0, 'error' => 'You must be logged in' ] ) ); } if ( empty( $_REQUEST ) ){ die( json_encode( [ 'status' => 0, 'error' => 'Missing data' ] ) ); } $pwdStorage = $_REQUEST['smtpPwdStorage'] ?? 0; if ( ! empty( $_REQUEST['smtpPassword'] ) ){ if ( $pwdStorage == 1 ){ $_SESSION['smtpPassword'] = $_REQUEST['smtpPassword']; } elseif ( $pwdStorage == 2 ){ $user['settings']['smtpPassword'] = $_REQUEST['smtpPassword']; } } if ( $pwdStorage != 1 ){ unset( $_SESSION['smtpPassword'] ); } if ( $pwdStorage != 2 ){ $user['settings']['smtpPassword'] = NULL; } $allowedFields = [ 'smtpHost', 'smtpPort', 'smtpSecurity', 'smtpUser', 'smtpFrom', 'smtpPwdStorage' ]; $data = array_intersect_key( $_REQUEST, array_flip( $allowedFields ) ); if ( empty( $data ) ){ die( json_encode( [ 'status' => 0, 'error' => 'Invalid field names' ] ) ); } $newSettings = array_merge( $user['settings'], $data ); $result = $auth->update_settings( $user['id'], $newSettings ); if ( ! $result ){ die( json_encode( [ 'status' => 0, 'error' => 'Could not store user settings' ] ) ); } echo json_encode( [ 'status' => 1, 'error' => '' ] ); // end of file ajax/update_settings.php