/**
* Gets user object by sid
*
* @param int $user_sid
* @return SJB_User
*/
public static function getObjectBySID($user_sid)
{
$user_info = SJB_UserManager::getUserInfoBySID($user_sid);
if (!is_null($user_info)) {
$user = new SJB_User($user_info, $user_info['user_group_sid']);
$user->setSID($user_info['sid']);
return $user;
}
return null;
}
public function execute()
{
$user_info = SJB_UserManager::getCurrentUserInfo();
$field_id = isset($_REQUEST['field_id']) ? $_REQUEST['field_id'] : null;
if (is_null($field_id)) {
$errors['PARAMETERS_MISSED'] = 1;
} elseif (!isset($user_info[$field_id])) {
$errors['WRONG_PARAMETERS_SPECIFIED'] = 1;
} else {
$uploaded_file_id = $user_info[$field_id];
SJB_UploadFileManager::deleteUploadedFileByID($uploaded_file_id);
$user_info[$field_id] = "";
$user_info['email'] = array('original' => $user_info['email']);
$user = new SJB_User($user_info, $user_info['user_group_sid']);
$user->deleteProperty("active");
$user->deleteProperty('password');
$user->setSID(SJB_UserManager::getCurrentUserSID());
SJB_UserManager::saveUser($user);
}
$template_processor = SJB_System::getTemplateProcessor();
$template_processor->assign("errors", isset($errors) ? $errors : null);
$template_processor->display("delete_uploaded_file.tpl");
}
public function execute()
{
$tp = SJB_System::getTemplateProcessor();
$errors = array();
$template = 'sub_accounts.tpl';
$currentUserInfo = SJB_UserManager::getCurrentUserInfo();
$listSubusers = false;
if (!empty($currentUserInfo['subuser']) && SJB_Request::getVar('action_name') != 'edit' && SJB_Request::getVar('user_id', 0) != $currentUserInfo['subuser']['sid']) {
$errors['ACCESS_DENIED'] = 'ACCESS_DENIED';
}
switch (SJB_Request::getVar('action_name')) {
case 'new':
$form_submitted = SJB_Request::getMethod() === SJB_Request::METHOD_POST;
$user_group_sid = $currentUserInfo['user_group_sid'];
$user_group_info = SJB_UserGroupManager::getUserGroupInfoBySID($user_group_sid);
$_REQUEST['user_group_id'] = $user_group_info['id'];
$user = SJB_ObjectMother::createUser($_REQUEST, $user_group_sid);
$props = $user->getProperties();
$allowedProperties = array('username', 'email', 'password');
foreach ($props as $prop) {
if (!in_array($prop->getID(), $allowedProperties)) {
$user->deleteProperty($prop->getID());
}
}
$registration_form = SJB_ObjectMother::createForm($user);
$registration_form->registerTags($tp);
if (SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($user_group_sid) && $form_submitted) {
$email = $user->getPropertyValue('email');
if (is_array($email)) {
$email = $email['original'];
}
$user->setPropertyValue('username', $email);
}
$registration_form = SJB_ObjectMother::createForm($user);
if ($form_submitted && $registration_form->isDataValid($errors)) {
$user->addParentProperty($currentUserInfo['sid']);
$subuserPermissions = array('subuser_add_listings' => array('title' => 'Add new listings', 'value' => 'deny'), 'subuser_manage_listings' => array('title' => 'Manage listings and applications of other sub users', 'value' => 'deny'), 'subuser_manage_subscription' => array('title' => 'View and update subscription', 'value' => 'deny'), 'subuser_use_screening_questionnaires' => array('title' => 'Manage Questionnaries', 'value' => 'deny'));
SJB_UserManager::saveUser($user);
SJB_Statistics::addStatistics('addSubAccount', $user->getUserGroupSID(), $user->getSID());
SJB_Acl::clearPermissions('user', $user->getSID());
foreach ($subuserPermissions as $permissionID => $permission) {
$allowDeny = SJB_Request::getVar($permissionID, 'deny');
$subuserPermissions[$permissionID]['value'] = $allowDeny;
