echo "<td class=\"role column-role\">"; echo $role_name; echo '</td>'; } if (!in_array("website", $options['aue_hidden_fields'])) { echo "<td ><a href='{$url}' title='website: {$url}'>{$short_url}</a></td>"; } if (!in_array("posts", $options['aue_hidden_fields'])) { echo "<td class=\"posts column-posts num\">{$numposts}</td>"; } // print all the content of extra fields if there are some if (count($extra_fields) > 0) { foreach ($extra_fields as $thisField) { $field_id = $thisField['ID']; // if user has not yet fields in the data table then create them cimy_insert_ExtraFields_if_not_exist($user_object->ID, $field_id); } // retrieve extra fields data from DB $ef_db = $wpdb->get_results("SELECT FIELD_ID, VALUE FROM " . $wpdb_data_table . " WHERE USER_ID = " . $user_object->ID, ARRAY_A); foreach ($extra_fields as $thisField) { $rules = $thisField['RULES']; $type = $thisField['TYPE']; $value = $thisField['VALUE']; if ($type == "avatar") { continue; } if ($rules['show_in_aeu']) { $field_id = $thisField['ID']; foreach ($ef_db as $d_field) { if ($d_field['FIELD_ID'] == $field_id) { $field = cimy_uef_sanitize_content($d_field['VALUE']);
function cimy_update_ExtraFields_new_me() { global $wpdb, $wpdb_data_table, $user_ID, $max_length_value, $fields_name_prefix, $cimy_uef_file_types, $user_level, $cimy_uef_domain; include_once ABSPATH . '/wp-admin/includes/user.php'; // if updating meta-data from registration post then exit if (isset($_POST['cimy_post'])) { return; } if (isset($_POST['user_id'])) { $get_user_id = $_POST['user_id']; if (!current_user_can('edit_user', $get_user_id)) { return; } } else { return; } //echo "asd"; if (!function_exists('get_cimyFields')) { return; } $get_user_id = intval($get_user_id); $profileuser = get_user_to_edit($get_user_id); $user_login = $profileuser->user_login; $user_displayname = $profileuser->display_name; $extra_fields = get_cimyFields(false, true); $query = "UPDATE " . $wpdb_data_table . " SET VALUE=CASE FIELD_ID"; $i = 0; $field_ids = ""; $mail_changes = ""; foreach ($extra_fields as $thisField) { $field_id = $thisField["ID"]; $name = $thisField["NAME"]; $type = $thisField["TYPE"]; $label = $thisField["LABEL"]; $rules = $thisField["RULES"]; $unique_id = $fields_name_prefix . $field_id; $input_name = $fields_name_prefix . esc_attr($name); $field_id_data = $input_name . "_" . $field_id . "_data"; $advanced_options = cimy_uef_parse_advanced_options($rules["advanced_options"]); cimy_insert_ExtraFields_if_not_exist($get_user_id, $field_id); // if the current user LOGGED IN has not enough permissions to see the field, skip it // apply only for EXTRA FIELDS if ($rules['show_level'] == 'view_cimy_extra_fields') { if (!current_user_can($rules['show_level'])) { continue; } } else { if ($user_level < $rules['show_level']) { continue; } } // if show_level == anonymous then do NOT ovverride other show_xyz rules if ($rules['show_level'] == -1) { // if flag to show the field in the profile is NOT activated, skip it if (!$rules['show_in_profile']) { continue; } } $prev_value = $wpdb->escape(stripslashes($_POST[$input_name . "_" . $field_id . "_prev_value"])); if (cimy_uef_is_field_disabled($type, $rules['edit'], $prev_value)) { continue; } if (isset($_POST[$input_name]) && !in_array($type, $cimy_uef_file_types)) { if ($type == "dropdown-multi") { $field_value = stripslashes(implode(",", $_POST[$input_name])); } else { $field_value = stripslashes($_POST[$input_name]); } if ($type == "picture-url") { $field_value = str_replace('../', '', $field_value); } if (isset($rules['max_length'])) { $field_value = substr($field_value, 0, $rules['max_length']); } else { $field_value = substr($field_value, 0, $max_length_value); } $field_value = $wpdb->escape($field_value); if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $query .