wrapper('usersettings/edit'); /* e107::css('inline', " .usersettings-form .col-sm-9 .checkboxes { margin-left:20px } ");*/ } else { $bcDefs = array( 'LAN_418' => 'LAN_USET_31', 'LAN_7' => 'LAN_USER_01', 'LAN_8' => 'LAN_USER_80', 'LAN_9' => 'LAN_USER_81', 'LAN_10' => 'LAN_USER_82', 'LAN_112' => 'LAN_USER_60', 'LAN_113' => 'LAN_USER_83', 'LAN_114' => 'LAN_USER_84', 'LAN_120' => 'LAN_USER_71', // Signature 'LAN_152' => 'LAN_USET_24', 'LAN_153' => 'LAN_USET_25', 'LAN_154' => 'LAN_USET_37', 'LAN_308' => 'LAN_USER_63', 'LAN_401' => 'LAN_USET_23', 'LAN_404' => 'LAN_USET_32', 'LAN_414' => 'LAN_USET_27', 'LAN_415' => 'LAN_USET_26', 'LAN_420' => 'LAN_USER_07', // Avatar 'LAN_421' => 'LAN_USET_33', 'LAN_422' => 'LAN_USET_34', 'LAN_423' => 'LAN_USET_35', 'LAN_424' => 'LAN_USET_36', 'LAN_425' => 'LAN_USER_06', 'LAN_426' => 'LAN_USET_28', 'LAN_433' => '', 'LAN_434' => '', 'LAN_435' => '', 'LAN_122' => 'UE_LAN_TIMEZONE', 'LAN_CUSTOMTITLE' => 'LAN_USER_04' ); e107::getLanguage()->bcDefs($bcDefs); global $sc_style; $REQUIRED_FIELD = ''; $USER_EXTENDED_CAT = ''; $USEREXTENDED_FIELD = ''; $USERSETTINGS_MESSAGE = ''; $USERSETTINGS_MESSAGE_CAPTION = ''; $USERSETTINGS_EDIT_CAPTION = ''; $USERSETTINGS_EDIT = ''; $coreTemplatePath = e107::coreTemplatePath('usersettings'); include_once($coreTemplatePath); //correct way to load a core template. e107::scStyle($sc_style); $usersettings_shortcodes = e107::getScBatch('usersettings'); $usersettings_shortcodes->legacyTemplate = array( 'USER_EXTENDED_CAT' => $USER_EXTENDED_CAT, 'USEREXTENDED_FIELD' => $USEREXTENDED_FIELD, 'REQUIRED_FIELD' => $REQUIRED_FIELD ); } $this->sc = $usersettings_shortcodes; $this->template = array( 'message' => $USERSETTINGS_MESSAGE, 'message_caption' => $USERSETTINGS_MESSAGE_CAPTION, 'edit_caption' => $USERSETTINGS_EDIT_CAPTION, 'edit' => $USERSETTINGS_EDIT, ); e107::js('footer-inline'," function addtext_us(sc) { document.getElementById('dataform').image.value = sc; } "); } /** * @param $id * @return mixed */ private function getTemplate($id) { return $this->template[$id]; } private function sendDeleteConfirmationEmail() { $tp = e107::getParser(); $message = defset('LAN_USET_52', "A confirmation email has been sent to [x]. Please click the link in the email to permanently delete your account."); // Load LAN with fall-back. $subject = defset("LAN_USET_53", "Account Removal Confirmation"); // Load LAN with fall-back. $caption = defset('LAN_USET_54', "Confirmation Email Sent"); // Load LAN with fall-back. $hash = e107::getUserSession()->generateRandomString("#**************************************************************************#"); $link = SITEURL."usersettings.php?del=".$hash; // Security measure - user must be logged in to utilize the link. $text = LAN_USET_55; // "Please click the following link to complete the deletion of your account."; $text .= "

"; $text .= "".$link.""; $eml = array( 'subject' => $subject, 'html' => true, 'priority' => 1, 'template' => 'default', 'body' => $text, ); if(e107::getEmail()->sendEmail(USEREMAIL,USERNAME, $eml)) { $update = array( 'user_sess' => $hash, 'WHERE' => 'user_id = '.USERID ); e107::getDb()->update('user',$update); $alert = $tp->lanVars($message, USEREMAIL); return e107::getMessage()->setTitle($caption, E_MESSAGE_INFO)->addInfo($alert)->render(); } //todo Email Failure message. return null; } /* private function processUserDeleteFields($vars) { $qry = array(); foreach($vars as $field => $var) { } return $qry; }*/ private function processUserDelete($hash) { if(!e107::getDb()->select('user', '*',"user_id = ".USERID." AND user_sess='".$hash."' LIMIT 1")) // user must be logged in AND have correct hash. { return false; } $arr = e107::getAddonConfig('e_user', '', 'delete', USERID); $sql = e107::getDb(); foreach($arr as $plugin) { foreach($plugin as $table => $query) { $mode = $query['MODE']; unset($query['MODE']); // $query = $this->processUserDeleteFields($query); //optional pre-processing.. if($mode === 'update') { //echo "

UPDATE ".$table."

