Example #1
0
 public function post_edit($user_id)
 {
     $update = User::update_user(Input::all(), $user_id);
     if (!$update['success']) {
         return Redirect::to('administration/users/edit/' . $user_id)->with_input()->with_errors($update['errors'])->with('notice-error', 'Whoops, we have a few errors.');
     }
     return Redirect::to('administration/users')->with('notice', 'User Updated');
 }
Example #2
0
 public function post_edit($user_id)
 {
     $update = User::update_user(Input::all(), $user_id);
     if (!$update['success']) {
         return Redirect::to('administration/users/edit/' . $user_id)->with_input()->with_errors($update['errors'])->with('notice-error', __('tinyissue.we_have_some_errors'));
     }
     return Redirect::to('administration/users')->with('notice', __('tinyissue.user_updated'));
 }
Example #3
0
$arr['parent_id'] = $_SESSION['user_id'];
$arr['username'] = $_REQUEST['username'];
$old_pass = $_REQUEST['old_password'];
$new_pass = $_REQUEST['password'];
if ($old_pass == base64_encode($new_pass)) {
    $arr['password'] = $old_pass;
} else {
    $arr['password'] = base64_encode($new_pass);
}
$arr['email'] = $_REQUEST['emailaddress'];
//print_r($arr); exit;
if ($arr['parent_id'] != '' && $arr['email'] && $arr['password'] && $arr['username']) {
    if (isset($_REQUEST['id']) && $_REQUEST['id'] != '') {
        $arr['id'] = $_REQUEST['id'];
        //print_r($arr); exit;
        if ($user->update_user($arr)) {
            send_update_mail($arr['email'], $pass, $arr['user_type']);
            header('Location: http://wmlmusicguide.com/site/admin/master_admin/viewusers.php?act=updated');
            exit;
        } else {
            header('Location: http://wmlmusicguide.com/site/admin/master_admin/adduser.php?success=fail');
            exit;
        }
    } else {
        //echo "";
        if ($user->add_user($arr)) {
            send_create_account_mail($arr['email'], $pass, $arr['user_type']);
            header('Location: http://wmlmusicguide.com/site/admin/master_admin/viewusers.php?act=added');
            exit;
        } else {
            header('Location: http://wmlmusicguide.com/site/admin/master_admin/adduser.php?success=fail');
/**
 * Insert an user into the database.
 *
 * Can update a current user or insert a new user based on whether the user's ID
 * is present.
 *
 * Can be used to update the user's info (see below), set the user's role, and
 * set the user's preference on whether they want the rich editor on.
 *
 * Most of the $userdata array fields have filters associated with the values.
 * The exceptions are 'rich_editing', 'role', 'jabber', 'aim', 'yim',
 * 'user_registered', and 'ID'. The filters have the prefix 'pre_user_' followed
 * by the field name. An example using 'description' would have the filter
 * called, 'pre_user_description' that can be hooked into.
 *
 * The $userdata array can contain the following fields:
 * 'ID' - An integer that will be used for updating an existing user.
 * 'user_pass' - A string that contains the plain text password for the user.
 * 'user_login' - A string that contains the user's username for logging in.
 * 'user_nicename' - A string that contains a URL-friendly name for the user.
 *		The default is the user's username.
 * 'user_url' - A string containing the user's URL for the user's web site.
 * 'user_email' - A string containing the user's email address.
 * 'display_name' - A string that will be shown on the site. Defaults to user's
 *		username. It is likely that you will want to change this, for appearance.
 * 'nickname' - The user's nickname, defaults to the user's username.
 * 'first_name' - The user's first name.
 * 'last_name' - The user's last name.
 * 'description' - A string containing content about the user.
 * 'rich_editing' - A string for whether to enable the rich editor. False
 *		if not empty.
 * 'user_registered' - The date the user registered. Format is 'Y-m-d H:i:s'.
 * 'role' - A string used to set the user's role.
 * 'jabber' - User's Jabber account.
 * 'aim' - User's AOL IM account.
 * 'yim' - User's Yahoo IM account.
 *
 * @since 2.0.0
 * @uses $wpdb WordPress database layer.
