$permissions[$field] = $permissionEnabled; } } if ($editUser->isAdmin() && $customizeRights && $canManage) { // save user customized rights $editUser->updatePermissions($permissions); $logtext = getGS('Permissions changed for user "$1"',$editUser->getUserName()); Log::Message($logtext, $g_user->getUserId(), 55); } if ($editUser->isAdmin() && !$customizeRights && $canManage) { // save user rights based on existing user type $userTypeId = Input::Get('UserType', 'int', 0); if ($userTypeId != 0) { $editUser->setUserType($userTypeId); } } // unsubscribe $unsubscribe = Input::Get('unsubscribe', 'bool', false); if ($unsubscribe && ($canManage || $editUser->getUserId() == $g_user->getUserId())) { $editUser->setPermission('MailNotify', false); } camp_html_add_msg(getGS("User '$1' information was changed successfully.", $editUser->getUserName()), "ok"); $editUser->fetch(); if ($editUser->getUserName() == $g_user->getUserName() && !$editUser->hasPermission('ManageUsers')) { camp_html_goto_page("/$ADMIN/");
private function getUser($selectResult) { $User = new User(); $count = 0; while ($list = mysqli_fetch_assoc($selectResult)) { $User->setUserId($list['usr_user_id']); $User->setFirstName($list['usr_first_name']); $User->setLastName($list['usr_last_name']); $User->setLogin($list['usr_login']); //$User->setUserRatingId($list['']); $User->setEmail($list['usr_email']); $User->setDOB($list['usr_DOB']); //$User->setLocation($list['']); $User->setRegistration_date($list['usr_registration_date']); $User->setUserType($list['usr_user_type_id']); $User->setUserLanguage($list['usr_language']); $User->setEmailSub($list['usr_email_subscribed']); } return $User; }
$pass = $user_info['password']; $user_insert_id = ""; //contains the city Ids, it will get us the location //$cityid = $userManager->getuserLocation(); $cityid = '1'; //Inserting into the profecient Table;; $LProfManager = new LanguageProfManager(); $User->setFirstName($userfname); $User->setLastName($userlname); $User->setLogin($userid); $User->setEmail($emailid); $User->setPassword($pass); $User->setDOB($dob); $User->setLocation($cityid); $User->setRegistration_date(date("Y-m-d")); $User->setUserType(4); $user_insert_id = $userManager->addUser($User); //echo $user_insert_id; if ($user_insert_id) { //$cityid='4'; $prof = []; $count_prof = count($user_info['mylanguage']); $i = 0; if (count($count_prof) > 0) { for ($i = 0; $i < $count_prof; $i++) { $lprof[] = new LanguageProf(); $lprof[$i]->setLanguageId($user_info['mylanguage'][$i]); $lprof[$i]->setProf($user_info['proficient'][$i]); $lprof[$i]->setUserId($user_insert_id); if ($LProfManager->AddProficient($lprof[$i])) { $allworks = true;
<?php require_once '../core/init.php'; $data = array(); $userId = $_POST['userid']; $userType = $_POST['usertype']; $userFullName = $_POST['fullname']; $userStatus = $_POST['userstatus']; $user = new User(); $fetchedUser = $user->getUserUsingUserId($userId); if (isset($fetchedUser)) { //now set the modified values using the setter methods.. $modifiedUser = new User(); $modifiedUser->setUserId($userId); $modifiedUser->setUserType($userType); $modifiedUser->setUsername($fetchedUser->username); $modifiedUser->existingUserPassword($fetchedUser->user_password); $modifiedUser->setUserFullName($userFullName); $modifiedUser->setUserStatus($userStatus); $modifiedUser->setEmail($fetchedUser->email); $modifiedUser->setUserLastValidLogin($fetchedUser->user_last_valid_login); $modifiedUser->setUserFirstInvalidLogin($fetchedUser->user_first_invalid_login); $modifiedUser->setUserFailedLoginCount($fetchedUser->user_faild_login_count); $modifiedUser->setUserCreateDate($fetchedUser->user_create_date); $modifiedUser->setModifiedBy($fetchedUser->modified_by); $modifiedUser->setModificationDate($fetchedUser->modification_date); //update the record $user->update($modifiedUser); $data['success'] = true; $data['message'] = "<div class='alert alert-success alert-dismissable'>" . "<button type='button' class='close' data-dismiss='alert' aria-hidden='true'>×</button>" . "Lorem ipsum dolor sit amet, consectetur adipisicing elit. <a href='#' class='alert-link'>Alert Link</a>." . "</div><br/>"; echo json_encode($data);
