/** * changes user settings (usernane, email, password) * * @param array @data user settings values * @param ing @user_id (default is the id stored in session) * * @return boolean */ public function changeSettings($data, $user_id = USER_ID) { $database = new Database(); if (!is_array($data)) { return false; } //print_r($data); exit; $id = $user_id; // check token validation if (!Token::validateToken($data['auth_token'])) { $this->error = true; $this->errors[] = "Token is not valid."; return false; } // check if old password is passed if (!isset($data['old_password'])) { $this->errors['old_password'] = "******"; $this->error = true; return false; } else { $pw = $data['old_password']; } // verify password if (!Auth::password_check($id, $pw)) { $this->errors['old_password'] = "******"; $this->error = true; return false; } // array of data to be updated $newData = []; // no need for this anymore unset($data['old_password']); $username = isset($data['username']) ? $data['username'] : false; $email = isset($data['email']) ? $data['email'] : false; $pw1 = isset($data['password']) ? $data['password'] : false; $pw2 = isset($data['repassword']) ? $data['repassword'] : false; // at least one field should be changed if (!$username && !$email && !$pw1) { $this->errors[] = "No data to be changed."; $this->error = true; return false; } // get user details by his id $user = Auth::getUserDetails($id); // if the given username is different than the one in the database // check if it exists in another row if ($username && $username !== $user->username) { if (!Auth::form_check("username", $username)) { $this->errors['username'] = "******"; $this->error = true; } // check unsername length if (strlen($username) > 15) { $this->error = true; $this->errors['username'] = "******"; } elseif (strlen($username) < 4) { $this->error = true; $this->errors['username'] = "******"; } // check username allowed characters if (preg_match('/[^a-z_\\-0-9]/i', $username)) { $this->error = true; $this->errors['username'] = "******"; } $newData['username'] = $username; } // the same for email if ($email && $email !== $user->email) { if (!Auth::form_check("email", $email)) { $this->errors['email'] = "email already exists."; $this->error = true; } // validate email if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $this->error = true; $this->errors['email'] = "email is not valid"; } $newData['email'] = $email; } // username and email are passed, check for password change if ($pw1 && $pw2) { // if password 1 doesn't match password 2 if ($pw1 !== $pw2) { $this->errors[] = "Passwords don't match."; $this->error = true; return false; } // check password length if (strlen($pw1) < 4) { $this->error = true; $this->errors['password'] = "******"; return false; } $pw = password_hash($pw1, PASSWORD_BCRYPT); $newData['password'] = $pw; } if ($this->error) { return false; } // no errors, we have the new data, update the table // get fields and values from the data array $fields = array_keys($newData); $values = array_values($newData); $update = $database->update_data(TABLE_INFO, $fields, $values, 'id', $id); if ($update !== true) { // if something went wrong while updating return $database->errors; } return true; }
/** * edit a comment * * @param $id int * * @return array|string */ public static function edit_comment($commentID, $content) { $database = new Database(); $update = $database->update_data(TABLE_COMMENTS, ['content'], [$content], 'id', $commentID); if ($update !== true || $database->error) { return array_shift($database->errors); } return true; }
$database = new Database(); $data = $_POST['values']; $user = new User(); $update = $user->changeSettings($data); if ($update === true) { echo "1"; } else { echo json_encode($user->errors); } exit; break; // update user privacy // update user privacy case 'privacy_update': $database = new Database(); unset($_POST['action']); $data = $_POST; unset($_POST); $fields = $data['fields']; $values = $data['values']; $update = $database->update_data("user_privacy", $fields, $values, "user_id"); if ($update === true) { // update success echo "1"; } else { echo json_encode($database->errors); } break; default: break; }
/** * makes a question private * * @param $PostID int * * @return boolean|string */ public static function unPublish($PostID) { $database = new Database(); $fields = ['status']; $values = [2]; $update = $database->update_data(TABLE_QUESTIONS, $fields, $values, 'id', $PostID); if ($update === true) { return true; } else { return array_shift($database->errors); } }