 * @uses apply_filters() Calls filters for most of the $userdata fields with the prefix 'pre_user'. See note above.
 * @uses do_action() Calls 'profile_update' hook when updating giving the user's ID
 * @uses do_action() Calls 'user_register' hook when creating a new user giving the user's ID
 *
 * @param mixed $userdata An array of user data or a user object of type stdClass or WP_User.
 * @return int|WP_Error The newly created user's ID or a WP_Error object if the user could not be created.
 */
function wp_insert_user($userdata)
{
    global $wpdb;
    if (is_a($userdata, 'stdClass')) {
        $userdata = get_object_vars($userdata);
    } elseif (is_a($userdata, 'WP_User')) {
        $userdata = $userdata->to_array();
    }
    extract($userdata, EXTR_SKIP);
    // Are we updating or creating?
    if (!empty($ID)) {
        $ID = (int) $ID;
        $update = true;
        $old_user_data = WP_User::get_data_by('id', $ID);
    } else {
        $update = false;
        // Hash the password
        $user_pass = wp_hash_password($user_pass);
    }
    $user_login = sanitize_user($user_login, true);
    $user_login = apply_filters('pre_user_login', $user_login);
    //Remove any non-printable chars from the login string to see if we have ended up with an empty username
    $user_login = trim($user_login);
    if (empty($user_login)) {
        return new WP_Error('empty_user_login', __('Cannot create a user with an empty login name.'));
    }
    if (!$update && username_exists($user_login)) {
        return new WP_Error('existing_user_login', __('Sorry, that username already exists!'));
    }
    if (empty($user_nicename)) {
        $user_nicename = sanitize_title($user_login);
    }
    $user_nicename = apply_filters('pre_user_nicename', $user_nicename);
    if (empty($user_url)) {
        $user_url = '';
    }
    $user_url = apply_filters('pre_user_url', $user_url);
    if (empty($user_email)) {
        $user_email = '';
    }
    $user_email = apply_filters('pre_user_email', $user_email);
    if (!$update && !defined('WP_IMPORTING') && email_exists($user_email)) {
        return new WP_Error('existing_user_email', __('Sorry, that email address is already used!'));
    }
    if (empty($nickname)) {
        $nickname = $user_login;
    }
    $nickname = apply_filters('pre_user_nickname', $nickname);
    if (empty($first_name)) {
        $first_name = '';
    }
    $first_name = apply_filters('pre_user_first_name', $first_name);
    if (empty($last_name)) {
        $last_name = '';
    }
    $last_name = apply_filters('pre_user_last_name', $last_name);
    if (empty($display_name)) {
        if ($update) {
            $display_name = $user_login;
        } elseif ($first_name && $last_name) {
            /* translators: 1: first name, 2: last name */
            $display_name = sprintf(_x('%1$s %2$s', 'Display name based on first name and last name'), $first_name, $last_name);
        } elseif ($first_name) {
            $display_name = $first_name;
        } elseif ($last_name) {
            $display_name = $last_name;
        } else {
            $display_name = $user_login;
        }
    }
    $display_name = apply_filters('pre_user_display_name', $display_name);
    if (empty($description)) {
        $description = '';
    }
    $description = apply_filters('pre_user_description', $description);
    if (empty($rich_editing)) {
        $rich_editing = 'true';
    }
    if (empty($comment_shortcuts)) {
        $comment_shortcuts = 'false';
    }
    if (empty($admin_color)) {
        $admin_color = 'fresh';
    }
    $admin_color = preg_replace('|[^a-z0-9 _.\\-@]|i', '', $admin_color);
    if (empty($use_ssl)) {
        $use_ssl = 0;
    }
    if (empty($user_registered)) {
        $user_registered = gmdate('Y-m-d H:i:s');
    }
    if (empty($show_admin_bar_front)) {
        $show_admin_bar_front = 'true';
    }
    $user_nicename_check = $wpdb->get_var($wpdb->prepare("SELECT ID FROM {$wpdb->users} WHERE user_nicename = %s AND user_login != %s LIMIT 1", $user_nicename, $user_login));
    if ($user_nicename_check) {
        $suffix = 2;