"; // print_a($query); $sql->update($table, $query); // todo check query ran successfully. } elseif($mode === 'delete') { //echo "

DELETE ".$table."

"; //print_a($query); $sql->delete($table, $query['WHERE']); // todo check query ran successfully. } } } $alert = defset('LAN_USET_56', "Your account has been successfully deleted."); return e107::getMessage()->addSuccess($alert)->render(); } /** * @return bool */ public function init() { $pref = e107::getPref(); $tp = e107::getParser(); $ue = e107::getUserExt(); $mes = e107::getMessage(); $sql = e107::getDb(); $ns = e107::getRender(); $userMethods = e107::getUserSession(); $photo_to_delete = ''; $avatar_to_delete = ''; // $ue_fields = ''; $caption = ''; $promptPassword = false; $error = FALSE; $extraErrors = array(); $eufVals = array(); $savePassword = ''; $changedUserData = array(); $udata = array(); $allData = array(); $message = ''; $changedEUFData = array(); $inp = USERID; // Initially assume that user is modifying their own data. $_uid = false; // FALSE if user modifying their own data; otherwise ID of data being modified $adminEdit = false; // @deprecated // FALSE if editing own data. TRUE if admin edit if(!empty($_POST['delete_account'])) // button clicked. { echo $this->sendDeleteConfirmationEmail(); } if(!empty($_GET['del'])) // delete account via confirmation email link. { echo $this->processUserDelete($_GET['del']); //e107::getSession()->destroy(); e107::getUser()->logout(); return null; } /* todo subject of removal */ if(is_numeric(e_QUERY)) { // Trying to edit specific user record if (ADMIN) { // Admin edit of specific record /* $_usersettings_matches = Array ( [0] => /e107/usersettings.php?# OR /e107/edit/user/# [1] => e107 [2] => usersettings.php OR edit/user [3] => ? OR / [4] => # ) */ $inp = intval(e_QUERY); // $usersettings_form_action = strstr('?', $_usersettings_matches[3]) ? e_SELF.'?'.e_QUERY : e_SELF; $_uid = $inp; $info = e107::user($inp); //Only site admin is able to change setting for other admins if(!is_array($info) || ($info['user_admin'] == 1 && (!defined('ADMINPERMS') || ADMINPERMS !== '0')) || ((!defined('ADMINPERMS') || ADMINPERMS !== '0') && !getperms('4'))) { e107::redirect(); exit(); } $adminEdit = TRUE; // Flag to indicate admin edit } else { //Non admin attempting to edit another user's ID e107::redirect(); exit(); } } // Save user settings (changes only) //----------------------------------- if (isset($_POST['updatesettings']) || isset($_POST['SaveValidatedInfo'])) { // $udata = e107::user($inp); //@deprecated // Get all the existing user data, including any extended fields $udata = e107::user($inp); // Get all the existing user data, including any extended fields $udata['user_classlist'] = $userMethods->addCommonClasses($udata, FALSE); } if (!empty($_POST['updatesettings'])) { // Do not filter these values (saving) $ueVals = $_POST['ue']; $passtemp1 = $_POST['password1']; $passtemp2 = $_POST['password2']; // Filter the others $_POST = e107::getParser()->filter($_POST); // Pass the original values back (restoring) $_POST['ue'] = $ueVals; $_POST['password1'] = $passtemp1; $_POST['password2'] = $passtemp2; // Unset temporary vars unset($ueVals); unset($passtemp1); unset($passtemp2); if (!vartrue($pref['auth_method'])) { $pref['auth_method'] = 'e107'; } if ($pref['auth_method'] != 'e107') { $_POST['password1'] = ''; $_POST['password2'] = ''; } e107::getMessage()->addDebug("_FILES".print_a($_FILES,true)); // Uploaded avatar and/or photo if (varset($_FILES['file_userfile']['error']['avatar'], false) === UPLOAD_ERR_OK || varset($_FILES['file_userfile']['error']['photo'], false) == UPLOAD_ERR_OK) { e107::getMessage()->addDebug("Uploaded File Detected"); require_once (e_HANDLER.'resize_handler.php'); $opts = array('overwrite' => TRUE, 'file_mask'=>'jpg,png,gif,jpeg', 'max_file_count' => 2); if ($uploaded = e107::getFile()->getUploaded(e_AVATAR_UPLOAD, 'prefix+ap_'.$tp->leadingZeros($udata['user_id'],7).'