpl'; // We include all needed files here, even though our templates could load them themself require_once(INCLUDE_DIR . '/autoloader.inc.php'); -?> \ No newline at end of file +?> diff --git a/public/include/classes/user.class.php b/public/include/classes/user.class.php index c88bc12c..4cc7d1a7 100644 --- a/public/include/classes/user.class.php +++ b/public/include/classes/user.class.php @@ -489,7 +489,7 @@ class User extends Base { * @param strToken string Token for confirmation * @return bool **/ - public function updateAccount($userID, $address, $threshold, $donate, $email, $is_anonymous, $strToken) { + public function updateAccount($userID, $address, $threshold, $donate, $email, $timezone, $is_anonymous, $strToken) { $this->debug->append("STA " . __METHOD__, 4); $bUser = false; $donate = round($donate, 2); @@ -559,8 +559,8 @@ class User extends Base { } // We passed all validation checks so update the account - $stmt = $this->mysqli->prepare("UPDATE $this->table SET coin_address = ?, ap_threshold = ?, donate_percent = ?, email = ?, is_anonymous = ? WHERE id = ?"); - if ($this->checkStmt($stmt) && $stmt->bind_param('sddsii', $address, $threshold, $donate, $email, $is_anonymous, $userID) && $stmt->execute()) { + $stmt = $this->mysqli->prepare("UPDATE $this->table SET coin_address = ?, ap_threshold = ?, donate_percent = ?, email = ?, timezone = ?, is_anonymous = ? WHERE id = ?"); + if ($this->checkStmt($stmt) && $stmt->bind_param('sddssii', $address, $threshold, $donate, $email, $timezone, $is_anonymous, $userID) && $stmt->execute()) { $this->log->log("info", $this->getUserName($userID)." updated their account details"); return true; } @@ -596,14 +596,14 @@ class User extends Base { private function checkUserPassword($username, $password) { $this->debug->append("STA " . __METHOD__, 4); $user = array(); - $stmt = $this->mysqli->prepare("SELECT username, pass, id, is_admin FROM $this->table WHERE LOWER(username) = LOWER(?) LIMIT 1"); + $stmt = $this->mysqli->prepare("SELECT username, pass, id, timezone, is_admin FROM $this->table WHERE LOWER(username) = LOWER(?) LIMIT 1"); if ($this->checkStmt($stmt) && $stmt->bind_param('s', $username) && $stmt->execute() && $stmt->bind_result($row_username, $row_password, $row_id, $row_admin)) { $stmt->fetch(); $stmt->close(); $aPassword = explode('$', $row_password); count($aPassword) == 1 ? $password_hash = $this->getHash($password, 0) : $password_hash = $this->getHash($password, $aPassword[1], $aPassword[2]); // Store the basic login information - $this->user = array('username' => $row_username, 'id' => $row_id, 'is_admin' => $row_admin); + $this->user = array('username' => $row_username, 'id' => $row_id, 'timezone' => $row_timezone, 'is_admin' => $row_admin); return $password_hash === $row_password && strtolower($username) === strtolower($row_username); } return $this->sqlError(); @@ -703,7 +703,7 @@ class User extends Base { $this->debug->append("Fetching user information for user id: $userID"); $stmt = $this->mysqli->prepare(" SELECT - id, username, pin, api_key, is_admin, is_anonymous, email, no_fees, + id, username, pin, api_key, is_admin, is_anonymous, email, timezone, no_fees, IFNULL(donate_percent, '0') as donate_percent, coin_address, ap_threshold FROM $this->table WHERE id = ? LIMIT 0,1"); diff --git a/public/include/pages/account/edit.inc.php b/public/include/pages/account/edit.inc.php index 95aff459..cc25e0b8 100644 --- a/public/include/pages/account/edit.inc.php +++ b/public/include/pages/account/edit.inc.php @@ -132,7 +132,7 @@ if ($user->isAuthenticated()) { if ($config['twofactor']['enabled'] && $config['twofactor']['options']['details'] && !$ea_editable) { $_SESSION['POPUP'][] = array('CONTENT' => 'You have not yet unlocked account updates.', 'TYPE' => 'alert alert-danger'); } else if (!