*/ include_once "../auth/login_check.php"; loginCheck(OPEN_PROFILE_ADMINISTRATOR); } /** * Validate data */ require_once "../model/Query/User.php"; $user = new User(); $user->setIdUser($_POST["id_user"]); require_once "../admin/user_validate_post.php"; /** * Update user */ $userQ = new Query_User(); if ($userQ->existLogin($user->getLogin(), $user->getIdMember())) { $loginUsed = true; FlashMsg::add(sprintf(_("Login, %s, already exists. The changes have no effect."), $user->getLogin()), OPEN_MSG_WARNING); } else { $userQ->update($user); FlashMsg::add(sprintf(_("User, %s, has been updated."), $user->getLogin())); /** * updating session variables if user is current user */ if (isset($_POST["all"])) { $_SESSION['auth']['login_session'] = $user->getLogin(); $_SESSION['auth']['user_theme'] = $user->getIdTheme(); } } if ($changePwd && !$loginUsed) { if (!$userQ->verifySignOn($_POST["login"], $_POST["md5_old"], true)) {
/** * @brief Sauvegarde le profil de l'utilisateur dans la base de données * @param User $user ID du membre qui doit sauvegarder son profil * @return boolean @b TRUE si la sauvegarde s'est correctement déroulée */ public function saveProfile($user) { try { $this->bdd->beginTransaction(); $req = $this->bdd->prepare("SELECT * FROM profile \n\t\t\tNATURAL JOIN profile_key\n\t\t\tWHERE id_member = :id_member"); $req->bindValue(':id_member', $user->getIdMember(), PDO::PARAM_INT); $req->execute(); $temp = array(); while ($rep = $req->fetch(PDO::FETCH_ASSOC)) { $temp[$rep['key_name']]['value'] = $rep['value']; $temp[$rep['key_name']]['key'] = $rep['id_key']; } foreach ($user->getProfile() as $key => $value) { if (isset($temp[$key]['value'])) { if ($temp[$key] != $value) { //différence entre BDD et User Session ? $req = $this->bdd->prepare("UPDATE profile SET value = :value\n\t\t\t\t\t\tWHERE id_member = :id_member AND id_key = :id_key"); $req->bindValue(':id_member', $user->getIdMember(), PDO::PARAM_INT); $req->bindValue(':id_key', $temp[$key]['key'], PDO::PARAM_INT); $req->bindValue(':value', $value, PDO::PARAM_STR); $req->execute(); } } else { $req = $this->bdd->prepare("INSERT INTO profile(id_member, id_key, value) \n\t\t\t\t\tVALUES (:id_member, (SELECT id_key FROM profile_key WHERE key_name = :key_name), :value)"); $req->bindValue(':id_member', $user->getIdMember(), PDO::PARAM_INT); $req->bindValue(':key_name', $key, PDO::PARAM_INT); $req->bindValue(':value', $value, PDO::PARAM_STR); $req->execute(); } } $this->bdd->commit(); return true; } catch (Exception $e) { $this->bdd->rollBack(); return false; } }
/** * bool update(User $user) * * Update an user in the users table. * * @param User $user user to update * @return boolean returns false, if error occurs * @access public */ function update($user) { if (!$user instanceof User) { $this->_error = "Argument is an inappropriate object."; return false; } if ($this->existLogin($user->getLogin(), $user->getIdMember())) { $this->_isError = true; $this->_error = "Login is already in use."; return false; } $sql = "UPDATE staff_tbl SET"; $sql .= " login='******'"; $sql .= " WHERE id_user="******";"; if (!$this->exec($sql)) { return false; } $sql = "UPDATE " . $this->_table . " SET " . "email=?, " . "actived=?, " . "id_theme=?, " . "id_profile=? " . "WHERE id_user=?;"; $params = array(urlencode($user->getEmail()), $user->isActived() ? "Y" : "N", $user->getIdTheme(), $user->getIdProfile(), $user->getIdUser()); return $this->exec($sql, $params); }