SJB_Acl::allow($permissionID, 'user', $user->getSID(), $allowDeny);
}
SJB_UserManager::activateUserByUserName($user->getUserName());
SJB_Notifications::sendSubuserRegistrationLetter($user, SJB_Request::get(), $subuserPermissions);
$tp->assign('isSubuserRegistered', true);
$listSubusers = true;
} else {
if (SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($user_group_sid)) {
$user->deleteProperty("username");
}
$registration_form = SJB_ObjectMother::createForm($user);
if ($form_submitted) {
$registration_form->isDataValid($errors);
}
$registration_form->registerTags($tp);
$form_fields = $registration_form->getFormFieldsInfo();
$user_group_info = SJB_UserGroupManager::getUserGroupInfoBySID($user_group_sid);
$tp->assign("user_group_info", $user_group_info);
$tp->assign("errors", $errors);
$tp->assign("form_fields", $form_fields);
$metaDataProvider = SJB_ObjectMother::getMetaDataProvider();
$tp->assign("METADATA", array("form_fields" => $metaDataProvider->getFormFieldsMetadata($form_fields)));
$tp->display('subuser_registration_form.tpl');
}
break;
case 'edit':
$userInfo = SJB_UserManager::getUserInfoBySID(SJB_Request::getVar('user_id', 0));
if (!empty($userInfo) && $userInfo['parent_sid'] === $currentUserInfo['sid']) {
$userInfo = array_merge($userInfo, $_REQUEST);
$user_group_info = SJB_UserGroupManager::getUserGroupInfoBySID($currentUserInfo['user_group_sid']);
$user = new SJB_User($userInfo, $userInfo['user_group_sid']);
$user->setSID($userInfo['sid']);
$user->addParentProperty($currentUserInfo['sid']);
$props = $user->getProperties();
$allowedProperties = array('username', 'email', 'password');
foreach ($props as $prop) {
if (!in_array($prop->getID(), $allowedProperties)) {
$user->deleteProperty($prop->getID());
}
}
$user->makePropertyNotRequired("password");
$edit_profile_form = SJB_ObjectMother::createForm($user);
$edit_profile_form->registerTags($tp);
$edit_profile_form->makeDisabled("username");
$form_submitted = SJB_Request::getMethod() == SJB_Request::METHOD_POST;
if (empty($errors) && $form_submitted && $edit_profile_form->isDataValid($errors)) {
$password_value = $user->getPropertyValue('password');
if (empty($password_value['original'])) {
$user->deleteProperty('password');
}
$currentUser = SJB_UserManager::getCurrentUser();
if (!$currentUser->isSubuser()) {
$subuserPermissions = array('subuser_add_listings', 'subuser_manage_listings', 'subuser_manage_subscription', 'subuser_use_screening_questionnaires');
SJB_Acl::clearPermissions('user', $user->getSID());
foreach ($subuserPermissions as $permission) {
SJB_Acl::allow($permission, 'user', $user->getSID(), SJB_Request::getVar($permission, 'deny'));
}
}
SJB_UserManager::saveUser($user);
$tp->assign("form_is_submitted", true);
} else {
$tp->assign("errors", $errors);
}
$form_fields = $edit_profile_form->getFormFieldsInfo();
$metaDataProvider = SJB_ObjectMother::getMetaDataProvider();
$tp->assign("METADATA", array("form_fields" => $metaDataProvider->getFormFieldsMetadata($form_fields)));
$tp->assign("form_fields", $form_fields);
$tp->assign('user_info', $userInfo);
$tp->display('edit_subuser_profile.tpl');
}
break;
case 'delete':
$users = SJB_Request::getVar('user_id', array());
foreach ($users as $user) {
SJB_UserManager::deleteUserById($user);
}
$listSubusers = true;
break;
default:
$listSubusers = true;
break;
}
if ($listSubusers) {
$tp->assign('errors', $errors);
$tp->assign('subusers', SJB_UserManager::getSubusers($currentUserInfo['sid']));
$tp->assign('isEmailAsUsername', SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($currentUserInfo['user_group_sid']));
$tp->display($template);
}
}
public function execute()