function Main() { switch ($this->formArray["formAction"]) { case "edit": $UserDetails = new SoapObject(NCCBIZ . "UserDetails.php", "urn:Object"); if (!($xmlStr = $UserDetails->getUserDetails($this->formArray["userID"]))) { $this->tpl->set_block("rptsTemplate", "Table", "TableBlock"); $this->tpl->set_var("TableBlock", "User record not found"); } else { if (!($domDoc = domxml_open_mem($xmlStr))) { $this->tpl->set_block("rptsTemplate", "Table", "TableBlock"); $this->tpl->set_var("TableBlock", "error xmlDoc"); } else { $user = new User(); $user->parseDomDocument($domDoc); $this->formArray["userID"] = $user->getUserID(); $this->formArray["userType"] = $user->getUserType(); $this->formArray["username"] = $user->getUsername(); $this->formArray["password"] = $user->getPassword(); $this->formArray["personID"] = $user->getPersonID(); $this->formArray["status"] = $user->getStatus(); } } $PersonDetails = new SoapObject(NCCBIZ . "PersonDetails.php", "urn:Object"); if (!($xmlStr = $PersonDetails->getPersonDetails($this->formArray["personID"]))) { $this->tpl->set_block("rptsTemplate", "Table", "TableBlock"); $this->tpl->set_var("TableBlock", "Person record not found"); } else { if (!($domDoc = domxml_open_mem($xmlStr))) { $this->tpl->set_block("rptsTemplate", "Table", "TableBlock"); $this->tpl->set_var("TableBlock", "error xmlDoc"); } else { $person = new Person(); $person->parseDomDocument($domDoc); list($dateArr["year"], $dateArr["month"], $dateArr["day"]) = explode("-", $person->getBirthday()); $this->formArray["personID"] = $person->getPersonID(); $this->formArray["lastName"] = $person->getLastName(); $this->formArray["firstName"] = $person->getFirstName(); $this->formArray["middleName"] = $person->getMiddleName(); $this->formArray["gender"] = $person->getGender(); $this->formArray["birth_year"] = removePreZero($dateArr["year"]); $this->formArray["birth_month"] = removePreZero($dateArr["month"]); $this->formArray["birth_day"] = removePreZero($dateArr["day"]); $this->formArray["maritalStatus"] = $person->getMaritalStatus(); $this->formArray["tin"] = $person->getTin(); $address = $person->addressArray[0]; if (is_a($address, Address)) { $this->formArray["addressID"] = $address->getAddressID(); $this->formArray["number"] = $address->getNumber(); $this->formArray["street"] = $address->getStreet(); $this->formArray["barangay"] = $address->getBarangay(); $this->formArray["district"] = $address->getDistrict(); $this->formArray["municipalityCity"] = $address->getMunicipalitycity(); $this->formArray["province"] = $address->getProvince(); } $this->formArray["telephone"] = $person->getTelephone(); $this->formArray["mobileNumber"] = $person->getMobileNumber(); $this->formArray["email"] = $person->getEmail(); } } $this->tpl->set_block("rptsTemplate", "NewUserPassword", "NewUserPasswordBlock"); $this->tpl->set_var("NewUserPasswordBlock", ""); $this->tpl->set_block("rptsTemplate", "OldUserPassword", "OldUserPasswordBlock"); $this->tpl->set_var("oldNewUserRowspan", 5); //$this->tpl->set_var("oldNewUserRowspan", 3); $this->tpl->parse("OldUserPasswordBlock", "OldUserPassword", true); break; case "save": /* if($this->isOldPasswordCorrect()==false){ $this->message = "Error. Cannot Save. Old password incorrect to create new password."; $this->tpl->set_var("message", $this->message); $this->tpl->parse("MessageBlock", "Message", true); $this->tpl->set_block("rptsTemplate", "NewUserPassword", "NewUserPasswordBlock"); $this->tpl->set_var("NewUserPasswordBlock", ""); $this->tpl->set_block("rptsTemplate", "OldUserPassword", "OldUserPasswordBlock"); $this->tpl->set_var("oldNewUserRowspan", 3); $this->tpl->parse("OldUserPasswordBlock", "OldUserPassword", true); break; } */ if ($this->formArray["newPassword"] != "" && $this->formArray["newPassword"] != "null") { $this->formArray["password"] = md5($this->formArray["newPassword"]); } if ($this->usernameAlreadyExists() == true) { $this->message = "Error. Cannot Save. Username already exists."; $this->tpl->set_var("message", $this->message); $this->tpl->parse("MessageBlock", "Message", true); $this->tpl->set_block("rptsTemplate", "NewUserPassword", "NewUserPasswordBlock"); $this->tpl->set_block("rptsTemplate", "OldUserPassword", "OldUserPasswordBlock"); if ($this->formArray["personID"] != "") { $this->tpl->set_var("NewUserPasswordBlock", ""); $this->tpl->set_var("oldNewUserRowspan", 3); $this->tpl->parse("OldUserPasswordBlock", "OldUserPassword", true); } else { $this->tpl->set_var("oldNewUserRowspan", 2); $this->tpl->parse("NewUserPasswordBlock", "NewUserPassword", true); $this->tpl->set_var("OldUserPasswordBlock", ""); } break; } $PersonEncode = new SoapObject(NCCBIZ . "PersonEncode.php", "urn:Object"); if ($this->formArray["personID"] != "") { $PersonDetails = new SoapObject(NCCBIZ . "PersonDetails.php", "urn:Object"); if (!($xmlStr = $PersonDetails->getPersonDetails($this->formArray["personID"]))) { $this->tpl->set_block("rptsTemplate", "Table", "TableBlock"); $this->tpl->set_var("TableBlock", "Person record not found"); } else { if (!