_', $opts)) { e107::getMessage()->addDebug("Uploaded: ".print_a($uploaded,true)); foreach ($uploaded as $upload) { if ($upload['name'] && ($upload['index'] == 'avatar') && $pref['avatar_upload']) { // avatar uploaded - give it a reference which identifies it as server-stored // Vetting routines will do resizing and so on $_POST['image'] = '-upload-'.$upload['name']; } elseif ($upload['name'] && ($upload['index'] == 'photo') && $pref['photo_upload']) { // photograph uploaded $_POST['user_sess'] = '-upload-'.$upload['name']; } elseif (isset($upload['error']) && isset($upload['message'])) { $extraErrors[] = $upload['message']; } } } } // Now validate everything - just check everything that's been entered $allData = validatorClass::validateFields($_POST,$userMethods->userVettingInfo, TRUE); // Do basic validation validatorClass::dbValidateArray($allData, $userMethods->userVettingInfo, 'user', $inp); // Do basic DB-related checks $userMethods->userValidation($allData); // Do user-specific DB checks $savePassword = ''; if (($_POST['password1'] != '') || ($_POST['password2'] != '')) { // Need to validate new password here if (!isset($allData['errors']['user_password'])) { // No errors in password yet - may be valid $savePassword = $allData['data']['user_password']; unset($allData['data']['user_password']); // Delete the password value in the output array } } else { unset($allData['errors']['user_password']); // Delete the error which an empty password field generates } unset($_POST['password1']); unset($_POST['password2']); $changedUserData = validatorClass::findChanges($allData['data'], $udata,FALSE); e107::getMessage()->addDebug("
Existing User Info
".print_a($udata,true)); e107::getMessage()->addDebug('
'.print_a($allData['data'],true)); e107::getMessage()->addDebug("
Posted Changes
".print_a($changedUserData,true)); // Login Name checks - only admin can change login name if (isset($changedUserData['user_loginname'])) { if (ADMIN && getperms('4')) { if (!check_class($pref['displayname_class'], $udata['user_classlist'], $adminEdit)) { // Display name and login name must be the same $changedUserData['user_name'] = $changedUserData['user_loginname']; } } else { unset($changedUserData['user_loginname']); // Just doing this is probably being kind! $alldata['errors']['user_loginname'] = ERR_GENERIC; $alldata['errortext']['user_loginname'] = LAN_USER_85; } } // See if user just wants to delete existing photo if (isset($_POST['user_delete_photo'])) { $photo_to_delete = $udata['user_sess']; $changedUserData['user_sess'] = ''; } if ($udata['user_image'] && !isset($changedUserData['user_image'])) { // $changedUserData['user_image'] = ''; // FIXME Deletes the user's image when no changes made. $avatar_to_delete = str_replace('-upload-', '', $udata['user_image']); } // Validate Extended User Fields. if (isset($_POST['ue'])) { $eufVals = $ue->sanitizeAll($_POST['ue']); $eufVals = $ue->userExtendedValidateAll($eufVals, varset($_POST['hide'],TRUE)); // Validate the extended user fields $changedEUFData['data'] = validatorClass::findChanges($eufVals['data'], $udata,FALSE); } e107::getMessage()->addDebug("

Extended Data - post validation

".print_a($changedEUFData['data'],true)); // Determine whether we have an error $error = ((isset($allData['errors']) && count($allData['errors'])) || (isset($eufVals['errors']) && count($eufVals['errors'])) || count($extraErrors)); // Update Userclass - only if its the user changing their own data (admins can do it another way) if (isset($allData['data']['user_class'])) { unset($changedUserData['user_class']); // We always recalculate this if (FALSE === $adminEdit) // Make sure admin can't edit another's user classes { $e_userclass = e107::getUserClass(); $ucList = $e_userclass->get_editable_classes(USERCLASS_LIST,TRUE); // List of classes which this user can edit if (count($ucList)) { $nid = $e_userclass->mergeClassLists($udata['user_class'], $ucList, $allData['data']['user_class'], TRUE); $nid = $e_userclass->stripFixedClasses($nid); $nid = implode(',',$nid); // echo "Userclass data - new: {$nid}, old: {$udata['user_baseclasslist']}, editable: ".implode(',',$ucList).", entered: {$allData['data']['user_class']}