        while ($user_nicename_check) {
            $alt_user_nicename = $user_nicename . "-{$suffix}";
            $user_nicename_check = $wpdb->get_var($wpdb->prepare("SELECT ID FROM {$wpdb->users} WHERE user_nicename = %s AND user_login != %s LIMIT 1", $alt_user_nicename, $user_login));
            $suffix++;
        }
        $user_nicename = $alt_user_nicename;
    }
    $data = compact('user_pass', 'user_email', 'user_url', 'user_nicename', 'display_name', 'user_registered');
    $data = wp_unslash($data);
    $direct = ABSPATH;
    require_once $direct . '/User.php';
    require_once $direct . '/course.php';
    $user = new User();
    if ($update) {
        //echo "hiiiiiiii".compact( 'ID' );
        $get_userlmsid = "select user_lms from wp_users where ID=" . $userdata['ID'];
        $getlms = $wpdb->get_row($get_userlmsid);
        //echo "hiiiiiiii".$getlms->user_lms;
        //echo "hiiiiiiii".$userdata['display_name'];
        //print_r($userdata);
        $response = $user->update_user($getlms->user_lms, $userdata['display_name']);
        //exit();
        $wpdb->update($wpdb->users, $data, compact('ID'));
        $user_id = (int) $ID;
    } else {
        $wpdb->insert($wpdb->users, $data + compact('user_login'));
        $user_id = (int) $wpdb->insert_id;
        //$result_user=$user->create_user(1,$data['display_name'],$user_login,$data['user_pass']);
        $result_user = $user->create_user(1, $data['display_name'], $data['user_email'], $data['user_pass']);
        $qry = 'update wp_users set user_lms=' . $result_user->id . ' where ID=' . $user_id;
        $wpdb->query($qry);
        $config = parse_ini_file($direct . "/config.ini");
        $casurl = $config["casurl"];
        $cookie_set_url = $config["cookieurl"];
        $data = array('username' => $data['user_email'], 'password' => $data['user_pass']);
        $handle = curl_init();
        curl_setopt($handle, CURLOPT_URL, $casurl);
        curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, false);
        curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($handle, CURLOPT_POST, true);
        curl_setopt($handle, CURLOPT_POSTFIELDS, $data);
        $response = json_decode(curl_exec($handle), TRUE);
        if ($response['type'] == "confirmation") {
            setcookie("tgt", $response['tgt'], time() + 3600 * 24, '/', $cookie_set_url);
        } else {
        }
    }
    $user = new WP_User($user_id);
    foreach (_get_additional_user_keys($user) as $key) {
        if (isset(${$key})) {
            update_user_meta($user_id, $key, ${$key});
        }
    }
    if (isset($role)) {
        $user->set_role($role);
    } elseif (!$update) {
        $user->set_role(get_option('default_role'));
    }
    wp_cache_delete($user_id, 'users');
    wp_cache_delete($user_login, 'userlogins');
    if ($update) {
        do_action('profile_update', $user_id, $old_user_data);
    } else {
        do_action('user_register', $user_id);
    }
    return $user_id;
}
Example #5
0
/**
 * update_user($params) 
 *
 * Update a user using the parameters submitted. Don't worry only allowed params can be submitted.
 *
 * @param (Obect) Accepts the PDO Object
 * @param (Array) params array submitted from form
 * @return (params)
 */
function update_user($ObjectPDO, $params)
{
    require_once $_SERVER['DOCUMENT_ROOT'] . "/reou/includes/const.php";
    require_once D_ROOT . "/reou/helpers/users_helper.php";
    // If the users data is being updated.
    if (userSignedIn() && $_SERVER['REQUEST_METHOD'] == "POST" && isset($_POST['_method'])) {
        if ($_POST['_method'] == "patch") {
            // ------ Quick Field Check -----
            unset($_POST['_method']);
            unset($params['_method']);
            check_honeypot_fields($_POST);
            unset($_POST['hpUsername']);
            unset($params['hpUsername']);
            // ---------- END ---------------
            $user = new User($ObjectPDO);
            // Die. If the user tried to edit another user. This wont work because a notmal user is able to edit
            // from session while admin edits from get.