($domDoc = domxml_open_mem($xmlStr))) { $this->tpl->set_block("rptsTemplate", "Table", "TableBlock"); $this->tpl->set_var("TableBlock", "error xmlDoc"); } else { $person = new Person(); $person->parseDomDocument($domDoc); $address = $person->addressArray[0]; if (is_a($address, Address)) { $address->setAddressID($this->formArray["addressID"]); $address->setNumber($this->formArray["number"]); $address->setStreet($this->formArray["street"]); $address->setBarangay($this->formArray["barangay"]); $address->setDistrict($this->formArray["district"]); $address->setMunicipalityCity($this->formArray["municipalityCity"]); $address->setProvince($this->formArray["province"]); $address->setDomDocument(); } $person->setPersonID($this->formArray["personID"]); $person->setPersonType("adminUser"); $person->setLastName($this->formArray["lastName"]); $person->setFirstName($this->formArray["firstName"]); $person->setMiddleName($this->formArray["middleName"]); $person->setGender($this->formArray["gender"]); $person->setBirthday($this->birthdate); $person->setMaritalStatus($this->formArray["maritalStatus"]); $person->setTin($this->formArray["tin"]); $person->setAddressArray($address); $person->setTelephone($this->formArray["telephone"]); $person->setMobileNumber($this->formArray["mobileNumber"]); $person->setEmail($this->formArray["email"]); $person->setDomDocument(); $doc = $person->getDomDocument(); //echo $doc->html_dump_mem(); $xmlStr = $doc->dump_mem(true); if (!($ret = $PersonEncode->updatePerson($xmlStr))) { exit("error update"); } } } } else { $address = new Address(); $address->setNumber($this->formArray["number"]); $address->setStreet($this->formArray["street"]); $address->setBarangay($this->formArray["barangay"]); $address->setDistrict($this->formArray["district"]); $address->setMunicipalityCity($this->formArray["municipalityCity"]); $address->setProvince($this->formArray["province"]); $address->setDomDocument(); $person = new Person(); $person->setPersonID($this->formArray["personID"]); $person->setPersonType("adminUser"); $person->setLastName($this->formArray["lastName"]); $person->setFirstName($this->formArray["firstName"]); $person->setMiddleName($this->formArray["middleName"]); $person->setGender($this->formArray["gender"]); $person->setBirthday($this->birthdate); $person->setMaritalStatus($this->formArray["maritalStatus"]); $person->setTin($this->formArray["tin"]); $person->setAddressArray($address); $person->setTelephone($this->formArray["telephone"]); $person->setMobileNumber($this->formArray["mobileNumber"]); $person->setEmail($this->formArray["email"]); $person->setDomDocument(); $doc = $person->getDomDocument(); $xmlStr = $doc->dump_mem(true); //echo $this->formArray["ownerID"].$xmlStr; if (!($ret = $PersonEncode->savePerson($xmlStr, $this->formArray["ownerID"]))) { exit("error save"); } } $this->formArray["personID"] = $ret; $UserEncode = new SoapObject(NCCBIZ . "UserEncode.php", "urn:Object"); if ($this->formArray["userID"] != "") { $UserDetails = new SoapObject(NCCBIZ . "UserDetails.php", "urn:Object"); if (!($xmlStr = $UserDetails->getUserDetails($this->formArray["userID"]))) { exit("User record not found"); } else { if (!($domDoc = domxml_open_mem($xmlStr))) { $this->tpl->set_block("rptsTemplate", "Table", "TableBlock"); $this->tpl->set_var("TableBlock", "error xmlDoc"); } else { $user = new User(); $user->parseDomDocument($domDoc); $user->setUserID($this->formArray["userID"]); $user->setUserType($this->formArray["userType"]); $user->setUsername($this->formArray["username"]); $user->setPassword($this->formArray["password"]); $user->setPersonID($this->formArray["personID"]); $user->setStatus($this->formArray["status"]); $user->setDomDocument(); $doc = $user->getDomDocument(); $xmlStr = $doc->dump_mem(true); if (!($ret = $UserEncode->updateUser($xmlStr))) { exit("error update"); } } } } else { $user = new User(); //$user->setUserID($this->formArray["userID"]); $user->setUserType($this->formArray["userType"]); $user->setUsername($this->formArray["username"]); $user->setPassword(md5($this->formArray["password"])); $user->setPersonID($this->formArray["personID"]); $user->setStatus($this->formArray["status"]); $user->setDomDocument(); $doc = $user->getDomDocument(); $xmlStr = $doc->dump_mem(true); if (!($ret = $UserEncode->saveUser($xmlStr))) { exit("error save"); } } header("location: UserClose.php" . $this->sess->url("")); exit; break; case "cancel": header("location: UserClose.php" . $this->sess->url("")); exit; break; default: $this->tpl->set_block("rptsTemplate", "UserID", "UserIDBlock"); $this->tpl->set_var("UserIDBlock", ""); $this->tpl->set_block("rptsTemplate", "ACK", "ACKBlock"); $this->tpl->set_var("ACKBlock", ""); $this->tpl->set_block("rptsTemplate", "NewUserPassword", "NewUserPasswordBlock"); $this->tpl->set_var("oldNewUserRowspan", 2); $this->tpl->parse("NewUserPasswordBlock", "NewUserPassword", true); $this->tpl->set_block("rptsTemplate", "OldUserPassword", "OldUserPasswordBlock"); $this->tpl->set_var("OldUserPasswordBlock", ""); } $this->setForm(); if ($this->message == "") { $this->tpl->set_var("MessageBlock", ""); } $this->tpl->parse("templatePage", "rptsTemplate"); $this->tpl->finish("templatePage"); $this->tpl->p("templatePage"); }