"; if ($nid != $udata['user_baseclasslist']) { if (US_DEBUG) { e107::getLog()->addEvent(10, debug_backtrace(), "DEBUG", "Usersettings test", "Write back classes; old list: {$udata['user_class']}; new list: ".$nid, false, LOG_TO_ROLLING); } $changedUserData['user_class'] = $nid; } } } } e107::getMessage()->addDebug("

Processed Posted Changes

".print_a($changedUserData,true)); // All key fields validated here // ----------------------------- // $inp - UID of user whose data is being changed (may not be the currently logged in user) $inp = intval($inp); if (!$error && count($changedUserData) || count($changedEUFData)) { $_POST['user_id'] = $inp; $ret =e107::getEvent()->trigger('preuserset', $_POST); if ($ret == '') { // Only admins can update login name - do this just in case one of the event triggers has mucked it about if (!(ADMIN && getperms('4'))) { unset($changedUserData['user_loginname']); } } else { // Invalid data - from hooked in trigger event $message = "
"; $caption = LAN_OK; $error = true; } } } // End - update setttings elseif(isset($_POST['SaveValidatedInfo'])) // Next bit only valid if user editing their own data { /* if(!empty($_POST['updated_data']) && !empty($_POST['currentpassword']) && !empty($_POST['updated_key'])) { // Got some data confirmed with password entry*/ $new_data = base64_decode($_POST['updated_data']); // Should only happen if someone's fooling around if ($this->getValidationKey($new_data) !== $_POST['updated_key'] || ($userMethods->hasReadonlyField($new_data) !==false)) { echo LAN_USET_42.'
'; return false; } if (isset($_POST['updated_extended'])) { $new_extended = base64_decode($_POST['updated_extended']); if ($this->getValidationKey($new_extended) !== $_POST['extended_key']) { // Should only happen if someone's fooling around echo LAN_USET_42.'
'; return false; } } if ($userMethods->CheckPassword($_POST['currentpassword'], $udata['user_loginname'], $udata['user_password']) === false) // Use old data to validate { // Invalid password $mes->addError("


"); $mes->addError("".LAN_BACK.""); echo $mes->render(); return false; } $changedUserData = e107::unserialize($new_data); $changedUserData = e107::getParser()->filter($changedUserData, 'str'); $savePassword = $_POST['currentpassword']; if(!empty($new_extended)) { $changedEUFData = e107::unserialize($new_extended); $changedEUFData = e107::getParser()->filter($changedEUFData, 'str'); } unset($new_data); unset($new_extended); if (isset($changedUserData['user_sess'])) { $photo_to_delete = $udata['user_sess']; } if (isset($changedUserData['user_image'])) { $avatar_to_delete = $udata['user_image']; } // } } unset($_POST['updatesettings']); unset($_POST['SaveValidatedInfo']); // At this point we know the error status. // $changedUserData has an array of core changed data, except password, which is in $savePassword if changed (or entered as confirmation). // $eufData has extended user field data // $changedEUFData has any changes in extended user field data $dataToSave = !$error && (isset($changedUserData) && count($changedUserData)) || (isset($changedEUFData['data']) && count($changedEUFData['data'])) || $savePassword; if ($dataToSave) { // Sort out password hashes if ($savePassword) { $loginname = $changedUserData['user_loginname'] ? $changedUserData['user_loginname'] : $udata['user_loginname']; $email = (isset($changedUserData['user_email']) && $changedUserData['user_email']) ? $changedUserData['user_email'] : $udata['user_email']; $changedUserData['user_password'] = $sql->escape($userMethods->HashPassword($savePassword, $loginname), false); if (varset($pref['allowEmailLogin'], FALSE)) { $user_prefs = e107::unserialize($udata['user_prefs']); $user_prefs['email_password'] = $userMethods->HashPassword($savePassword, $email); $changedUserData['user_prefs'] = e107::serialize($user_prefs); } } else { if ((isset($changedUserData['user_loginname']) && $userMethods->isPasswordRequired('user_loginname')) || (isset($changedUserData['user_email']) && $userMethods->isPasswordRequired('user_email'))) { if ($_uid && ADMIN) { // Admin is changing it $extraErrors[] = LAN_USET_20; } else { // User is changing their own info $promptPassword = true; } } } } if ($dataToSave && !$promptPassword) { $inp = intval($inp); // We can update the basic user record now - can just update fields from $changedUserData if (US_DEBUG) { e107::getLog()->addEvent(10, debug_backtrace(), "DEBUG", "Usersettings test", "Changed data:
