Diff -- /var/www/vhosts/3dshawn.com/shop.3dshawn.com/profile.cgi
Diff

/var/www/vhosts/3dshawn.com/shop.3dshawn.com/profile.cgi

added on local at 2026-07-01 22:09:44

Added
+216
lines
Removed
-0
lines
Context
0
unchanged
Blobs
from
to a904e2fc38cc
Restore this content →
Unified diff
Naive LCS-based line diff. Additions in emerald, deletions in rose. Both sides decompressed live from BLOB_STORE.
1#!/usr/bin/perl
2#======================================================================
3# ShopCart - Profile (account identity)
4#
5# Display name, email, currency, timezone, password, 2FA, sessions,
6# account close. Split out of the old tabbed settings.cgi so URL
7# conventions match PTMatrix (/profile.cgi = account identity,
8# /preferences.cgi = notifications + UI prefs).
9#
10# Body lives in TEMPLATES/shopcart_profile.html.
11#======================================================================
12use strict;
13use warnings;
14
15use lib '/var/www/vhosts/3dshawn.com/shop.3dshawn.com';
16use CGI;
17use MODS::Template;
18use MODS::DBConnect;
19use MODS::Login;
20use MODS::ShopCart::Config;
21use MODS::ShopCart::Wrapper;
22use MODS::ShopCart::Billing;
23
24my $q = CGI->new;
25my $form = $q->Vars;
26my $auth = MODS::Login->new;
27my $wrap = MODS::ShopCart::Wrapper->new;
28my $tfile = MODS::Template->new;
29my $db = MODS::DBConnect->new;
30my $cfg = MODS::ShopCart::Config->new;
31my $bill = MODS::ShopCart::Billing->new;
32my $DB = $cfg->settings('database_name');
33
34$|=1;
35my $userinfo = $auth->login_verify();
36if (!$userinfo) {
37 print "Status: 302 Found\nLocation: /login.cgi\n\n";
38 exit;
39}
40my $uid = $userinfo->{user_id};
41$uid =~ s/[^0-9]//g;
42
43my $dbh = $db->db_connect();
44
45my $saved_msg = '';
46
47sub _esc {
48 my $s = shift;
49 $s //= '';
50 $s =~ s/\\/\\\\/g;
51 $s =~ s/'/''/g;
52 return $s;
53}
54
55# ---- POST handlers --------------------------------------------------
56if (($form->{action} || '') eq 'save_account') {
57 my $name = $form->{display_name} // '';
58 my $email = $form->{email} // '';
59 my $cur = uc($form->{default_currency} // 'USD');
60 my $tz = $form->{timezone} // 'UTC';
61
62 $name =~ s/^\s+|\s+$//g;
63 $email =~ s/^\s+|\s+$//g;
64 $cur = substr($cur, 0, 3);
65 $tz = substr($tz, 0, 64);
66
67 if ($name eq '' || $email !~ /\@/) {
68 $saved_msg = 'Please provide a display name and a valid email address.';
69 } else {
70 $db->db_readwrite($dbh, qq~
71 UPDATE `${DB}`.users
72 SET display_name='~ . _esc($name) . qq~',
73 email='~ . _esc($email) . qq~',
74 default_currency='~ . _esc($cur) . qq~',
75 timezone='~ . _esc($tz) . qq~'
76 WHERE id='$uid'
77 ~, $ENV{SCRIPT_NAME}, __LINE__);
78 $saved_msg = 'Profile saved.';
79 }
80}
81elsif (($form->{action} || '') eq 'resend_verification') {
82 require MODS::ShopCart::EmailVerify;
83 my $u_check = $db->db_readwrite($dbh, qq~
84 SELECT id, email, display_name, email_verified_at
85 FROM `${DB}`.users WHERE id='$uid' LIMIT 1
86 ~, $ENV{SCRIPT_NAME}, __LINE__);
87 if ($u_check && $u_check->{id} && !$u_check->{email_verified_at}) {
88 my $r = MODS::ShopCart::EmailVerify->send_for_user(
89 $db, $dbh, $DB,
90 { id => $u_check->{id}, email => $u_check->{email}, display_name => $u_check->{display_name} },
91 );
92 $saved_msg = ($r && $r->{ok})
93 ? 'Verification email sent. Check your inbox (and spam folder).'
94 : 'Could not send verification email: ' . ($r->{error} || 'unknown error');
95 } else {
96 $saved_msg = 'Your email is already verified.';
97 }
98}
99
100# ---- Load current state --------------------------------------------
101my $u = $db->db_readwrite($dbh, qq~
102 SELECT display_name, email, default_currency, timezone,
103 two_factor_enabled,
104 email_verified_at,
105 DATE_FORMAT(email_verified_at, '%b %e, %Y') AS verified_on
106 FROM `${DB}`.users
107 WHERE id='$uid'
108~, $ENV{SCRIPT_NAME}, __LINE__) || {};
109
