/** * POST /user * * @param \Base $f3 * @throws \Exception */ public function save($f3) { $f3 = \Base::instance(); $post = array_map("trim", $f3->get("POST")); $user = new \Model\User(); $user->load($this->_userId); if (!empty($post["old_pass"])) { $security = \Helper\Security::instance(); // Update password if ($security->hash($post["old_pass"], $user->salt) == $user->password) { $min = $f3->get("security.min_pass_len"); if (strlen($post["new_pass"]) >= $min) { if ($post["new_pass"] == $post["new_pass_confirm"]) { $user->salt = $security->salt(); $user->password = $security->hash($post["new_pass"], $user->salt); $f3->set("success", "Password updated successfully."); } else { $f3->set("error", "New passwords do not match"); } } else { $f3->set("error", "New password must be at least {$min} characters."); } } else { $f3->set("error", "Current password entered is not valid."); } } elseif (!empty($post["action"]) && $post["action"] == "options") { // Update option values $user->option("disable_mde", !empty($post["disable_mde"])); $user->option("disable_due_alerts", !empty($post["disable_due_alerts"])); } else { // Update profile if (!empty($post["name"])) { $user->name = filter_var($post["name"], FILTER_SANITIZE_STRING); } else { $error = "Please enter your name."; } if (preg_match("/^([\\p{L}\\.\\-\\d]+)@([\\p{L}\\-\\.\\d]+)((\\.(\\p{L})+)+)\$/im", $post["email"])) { $user->email = $post["email"]; } else { $error = $post["email"] . " is not a valid email address."; } if (empty($error) && ctype_xdigit(ltrim($post["task_color"], "#"))) { $user->task_color = ltrim($post["task_color"], "#"); } elseif (empty($error)) { $error = $post["task_color"] . " is not a valid color code."; } if (empty($post["theme"])) { $user->theme = null; } else { $user->theme = $post["theme"]; } if (empty($post["language"])) { $user->language = null; } else { $user->language = $post["language"]; } if (empty($error)) { $f3->set("success", "Profile updated successfully."); } else { $f3->set("error", $error); } } $user->save(); $f3->set("title", $f3->get("dict.my_account")); $f3->set("menuitem", "user"); // Use new user values for page $user->loadCurrent(); $f3->set("languages", $this->_languages); $this->_loadThemes(); $this->_render("user/account.html"); }