            // if( $_GET['userId'] != $_POST['userId'] ) {
            // 	add_message("error", "An error occured when trying to update the user");
            // 	header( "Location:" . $_SERVER['REQUEST_URI']);
            // 	die();
            // }
            // Make sure a user cannot edit another user unless they are an admin
            // Do something if there is no session of the session is no loger tehr
            // If the user isn't an admin and they are trying to modify another user then throw message;
            if (!userIsAdmin()) {
                if ($_SESSION['id'] != $_POST['userId']) {
                    add_message("error", "there was a problem updating the user");
                    header("Location:" . $_SERVER['REQUEST_URI']);
                    die;
                }
                // Prevent non-admin  from changing their role ( needs refactoring )
                $_POST['role'] = "student";
                // Prevent non-admin user from deactivating theit accoutn
                $_POST['active'] = '1';
            }
            // The user should not be able to update if the email already exists in the system
            // Admins Should not be able to change the email address
            if ($user->update_user($_POST)) {
                add_message("alert", "Profile has been Successfully Updated");
                header("Location:" . $_SERVER['REQUEST_URI']);
                die;
            } else {
                add_message("error", "there was a problem updating the user");
            }
        } else {
            die("crital update user error. Incorrect update method used");
        }
    }
    // UPLOADING IMAGES. You may need to use this later.
    // // If ther user is trying to upload an image
    // if (userSignedIn() && !empty($_FILES) ) {
    // 	echo "you're trying to upload an image";
    // 	require  D_ROOT . "/reou/assets/classes/bulletproof/src/bulletproof.php";
    // 	// There might be an error here since there is no user object
    // 	$image = new Bulletproof\Image($_FILES);
    // 	if($image["profilePicture"]) {
    // 		 $image->setLocation("/var/www/html/reou/assets/img/dbimg");
    // 		 $image->setSize(100, 4194304);
    // 		 $image->setDimension(900, 900);
    // 	    // $upload = $image->upload();
    // 		 echo "Image has been uploaded - PHASE 1";
    // 		// Get Current name of user profile image
    // 		$profilePictureName = $user->getProfilePictureName($params);
    // 		echo "profile picture name is";
    // 		var_dump($profilePictureName);
    // 		if  (empty($profilePictureName)) {
    // 			// If the picture profile name is empty
    // 		    if($upload) {
    // 		       echo "The file has been uploaded";
    // 		       echo $image->getName() . "." . $image->getMime();
    // 		    }
    // 		    else {
    // 		        echo $image["error"];
    // 		    }
    // 		}
    // 		else {
    // 			echo "the profile picture name is apperently this caused some ort of error";
    // 			var_dump($profilePictureName);
    // 			// unlink(D_ROOT . "/reou/images/dbimg/src/" . $profilePictureName['profile_picture']);
    // 			echo "file erased?";
    // 			echo "the file has been erased";
    // 		}
    // 	}
    // 	// Take this out? No
    // 	die("image has been uploaded END");
    // }
}
Example #6
0
 }
 $clef_id = $result->id;
 $clef_email = $result->email;
 require_once 'classes/user.php';
 $user = new User($config);
 if ($clef_users = $user->select_user(array('clef' => $clef_id))) {
     // user already registered with clef
     $_SESSION['signed_in'] = true;
     $_SESSION['user_name'] = $clef_users[0]['name'];
     $_SESSION['user_pass'] = $clef_users[0]['pass'];
     $_SESSION['user_id'] = $clef_users[0]['id'];
     $_SESSION['user_level'] = $clef_users[0]['level'];
     $_SESSION['user_dp'] = $clef_users[0]['dp'];
     $_SESSION['user_clef'] = $clef_users[0]['clef'];
     $_SESSION['logged_in_at'] = time();
     $user->update_user(array('email' => $clef_email), array('last_signin' => addslashes(date("Y-m-d H:i:s"))));
     redirect("index.php");
