From ee9e7a26742782c24c4dcf69d09787779513dbea Mon Sep 17 00:00:00 2001
From: Patrick Davison <snapwilliam@gmail.com>
Date: Sat, 9 Feb 2013 14:28:33 -0800
Subject: Unsubscribe in /cp

---
 pages/cp.php | 79 +++++++++++++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 67 insertions(+), 12 deletions(-)

diff --git a/pages/cp.php b/pages/cp.php
index 074a209..5149ad3 100644
--- a/pages/cp.php
+++ b/pages/cp.php
@@ -8,6 +8,12 @@ htmlHeader();
 
 topbar($Links);
 
+if (!$accepted) {
+	echo "Sign in first";
+	htmlFooter();
+	exit;
+}
+
 include('./includes/maps.php');
 include_once('./includes/sqlEmbedded.php');
 
@@ -21,12 +27,36 @@ function validatename($name) {
 	return true;
 }
 
-if (isset($_POST['displayName'])) {
-	$inputname = sql_clean($_POST['displayName']);
-	$inputname = chatFilter($inputname);
-	$userID = $_SESSION['userID'];
+/**
+ * Returns true if the given user has opted out of emails, false otherwise
+ */
+function isOptedOutOfEmails($userID) {
+	$userID = mysql_escape_string($userID);
+	
+	$sql = "SELECT `isOptedOutOfEmails` FROM `users` 
+	WHERE `ID` = '$userID' AND `isOptedOutOfEmails` = 1
+	LIMIT 1";
+	$result = mysql_query($sql) or die(mysql_error());
+	return (mysql_num_rows($result) >= 1);
+}
 
-	if ($accepted) {
+function setOptedOutOfEmails($userID, $setting) {
+	$userID = mysql_escape_string($userID);
+	
+	if ($setting) $setting == '1'; else $setting == '0';
+	$sql = "UPDATE `users` 
+	SET `isOptedOutOfEmails` = '$setting'
+	WHERE `ID` = '$userID'
+	LIMIT 1";
+	$result = mysql_query($sql) or die(mysql_error());
+}
+
+if (isset($_POST['updateSettings']) AND $_POST['updateSettings'] == 'true') {
+	$userID = $_SESSION['userID'];
+	if (isset($_POST['displayName'])) {
+		$inputname = sql_clean($_POST['displayName']);
+		$inputname = chatFilter($inputname);
+		
 		if (validatename($inputname)) {
 			$sql = "UPDATE `users`
 			SET `displayName` = '$inputname'
@@ -34,24 +64,49 @@ if (isset($_POST['displayName'])) {
 			";
 			mysql_query($sql);
 			$_SESSION['displayName'] = $inputname;
-			DoRedirect("Name change success!");
-			exit;
-			//echo "<br /><b>Name change success (Your name may take a moment to be updated)</b> <br />";
+			$r .= "<br />Name change success!";
 		} else {
-			echo "<br />Invalid name";
+			$r .= "<br />Invalid name";
 		}
 	}
+	
+	if ($_POST['emailOptOut'] == 'true') {
+		setOptedOutOfEmails($userID, true);
+		$r .= "<br />You are opted out of emails";
+	} else {
+		setOptedOutOfEmails($userID, false);
+		$r .= "<br />You are accepting emails";
+	}
+	DoRedirect("Settings updated! Thank you!");
+	exit;
+}
+
+
+$checked = '';
+if (isOptedOutOfEmails($userID)) {
+	$checked = 'checked="yes"';
 }
 
 $displayName = htmlspecialchars($_SESSION['displayName'], ENT_COMPAT | ENT_HTML5);
 ?>
 
 <div class="wrapper">
-<h2>Change your display name</h2>
+<h2>Control Panel</h2>
 
 <form action="cp" method="post" name="changename">
-<input type="text" size="20" maxlength="14" value="<?php echo $displayName ?>" name="displayName" class="forminput" />
-<input type="submit" value="Change name" class="forminput" />
+<input type="hidden" name="updateSettings" value="true">
+<fieldset style='width:400px'>
+	<legend>Settings:</legend>
+	
+	Display Name: <input type="text" size="20" maxlength="14" value="<?php echo $displayName ?>" name="displayName" class="forminput" />
+	<br /><br />
+	<input type="checkbox" name="emailOptOut" value="true" <?php echo $checked ?>>
+		Opt out of emails? We'll only send you important feature updates! I Promise!
+	<br /><br />
+	<input type="submit" value="Update settings" class="forminput" />
+</fieldset>
+
+
 </div>
 
 </form>
-- 
cgit v1.2.3