if (User::UserNameExists($fieldValues['UName'])) { $errorMsg = $translator->trans('That user name already exists, please choose a different login name.', array(), 'users'); camp_html_add_msg($errorMsg); camp_html_goto_page($backLink); } if (User::EmailExists($fieldValues['EMail'])) { $errorMsg = $translator->trans('Another user is registered with that e-mail address, please choose a different one.', array(), 'users'); camp_html_add_msg($errorMsg); camp_html_goto_page($backLink); } // read password $password = Input::Get('password', 'string', ''); $passwordConf = Input::Get('passwordConf', 'string', ''); if (strlen($password) < 6 || $password != $passwordConf) { $errorMsg = $translator->trans('The password must be at least 6 characters long and both passwords should match.', array(), 'users'); camp_html_add_msg($errorMsg); camp_html_goto_page($backLink); } $fieldValues['passwd'] = $password; // create user $editUser = new User(); if ($editUser->create($fieldValues)) { if ($uType == 'Staff') { $editUser->setUserType($Type); } camp_html_add_msg($translator->trans('User account $1 was created successfully.', array('$1' => $editUser->getUserName()), 'users'), "ok"); camp_html_goto_page("/{$ADMIN}/users/edit.php?User="******"&{$typeParam}"); } else { camp_html_add_msg($translator->trans('The user account could not be created.', array(), 'users')); camp_html_goto_page($backLink); }
require_once '../core/init.php'; $data = array(); $userId = $_POST['userId']; $currentEmail = $_POST['currentEmail']; $newEmail = $_POST['newEmail']; $username = $_POST['username']; $password = $_POST['password']; //the next step is to check if there exists a user with the passed //email, username and password. If so update the email variable only. $user = new User(); if ($user->userExistsWithCredentials($username, $currentEmail, $password)) { //now i can update the fetch the object using the id $fetchedUser = $user->getUserUsingUserId($userId); $modifiedUser = new User(); $modifiedUser->setUserId($userId); $modifiedUser->setUserType($fetchedUser->user_type); $modifiedUser->setUsername($fetchedUser->username); $modifiedUser->setUserPassword($password); $modifiedUser->setUserFullName($fetchedUser->user_full_name); $modifiedUser->setUserStatus($fetchedUser->user_status); $modifiedUser->setEmail($newEmail); $modifiedUser->setUserLastValidLogin($fetchedUser->user_last_valid_login); $modifiedUser->setUserFirstInvalidLogin($fetchedUser->user_first_invalid_login); $modifiedUser->setUserFailedLoginCount($fetchedUser->user_faild_login_count); $modifiedUser->setUserCreateDate($fetchedUser->user_create_date); $modifiedUser->setModifiedBy($fetchedUser->modified_by); $modifiedUser->setModificationDate($fetchedUser->modification_date); $user->update($modifiedUser); $data['success'] = true; $data['message'] = "<div class='alert alert-success alert-dismissable'>" . "<button type='button' class='close' data-dismiss='alert' aria-hidden='true'>×</button>" . "User email address updated successfully!" . "</div><br/>"; echo json_encode($data);
$this->userImage = $value; } function getUserImage() { return $this->userImage; } } //check if the user exist in DB $sql = "SELECT * FROM user WHERE login = '******'login']}'" . " AND password = '******'password']}'"; $user_data = mysql_query($sql, $con); $row = mysql_fetch_array($user_data); if (empty($row['login'])) { //redirect to registration page $to = 'not-exist.html'; header('Location: ' . $to); exit; } //put user data in Model (User Object) $user01 = new User(); $user01->setUserLogin($row['login']); $user01->setUserPassword($row['password']); $user01->setFullName($row['fullname']); $user01->setUserType($row['usertype']); $user01->setUserImage($row['image']); //put user data in session $_SESSION['user'] = $user01; //redirect to the HOME page $to = 'home.php'; header('Location: ' . $to); mysql_close($con); exit;