110# Build the dropdown lists with `selected` flags so the template can
111# render plain HTML without any client-side guessing.
112my @CURRENCIES = qw(USD EUR GBP CAD AUD JPY);
113my @TIMEZONES = (
114 'UTC',
115 'America/Los_Angeles',
116 'America/Denver',
117 'America/Chicago',
118 'America/New_York',
119 'Europe/London',
120 'Europe/Berlin',
121 'Europe/Paris',
122 'Asia/Tokyo',
123 'Australia/Sydney',
124);
125my (@cur_opts, @tz_opts);
126my $cur_now = $u->{default_currency} || 'USD';
127my $tz_now = $u->{timezone} || 'UTC';
128foreach my $c (@CURRENCIES) {
129 push @cur_opts, { value => $c, selected_attr => ($c eq $cur_now ? ' selected' : '') };
130}
131foreach my $t (@TIMEZONES) {
132 push @tz_opts, { value => $t, selected_attr => ($t eq $tz_now ? ' selected' : '') };
133}
134
135# Active sessions (creator side -- buyer sessions live in their own table).
136my $active_sessions = 0;
137my $r_sess = $db->db_readwrite($dbh, qq~
138 SELECT COUNT(*) AS n FROM `${DB}`.user_sessions
139 WHERE user_id='$uid'
140 AND revoked_at IS NULL
141 AND expires_at > NOW()
142~, $ENV{SCRIPT_NAME}, __LINE__);
143$active_sessions = $r_sess->{n} if $r_sess && defined $r_sess->{n};
144
145# ---- Plan entitlement state for the "Available Features" panel ------
146my @entitlements = $bill->user_feature_entitlements($db, $dbh, $DB, $uid);
147my $plan_label_for_features = (@entitlements && $entitlements[0]->{plan_label})
148 || 'Free';
149my @feature_rows;
150my %ICON_SVG = (
151 send => '<path d="M22 2 11 13"/><path d="m22 2-7 20-4-9-9-4 20-7Z"/>',
152 store => '<path d="m3 9 1-5h16l1 5"/><path d="M5 9v11a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1V9"/>',
153 activity => '<path d="M22 12h-4l-3 9L9 3l-3 9H2"/>',
154 chart => '<path d="M3 3v18h18"/><path d="m7 14 4-4 4 4 5-5"/>',
155 people => '<path d="M17 21v-2a4 4 0 0 0-4-4H5a4 4 0 0 0-4 4v2"/><circle cx="9" cy="7" r="4"/>',
156);
157foreach my $f (@entitlements) {
158 push @feature_rows, {
159 key => $f->{key},
160 name => $f->{name},
161 blurb => $f->{blurb},
162 icon_svg => $ICON_SVG{ $f->{icon} } || $ICON_SVG{chart},
163 included => $f->{included} ? 1 : 0,
164 locked => $f->{locked} ? 1 : 0,
165 module_href => '/' . ($f->{module} || 'dashboard') . '.cgi',
166 };
167}
168
169# Owner-only flag governs Team + Available Features panes (matches the
170# original settings.cgi tab gating).
171my $is_owner = !($userinfo->{owner_user_id}) ? 1 : 0;
172
173$db->db_disconnect($dbh);
174
175# Helper to HTML-escape values that go into <input value="...">.
176sub _h_attr {
177 my $s = shift;
178 $s //= '';
179 $s =~ s/&/&amp;/g;
180 $s =~ s/</&lt;/g;
181 $s =~ s/>/&gt;/g;
182 $s =~ s/"/&quot;/g;
183 return $s;
184}
185
186my $tvars = {
187 user_id => $uid,
188 saved_msg => $saved_msg,
189 has_saved_msg => $saved_msg ? 1 : 0,
190
191 display_name => _h_attr($u->{display_name}),
192 email => _h_attr($u->{email}),
193 currency_options => \@cur_opts,
194 timezone_options => \@tz_opts,
195
196 email_verified => $u->{email_verified_at} ? 1 : 0,
197 email_verified_label => $u->{email_verified_at} ? ('Verified ' . ($u->{verified_on} || '')) : 'Not verified yet',
198 two_factor_enabled => $u->{two_factor_enabled} ? 1 : 0,
199 active_session_count => $active_sessions,
200
201 is_owner => $is_owner,
202 plan_label_for_features => $plan_label_for_features,
203 features => \@feature_rows,
204 has_features => scalar(@feature_rows) ? 1 : 0,
205};
206
207print "Content-Type: text/html; charset=utf-8\nCache-Control: no-store, no-cache, must-revalidate, max-age=0\nPragma: no-cache\nExpires: 0\n\n";
208
209my $body = join('', $tfile->template('shopcart_profile.html', $tvars, $userinfo));
210
211$wrap->render({
212 userinfo => $userinfo,
213 page_key => 'my_profile',
214 title => 'My Profile',
215 body => $body,
216});
Keyboard: j next diff k previous diff g top G bottom r restore c compile-check ? help