Diff -- /var/www/vhosts/3dshawn.com/crm.3dshawn.com/profile.cgi
Diff

/var/www/vhosts/3dshawn.com/crm.3dshawn.com/profile.cgi

added on local at 2026-07-01 15:03:00

Added
+215
lines
Removed
-0
lines
Context
0
unchanged
Blobs
from
to d396708fa26e
Restore this content →
Unified diff
Naive LCS-based line diff. Additions in emerald, deletions in rose. Both sides decompressed live from BLOB_STORE.
1#!/usr/bin/perl
2#======================================================================
3# ContactForge - Profile (account identity)
4#
5# URL: /profile.cgi
6#
7# Owns the "who am I" half of what used to live under /settings.cgi:
8# - display name / email / default currency / timezone
9# - email verification status + "Resend verification" action
10# - security info (2FA, password, sessions, privacy / close-account)
11# - Available Features (owner-only, plan-scoped entitlement view)
12# - Team management entry point (owner-only)
13#
14# Notification + UI preferences live in /preferences.cgi.
15#======================================================================
16use strict;
17use warnings;
18
19use lib '/var/www/vhosts/3dshawn.com/crm.3dshawn.com';
20use CGI;
21use MODS::Template;
22use MODS::DBConnect;
23use MODS::Login;
24use MODS::ContactForge::Config;
25use MODS::ContactForge::Wrapper;
26use MODS::ContactForge::Billing;
27
28my $q = CGI->new;
29my $form = $q->Vars;
30my $auth = MODS::Login->new;
31my $wrap = MODS::ContactForge::Wrapper->new;
32my $tfile = MODS::Template->new;
33my $db = MODS::DBConnect->new;
34my $cfg = MODS::ContactForge::Config->new;
35my $bill = MODS::ContactForge::Billing->new;
36my $DB = $cfg->settings('database_name');
37
38$|=1;
39my $userinfo = $auth->login_verify();
40if (!$userinfo) {
41 print "Status: 302 Found\nLocation: /login.cgi\n\n";
42 exit;
43}
44my $uid = $userinfo->{user_id};
45$uid =~ s/[^0-9]//g;
46
47my $dbh = $db->db_connect();
48
49sub _esc {
50 my $s = shift;
51 $s //= '';
52 $s =~ s/\\/\\\\/g;
53 $s =~ s/'/''/g;
54 return $s;
55}
56sub _h_attr {
57 my $s = shift;
58 $s //= '';
59 $s =~ s/&/&/g;
60 $s =~ s/</&lt;/g;
61 $s =~ s/>/&gt;/g;
62 $s =~ s/"/&quot;/g;
63 return $s;
64}
65
66# ---- POST handlers --------------------------------------------------
67my $saved_msg = '';
68
69if (($form->{action} || '') eq 'save_account') {
70 my $name = $form->{display_name} // '';
71 my $email = $form->{email} // '';
72 my $cur = uc($form->{default_currency} // 'USD');
73 my $tz = $form->{timezone} // 'UTC';
74
75 $name =~ s/^\s+|\s+$//g;
76 $email =~ s/^\s+|\s+$//g;
77 $cur = substr($cur, 0, 3);
78 $tz = substr($tz, 0, 64);
79
80 if ($name eq '' || $email !~ /\@/) {
81 $saved_msg = 'Please provide a display name and a valid email address.';
82 } else {
83 $db->db_readwrite($dbh, qq~
84 UPDATE `${DB}`.users
85 SET display_name='~ . _esc($name) . qq~',
86 email='~ . _esc($email) . qq~',
87 default_currency='~ . _esc($cur) . qq~',
88 timezone='~ . _esc($tz) . qq~'
89 WHERE id='$uid'
90 ~, $ENV{SCRIPT_NAME}, __LINE__);
91 $saved_msg = 'Profile saved.';
92 }
93}
94elsif (($form->{action} || '') eq 'resend_verification') {
95 require MODS::ContactForge::EmailVerify;
96 my $u_check = $db->db_readwrite($dbh, qq~
97 SELECT id, email, display_name, email_verified_at
98 FROM `${DB}`.users WHERE id='$uid' LIMIT 1
99 ~, $ENV{SCRIPT_NAME}, __LINE__);
100 if ($u_check && $u_check->{id} && !$u_check->{email_verified_at}) {
101 my $r = MODS::ContactForge::EmailVerify->send_for_user(
102 $db, $dbh, $DB,
103 { id => $u_check->{id}, email => $u_check->{email}, display_name => $u_check->{display_name} },
104 );
105 $saved_msg = ($r && $r->{ok})
106 ? 'Verification email sent. Check your inbox (and spam folder).'
107 : 'Could not send verification email: ' . ($r->{error} || 'unknown error');
108 } else {