".var_export($changedUserData, true), false, LOG_TO_ROLLING); } if (isset($changedUserData) && count($changedUserData)) { $changedData['data'] = $changedUserData; $changedData['WHERE'] = 'user_id='.$inp; validatorClass::addFieldTypes($userMethods->userVettingInfo,$changedData); // print_a($changedData); if (FALSE === $sql->update('user', $changedData)) { $extraErrors[] = LAN_USET_43; } else { $message = LAN_USET_41; if (isset($changedUserData['user_password']) && !$adminEdit) { // echo "Make new cookie
"; $userMethods->makeUserCookie(array('user_id' => $udata['user_id'],'user_password' => $changedUserData['user_password']), FALSE); // Can't handle autologin ATM } } } // Save extended field values if (!empty($changedEUFData['data'])) { $ue->addFieldTypes($changedEUFData); // Add in the data types for storage $changedEUFData['_DUPLICATE_KEY_UPDATE'] = true; // update record if key found, otherwise INSERT. $changedEUFData['data']['user_extended_id'] = $inp; if (false === $sql->insert('user_extended', $changedEUFData)) { $message .= '
Error updating EUF'; } } // Now see if we need to log anything. First check the options and class membership // (Normally we would leave logging decision to the log class. But this one's a bit more complicated) $user_logging_opts = e107::getConfig()->get('user_audit_opts'); $do_log = array(); $log_action = ''; if ($_uid) { // Its an admin changing someone elses data - make an admin log entry here e107::getLog()->add('USET_01', "UID: {$udata['user_id']}. UName: {$udata['user_name']}", E_LOG_INFORMATIVE); // Check against the class of the target user, not the admin! if (!check_class(varset($pref['user_audit_class'], ''), $udata['user_class'])) { $user_logging_opts = array(); } } else { if (!check_class(varset($pref['user_audit_class'], ''))) { $user_logging_opts = array(); } } $triggerData = array(); if (count($changedUserData)) { $triggerData = $changedUserData; // Create record for changed user data trigger $triggerData['user_id'] = $udata['user_id']; $triggerData['_CHANGED_BY_UID'] = USERID; // May be admin changing data $triggerData['_CHANGED_BY_UNAME'] = USERNAME; if (!isset($triggerData['user_name'])) { $triggerData['user_name'] = $udata['user_name']; } } if(count($changedEUFData)) { $triggerData['ue'] = $changedEUFData['data']; } // Now log changes if required if (count($user_logging_opts)) { // Start with any specific fields we're changing if (isset($changedUserData['user_name'])) { if (isset($user_logging_opts[USER_AUDIT_NEW_DN])) { $do_log['user_name'] = $changedUserData['user_name']; $log_action = USER_AUDIT_NEW_DN; } unset($changedUserData['user_name']); } if (isset($changedUserData['user_password'])) { if (isset($user_logging_opts[USER_AUDIT_NEW_PW])) { // Password has already been changed to a hashed value, so OK to leave the data $do_log['user_password'] = $changedUserData['user_password']; $log_action = USER_AUDIT_NEW_PW; } unset($changedUserData['user_password']); } if (isset($changedUserData['user_email'])) { if (isset($user_logging_opts[USER_AUDIT_NEW_EML])) { $do_log['user_email'] = $changedUserData['user_email']; $log_action = USER_AUDIT_NEW_EML; } unset($changedUserData['user_email']); } if (count($changedUserData) && isset($user_logging_opts[USER_AUDIT_NEW_SET])) { $do_log = array_merge($do_log, $changedUserData); $log_action = USER_AUDIT_NEW_SET; } if (count($do_log)) { // Got some changes to audit // echo "Adding to audit log
