Ejemplo n.º 1
 function __actionEdit()
     if (!($author_id = $this->_context[1])) {
         redirect(URL . '/symphony/system/authors/');
     $isOwner = $author_id == Administration::instance()->Author->get('id');
     if (@array_key_exists('save', $_POST['action']) || @array_key_exists('done', $_POST['action'])) {
         $fields = $_POST['fields'];
         $this->_Author = AuthorManager::fetchByID($author_id);
         $authenticated = false;
         if ($fields['email'] != $this->_Author->get('email')) {
             $changing_email = true;
         // Check the old password was correct
         if (isset($fields['old-password']) && strlen(trim($fields['old-password'])) > 0 && General::hash(trim($fields['old-password'])) == $this->_Author->get('password')) {
             $authenticated = true;
         } elseif (Administration::instance()->Author->isDeveloper() && $isOwner === false) {
             $authenticated = true;
         $this->_Author->set('id', $author_id);
         if ($this->_Author->isPrimaryAccount() || $isOwner && Administration::instance()->Author->isDeveloper()) {
             $this->_Author->set('user_type', 'developer');
             // Primary accounts are always developer, Developers can't lower their level
         } elseif (Administration::instance()->Author->isDeveloper() && isset($fields['user_type'])) {
             $this->_Author->set('user_type', $fields['user_type']);
             // Only developer can change user type
         $this->_Author->set('email', $fields['email']);
         $this->_Author->set('username', $fields['username']);
         $this->_Author->set('first_name', General::sanitize($fields['first_name']));
         $this->_Author->set('last_name', General::sanitize($fields['last_name']));
         $this->_Author->set('language', $fields['language']);
         if (trim($fields['password']) != '') {
             $this->_Author->set('password', General::hash($fields['password']));
             $changing_password = true;
         $this->_Author->set('default_section', intval($fields['default_section']));
         $this->_Author->set('auth_token_active', $fields['auth_token_active'] ? $fields['auth_token_active'] : 'no');
         if ($this->_Author->validate($this->_errors)) {
             if (!$authenticated && ($changing_password || $changing_email)) {
                 if ($changing_password) {
                     $this->_errors['old-password'] = __('Wrong password. Enter old password to change it.');
                 } elseif ($changing_email) {
                     $this->_errors['old-password'] = __('Wrong password. Enter old one to change email address.');
             } elseif (($fields['password'] != '' || $fields['password-confirmation'] != '') && $fields['password'] != $fields['password-confirmation']) {
                 $this->_errors['password'] = $this->_errors['password-confirmation'] = __('Passwords did not match');
             } elseif ($this->_Author->commit()) {
                 Symphony::Database()->delete('tbl_forgotpass', " `expiry` < '" . DateTimeObj::getGMT('c') . "' OR `author_id` = '" . $author_id . "' ");
                 if ($isOwner) {
                     $this->_Parent->login($this->_Author->get('username'), $this->_Author->get('password'), true);
                 ## TODO: Fix me
                 # Delegate: Edit
                 # Description: After editing an author. ID of the author is provided.
                 //$ExtensionManager->notifyMembers('Edit', getCurrentPage(), array('author_id' => $_REQUEST['id']));
                 redirect(URL . '/symphony/system/authors/edit/' . $author_id . '/saved/');
             } else {
                 $this->pageAlert(__('Unknown errors occurred while attempting to save. Please check your <a href="%s">activity log</a>.', array(URL . '/symphony/system/log/')), Alert::ERROR);