109 $saved_msg = 'Your email is already verified.';
110 }
111}
112
113# ---- Load current state ---------------------------------------------
114my $u = $db->db_readwrite($dbh, qq~
115 SELECT display_name, email, default_currency, timezone,
116 two_factor_enabled,
117 email_verified_at,
118 DATE_FORMAT(email_verified_at, '%b %e, %Y') AS verified_on
119 FROM `${DB}`.users
120 WHERE id='$uid'
121~, $ENV{SCRIPT_NAME}, __LINE__) || {};
122
123# Currency + timezone dropdowns
124my @CURRENCIES = qw(USD EUR GBP CAD AUD JPY);
125my @TIMEZONES = (
126 'UTC',
127 'America/Los_Angeles',
128 'America/Denver',
129 'America/Chicago',
130 'America/New_York',
131 'Europe/London',
132 'Europe/Berlin',
133 'Europe/Paris',
134 'Asia/Tokyo',
135 'Australia/Sydney',
136);
137my (@cur_opts, @tz_opts);
138my $cur_now = $u->{default_currency} || 'USD';
139my $tz_now = $u->{timezone} || 'UTC';
140foreach my $c (@CURRENCIES) {
141 push @cur_opts, { value => $c, selected_attr => ($c eq $cur_now ? ' selected' : '') };
142}
143foreach my $t (@TIMEZONES) {
144 push @tz_opts, { value => $t, selected_attr => ($t eq $tz_now ? ' selected' : '') };
145}
146
147# Active sessions
148my $active_sessions = 0;
149my $r_sess = $db->db_readwrite($dbh, qq~
150 SELECT COUNT(*) AS n FROM `${DB}`.user_sessions
151 WHERE user_id='$uid'
152 AND revoked_at IS NULL
153 AND expires_at > NOW()
154~, $ENV{SCRIPT_NAME}, __LINE__);
155$active_sessions = $r_sess->{n} if $r_sess && defined $r_sess->{n};
156
157# Plan entitlements (owner only on render side; still safe to compute)
158my @entitlements = $bill->user_feature_entitlements($db, $dbh, $DB, $uid);
159my $plan_label_for_features = (@entitlements && $entitlements[0]->{plan_label})
160 || 'Free';
161my @feature_rows;
162my %ICON_SVG = (
163 send => '<path d="M22 2 11 13"/><path d="m22 2-7 20-4-9-9-4 20-7Z"/>',
164 store => '<path d="m3 9 1-5h16l1 5"/><path d="M5 9v11a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1V9"/>',
165 activity => '<path d="M22 12h-4l-3 9L9 3l-3 9H2"/>',
166 chart => '<path d="M3 3v18h18"/><path d="m7 14 4-4 4 4 5-5"/>',
167 people => '<path d="M17 21v-2a4 4 0 0 0-4-4H5a4 4 0 0 0-4 4v2"/><circle cx="9" cy="7" r="4"/>',
168);
169foreach my $f (@entitlements) {
170 push @feature_rows, {
171 key => $f->{key},
172 name => $f->{name},
173 blurb => $f->{blurb},
174 icon_svg => $ICON_SVG{ $f->{icon} } || $ICON_SVG{chart},
175 included => $f->{included} ? 1 : 0,
176 locked => $f->{locked} ? 1 : 0,
177 module_href => '/' . ($f->{module} || 'dashboard') . '.cgi',
178 };
179}
180
181$db->db_disconnect($dbh);
182
183my $is_owner = ($userinfo && !$userinfo->{owner_user_id}) ? 1 : 0;
184
185my $tvars = {
186 user_id => $uid,
187 saved_msg => $saved_msg,
188 has_saved_msg => $saved_msg ? 1 : 0,
189
190 display_name => _h_attr($u->{display_name}),
191 email => _h_attr($u->{email}),
192 currency_options => \@cur_opts,
193 timezone_options => \@tz_opts,
194
195 email_verified => $u->{email_verified_at} ? 1 : 0,
196 email_verified_label => $u->{email_verified_at} ? ('Verified ' . ($u->{verified_on} || '')) : 'Not verified yet',
197 two_factor_enabled => $u->{two_factor_enabled} ? 1 : 0,
198 active_session_count => $active_sessions,
199
200 is_owner => $is_owner,
201 plan_label_for_features => $plan_label_for_features,
202 features => \@feature_rows,
203 has_features => scalar(@feature_rows) ? 1 : 0,
204};
205
206print "Content-Type: text/html; charset=utf-8\nCache-Control: no-store, no-cache, must-revalidate, max-age=0\nPragma: no-cache\nExpires: 0\n\n";
207
208my $body = join('', $tfile->template('cf_profile.html', $tvars, $userinfo));
209
210$wrap->render({
211 userinfo => $userinfo,
212 page_key => 'my_profile',
213 title => 'My Profile',
214 body => $body,
215});
Keyboard: j next diff k previous diff g top G bottom r restore c compile-check ? help