= " WHEN " . $field_id . " THEN "; switch ($type) { case 'dropdown': case 'dropdown-multi': $ret = cimy_dropDownOptions($label, $field_value); $label = $ret['label']; case 'picture-url': case 'textarea': case 'textarea-rich': case 'password': case 'text': $value = "'" . $field_value . "'"; $prev_value = "'" . $prev_value . "'"; break; case 'checkbox': $value = $field_value == '1' ? "'YES'" : "'NO'"; $prev_value = $prev_value == "YES" ? "'YES'" : "'NO'"; break; case 'radio': $value = $field_value == $field_id ? "'selected'" : "''"; $prev_value = "'" . $prev_value . "'"; break; } $query .= $value; } else { $rules = $thisField['RULES']; if (in_array($type, $cimy_uef_file_types)) { if ($type == "avatar") { // since avatars are drawn max to 512px then we can save bandwith resizing, do it! $rules['equal_to'] = 512; } if (isset($_POST[$input_name . '_del'])) { $delete_file = true; } else { $delete_file = false; } if (isset($_POST[$input_name . "_" . $field_id . "_prev_value"])) { $old_file = stripslashes($_POST[$input_name . "_" . $field_id . "_prev_value"]); } else { $old_file = false; } $field_value = cimy_manage_upload($input_name, $user_login, $rules, $old_file, $delete_file, $type, !empty($advanced_options["filename"]) ? $advanced_options["filename"] : ""); if (!empty($field_value) || $delete_file) { if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $value = "'" . $field_value . "'"; $prev_value = "'" . $prev_value . "'"; $query .= " WHEN " . $field_id . " THEN "; $query .= $value; } else { $prev_value = $value; $file_on_server = cimy_uef_get_dir_or_filename($user_login, $old_file, false); if ($type == "picture" || $type == "avatar") { cimy_uef_crop_image($file_on_server, $field_id_data); } } } if ($type == 'checkbox') { // if can be editable then write NO // there is no way to understand if was YES or NO previously // without adding other hidden inputs so write always if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $field_value = "NO"; $value = "'" . $field_value . "'"; $prev_value = $prev_value == "YES" ? "'YES'" : "'NO'"; $query .= " WHEN " . $field_id . " THEN "; $query .= $value; } if ($type == 'dropdown-multi') { // if can be editable then write '' // there is no way to understand if was YES or NO previously // without adding other hidden inputs so write always if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $field_value = ''; $value = "'" . $field_value . "'"; $prev_value = "'" . $prev_value . "'"; $ret = cimy_dropDownOptions($label, $field_value); $label = $ret['label']; $query .= " WHEN " . $field_id . " THEN "; $query .= $value; } } if ($rules["email_admin"] && $value != $prev_value && $type != "registration-date") { $mail_changes .= sprintf(__("%s previous value: %s new value: %s", $cimy_uef_domain), $label, stripslashes($prev_value), stripslashes($value)); $mail_changes .= "\r\n"; } } if ($i > 0) { $query .= " ELSE FIELD_ID END WHERE FIELD_ID IN(" . $field_ids . ") AND USER_ID = " . $get_user_id; // $query WILL BE: UPDATE <table> SET VALUE=CASE FIELD_ID WHEN <field_id1> THEN <value1> [WHEN ... THEN ...] ELSE FIELD_ID END WHERE FIELD_ID IN(<field_id1>, [<field_id2>...]) AND USER_ID=<user_id> $wpdb->query($query); } // mail only if set and if there is something to mail if (!empty($mail_changes)) { $admin_email = get_option('admin_email'); $mail_subject = sprintf(__("%s (%s) has changed one or more fields", $cimy_uef_domain), $user_displayname, $user_login); wp_mail($admin_email, $mail_subject, $mail_changes); } }
