*/
include_once "../auth/login_check.php";
loginCheck(OPEN_PROFILE_ADMINISTRATOR);
}
/**
* Validate data
*/
require_once "../model/Query/User.php";
$user = new User();
$user->setIdUser($_POST["id_user"]);
require_once "../admin/user_validate_post.php";
/**
* Update user
*/
$userQ = new Query_User();
if ($userQ->existLogin($user->getLogin(), $user->getIdMember())) {
$loginUsed = true;
FlashMsg::add(sprintf(_("Login, %s, already exists. The changes have no effect."), $user->getLogin()), OPEN_MSG_WARNING);
} else {
$userQ->update($user);
FlashMsg::add(sprintf(_("User, %s, has been updated."), $user->getLogin()));
/**
* updating session variables if user is current user
*/
if (isset($_POST["all"])) {
$_SESSION['auth']['login_session'] = $user->getLogin();
$_SESSION['auth']['user_theme'] = $user->getIdTheme();
}
}
if ($changePwd && !$loginUsed) {
if (!$userQ->verifySignOn($_POST["login"], $_POST["md5_old"], true)) {
/**
* @brief Sauvegarde le profil de l'utilisateur dans la base de données
* @param User $user ID du membre qui doit sauvegarder son profil
* @return boolean @b TRUE si la sauvegarde s'est correctement déroulée
*/
public function saveProfile($user)
{
try {
$this->bdd->beginTransaction();
$req = $this->bdd->prepare("SELECT * FROM profile \n\t\t\tNATURAL JOIN profile_key\n\t\t\tWHERE id_member = :id_member");
$req->bindValue(':id_member', $user->getIdMember(), PDO::PARAM_INT);
$req->execute();
$temp = array();
while ($rep = $req->fetch(PDO::FETCH_ASSOC)) {
$temp[$rep['key_name']]['value'] = $rep['value'];
$temp[$rep['key_name']]['key'] = $rep['id_key'];
}
foreach ($user->getProfile() as $key => $value) {
if (isset($temp[$key]['value'])) {
if ($temp[$key] != $value) {
//différence entre BDD et User Session ?
$req = $this->bdd->prepare("UPDATE profile SET value = :value\n\t\t\t\t\t\tWHERE id_member = :id_member AND id_key = :id_key");
$req->bindValue(':id_member', $user->getIdMember(), PDO::PARAM_INT);
$req->bindValue(':id_key', $temp[$key]['key'], PDO::PARAM_INT);
$req->bindValue(':value', $value, PDO::PARAM_STR);
$req->execute();
}
} else {
$req = $this->bdd->prepare("INSERT INTO profile(id_member, id_key, value) \n\t\t\t\t\tVALUES (:id_member, (SELECT id_key FROM profile_key WHERE key_name = :key_name), :value)");
$req->bindValue(':id_member', $user->getIdMember(), PDO::PARAM_INT);
$req->bindValue(':key_name', $key, PDO::PARAM_INT);
$req->bindValue(':value', $value, PDO::PARAM_STR);
$req->execute();
}
}
$this->bdd->commit();
return true;
} catch (Exception $e) {
$this->bdd->rollBack();
return false;
}
}
/**
* bool update(User $user)
*
* Update an user in the users table.
*
* @param User $user user to update
* @return boolean returns false, if error occurs
* @access public
*/
function update($user)
{
if (!$user instanceof User) {
$this->_error = "Argument is an inappropriate object.";
return false;
}
if ($this->existLogin($user->getLogin(), $user->getIdMember())) {
$this->_isError = true;
$this->_error = "Login is already in use.";
return false;
}
$sql = "UPDATE staff_tbl SET";
$sql .= " login='******'";
$sql .= " WHERE id_user="******";";
if (!$this->exec($sql)) {
return false;
}
$sql = "UPDATE " . $this->_table . " SET " . "email=?, " . "actived=?, " . "id_theme=?, " . "id_profile=? " . "WHERE id_user=?;";
$params = array(urlencode($user->getEmail()), $user->isActived() ? "Y" : "N", $user->getIdTheme(), $user->getIdProfile(), $user->getIdUser());
return $this->exec($sql, $params);
}