$config['csrf']['enabled'] || $config['csrf']['enabled'] && $csrftoken->valid) { - if ($user->updateAccount($_SESSION['USERDATA']['id'], $_POST['paymentAddress'], $_POST['payoutThreshold'], $_POST['donatePercent'], $_POST['email'], $_POST['is_anonymous'], $oldtoken_ea)) { + if ($user->updateAccount($_SESSION['USERDATA']['id'], $_POST['paymentAddress'], $_POST['payoutThreshold'], $_POST['donatePercent'], $_POST['email'], $_POST['timezone'], $_POST['is_anonymous'], $oldtoken_ea)) { $_SESSION['POPUP'][] = array('CONTENT' => 'Account details updated', 'TYPE' => 'alert alert-success'); } else { $_SESSION['POPUP'][] = array('CONTENT' => 'Failed to update your account: ' . $user->getError(), 'TYPE' => 'alert alert-danger'); @@ -197,6 +197,10 @@ if ($config['twofactor']['enabled'] && $user->isAuthenticated()) { $smarty->assign("DETAILSSENT", $ea_sent); } +// Grab our timezones +$smarty->assign('TIMEZONES', DateTimeZone::listIdentifiers()); + +// Fetch donation threshold $smarty->assign("DONATE_THRESHOLD", $config['donate_threshold']); // Tempalte specifics diff --git a/public/include/version.inc.php b/public/include/version.inc.php index 2e801e8a..a94bf193 100644 --- a/public/include/version.inc.php +++ b/public/include/version.inc.php @@ -2,7 +2,7 @@ $defflip = (!cfip()) ? exit(header('HTTP/1.1 401 Unauthorized')) : 1; define('MPOS_VERSION', '0.0.4'); -define('DB_VERSION', '0.0.8'); +define('DB_VERSION', '0.0.9'); define('CONFIG_VERSION', '0.0.8'); define('HASH_VERSION', 1); diff --git a/public/templates/bootstrap/account/edit/detail.tpl b/public/templates/bootstrap/account/edit/detail.tpl index a98251c5..2b5ba6a5 100644 --- a/public/templates/bootstrap/account/edit/detail.tpl +++ b/public/templates/bootstrap/account/edit/detail.tpl @@ -30,6 +30,15 @@ {nocache}{/nocache} +
+ + {nocache} + + {/nocache} + +
{nocache}{/nocache} diff --git a/upgrade/definitions/0.0.8_to_0.0.9.inc.php b/upgrade/definitions/0.0.8_to_0.0.9.inc.php new file mode 100755 index 00000000..c286c85b --- /dev/null +++ b/upgrade/definitions/0.0.8_to_0.0.9.inc.php @@ -0,0 +1,30 @@ +getValue('DB_VERSION'); // Our actual version installed + + // Upgrade specific variables + $aSql[] = "ALTER TABLE " . $user->getTableName() . " ADD `timezone` VARCHAR(35) NOT NULL DEFAULT 'UTC' AFTER `email`"; + $aSql[] = "UPDATE " . $setting->getTableName() . " SET value = '0.0.9' WHERE name = 'DB_VERSION'"; + + if ($db_version_now == $db_version_old && version_compare($db_version_now, DB_VERSION, '<')) { + // Run the upgrade + echo '- Starting database migration to version ' . $db_version_new . PHP_EOL; + foreach ($aSql as $sql) { + echo '- Preparing: ' . $sql . PHP_EOL; + $stmt = $mysqli->prepare($sql); + if ($stmt && $stmt->execute()) { + echo '- success' . PHP_EOL; + } else { + echo '- failed: ' . $mysqli->error . PHP_EOL; + exit(1); + } + } + } +} +?> From 2bcc48937f3b56f94786a2a88993f0d7bd9d5368 Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Sun, 20 Apr 2014 15:34:11 +0200 Subject: [PATCH 2/6] [FIX] Re-new timezone on account update --- public/include/pages/account/edit.inc.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/public/include/pages/account/edit.inc.php b/public/include/pages/account/edit.inc.php index cc25e0b8..78782ad4 100644 --- a/public/include/pages/account/edit.inc.php +++ b/public/include/pages/account/edit.inc.php @@ -133,9 +133,10 @@ if ($user->isAuthenticated()) { $_SESSION['POPUP'][] = array('CONTENT' => 'You have not yet unlocked account updates.', 'TYPE' => 'alert alert-danger'); } else if (!$config['csrf']['enabled'] || $config['csrf']['enabled'] && $csrftoken->valid) { if ($user->updateAccount($_SESSION['USERDATA']['id'], $_POST['paymentAddress'], $_POST['payoutThreshold'], $_POST['donatePercent'], $_POST['email'], $_POST['timezone'], $_POST['is_anonymous'], $oldtoken_ea)) { - $_SESSION['POPUP'][] = array('CONTENT' => 'Account details updated', 'TYPE' => 'alert alert-success'); + $_SESSION['USERDATA']['timezone'] = $_POST['timezone']; + $_SESSION['POPUP'][] = array('CONTENT' => 'Account details updated', 'TYPE' => 'alert alert-success'); } else { - $_SESSION['POPUP'][] = array('CONTENT' => 'Failed to update your account: ' . $user->getError(), 'TYPE' => 'alert alert-danger'); + $_SESSION['POPUP'][] = array('CONTENT' => 'Failed to update your account: ' . $user->getError(), 'TYPE' => 'alert alert-danger'); } } else { $_SESSION['POPUP'][] = array('CONTENT' => $csrftoken->getErrorWithDescriptionHTML(), 'TYPE' => 'alert alert-warning'); From 68d59d6eae62bebba1240881db2549397a929eb6 Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Sun, 20 Apr 2014 16:15:55 +0200 Subject: [PATCH 3/6] [SQL] Base structure updated --- sql/000_base_structure.