if ($_SESSION['portal']['member_type'] != 'superuser' && $_SESSION['portal']['member_type'] != 'admin') {
    mystery_redirect('/');
    exit;
}
$page_title = 'School Edit';
if ($_PORTAL['action'] == 'process') {
    $data = array();
    $data['school_name'] = $_REQUEST['school_name'];
    $data['school_address_1'] = $_REQUEST['school_address_1'];
    $data['school_address_2'] = $_REQUEST['school_address_2'];
    $data['school_city'] = $_REQUEST['school_city'];
    $data['school_state'] = $_REQUEST['school_state'];
    $data['school_zip'] = $_REQUEST['school_zip'];
    $data['school_country'] = $_REQUEST['school_country'];
    $status = mystery_update_query('portal_schools', $data, 'school_id', $_SESSION['portal']['member_school'], 'portal_dbh');
    if ($status == 0) {
        $errors = array('Could not update school information');
        echo portal_generate_error_page($errors);
    } else {
        // redirect back to the admin page
        mystery_redirect('/admin/');
        exit;
    }
} else {
    $school_info = portal_get_school_info($_SESSION['portal']['member_school']);
    $state_list = portal_generate_db_form_list('school_state', @$school_info['school_state'], 'mystery4.mystery_states', 'state_abbr', 'state_name', 'list', '', '', array(), array('<option value=""></option>'), 35);
    $country_list = portal_generate_db_form_list('school_country', $school_info['district_school'], 'mystery4.mystery_countries', 'country_name', 'country_name', 'list', '', '', array(), array('<option value=""></option>'), 50);
    $school_info = portal_web_output_filter($school_info);
    echo '
	<form action="/school/edit/process/" method="post">
 // check the class word
 $class_word_in_use = 'no';
 $class_using_word = portal_check_class_word($_REQUEST['class_word']);
 if ($class_using_word != $id_param && $class_using_word != false) {
     $class_word_in_use = 'yes';
 }
 if ($_REQUEST['class_word'] != '' && $class_word_in_use == 'no') {
     if ($_PORTAL['activity'] == 'add' || $_PORTAL['activity'] == 'copy') {
         $data['creation_date'] = date('Y-m-d H:i:s');
         $data['class_uuid'] = portal_generate_uuid();
         $class_id = mystery_insert_query('portal_classes', $data, 'class_id', 'portal_dbh');
         $class_info['activities'] = array();
         $class_info['diy_activities'] = array();
     } else {
         $class_id = $id_param;
         $status = mystery_update_query('portal_classes', $data, 'class_id', $class_id, 'portal_dbh');
     }
     // update class word with the actual class word
     portal_set_class_word($class_id, $_REQUEST['class_word']);
     // add the standard activities here
     $new_activities = @$_REQUEST['activities'];
     if ($new_activities == '') {
         $new_activities = array();
     }
     $old_activities = @$class_info['activities'];
     if ($old_activities == '') {
         $old_activities = array();
     }
     $status = portal_subscribe_class_to_activities($class_id, $old_activities, $new_activities);
     // now add the diy activities
     $new_activities = @$_REQUEST['diy_activities'];
         $errors[] = 'Your password must be between 4 and 40 characters long.';
     }
 }
 if (isset($_REQUEST['email']) && $_REQUEST['email'] != '') {
     $data['member_email'] = $_REQUEST['email'];
 } else {
     $_REQUEST['email'] = $member_info['member_email'];
 }
 $data['member_first_name'] = $_REQUEST['first_name'];
 $data['member_last_name'] = $_REQUEST['last_name'];
 $data['member_interface'] = $_REQUEST['interface'];
 $data['member_grade'] = @$_REQUEST['grade_level'];
 // FIXME - add the admin role if appropriate/requested
 // $data['member_type'] = $request['type'];
 if (count($errors) == 0) {
     $status = mystery_update_query('portal_members', $data, 'member_id', $member_id, 'portal_dbh');
     if ($status == 0) {
         $errors[] = 'Could not update member information';
     }
     portal_update_cc_member_info($member_info['cc_member_id'], $member_info['member_username'], $_REQUEST['password'], $_REQUEST['first_name'], $_REQUEST['last_name'], $_REQUEST['email']);
     portal_update_diy_member_info(portal_get_diy_member_id_from_db($member_info['member_username']), $_REQUEST['first_name'], $_REQUEST['last_name'], $_REQUEST['email'], $_REQUEST['interface']);
 }
 if (count($errors) > 0) {
     echo portal_generate_error_page($errors);
 } else {
     if ($is_editing_self == 'yes') {
