function resetFilter() { $("#filterResultDiv").load('<?php echo $moduleRelPath; ?> /EXT_filter_functions.php?filter_op=reset'); } <?php if ($userID > 0) { $helperUrl = $CONF['pdf']['helperUrl']; if (!$helperUrl) { $helperUrl = $moduleRelPath; $remote = ''; } else { require_once "CL_user.php"; $userIDnotify = $userID; $userEmailNotify = LeoUser::getEmail($userID); $remote = "&remote=1&userIDnotify={$userIDnotify}&userEmailNotify={$userEmailNotify}"; } if ($_GET['sortOrder']) { $remote .= "&sortOrder=" . $_GET['sortOrder']; } ?> function printPDF(url) { <?php if ($remote) { ?> $("#pdfDiv").html('<iframe frameborder="0" scrolling="auto" width="650" height="auto" src="<?php echo $CONF['pdf']['helperUrl']; ?> /EXT_helper.php?op1=create_pdf<?php
if ($op=="create_pdf") { $direct=$_GET['direct']+0; $remote=$_GET['remote']+0; if ($userID <=0 || $remote) { //echo "Not valid user"; // exit; $userID =makeSane($_GET['userIDnotify']); $userEmail=makeSane($_GET['userEmailNotify'],2); unset($_GET['userIDnotify']); unset($_GET['userEmailNotify']); } else { require_once "CL_user.php"; $userEmail=LeoUser::getEmail($userID); } unset($_GET['op1']); unset($_GET['direct']); unset($_GET['remote']); $url="http://".urldecode($_GET['url']); foreach($_GET as $name=>$val ) { if ( !in_array($name,array('print','url') ) ){ $url.="&$name=$val"; } }
} else { if ($op == 'edit') { $user_id = makeSane($_POST['id']); $sql = "UPDATE {$pilotsTable} SET \n\t\t\tcountryCode='" . makeSane($_POST['countryCode']) . "',\n\t\t\tCIVL_ID='" . makeSane($_POST['CIVL_ID']) . "',\n\t\t\tCIVL_NAME='" . makeSane($_POST['CIVL_NAME'], 2) . "',\n\t\t\tFirstName='" . makeSane($_POST['FirstName'], 2) . "',\n\t\t\tLastName='" . makeSane($_POST['LastName'], 2) . "',\n\t\t\tSex='" . makeSane($_POST['Sex']) . "',\n\t\t\tBirthdate='" . makeSane($_POST['Birthdate']) . "' \n\t\t\tWHERE pilotID={$user_id} AND serverID=0"; if (!$db->sql_query($sql)) { echo "Error in query : {$sql}<BR>"; } $sql = "UPDATE " . $CONF['userdb']['users_table'] . " SET \n\t\t\tusername='******'username'], 2) . "',\n\t\t\tuser_email='" . makeSane($_POST['user_email'], 2) . "'\t\t\n\t\t\tWHERE user_id={$user_id} "; if (!$db->sql_query($sql)) { echo "Error in query : {$sql}<BR>"; } // change password ? $user_password = makeSane($_POST['user_password'], 2); if ($user_password) { require_once dirname(__FILE__) . "/CL_user.php"; $res = LeoUser::changePassword($user_id, $user_password); if ($res > 0) { echo _PwdChanged; } else { echo _PwdChangeProblem; if ($res == -2) { printf(': ' . _PwdTooShort, $CONF_password_minlength); } } } exit; } } } // to the url parameter are added 4 parameters as described in colModel // we should get these parameters to construct the needed query
/** * Martin Jursa 26.04.2007 * Save email and password to user table if the respective options are set * returns a resultmessage * * @param int $userID * @param string $newEmail * @param string $newPassword * @param string $newPasswordConfirmation * @return string */ function saveLoginData($userID, $newEmail, $newPassword, $newPasswordConfirmation) { global $db; global $CONF_edit_login; global $CONF_edit_email; global $CONF_password_minlength; global $CONF; $goodmsgs = array(); $errmsgs = array(); if (!$CONF['userdb']['edit']['enabled']) { $errmsgs[] = 'saveLoginData requires turning on CONF["userdb"]["edit"]["enabled"].'; } elseif (empty($userID)) { $errmsgs[] = 'UserID is missing; cannot update login data.'; } else { if ($CONF['userdb']['edit']['edit_email'] && $newEmail != '#same_as_old#leonardo#') { if (empty($newEmail)) { $errmsgs[] = _EmailEmpty; } else { $saved = false; $email = emailChecked($newEmail); if ($email == '') { $errmsgs[] = _EmailInvalid; } else { if (LeoUser::changeEmail($userID, $email) > 0) { $saved = true; $goodmsgs[] = _EmailSaved; } else { $errmsgs[] = _EmailSaveProblem; } /* $sql='UPDATE '.$CONF['userdb']['users_table']." SET user_email='$email' WHERE user_id=$userID"; $res=$db->sql_query($sql); if($res<=0){ $errmsgs[]=_EmailSaveProblem; }else { //$goodmsgs[]=_EmailSaved; $saved=true; } */ } if (!$saved) { $errmsgs[] = _EmailNotSaved; } } } $newPassword = trim($newPassword); $newPasswordConfirmation = trim($newPasswordConfirmation); if ($CONF['userdb']['edit']['edit_password'] && $newPassword) { $saved = false; $passwordMinLength = !empty($CONF['userdb']['edit']['password_minlength']) ? $CONF['userdb']['edit']['password_minlength'] : 4; if ($newPasswordConfirmation == '') { $errmsgs[] = _PwdConfEmpty; } elseif (strlen($newPassword) < $passwordMinLength) { $pwdMsg = sprintf(_PwdTooShort, $passwordMinLength); $errmsgs[] = $pwdMsg; } elseif ($newPassword != $newPasswordConfirmation) { $errmsgs[] = _PwdAndConfDontMatch; } else { if (LeoUser::changePassword($userID, $newPassword) > 0) { $saved = true; $goodmsgs[] = _PwdChanged; } else { $errmsgs[] = _PwdChangeProblem; } /* $pwd=md5($newPassword); $sql='UPDATE '.$CONF['userdb']['users_table']." SET user_password='******' WHERE user_id=$userID"; $res=$db->sql_query($sql); if($res<=0){ $errmsgs[]=_PwdChangeProblem; }else { $goodmsgs[]=_PwdChanged; $saved=true; } */ } if (!$saved) { $errmsgs[] = _PwdNotChanged; } } } $message = ''; if (count($goodmsgs) > 0) { $message .= '<span class="ok">' . implode('<br>', $goodmsgs) . '</span>'; } if (count($errmsgs) > 0) { $message .= '<span class="alert">' . implode('<br>', $errmsgs) . '</span>'; } return $message; }