function showEditUserRes() { /* update last page */ $_SESSION['LASTPAGE'] = 'sysadmin.users.edituser'; $displayUsers = new DisplayUsers(); $urid = getFromSessionParams('urid'); $content = ""; if ($urid != '') { //edit $content = $displayUsers->displaySuccess(Language::messageUserChanged(loadvar('name'))); $_SESSION['LASTURID'] = $urid; } else { //add user! if (loadvar('username') != "" && loadvar('name') != '') { //ADD NEW!!! $user = new User('', true); $urid = $user->getUrid(); $_SESSION['LASTURID'] = $urid; $content = $displayUsers->displaySuccess(Language::messageUserAdded(loadvar('name'))); } } //ADD ALL SORTS OF CHECKS!! if ($urid != '' && loadvar('name') != "" && loadvar('username') != '') { $user = new User($urid); $user->setName(loadvar('name')); $user->setUsername(loadvar('username')); if (loadvar('pwd1') != '') { if (loadvar('pwd1') == loadvar('pwd2')) { $user->setPassword(loadvar('pwd1')); } else { $content = $displayUsers->displayWarning(Language::messageUserNoMatch()); } } $user->setSupervisor(loadvar('uridsel')); $user->setStatus(loadvar('status')); $user->setUserType(loadvar('usertype')); $user->setUserSubType(loadvar('usersubtype')); $current = $user->getSurveysAccess(); $allowedsurveys = loadvar(SETTING_USER_SURVEYS); // add access to all modes and languages if not specified in current access foreach ($allowedsurveys as $a) { if (!inArray($a, $current)) { $surv = new Survey($a); $mods = explode("~", $surv->getAllowedModes()); foreach ($mods as $m) { $user->setLanguages($a, $m, $surv->getAllowedLanguages($m)); } } } foreach ($current as $c) { if (!inArray($c, $allowedsurveys)) { $user->removeSurvey($c); } } $user->saveChanges(); // current survey not in allowed, then update to first survey for user if (!inArray($_SESSION['SUID'], $allowedsurveys)) { $surveys = new Surveys(); $_SESSION['SUID'] = $surveys->getFirstSurvey(); } } else { $content = $displayUsers->displayWarning(Language::messageUserCorrectErrors()); } return $displayUsers->showEditUser($_SESSION['LASTURID'], $content); }
/** * Run method with main page logic * * Populate template and display form for editing an profile entry. For POST requests, * check user credentials, check if profile exists and then update entry in database. * Available to members only * @access public */ public function run() { $session = Session::getInstance(); $user = $session->getUser(); if ($user == null || !$user->validUser()) { $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR); header("Location: " . BASE_URL); return; } $userDAO = UserDAO::getInstance(); $alter_user = null; $form_errors = array(); $form_values = array("id" => "", "password" => "", "password2" => "", "status" => "", "usertype" => "", "steamId" => "", "xboxId" => "", "psnId" => "", "wiiId" => ""); // Check form if (!empty($_POST)) { $form_values["id"] = isset($_POST["id"]) ? trim($_POST["id"]) : ""; $form_values["password"] = isset($_POST["password"]) ? trim($_POST["password"]) : ""; $form_values["password2"] = isset($_POST["password2"]) ? trim($_POST["password2"]) : ""; $form_values["status"] = isset($_POST["status"]) ? trim($_POST["status"]) : ""; $form_values["usertype"] = isset($_POST["usertype"]) ? trim($_POST["usertype"]) : ""; $form_values["steamId"] = isset($_POST["steamId"]) ? trim($_POST["steamId"]) : ""; $form_values["xboxId"] = isset($_POST["xboxId"]) ? trim($_POST["xboxId"]) : ""; $form_values["psnId"] = isset($_POST["psnId"]) ? trim($_POST["psnId"]) : ""; $form_values["wiiId"] = isset($_POST["wiiId"]) ? trim($_POST["wiiId"]) : ""; if (empty($form_values["id"])) { $form_errors["id"] = "User id not set"; } if (empty($form_values["password"]) && empty($form_values["password2"])) { } else { if (empty($form_values["password"])) { $form_errors["password"] = "******"; } else { if (empty($form_values["password2"])) { $form_errors["password"] = "******"; } else { if (strcmp($form_values["password"], $form_values["password2"]) != 0) { $form_errors["password"] = "******"; $form_values["password2"] = ""; } } } } if ($user->isAdmin() && !empty($form_values["status"])) { if (!is_numeric($form_values["status"])) { $form_errors["status"] = "Status must be a number"; } else { $status = intval($form_values["status"]); $tmp = new User(); try { $tmp->setUserType($status); } catch (InvalidUserTypeException $e) { $form_errors["status"] = "Invalid value for status"; } } } else { if ($user->isAdmin() && empty($form_values["status"])) { $form_errors["status"] = "Status not defined"; } } if ($user->isAdmin() && !empty($form_values["usertype"])) { if (!is_numeric($form_values["usertype"])) { $form_errors["usertype"] = "Status must be a number"; } $tmp = new User(); try { $tmp->setUserType($status); } catch (InvalidStatusException $e) { $form_errors["usertype"] = "Invalid value for status"; } } else { if ($user->isAdmin() && !empty($form_values["usertype"])) { $form_errors["usertype"] = "Type not