/**
* changes user settings (usernane, email, password)
*
* @param array @data user settings values
* @param ing @user_id (default is the id stored in session)
*
* @return boolean
*/
public function changeSettings($data, $user_id = USER_ID)
{
$database = new Database();
if (!is_array($data)) {
return false;
}
//print_r($data); exit;
$id = $user_id;
// check token validation
if (!Token::validateToken($data['auth_token'])) {
$this->error = true;
$this->errors[] = "Token is not valid.";
return false;
}
// check if old password is passed
if (!isset($data['old_password'])) {
$this->errors['old_password'] = "******";
$this->error = true;
return false;
} else {
$pw = $data['old_password'];
}
// verify password
if (!Auth::password_check($id, $pw)) {
$this->errors['old_password'] = "******";
$this->error = true;
return false;
}
// array of data to be updated
$newData = [];
// no need for this anymore
unset($data['old_password']);
$username = isset($data['username']) ? $data['username'] : false;
$email = isset($data['email']) ? $data['email'] : false;
$pw1 = isset($data['password']) ? $data['password'] : false;
$pw2 = isset($data['repassword']) ? $data['repassword'] : false;
// at least one field should be changed
if (!$username && !$email && !$pw1) {
$this->errors[] = "No data to be changed.";
$this->error = true;
return false;
}
// get user details by his id
$user = Auth::getUserDetails($id);
// if the given username is different than the one in the database
// check if it exists in another row
if ($username && $username !== $user->username) {
if (!Auth::form_check("username", $username)) {
$this->errors['username'] = "******";
$this->error = true;
}
// check unsername length
if (strlen($username) > 15) {
$this->error = true;
$this->errors['username'] = "******";
} elseif (strlen($username) < 4) {
$this->error = true;
$this->errors['username'] = "******";
}
// check username allowed characters
if (preg_match('/[^a-z_\\-0-9]/i', $username)) {
$this->error = true;
$this->errors['username'] = "******";
}
$newData['username'] = $username;
}
// the same for email
if ($email && $email !== $user->email) {
if (!Auth::form_check("email", $email)) {
$this->errors['email'] = "email already exists.";
$this->error = true;
}
// validate email
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$this->error = true;
$this->errors['email'] = "email is not valid";
}
$newData['email'] = $email;
}
// username and email are passed, check for password change
if ($pw1 && $pw2) {
// if password 1 doesn't match password 2
if ($pw1 !== $pw2) {
$this->errors[] = "Passwords don't match.";
$this->error = true;
return false;
}
// check password length
if (strlen($pw1) < 4) {
$this->error = true;
$this->errors['password'] = "******";
return false;
}
$pw = password_hash($pw1, PASSWORD_BCRYPT);
$newData['password'] = $pw;
}
if ($this->error) {
return false;
}
// no errors, we have the new data, update the table
// get fields and values from the data array
$fields = array_keys($newData);
$values = array_values($newData);
$update = $database->update_data(TABLE_INFO, $fields, $values, 'id', $id);
if ($update !== true) {
// if something went wrong while updating
return $database->errors;
}
return true;
}
/**
* edit a comment
*
* @param $id int
*
* @return array|string
*/
public static function edit_comment($commentID, $content)
{
$database = new Database();
$update = $database->update_data(TABLE_COMMENTS, ['content'], [$content], 'id', $commentID);
if ($update !== true || $database->error) {
return array_shift($database->errors);
}
return true;
}
$database = new Database();
$data = $_POST['values'];
$user = new User();
$update = $user->changeSettings($data);
if ($update === true) {
echo "1";
} else {
echo json_encode($user->errors);
}
exit;
break;
// update user privacy
// update user privacy
case 'privacy_update':
$database = new Database();
unset($_POST['action']);
$data = $_POST;
unset($_POST);
$fields = $data['fields'];
$values = $data['values'];
$update = $database->update_data("user_privacy", $fields, $values, "user_id");
if ($update === true) {
// update success
echo "1";
} else {
echo json_encode($database->errors);
}
break;
default:
break;
}
/**
* makes a question private
*
* @param $PostID int
*
* @return boolean|string
*/
public static function unPublish($PostID)
{
$database = new Database();
$fields = ['status'];
$values = [2];
$update = $database->update_data(TABLE_QUESTIONS, $fields, $values, 'id', $PostID);
if ($update === true) {
return true;
} else {
return array_shift($database->errors);
}
}