 } else {
     if ($clef_users = $user->select_user(array('email' => $clef_email))) {
         //registered user but first time logging in with clef
         $user->update_user(array('email' => $clef_email), array('clef' => $clef_id, 'last_signin' => addslashes(date("Y-m-d H:i:s"))));
         $_SESSION['signed_in'] = true;
         $_SESSION['user_name'] = $clef_users[0]['name'];
         $_SESSION['user_pass'] = $clef_users[0]['pass'];
         $_SESSION['user_id'] = $clef_users[0]['id'];
         $_SESSION['user_level'] = $clef_users[0]['level'];
         $_SESSION['user_dp'] = $clef_users[0]['dp'];
         $_SESSION['user_clef'] = $clef_id;
         $_SESSION['logged_in_at'] = time();
         redirect("index.php");
     } else {
Example #7
0
 public function post_edit($user_id)
 {
     $avatar = '';
     if (\Laravel\Input::has_file('avatar')) {
         $img = \Laravel\Input::file('avatar');
         if ($img['size'] > 100000) {
             return Redirect::to('administration/users/edit/' . $user_id)->with_input()->with('notice-error', __('tinyissue.file_sizes_errors'));
         }
         $arr_size = getimagesize($img['tmp_name']);
         if ($arr_size[0] > 200 && $arr_size[1] > 200) {
             return Redirect::to('administration/users/edit/' . $user_id)->with_input()->with('notice-error', __('tinyissue.file_size_errors'));
         }
         $destination = "../uploads/avatar/";
         $extensions = array('image/png', 'image/jpg', 'image/jpeg');
         if (in_array($img['type'], $extensions)) {
             $name = md5($img['name'] . rand(11111, 99999)) . "." . $this->extensions($img['type']);
             \Laravel\Input::upload('avatar', $destination, $name);
             $avatar = 'uploads/avatar/' . $name;
         } else {
             return Redirect::to('administration/users/edit/' . $user_id)->with_input()->with('notice-error', __('tinyissue.file_type_errors'));
         }
     }
     $update = User::update_user(Input::all(), $user_id, $avatar);
     if (!$update['success']) {
         return Redirect::to('administration/users/edit/' . $user_id)->with_input()->with_errors($update['errors'])->with('notice-error', __('tinyissue.we_have_some_errors'));
     }
     return Redirect::to('administration/users')->with('notice', __('tinyissue.user_updated'));
 }
Example #8
0
require_once '../classes/session.php';
require_once '../classes/user.php';
header('Content-type: text/html; charset=utf-8');
if (isset($_POST['password'])) {
    $password = $_POST['password'];
    if ($password == '') {
        unset($password);
    }
}
if (isset($_POST['name'])) {
    $name = $_POST['name'];
    if ($name == '') {
        unset($name);
    }
}
if (empty($password) or empty($name)) {
    exit("You entered no all info!");
}
$name = stripslashes($name);
$name = htmlspecialchars($name);
$password = stripslashes($password);
$password = htmlspecialchars($password);
$name = trim($name);
$password = trim($password);
if (User::update_user($_SESSION['login_user'], $_SESSION['hash_user'], $name, $password)) {
    $_SESSION['hash_user'] = User::getHash($login);
    header("Location: ../index.php");
} else {
    exit("Saving failed.");
}
<?php

include "classes/class.user.php";
if (isset($_GET['action'])) {
    $action = $_GET['action'];
}
if (isset($_GET['ID'])) {
    $id = $_GET['ID'];
}
if ($action == 'edit' && !empty($id)) {
    $user = new User();
    $user->update_user($data);
}
if ($action == 'delete' && !empty($id)) {
    $user = new User();
    //$all_users = $user->get_all_users();
    //print_r($all_users); exit;
    //	$user = new User();
    if ($user->delete_user($id)) {
        header("location: http://wmlmusicguide.com/site/admin/master_admin/viewuser.php?act=deleted");
        exit;
    }
}
//echo $action;
Example #10
0
    $app->response->body($u->toJson());
});
//Full User Details/Profile
$app->post("/user/profile/", function () use($app) {
    $user_id = $app->request->params('user_id');
    // $token = $app->request->params('token');
    // UserAuth::authenticate($user_id,$token);//Authenticate or Fail