     } elseif (@array_key_exists('delete', $_POST['action'])) {
         ## TODO: Fix Me
         # Delegate: Delete
         # Description: Prior to deleting an author. ID is provided.
         //$ExtensionManager->notifyMembers('Delete', getCurrentPage(), array('author_id' => $author_id));
         if (!$isOwner) {
             redirect(URL . '/symphony/system/authors/');
         } else {
             $this->pageAlert(__('You cannot remove yourself as you are the active Author.'), Alert::ERROR);
 public function __actionEdit()
     if (!($author_id = $this->_context[1])) {
         redirect(SYMPHONY_URL . '/system/authors/');
     $isOwner = $author_id == Administration::instance()->Author->get('id');
     if (@array_key_exists('save', $_POST['action']) || @array_key_exists('done', $_POST['action'])) {
         $fields = $_POST['fields'];
         $this->_Author = AuthorManager::fetchByID($author_id);
         $authenticated = false;
         if ($fields['email'] != $this->_Author->get('email')) {
             $changing_email = true;
         // Check the old password was correct
         if (isset($fields['old-password']) && strlen(trim($fields['old-password'])) > 0 && General::hash(trim($fields['old-password'])) == $this->_Author->get('password')) {
             $authenticated = true;
         } else {
             if (Administration::instance()->Author->isDeveloper()) {
                 $authenticated = true;
         $this->_Author->set('id', $author_id);
         if ($this->_Author->isPrimaryAccount() || $isOwner && Administration::instance()->Author->isDeveloper()) {
             $this->_Author->set('user_type', 'developer');
             // Primary accounts are always developer, Developers can't lower their level
         } elseif (Administration::instance()->Author->isDeveloper() && isset($fields['user_type'])) {
             $this->_Author->set('user_type', $fields['user_type']);
             // Only developer can change user type
         $this->_Author->set('email', $fields['email']);
         $this->_Author->set('username', $fields['username']);
         $this->_Author->set('first_name', General::sanitize($fields['first_name']));
         $this->_Author->set('last_name', General::sanitize($fields['last_name']));
         $this->_Author->set('language', $fields['language']);
         if (trim($fields['password']) != '') {
             $this->_Author->set('password', General::hash($fields['password']));
             $changing_password = true;
         // Don't allow authors to set the Section Index as a default area
         // If they had it previously set, just save `null` which will redirect
         // the Author (when logging in) to their own Author record
         if ($this->_Author->get('user_type') == 'author' && $fields['default_area'] == '/blueprints/sections/') {
             $this->_Author->set('default_area', null);
         } else {
             $this->_Author->set('default_area', $fields['default_area']);
         $this->_Author->set('auth_token_active', $fields['auth_token_active'] ? $fields['auth_token_active'] : 'no');
         if ($this->_Author->validate($this->_errors)) {
             if (!$authenticated && ($changing_password || $changing_email)) {
                 if ($changing_password) {
                     $this->_errors['old-password'] = __('Wrong password. Enter old password to change it.');
                 } elseif ($changing_email) {
                     $this->_errors['old-password'] = __('Wrong password. Enter old one to change email address.');
             } elseif (($fields['password'] != '' || $fields['password-confirmation'] != '') && $fields['password'] != $fields['password-confirmation']) {
                 $this->_errors['password'] = $this->_errors['password-confirmation'] = __('Passwords did not match');
             } elseif ($this->_Author->commit()) {
                 Symphony::Database()->delete('tbl_forgotpass', " `expiry` < '" . DateTimeObj::getGMT('c') . "' OR `author_id` = '" . $author_id . "' ");
                 if ($isOwner) {
                     Administration::instance()->login($this->_Author->get('username'), $this->_Author->get('password'), true);
                  * After editing an author, provided with the Author object
                  * @delegate AuthorPostEdit
                  * @since Symphony 2.2
                  * @param string $context
                  * '/system/authors/'
                  * @param Author $author
                  * An Author object
                 Symphony::ExtensionManager()->notifyMembers('AuthorPostEdit', '/system/authors/', array('author' => $this->_Author));
                 redirect(SYMPHONY_URL . '/system/authors/edit/' . $author_id . '/saved/');
             } else {
                 $this->pageAlert(__('Unknown errors occurred while attempting to save.') . '<a href="' . SYMPHONY_URL . '/system/log/">' . __('Check your activity log') . '</a>.', Alert::ERROR);
         } else {
             if (is_array($this->_errors) && !empty($this->_errors)) {
                 $this->pageAlert(__('There were some problems while attempting to save. Please check below for problem fields.'), Alert::ERROR);
     } else {
         if (@array_key_exists('delete', $_POST['action'])) {
              * Prior to deleting an author, provided with the Author ID.
              * @delegate AuthorPreDelete
              * @since Symphony 2.2
              * @param string $context
              * '/system/authors/'
              * @param integer $author_id
              *  The ID of Author ID that is about to be deleted
             Symphony::ExtensionManager()->notifyMembers('AuthorPreDelete', '/system/authors/', array('author_id' => $author_id));
             if (!$isOwner) {
                 redirect(SYMPHONY_URL . '/system/authors/');
             } else {
                 $this->pageAlert(__('You cannot remove yourself as you are the active Author.'), Alert::ERROR);
            $password_changed = false;
            if (trim($fields['password']) != "" && trim($fields['new_password']) != "") {
                $author->set('password', md5($fields['new_password']));
                $password_changed = true;
            if ($author->commit()) {
                if ($_REQUEST['id'] == $Admin->getAuthorID()) {
                    $args = unserialize($_COOKIE[__SYM_COOKIE__]);
                    $Admin->login($args['username'], !$password_changed ? $args['password'] : md5($fields['new_password']), true, true);
                # Delegate: Edit
                # Description: After editing an author. ID of the author is provided.
                $CampfireManager->notifyMembers('Edit', CURRENTPAGE, array("author_id" => $_REQUEST['id']));
                if (@array_key_exists("save", $_POST['action'])) {
                    General::redirect(URL . "/symphony/?page=/settings/authors/edit/&id=" . $_REQUEST['id'] . "&_f=saved");
                General::redirect(URL . "/symphony/?page=/settings/authors/&_f=saved");
if (@array_key_exists("delete", $_POST['action'])) {
    # Delegate: Delete
    # Description: Prior to deleting an author. ID is provided.
    $CampfireManager->notifyMembers('Delete', CURRENTPAGE, array("author_id" => $author_id));
    $Admin->flush_cache(array("entries", "authors", "comments"));
    General::redirect(URL . "/symphony/?page=/settings/authors/&_f=complete");