{
$tp = SJB_System::getTemplateProcessor();
$user_info = SJB_Authorization::getCurrentUserInfo();
if (!empty($user_info['subuser'])) {
SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . '/sub-accounts/edit/?user_id=' . $user_info['subuser']['sid']);
}
if (!empty($user_info)) {
$user_info = array_merge($user_info, $_REQUEST);
$username = $user_info['username'];
$user_group_info = SJB_UserGroupManager::getUserGroupInfoBySID($user_info['user_group_sid']);
$delete_profile = SJB_Request::getVar('command', '', 'post') == 'unregister-user';
$errors = array();
if ($delete_profile && SJB_Acl::getInstance()->isAllowed('delete_user_profile')) {
try {
$user = SJB_UserManager::getObjectBySID($user_info['sid']);
SJB_UserManager::deleteUserById($user_info['sid']);
SJB_AdminNotifications::sendAdminDeletingUserProfile($user, SJB_Request::getVar('reason', '', 'post'));
SJB_Authorization::logout();
$user_info = array();
SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . '/edit-profile/?profile_deleted=true');
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
}
$user = new SJB_User($user_info, $user_info['user_group_sid']);
$user->setSID($user_info['sid']);
$user->deleteProperty("active");
$user->deleteProperty("featured");
$user->makePropertyNotRequired("password");
$user->getProperty('email')->type->disableEmailConfirmation();
$edit_profile_form = new SJB_Form($user);
$edit_profile_form->registerTags($tp);
$edit_profile_form->makeDisabled("username");
$form_submitted = SJB_Request::getVar('action', false) == 'save_info';
if ($form_submitted && $edit_profile_form->isDataValid($errors)) {
$password_value = $user->getPropertyValue('password');
if (empty($password_value['original'])) {
$user->deleteProperty('password');
}
SJB_UserManager::saveUser($user);
SJB_Authorization::updateCurrentUserSession();
// >>> SJB-1197
// needs to check session for ajax-uploaded files, and set it to user profile
$tmpUploadsStorage = SJB_Session::getValue('tmp_uploads_storage');
$formToken = SJB_Request::getVar('form_token');
if (!empty($formToken)) {
$tmpUploadedFields = SJB_Array::getPath($tmpUploadsStorage, $formToken);
if (!is_null($tmpUploadsStorage) && is_array($tmpUploadedFields)) {
// prepare user profile fields array
$userProfileFieldsInfo = SJB_UserProfileFieldManager::getAllFieldsInfo();
$userProfileFields = array();
foreach ($userProfileFieldsInfo as $field) {
$userProfileFields[$field['id']] = $field;
}
// look for temporary values
foreach ($tmpUploadedFields as $fieldId => $fieldInfo) {
// check field ID for valid ID in user profile fields
if (!array_key_exists($fieldId, $userProfileFields) || empty($fieldInfo)) {
continue;
}
$fieldType = $userProfileFields[$fieldId]['type'];
$profilePropertyId = $fieldId . '_' . $user->getSID();
switch (strtolower($fieldType)) {
case 'video':
case 'file':
// change temporary file ID
SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` = ?s", $profilePropertyId, $fieldInfo['file_id']);
// set value of user property to new uploaded file
$user->setPropertyValue($fieldId, $profilePropertyId);
break;
case 'logo':
// change temporary file ID and thumb ID
SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` = ?s", $profilePropertyId, $fieldInfo['file_id']);
SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` = ?s", $profilePropertyId . '_thumb', $fieldInfo['file_id'] . '_thumb');
// set value of user property to new uploaded file
$user->setPropertyValue($fieldId, $profilePropertyId);
break;
default:
break;
}
$tmpUploadsStorage = SJB_Array::unsetValueByPath($tmpUploadsStorage, "{$formToken}/{$fieldId}");
}
