Files
breadcrumb-the-shire/pages/admin/users/theme().php
fs 25370a1a55 add composer-unused, comprehensive docs, and project restructure
- Add icanhazstring/composer-unused as dev dependency for dependency hygiene checks
- Add German documentation (docs/) covering architecture, conventions, workflows, and developer checklists
- Add API layer (ApiAuth, ApiBootstrap, ApiResponse), audit, scheduler, custom fields, and SSO services
- Add Microsoft OIDC SSO, API token management, and user lifecycle features
- Add swagger-ui vendor integration and OpenAPI spec
- Add production Docker setup and bin/ scripts
- Update composer dependencies, config, templates, and frontend assets throughout

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-22 15:27:35 +01:00

80 lines
1.8 KiB
PHP

<?php
use MintyPHP\Http\Request;
use MintyPHP\Router;
use MintyPHP\Session;
use MintyPHP\Service\User\UserService;
use MintyPHP\Support\Guard;
use MintyPHP\Support\Flash;
Guard::requireLogin();
if (($_SERVER['REQUEST_METHOD'] ?? 'GET') !== 'POST') {
Router::redirect('admin');
return;
}
if (!Session::checkCsrfToken()) {
if (Request::wantsJson()) {
http_response_code(400);
Router::json(['ok' => false, 'error' => 'csrf']);
return;
}
Router::redirect('admin');
return;
}
$userId = (int) ($_SESSION['user']['id'] ?? 0);
if ($userId <= 0) {
http_response_code(401);
if (Request::wantsJson()) {
Router::json(['ok' => false, 'error' => 'unauthorized']);
return;
}
Router::redirect('login');
return;
}
if (!allowUserTheme()) {
http_response_code(403);
if (Request::wantsJson()) {
Router::json(['ok' => false, 'error' => 'theme_disabled']);
return;
}
Flash::error(t('Theme change is disabled for this tenant'), 'admin', 'theme_disabled');
Router::redirect('admin');
return;
}
$theme = strtolower(trim((string) ($_POST['theme'] ?? '')));
$themes = appThemes();
if ($theme === '' || !isset($themes[$theme])) {
http_response_code(400);
if (Request::wantsJson()) {
Router::json(['ok' => false, 'error' => 'invalid_theme']);
return;
}
Router::redirect('admin');
return;
}
$updated = UserService::setTheme($userId, $theme);
if (!$updated) {
http_response_code(500);
if (Request::wantsJson()) {
Router::json(['ok' => false, 'error' => 'update_failed']);
return;
}
Router::redirect('admin');
return;
}
$_SESSION['user']['theme'] = $theme;
if (Request::wantsJson()) {
Router::json(['ok' => true, 'theme' => $theme]);
return;
}
Router::redirect('admin');