function cimy_update_ExtraFields() { global $wpdb, $wpdb_data_table, $user_ID, $max_length_value, $fields_name_prefix, $cimy_uef_file_types, $user_level; // if updating meta-data from registration post then exit if (isset($_POST['cimy_post'])) { return; } if (isset($_POST['user_id'])) { $get_user_id = $_POST['user_id']; if (!current_user_can('edit_user', $get_user_id)) { return; } } else { return; } $get_user_id = intval($get_user_id); $extra_fields = get_cimyFields(false, true); $query = "UPDATE " . $wpdb_data_table . " SET VALUE=CASE FIELD_ID"; $i = 0; $field_ids = ""; foreach ($extra_fields as $thisField) { $field_id = $thisField["ID"]; $name = $thisField["NAME"]; $type = $thisField["TYPE"]; $label = $thisField["LABEL"]; $rules = $thisField["RULES"]; $input_name = $fields_name_prefix . $wpdb->escape($name); cimy_insert_ExtraFields_if_not_exist($get_user_id, $field_id); // if the current user LOGGED IN has not enough permissions to see the field, skip it // apply only for EXTRA FIELDS if ($user_level < $rules['show_level']) { continue; } // if show_level == anonymous then do NOT ovverride other show_xyz rules if ($rules['show_level'] == -1) { // if flag to show the field in the profile is NOT activated, skip it if (!$rules['show_in_profile']) { continue; } } if (isset($_POST[$input_name]) && !in_array($type, $cimy_uef_file_types)) { if ($type == "dropdown-multi") { $field_value = stripslashes(implode(",", $_POST[$input_name])); } else { $field_value = stripslashes($_POST[$input_name]); } if ($type == "picture-url") { $field_value = str_replace('../', '', $field_value); } if (isset($rules['max_length'])) { $field_value = substr($field_value, 0, $rules['max_length']); } else { $field_value = substr($field_value, 0, $max_length_value); } $field_value = $wpdb->escape($field_value); if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $query .= " WHEN " . $field_id . " THEN "; switch ($type) { case 'picture-url': case 'textarea': case 'textarea-rich': case 'dropdown': case 'dropdown-multi': case 'password': case 'text': $value = "'" . $field_value . "'"; break; case 'checkbox': $value = $field_value == '1' ? "'YES'" : "'NO'"; break; case 'radio': $value = $field_value == $field_id ? "'selected'" : "''"; break; } $query .= $value; } else { $rules = $thisField['RULES']; if (in_array($type, $cimy_uef_file_types)) { $profileuser = get_user_to_edit($get_user_id); $user_login = $profileuser->user_login; if ($type == "avatar") { // since avatars are drawn max to 512px then we can save bandwith resizing, do it! $rules['equal_to'] = 512; } if (isset($_POST[$input_name . '_del'])) { $delete_file = true; } else { $delete_file = false; } if (isset($_POST[$input_name . '_oldfile'])) { $old_file = stripslashes($_POST[$input_name . '_oldfile']); } else { $old_file = false; } $field_value = cimy_manage_upload($input_name, $user_login, $rules, $old_file, $delete_file, $type); if ($field_value != "" || $delete_file) { if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $value = "'" . $field_value . "'"; $query .= " WHEN " . $field_id . " THEN "; $query .= $value; } } if ($type == 'checkbox') { // if can be editable then write NO // there is no way to understand if was YES or NO previously // without adding other hidden inputs so write always if ($rules['edit'] == "ok_edit" || $rules['edit'] == 'edit_only_by_admin' && current_user_can('edit_users')) { if ($i > 0) { $field_ids .= ", "; } else { $i = 1; } $field_ids .= $field_id; $query .= " WHEN " . $field_id . " THEN "; $query .= "'NO'"; } } } } if ($i > 0) { $query .= " ELSE FIELD_ID END WHERE FIELD_ID IN(" . $field_ids . ") AND USER_ID = " . $get_user_id; // $query WILL BE: UPDATE <table> SET VALUE=CASE FIELD_ID WHEN <field_id1> THEN <value1> [WHEN ... THEN ...] ELSE FIELD_ID END WHERE FIELD_ID IN(<field_id1>, [<field_id2>...]) AND USER_ID=<user_id> $wpdb->query($query); } }