// and save user with new fields data
SJB_UserManager::saveUser($user);
SJB_Authorization::updateCurrentUserSession();
// clean temporary storage
$tmpUploadsStorage = SJB_Array::unsetValueByPath($tmpUploadsStorage, "{$formToken}");
// CLEAR TEMPORARY SESSION STORAGE
SJB_Session::setValue('tmp_uploads_storage', $tmpUploadsStorage);
}
}
// <<< SJB-1197
$tp->assign("form_is_submitted", true);
} else {
$tp->assign("errors", $errors);
}
$form_fields = $edit_profile_form->getFormFieldsInfo();
$metaDataProvider = SJB_ObjectMother::getMetaDataProvider();
$tp->assign("METADATA", array("form_fields" => $metaDataProvider->getFormFieldsMetadata($form_fields)));
$tp->assign("show_mailing_flag", $user_group_info['show_mailing_flag']);
$tp->assign("form_fields", $form_fields);
$tp->assign('userTree', true);
$tp->display('edit_profile.tpl');
} elseif (empty($user_info) && SJB_Request::getVar('profile_deleted', '') == true) {
$user = new SJB_User(array());
$edit_profile_form = new SJB_Form($user);
$edit_profile_form->registerTags($tp);
$edit_profile_form->makeDisabled("username");
$form_fields = $edit_profile_form->getFormFieldsInfo();
$metaDataProvider = SJB_ObjectMother::getMetaDataProvider();
$tp->assign("METADATA", array("form_fields" => $metaDataProvider->getFormFieldsMetadata($form_fields)));
$tp->assign("form_fields", $form_fields);
$tp->assign('action', 'delete_profile');
$tp->assign('tree_link_users', 'users');
$tp->assign('userTree', true);
$tp->display('edit_profile.tpl');
} else {
$tp->assign("ERROR", "NOT_LOGIN");
$tp->display("../miscellaneous/error.tpl");
return;
}
}
public function execute()
{
$tp = SJB_System::getTemplateProcessor();
$parent_name = null;
$user_sid = SJB_Request::getVar('user_sid', false);
if (!is_null($user_sid)) {
$user_info = SJB_UserManager::getUserInfoBySID($user_sid);
$user_info = array_merge($user_info, $_REQUEST);
$form_submitted = SJB_Request::getVar('action_name');
$user = new SJB_User($user_info, $user_info['user_group_sid']);
if (!empty($user_info['parent_sid'])) {
$props = $user->getProperties();
$allowedProperties = array('username', 'email', 'password');
foreach ($props as $prop) {
if (!in_array($prop->getID(), $allowedProperties)) {
$user->deleteProperty($prop->getID());
}
}
$parent_name = SJB_UserManager::getUserNameByUserSID($user_info['parent_sid']);
}
$user->setSID($user_info['sid']);
$user->getProperty('email')->type->disableEmailConfirmation();
$user->deleteProperty("active");
$user->makePropertyNotRequired("password");
if (SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($user_info['user_group_sid'])) {
if ($form_submitted) {
$email = $user->getPropertyValue('email');
if (is_array($email)) {
$email = $email['original'];
}
$user->setPropertyValue('username', $email);
}
}
$user->addExtUserIDProperty($user_info['extUserID']);
$edit_user_form = new SJB_Form($user);
$errors = array();
if ($form_submitted && $edit_user_form->isDataValid($errors)) {
$password_value = $user->getPropertyValue('password');
$properties = null;
if (empty($password_value['original'])) {
$properties = $user->getProperties();
$user->deleteProperty('password');
}
SJB_UserManager::saveUser($user);
// >>> SJB-1197
// needs to check session for ajax-uploaded files, and set it to user profile
$tmpUploadsStorage = SJB_Session::getValue('tmp_uploads_storage');
$formToken = SJB_Request::getVar('form_token');
if (!empty($formToken)) {
$tmpUploadedFields = SJB_Array::getPath($tmpUploadsStorage, $formToken);
if (!is_null($tmpUploadsStorage) && is_array($tmpUploadedFields)) {
// prepare user profile fields array
$userProfileFieldsInfo = SJB_UserProfileFieldManager::getAllFieldsInfo();