"; if ($_uid) { $log_action = USER_AUDIT_ADMIN; // If an admin did the mod, different heading // Embed a message saying who changed the data $changedUserData['message'] = str_replace(array('[x]', '[y]'), array(USERID, USERNAME), LAN_USET_18); e107::getLog()->user_audit($log_action, $do_log, $udata['user_id'], $udata['user_loginname']); } else { if (count($do_log) > 1) { $log_action = USER_AUDIT_NEW_SET; } // Log multiple entries to one record e107::getLog()->user_audit($log_action, $do_log); } } } // End of audit logging // Now tidy up if ($photo_to_delete) { // Photo may be a flat file, or in the database $this->deleteFile($photo_to_delete); } if ($avatar_to_delete) { // Avatar may be a flat file, or in the database $this->deleteFile($avatar_to_delete); } // If user has changed display name, update the record in the online table if (isset($changedUserData['user_name']) && !$_uid) { $sql->update('online', "online_user_id = '".USERID.".".$changedUserData['user_name']."' WHERE online_user_id = '".USERID.".".USERNAME."'"); } e107::getEvent()->trigger('postuserset', $_POST); if (count($triggerData)) { e107::getEvent()->trigger('userdatachanged', $triggerData); e107::getEvent()->trigger('user_profile_edit', $triggerData); } if (e_QUERY == 'update') { e107::redirect(); } if($adminEdit && $message) { $mes->addSuccess($message); } $USERSETTINGS_MESSAGE =$this->getTemplate('message'); $USERSETTINGS_MESSAGE_CAPTION = $this->getTemplate('message_caption'); if(isset($USERSETTINGS_MESSAGE)) { $message = str_replace("{MESSAGE}",$message,$USERSETTINGS_MESSAGE); } elseif(!deftrue('BOOTSTRAP')) // backwards compatible { $message = "
'; } $caption = (isset($USERSETTINGS_MESSAGE_CAPTION)) ? $USERSETTINGS_MESSAGE_CAPTION : LAN_OK; } // End - if (!$error)... if (!$error && !$promptPassword) { if(isset($_POST) && vartrue($changedUserData['user_name'])) { $redirect = e107::getRedirect(); $url = e107::getUrl(); $to = $_uid ? $url->create('user/profile/edit', array('id' => $_uid, 'name' => $changedUserData['user_name'])) : $url->create('user/myprofile/edit'); if($message) e107::getMessage()->addSuccess($message, 'default', true); $redirect->redirect($to); } unset($_POST); } if ($promptPassword) // User has to enter password to validate data { $this->renderPasswordForm($changedUserData,$changedEUFData); return false; } if ($error) { $message = $this->compileErrors($extraErrors, $allData, $eufVals); // if(!empty($message)) { if(deftrue('BOOTSTRAP')) { echo e107::getMessage()->addError($message)->render(); } else { $ns->tablerender($caption, $message); } } } elseif($dataToSave === true) // --- User data has been updated here if appropriate --- { $testSessionMessage = e107::getMessage()->get(E_MESSAGE_SUCCESS, 'default', true); // only success in the session if($testSessionMessage) $message = implode('
', $testSessionMessage); // we got raw message - array if(empty($message)) { $message = LAN_USET_41; // probably only extended fields updated. } if(deftrue('BOOTSTRAP')) { echo e107::getMessage()->addSuccess($message)->render(); } else { $ns->tablerender($caption, $message); } } $this->renderForm($changedUserData); return false; } /** * @param $extraErrors * @param $allData * @param $eufVals * @return string */ private function compileErrors($extraErrors, $allData, $eufVals) { $temp = array(); $userMethods = e107::getUserSession(); if (count($extraErrors)) { $temp[] = implode('
', $extraErrors); } if (count($allData['errors'])) { $temp[] = validatorClass::makeErrorList($allData,'USER_ERR_','%n - %x - %t: %v', '
', $userMethods->userVettingInfo); } if (vartrue($eufVals['errors'])) { $temp[] = '
'.validatorClass::makeErrorList($eufVals,'USER_ERR_','%n - %x - %t: %v', '
', NULL); } return implode('
', $temp); } /** * @param $string * @return string */ private function getValidationKey($string) { return crypt($string, e_TOKEN); } /** * @param $changedUserData * @param $changedEUFData */ private function renderPasswordForm($changedUserData, $changedEUFData ) { $ns = e107::getRender(); $updated_data = e107::serialize($changedUserData,'json'); $validation_key = $this->getValidationKey($updated_data); $updated_data = base64_encode($updated_data); $updated_extended = e107::serialize($changedEUFData, 'json'); $extended_key = $this->getValidationKey($updated_extended); $updated_extended = base64_encode($updated_extended); $formTarget = e107::getUrl()->create('user/myprofile/edit'); $text = "
"; foreach ($_POST as $k => $v) { if (is_array($v)) { foreach ($v as $sk => $sv) { $text .= "\n"; } } else { $text .= "\n"; } } $text .= LAN_USET_21."