         // fix up the session information
         $_SESSION['user_first_name'] = $_REQUEST['first_name'];
         $_SESSION['user_last_name'] = $_REQUEST['last_name'];
         $_SESSION['portal']['member_interface'] = $_REQUEST['interface'];
         if (isset($_REQUEST['email'])) {
if ($_SESSION['portal']['member_type'] != 'superuser' && $_SESSION['portal']['member_type'] != 'admin') {
    mystery_redirect('/');
    exit;
}
$district_id = $_PORTAL['action'];
$page_title = 'District Edit';
if (isset($_PORTAL['params']['process'])) {
    $data = array();
    $data['district_name'] = $_REQUEST['district_name'];
    $data['district_address_1'] = $_REQUEST['district_address_1'];
    $data['district_address_2'] = $_REQUEST['district_address_2'];
    $data['district_city'] = $_REQUEST['district_city'];
    $data['district_state'] = $_REQUEST['district_state'];
    $data['district_zip'] = $_REQUEST['district_zip'];
    $data['district_country'] = $_REQUEST['district_country'];
    $status = mystery_update_query('portal_districts', $data, 'district_id', $district_id, 'portal_dbh');
    if ($status == 0) {
        $errors = array('Could not update district information');
        echo portal_generate_error_page($errors);
    } else {
        // redirect back to the admin page
        mystery_redirect('/admin/');
        exit;
    }
} else {
    $district_info = portal_get_district_info($district_id);
    $state_list = portal_generate_db_form_list('district_state', @$district_info['district_state'], 'mystery4.mystery_states', 'state_abbr', 'state_name', 'list', '', '', array(), array('<option value=""></option>'), 35);
    $country_list = portal_generate_db_form_list('district_country', @$district_info['district_country'], 'mystery4.mystery_countries', 'country_name', 'country_name', 'list', '', '', array(), array('<option value=""></option>'), 50);
    $district_info = portal_web_output_filter($district_info);
    echo '
	<form action="/district/edit/' . $district_id . '/process/" method="post">
function portal_update_cc_member_info($cc_member_id, $username, $password, $first_name, $last_name, $email)
{
    $data = array();
    $data['user_username'] = strtolower($username);
    $data['user_first_name'] = $first_name;
    $data['user_last_name'] = $last_name;
    $data['user_email'] = $email;
    if ($password != '') {
        $data['user_password'] = md5(strtolower($password));
    }
    $status = mystery_update_query('mystri_users', $data, 'user_id', $cc_member_id, 'sunflower_dbh');
    return $status;
}
Beispiel #6
0
function mystery_process_user_info_form()
{
    // this function processes a user's info update form.
    global $_MYSTERY;
    // set elements in the data array and update the session
    $_SESSION['user_first_name'] = $data['user_first_name'] = $_REQUEST['user_first_name'];
    $_SESSION['user_last_name'] = $data['user_last_name'] = $_REQUEST['user_last_name'];
    $_SESSION['user_email'] = $data['user_email'] = $_REQUEST['user_email'];
    if ($_MYSTERY['allow_username_changes'] == 'yes') {
        $_SESSION['user_username'] = $data['user_username'] = $_REQUEST['user_username'];
    }
    // check to see if the passwords match and are set.  If not, display error and the form again
    if ($_REQUEST['password_one'] != '') {
        // user want's to change password
        if ($_REQUEST['password_one'] != $_REQUEST['password_two']) {
            mystery_display_user_error('Your passwords do not match. Please try again.');
            mystery_display_user_info_form();
            return;
        } else {
            // passwords match, add to the update data array
            $data['user_password'] = md5($_REQUEST['password_one']);
        }
    }
    // prepare the rest of the items for the update query
    $table = $_MYSTERY['table_prefix'] . 'users';
    $key = 'user_id';
    $key_value = $_SESSION['user_id'];
    // perform the update query
    if (mystery_update_query($table, $data, $key, $key_value)) {
        mystery_display_user_feedback('Update Successful!');
        echo '
		<p>Your personal information was updated successfully.  Any username/password change
		will take effect at your next login.</p>
		
		<p><a href="', $_SERVER['SCRIPT_NAME'], '">Return to the Main Menu</a></p>
		';
    } else {
        mystery_display_user_error('Could not update Personal Information.');
        mystery_display_admin_contact_info();
    }
}