defined"; } } // Regular expression check for identities if (!empty($form_values["steamId"])) { if (strlen($form_values["steamId"]) > 20) { $form_errors["steamId"] = "Steam ID too long"; } else { if (!preg_match("/^([A-Za-z0-9_]{3,20})\$/", $form_values["steamId"])) { $form_errors["steamId"] = "Steam ID is not valid"; } } } if (!empty($form_values["xboxId"])) { if (strlen($form_values["xboxId"]) > 15) { $form_errors["xboxId"] = "Xbox gamertag too long"; } else { if (!preg_match("/^[A-Za-z0-9 ]{3,15}\$/", $form_values["xboxId"])) { $form_errors["xboxId"] = "Xbox gamertag is not valid"; } } } if (!empty($form_values["psnId"])) { if (strlen($form_values["psnId"]) > 16) { $form_errors["psnId"] = "PSN ID too long"; } else { if (!preg_match("/^([A-Za-z0-9-_]+){3,16}\$/", $form_values["psnId"])) { $form_errors["psnId"] = "PSN ID is not valid"; } } } if (!empty($form_values["wiiId"])) { if (strlen($form_values["wiiId"]) > 20) { $form_errors["wiiId"] = "Steam Id too long"; } else { if (!preg_match("/^([0-9]{4}[- ][0-9]{4}[- ][0-9]{4}[- ][0-9]{4})\$/", $form_values["wiiId"])) { $form_errors["wiiId"] = "Wii Friend Code is not valid"; } } } // No errors found if (empty($form_errors)) { // Status call not done $alter_user = $userDAO->load($form_values["id"]); if ($alter_user != null) { if ($session->getUser()->isAdmin() || $alter_user->getId() == $session->getUser()->id) { if (!empty($form_values["password"])) { $alter_user->setPassHash(sha1($form_values["password"])); } if (!empty($form_values["status"])) { $alter_user->setStatus(intval($form_values["status"])); } if (!empty($form_values["usertype"])) { $alter_user->setUserType(intval($form_values["usertype"])); } if (!empty($form_values["steamId"])) { $alter_user->setSteamId($form_values["steamId"]); } if (!empty($form_values["xboxId"])) { $alter_user->setXboxId($form_values["xboxId"]); } if (!empty($form_values["psnId"])) { $alter_user->setPsnId($form_values["psnId"]); } if (!empty($form_values["wiiId"])) { $alter_user->setWiiId($form_values["wiiId"]); } // Save profile if ($userDAO->save($alter_user)) { $session->setMessage("User profile altered"); header("Location: {$_SERVER["PHP_SELF"]}?id={$alter_user->id}"); return; } else { $session->setMessage("User profile not altered", Session::MESSAGE_ERROR); } } else { header("Location: " . BASE_URL); return; } } } else { if (empty($form_errors["id"])) { $alter_user = $userDAO->load($form_values["id"]); } } } else { if (!empty($_GET)) { $form_values["id"] = isset($_GET["id"]) ? trim($_GET["id"]) : ""; if (empty($form_values["id"])) { $form_errors["id"] = "User id not set"; } if (empty($form_errors)) { $alter_user = $userDAO->load($form_values["id"]); // Value is null so user does not exist. Allow null to be passed to template if (!$alter_user) { } else { if ($session->getUser()->isAdmin()) { $form_values["steamId"] = $alter_user->getSteamId(); $form_values["xboxId"] = $alter_user->getXboxId(); $form_values["psnId"] = $alter_user->getPsnId(); $form_values["wiiId"] = $alter_user->getWiiId(); } else { if (!$session->getUser()->isAdmin() && $alter_user->getId() != $session->getUser()->getId()) { $session->setMessage("Do not have permission", Session::MESSAGE_ERROR); header("Location: " . BASE_URL); return; } else { $form_values["steamId"] = $alter_user->getSteamId(); $form_values["xboxId"] = $alter_user->getXboxId(); $form_values["psnId"] = $alter_user->getPsnId(); $form_values["wiiId"] = $alter_user->getWiiId(); } } } } } else { header("Location: " . BASE_URL); return; } } $this->template->render(array("title" => "Edit Profile", "main_page" => "edit_profile_tpl.php", "session" => $session, "alter_user" => $alter_user, "form_errors" => $form_errors, "form_values" => $form_values)); }
public function store($p_user_id = null) { require_once 'HTML/QuickForm.php'; $mask = self::getFormMask($p_owner, $p_admin); $form = new html_QuickForm('interview', 'post', $p_target, null, null, true); FormProcessor::parseArr2Form($form, $mask); if ($form->validate() && SecurityToken::isValid()) { $data = $form->getSubmitValues(); $image_id = $this->getProperty('fk_image_id'); if ($data['f_image_delete'] && $image_id) { $Image = new Image($this->getProperty('fk_image_id')); $Image->delete(); $image_id = null; } else { $file = $form->getElementValue('f_image'); if (strlen($file['name'])) { $attributes = array( 'Description' => strlen($data['f_image_description']) ? $data['f_image_description'] : $file['name'], ); $Image = Image::OnImageUpload($file, $attributes, $p_user_id, !empty($image_id) ? $image_id : null); if (is_a($Image, 'Image')) { $image_id = $Image->getProperty('Id'); } else { return false; } } } // may have to create new user account for guest foreach (array('guest') as $type) { if ($data['f_'.