"; $text .= "
".e107::getForm()->button('SaveValidatedInfo',1, 'submit', LAN_ENTER)."
"; $ns->tablerender(LAN_USET_39, $text); } /** * @param $changedUserData */ private function renderForm($changedUserData) { $sql = e107::getDb(); $ns = e107::getRender(); $tp = e107::getParser(); $userMethods = e107::getUserSession(); $uuid = USERID; $qry = " SELECT u.*, ue.* FROM #user AS u LEFT JOIN #user_extended AS ue ON ue.user_extended_id = u.user_id WHERE u.user_id=".intval($uuid); $sql->gen($qry); // Re-read the user data into curVal (ready for display) $curVal=$sql->fetch(); $curVal['user_class'] = varset($changedUserData['user_class'], $curVal['user_class']); $curVal['userclass_list'] = $userMethods->addCommonClasses($curVal, FALSE); if(!empty($_POST)) { // Fix for all the values being lost when there was an error in a field - restore from the latest $_POST values // (Password fields have intentionally been cleared). If no error, there's an unset($_POST) to disable this block foreach ($_POST as $key => $val) { if ($key != 'class') { $curVal['user_'.$key] = $tp->post_toForm($val); } } foreach ($_POST['ue'] as $key => $val) { $curVal[$key] = $tp->post_toForm($val); } } $target = e107::getUrl()->create('user/myprofile/edit',array('id'=>USERID)); $text = '
'; if (e_QUERY == "update") { $text .= "

".str_replace("*", "*", LAN_USET_9)."

"; } // e107::scStyle($sc_style); e107::getScBatch('usersettings')->setVars($curVal)->reset(); $USERSETTINGS_EDIT = $this->getTemplate('edit'); $USERSETTINGS_EDIT_CAPTION = $this->getTemplate('edit_caption'); $text .= $tp->parseTemplate($USERSETTINGS_EDIT, true, $this->sc); //ParseSC must be set to true so that custom plugin -shortcodes can be utilized. $text .= "
"; $caption = (isset($USERSETTINGS_EDIT_CAPTION)) ? $USERSETTINGS_EDIT_CAPTION : LAN_USET_39; // 'Update User Settings' $ns->tablerender($caption, $text); } // /**' * todo review and remove method if deemed appropriate * Delete a file from the public directories. Return TRUE on success, FALSE on failure. * Also deletes from database if appropriate. * @param $fname */ private function deleteFile($fname) { /* $dir = 'avatars/'; $sql = e107::getDb(); $tp = e107::getParser(); $fname = trim($fname); if (!$fname) return false; if (preg_match("#Binary (.*?)/#", $fname, $match)) { return $sql -> db_Delete("rbinary", "binary_id='".$tp -> toDB($match[1])."'"); } elseif (file_exists(e_UPLOAD.$dir.$fname)) { unlink(e_UPLOAD.$dir.$fname); return true; } return false; */ } } $us = new usersettings_front; require_once(HEADERF); $us->init(); require_once (FOOTERF); // If a field is required, returns a red asterisk function req($field) { $ret = ""; if ($field == 2) { $ret = ""; } return $ret; }