$userProfileFields = array();
foreach ($userProfileFieldsInfo as $field) {
$userProfileFields[$field['id']] = $field;
}
// look for temporary values
foreach ($tmpUploadedFields as $fieldId => $fieldInfo) {
// check field ID for valid ID in user profile fields
if (!array_key_exists($fieldId, $userProfileFields) || empty($fieldInfo)) {
continue;
}
$fieldType = $userProfileFields[$fieldId]['type'];
$profilePropertyId = $fieldId . '_' . $user->getSID();
switch (strtolower($fieldType)) {
case 'video':
case 'file':
// change temporary file ID
SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` = ?s", $profilePropertyId, $fieldInfo['file_id']);
// set value of user property to new uploaded file
$user->setPropertyValue($fieldId, $profilePropertyId);
break;
case 'logo':
// change temporary file ID and thumb ID
SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` = ?s", $profilePropertyId, $fieldInfo['file_id']);
SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` = ?s", $profilePropertyId . '_thumb', $fieldInfo['file_id'] . '_thumb');
// set value of user property to new uploaded file
$user->setPropertyValue($fieldId, $profilePropertyId);
break;
default:
break;
}
$tmpUploadsStorage = SJB_Array::unsetValueByPath($tmpUploadsStorage, "{$formToken}/{$fieldId}");
}
// and save user with new fields data
SJB_UserManager::saveUser($user);
SJB_Authorization::updateCurrentUserSession();
// clean temporary storage
$tmpUploadsStorage = SJB_Array::unsetValueByPath($tmpUploadsStorage, "{$formToken}");
// CLEAR TEMPORARY SESSION STORAGE
SJB_Session::setValue('tmp_uploads_storage', $tmpUploadsStorage);
}
}
// <<< SJB-1197
if (SJB_Request::isAjax()) {
echo "<p class=\"green\">User Saved</p>";
exit;
}
if ($form_submitted == 'save_info') {
$userGroupInfo = SJB_UserGroupManager::getUserGroupInfoBySID($user_info['user_group_sid']);
SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . "/manage-users/" . mb_strtolower($userGroupInfo['id'], 'utf8'));
}
if (!empty($properties)) {
$user->details->properties = $properties;
}
}
if (SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($user_info['user_group_sid'])) {
$user->deleteProperty("username");
}
$listingTypes = SJB_ListingTypeManager::getAllListingTypesInfo();
$products = SJB_ProductsManager::getProductsInfoByUserGroupSID($user_info['user_group_sid']);
$allowedListingTypes = array();
foreach ($products as $product) {
if (!empty($product['listing_type_sid']) && empty($allowedListingTypes[$product['listing_type_sid']])) {
foreach ($listingTypes as $listingType) {
if ($product['listing_type_sid'] == $listingType['sid']) {
$allowedListingTypes[$product['listing_type_sid']] = $listingType;
}
}
}
}
$edit_user_form = SJB_ObjectMother::createForm($user);
$edit_user_form->registerTags($tp);
$userGroupInfo = SJB_UserGroupManager::getUserGroupInfoBySID($user_info['user_group_sid']);
if (SJB_UserManager::checkBan($errors, $user_info['ip'])) {
$user_info['ip_is_banned'] = 1;
}
$tp->assign("form_fields", $edit_user_form->getFormFieldsInfo());
$tp->assign("uploadMaxFilesize", SJB_UploadFileManager::getIniUploadMaxFilesize());
$tp->assign("errors", $errors);
$tp->assign("listingTypes", $allowedListingTypes);
$tp->assign("user_info", $user_info);
$tp->assign("user_group_info", $userGroupInfo);
$tp->assign('userTree', true);
$tp->assign("parent_name", $parent_name);
$tp->assign("restore", preg_match('/manage-(jobseekers)|(employers)|([a-z0-9\\_]-users)/', SJB_Request::getVar('HTTP_REFERER', '', 'SERVER')));
SJB_System::setGlobalTemplateVariable('wikiExtraParam', $userGroupInfo['id']);
$tp->display("edit_user.tpl");
}
}