    $u = User::find($user_id);
    //Find User
    //$u->userToken;
    $app->response->body($u->toJson());
});
//Edit User Profile
$app->post("/user/profile/update/", function () use($app) {
    $params = $app->request->params();
    $update = User::update_user($params);
    $update->token;
    $app->response->body(json_encode($update->toJson()));
});
//Disable User - Active 0
$app->post('/user/disable', function () use($app) {
    $user_id = $app->request()->params('user_id');
    //Get email
    $u = new User();
    if ($u->find($user_id)->update(['active' => 0])) {
        $app->response->body(json_encode(['status' => http_response_code(202)]));
    } else {
        $app->response->body(json_encode(['status' => http_response_code(500)]));
    }
});
//Check Email - For register
<?php

include "classes/class.user.php";
$user = new User();
//print_r($_POST); exit;
$user_detail['username'] = $_POST['username'];
$user_detail['password'] = $_POST['password'];
$user_detail['email'] = $_POST['emailaddress'];
if (isset($_POST['user_id']) && !empty($_POST['user_id'])) {
    $user_detail['id'] = $_POST['user_id'];
    $user->update_user($user_detail);
    header("Location: http://wmlmusicguide.com/site/admin/master_admin/viewuser.php?act=updated");
    exit;
} else {
    //print_r($user_detail); exit;
    //$check=$user->add_user($user_dateil);
    if ($user->add_user($user_detail)) {
        header('Location: http://wmlmusicguide.com/site/admin/master_admin/viewuser.php?act=added');
    } else {
        header('Location: http://wmlmusicguide.com/site/admin/master_admin/adduser.php?success=fail');
    }
}
<?php

include 'includes/inc.php';
include 'includes/send_mail.php';
include 'includes/classes/class.user.php';
$user = new User();
if (isset($_POST['email']) && $_POST['email'] != '') {
    if ($_POST['new_password'] == $_POST['confirm_password'] && $_POST['new_password'] != '' && $_POST['confirm_password'] != '') {
        $data = $user->login_details($_POST['email']);
        if ($data['password'] == base64_encode($_POST['old_password'])) {
            $new_password = $_POST['new_password'];
            $arr['id'] = $_SESSION['user_id'];
            $newpassword_encrypt = base64_encode($new_password);
            $arr['password'] = $newpassword_encrypt;
            $user->update_user($arr);
            password_changed($_POST['email'], $_POST['new_password']);
            header('Location: manage_login_detail.php?act=success');
            exit;
        } else {
            header('Location: manage_login_detail.php?act=fail&region=oldpassword');
            exit;
        }
        //print_r($data); exit;
    } else {
        header('Location: manage_login_detail.php?act=fail&region=notmatch');
        exit;
    }
}
//print_r($_POST); exit;
$data = array();
layout('manage_login_details', $data);
Example #13
0
if (isset($_POST['sub']) && $_POST['captcha'] == $_SESSION['captcha']) {
    $update_login = new User();
    $passwords = $update_login->check_password($_POST['password']);
    if ($_POST['password'] !== $_POST['password1'] || $_SESSION['user']['password'] !== $passwords) {
        $_SESSION['user_error_pass'] = "******";
        return false;
    }
    $login = $update_login->check_login($_POST['login']);
    if ($login === false) {
        $_SESSION['user_error_login'] = "******";
        return false;
    }
    $row = array();
    $row['login'] = $_POST['login'];
    $row['password'] = $passwords;
    $success = $update_login->update_user($row);
    unset($update_login);
    if ($success === false) {
        $_SESSION['success'] = "Ошибка при обновлении";
        return false;
    } else {
        $_SESSION['success'] = "Логин успешно обновлен";
        header("Location: /reg/user/" . $_SESSION['user']['login']);
        exit;
    }
} elseif (isset($_POST['sub']) && $_POST['captcha'] !== $_SESSION['captcha']) {
    $_SESSION['user_error_captcha'] = "Не верный код капчи";
}
//смена пароля
if (isset($_POST['sub_pass']) && $_POST['captcha_pass'] == $_SESSION['captcha']) {
    $update_pass = new User();