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sql/000_base_structure.sql b/sql/000_base_structure.sql index 1e764c5c..18160aac 100644 --- a/sql/000_base_structure.sql +++ b/sql/000_base_structure.sql @@ -133,7 +133,7 @@ CREATE TABLE IF NOT EXISTS `settings` ( UNIQUE KEY `setting` (`name`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; -INSERT INTO `settings` (`name`, `value`) VALUES ('DB_VERSION', '0.0.8'); +INSERT INTO `settings` (`name`, `value`) VALUES ('DB_VERSION', '0.0.9'); CREATE TABLE IF NOT EXISTS `shares` ( `id` bigint(30) NOT NULL AUTO_INCREMENT, From 1c02b09636be2d8943d1aca8b5ed8c20e611522e Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Sun, 20 Apr 2014 16:18:40 +0200 Subject: [PATCH 4/6] [UPDATE] UTC as default timezone (ID 415) --- sql/000_base_structure.sql | 1 + upgrade/definitions/0.0.8_to_0.0.9.inc.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/sql/000_base_structure.sql b/sql/000_base_structure.sql index 18160aac..f02c1bf5 100644 --- a/sql/000_base_structure.sql +++ b/sql/000_base_structure.sql @@ -15,6 +15,7 @@ CREATE TABLE IF NOT EXISTS `accounts` ( `username` varchar(40) NOT NULL, `pass` varchar(255) NOT NULL, `email` varchar(255) DEFAULT NULL COMMENT 'Assocaited email: used for validating users, and re-setting passwords', + `timezone` varchar(35) NOT NULL DEFAULT '415', `notify_email` VARCHAR( 255 ) NULL DEFAULT NULL, `loggedIp` varchar(255) DEFAULT NULL, `is_locked` tinyint(1) NOT NULL DEFAULT '0', diff --git a/upgrade/definitions/0.0.8_to_0.0.9.inc.php b/upgrade/definitions/0.0.8_to_0.0.9.inc.php index c286c85b..01e11c78 100755 --- a/upgrade/definitions/0.0.8_to_0.0.9.inc.php +++ b/upgrade/definitions/0.0.8_to_0.0.9.inc.php @@ -9,7 +9,7 @@ function run_009() { $db_version_now = $setting->getValue('DB_VERSION'); // Our actual version installed // Upgrade specific variables - $aSql[] = "ALTER TABLE " . $user->getTableName() . " ADD `timezone` VARCHAR(35) NOT NULL DEFAULT 'UTC' AFTER `email`"; + $aSql[] = "ALTER TABLE " . $user->getTableName() . " ADD `timezone` VARCHAR(35) NOT NULL DEFAULT '415' AFTER `email`"; $aSql[] = "UPDATE " . $setting->getTableName() . " SET value = '0.0.9' WHERE name = 'DB_VERSION'"; if ($db_version_now == $db_version_old && version_compare($db_version_now, DB_VERSION, '<')) { From 97225fdf1ef9c68aa84e8f1151947e9ab9eddbd2 Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Wed, 23 Apr 2014 10:46:33 +0200 Subject: [PATCH 5/6] [FIX] Merge conflict --- public/include/classes/user.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/public/include/classes/user.class.php b/public/include/classes/user.class.php index 4cc7d1a7..f42dc936 100644 --- a/public/include/classes/user.class.php +++ b/public/include/classes/user.class.php @@ -597,7 +597,7 @@ class User extends Base { $this->debug->append("STA " . __METHOD__, 4); $user = array(); $stmt = $this->mysqli->prepare("SELECT username, pass, id, timezone, is_admin FROM $this->table WHERE LOWER(username) = LOWER(?) LIMIT 1"); - if ($this->checkStmt($stmt) && $stmt->bind_param('s', $username) && $stmt->execute() && $stmt->bind_result($row_username, $row_password, $row_id, $row_admin)) { + if ($this->checkStmt($stmt) && $stmt->bind_param('s', $username) && $stmt->execute() && $stmt->bind_result($row_username, $row_password, $row_id, $row_timezone, $row_admin)) { $stmt->fetch(); $stmt->close(); $aPassword = explode('$', $row_password); From 0a502b248752ef5f09d9f3035eeea80cdec4f5d6 Mon Sep 17 00:00:00 2001 From: Sebastian Grewe Date: Wed, 23 Apr 2014 11:09:04 +0200 Subject: [PATCH 6/6] [REMOVED] Old select box for timezones --- public/templates/bootstrap/account/edit/detail.tpl | 1 - 1 file changed, 1 deletion(-) diff --git a/public/templates/bootstrap/account/edit/detail.tpl b/public/templates/bootstrap/account/edit/detail.tpl index 2b5ba6a5..9b40dc67 100644 --- a/public/templates/bootstrap/account/edit/detail.tpl +++ b/public/templates/bootstrap/account/edit/detail.tpl @@ -37,7 +37,6 @@ {html_options options=$TIMEZONES selected=$GLOBAL.userdata.timezone} {/nocache} -