$type.'_user_id'] == '__new__') { global $ADMIN_DIR; require_once($GLOBALS['g_campsiteDir']. "/$ADMIN_DIR/users/users_common.php"); $passwd = substr(sha1(rand()), 0, 10); $fieldValues = array( 'UName' => $data['f_'.$type.'_new_user_login'], 'Name' => $data['f_'.$type.'_new_user_login'].' (interview guest)', 'EMail' => $data['f_'.$type.'_new_user_email'], 'passwd' => $passwd, 'Reader' => 'N' ); // create user $editUser = new User(); $phorumUser = new Phorum_user(); if ($phorumUser->UserNameExists($fieldValues['UName']) || User::UserNameExists($fieldValues['UName'])) { return false; } if (!$editUser->create($fieldValues)) { return false; } $editUser->setUserType('Staff'); $editUser->setPermission('plugin_interview_'.$type, true); $phorumUser->create($fieldValues['UName'], $passwd, $fieldValues['EMail'], $editUser->getUserId()); $userid[$type] = $editUser->getUserId(); } else { $userid[$type] = $data['f_'.$type.'_user_id']; } } if ($this->exists()) { // edit existing interview $this->setProperty('fk_language_id', $data['f_language_id']); $this->setProperty('title', $data['f_title']); $this->setProperty('fk_image_id', $image_id); $this->setProperty('description_short', $data['f_description_short']); $this->setProperty('description', $data['f_description']); $this->setProperty('interview_begin', $data['f_interview_begin']); $this->setProperty('interview_end', $data['f_interview_end']); $this->setProperty('questions_begin', $data['f_questions_begin']); $this->setProperty('questions_end', $data['f_questions_end']); $this->setProperty('questions_limit', $data['f_questions_limit']); $this->setProperty('status', $data['f_status']); $this->setProperty('fk_moderator_user_id', $data['f_moderator_user_id']); $this->setProperty('fk_guest_user_id', $userid['guest']); if (strlen($passwd)) { $this->setProperty('invitation_password', $passwd); } return true; } else { // create new interview $created = $this->create( $data['f_language_id'], $data['f_moderator_user_id'], $userid['guest'], $data['f_title'], $image_id, $data['f_description_short'], $data['f_description'], $data['f_interview_begin'], $data['f_interview_end'], $data['f_questions_begin'], $data['f_questions_end'], $data['f_questions_limit'], $data['f_status'] ); if (strlen($passwd)) { $this->setProperty('invitation_password', $passwd); } return $created; } } return false; }
/** * Run method with main page logic * * Populate template and read in list of users in the database. Populate template and * display an interface to administer user data for allowing bulk deletion of users, deletion of a single * user, links to editing and viewing each user entry. Available to admins only * Available to members only * @access public */ public function run() { $PAGINATION_LIMIT = 10; $session = Session::getInstance(); $user = $session->getUser(); if ($user == null || !$user->isAdmin()) { $session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR); header("Location: " . BASE_URL); return; } $userDAO = UserDAO::getInstance(); $method = isset($_GET["users"]) ? trim($_GET["users"]) : ""; $page = isset($_GET["page"]) && is_numeric($_GET["page"]) ? intval($_GET["page"]) : 1; if ($page < 1) { $page = 1; } $action = isset($_GET["action"]) ? trim($_GET["action"]) : ""; $page = is_numeric($page) ? $page : 1; $paginator_page = $queryVars = null; // POST request for bulk deletion of users if (!empty($_POST) && !empty($_POST["userids"]) && !empty($_POST["action"]) && empty($_POST["domodstatus"])) { $action = isset($_POST["action"]) ? trim($_POST["action"]) : ""; if (!strcmp($action, "delete") == 0) { header("Location: " . BASE_URL); return; } $status = $userDAO->deleteByIds($_POST["userids"]); if ($status) { $session->setMessage("Selected users deleted"); header("Location: {$_SERVER["PHP_SELF"]}?users=all"); return; } else { $session->setMessage("Deletion failed", Session::MESSAGE_ERROR); header("Location: {$_SERVER["PHP_SELF"]}?users=all"); return; } } else { if (!empty($_GET) && !empty($_GET["userids"]) && !empty($_GET["domodstatus"])) { $status = isset($_GET["status"]) ? trim($_GET["status"]) : ""; if (!empty($status)) { $status = intval($status); $tmp = new User(); try { $tmp->setUserType($status); } catch (InvalidUserTypeException $e) { $session->setMessage("Invalid status choice"); header("Location: {$_SERVER["PHP_SELF"]}?users=all"); return; } } $status = $userDAO->saveStatusByIds($status, $_GET["userids"]); if ($status) { $session->setMessage("Selected users updated"); header("Location: {$_SERVER["PHP_SELF"]}?users=all"); return; } else { $session->setMessage("Update failed", Session::MESSAGE_ERROR); header("Location: {$_SERVER["PHP_SELF"]}?users=all"); return; } } else { if (strcmp($action, "delete") == 0 && !empty($_GET["userids"])) { $content_title = "Delete Users"; $user_array = $userDAO->allByIds($_GET["userids"]); } else { if (strcmp($method, "all") == 0) { $count = $userDAO->count(); $paginator = new Paginator($count, $PAGINATION_LIMIT); if ($page < 0) { $page = 1; } $paginator_page = $paginator->getPage($page); $user_array = $userDAO->all(array("limit" => $paginator_page, "order" => "userName")); $content_title = "All Users Options"; $queryVars = array("users" => "all"); } else { $user_array = $userDAO->allPendingUsers(); $content_title = "Pending Users Options"; } } } } $this->template->render(array("title" => "Admin - User Options", "main_page" => "user_options_tpl.php", "user" => $user, "session" => $session, "user_array" => $user_array, "content_title" => $content_title, "paginator_page" => $paginator_page, "queryVars" => $queryVars, "action" => $action)); }
/** * @param User $admin * @return bool * this will edit the admin profile */ function Admin_Edit_Profile(User $admin) { $this->User_Name = mysqli_real_escape_string($this->getDbc(), trim($admin->getUserName())); $this->User_Password = mysqli_real_escape_string($this->getDbc(), trim($admin->getUserPassword())); $this->User_ID = mysqli_real_escape_string($this->getDbc(), trim($admin->getUserID())); $query = "UPDATE user\n\t\t\t SET User_Name='{$this->User_Name}',User_Password=sha1('{$this->User_Password}')\n\t\t\t WHERE ID='{$this->User_ID}'"; $result = mysqli_query($this->getDbc(), $query); $updated_admin = new User($this->User_Name, $this->User_Password); $updated_admin->setUserID($this->User_ID); $updated_admin->setUserType(User_Type::ADMIN); /** * update the logged in user * and return true */ session_start(); $_SESSION["Logged_In_User"] = $updated_admin; return TRUE; }
function Main() { switch ($this->formArray["formAction"]) { case "edit": $UserDetails = new SoapObject(NCCBIZ . "UserDetails.php", "urn:Object"); if (!($xmlStr = $UserDetails->getUserDetails($this->formArray["userID"]))) { $this->tpl->set_block("rptsTemplate", "Table", "TableBlock"); $this->tpl->set_var("TableBlock", "record not found"); } else { if (!($domDoc = domxml_open_mem($xmlStr))) { $this->tpl->set_block("rptsTemplate", "Table", "TableBlock"); $this->tpl->set_var("TableBlock", "error xmlDoc"); } else { $user = new User(); $user->parseDomDocument($domDoc); $this->formArray["userID"] = $user->getUserID(); $this->formArray["userType"] = $user->getUserType(); $this->formArray["username"] = $user->getUsername(); $this->formArray["password"] = $user->getPassword(); $this->formArray["personID"] = $user->getPersonID(); } } break; case "save": $UserEncode = new SoapObject(NCCBIZ . "UserEncode.php", "urn:Object"); if ($this->formArray["userID"] != "") { $UserDetails = new SoapObject(NCCBIZ . "UserDetails.php", "urn:Object"); if (!($xmlStr = $UserDetails->getUserDetails($this->formArray["userID"]))) { exit("record not found"); } else { if (!($domDoc = domxml_open_mem($xmlStr))) { $this->tpl->set_block("rptsTemplate", "Table", "TableBlock"); $this->tpl->set_var("TableBlock", "error xmlDoc"); } else { $user = new User(); $user->parseDomDocument($domDoc); $user->setUserID($this->formArray["userID"]); $user->setUserType($this->formArray["userType"]); $user->setUsername($this->formArray["username"]); $user->setPassword($this->formArray["password"]); $user->setPersonID($this->formArray["personID"]); $user->setDomDocument(); $doc = $user->getDomDocument(); $xmlStr = $doc->dump_mem(true); if (!($ret = $UserEncode->updateUser($xmlStr))) { exit("error update"); } } } } else { $user = new User(); //$user->setUserID($this->formArray["userID"]); $user->setUserType($this->formArray["userType"]); $user->setUsername($this->formArray["username"]); $user->setPassword($this->formArray["password"]); $user->setPersonID($this->formArray["personID"]); $user->setDomDocument(); $doc = $user->getDomDocument(); $xmlStr = $doc->dump_mem(true); if (!($ret = $UserEncode->saveUser($xmlStr))) { exit("error save"); } } $this->formArray["userID"] = $ret; header("location: UserEncode.php"); exit; break; case "cancel": header("location: UserList.php"); exit; break; default: $this->tpl->set_block("rptsTemplate", "UserID", "UserIDBlock"); $this->tpl->set_var("UserIDBlock", ""); $this->tpl->set_block("rptsTemplate", "ACK", "ACKBlock"); $this->tpl->set_var("ACKBlock", ""); } $this->setForm(); $this->tpl->parse("templatePage", "rptsTemplate"); $this->tpl->finish("templatePage"); $this->tpl->p("templatePage"); }