function cimy_update_ExtraFields_new_me()
{
global $wpdb, $wpdb_data_table, $user_ID, $max_length_value, $fields_name_prefix, $cimy_uef_file_types, $user_level, $cimy_uef_domain;
include_once ABSPATH . '/wp-admin/includes/user.php';
// if updating meta-data from registration post then exit
if (isset($_POST['cimy_post'])) {
return;
}
if (isset($_POST['user_id'])) {
$get_user_id = $_POST['user_id'];
if (!current_user_can('edit_user', $get_user_id)) {
return;
}
} else {
return;
}
//echo "asd";
if (!function_exists('get_cimyFields')) {
return;
}
$get_user_id = intval($get_user_id);
$profileuser = get_user_to_edit($get_user_id);
$user_login = $profileuser->user_login;
$user_displayname = $profileuser->display_name;
$extra_fields = get_cimyFields(false, true);
$query = "UPDATE " . $wpdb_data_table . " SET VALUE=CASE FIELD_ID";
$i = 0;
$field_ids = "";
$mail_changes = "";
foreach ($extra_fields as $thisField) {
$field_id = $thisField["ID"];
$name = $thisField["NAME"];
$type = $thisField["TYPE"];
$label = $thisField["LABEL"];
$rules = $thisField["RULES"];
$unique_id = $fields_name_prefix . $field_id;
$input_name = $fields_name_prefix . esc_attr($name);
$field_id_data = $input_name . "_" . $field_id . "_data";
$advanced_options = cimy_uef_parse_advanced_options($rules["advanced_options"]);
cimy_insert_ExtraFields_if_not_exist($get_user_id, $field_id);
// if the current user LOGGED IN has not enough permissions to see the field, skip it
// apply only for EXTRA FIELDS
if ($rules['show_level'] == 'view_cimy_extra_fields') {
if (!current_user_can($rules['show_level'])) {
continue;
}
} else {
if ($user_level < $rules['show_level']) {
continue;
}
}
// if show_level == anonymous then do NOT ovverride other show_xyz rules
if ($rules['show_level'] == -1) {
// if flag to show the field in the profile is NOT activated, skip it
if (!$rules['show_in_profile']) {
continue;
}
}
$prev_value = $wpdb->escape(stripslashes($_POST[$input_name . "_" . $field_id . "_prev_value"]));
if (cimy_uef_is_field_disabled($type, $rules['edit'], $prev_value)) {
continue;
}
if (isset($_POST[$input_name]) && !in_array($type, $cimy_uef_file_types)) {
if ($type == "dropdown-multi") {
$field_value = stripslashes(implode(",", $_POST[$input_name]));
} else {
$field_value = stripslashes($_POST[$input_name]);
}
if ($type == "picture-url") {
$field_value = str_replace('../', '', $field_value);
}
if (isset($rules['max_length'])) {
$field_value = substr($field_value, 0, $rules['max_length']);
} else {
$field_value = substr($field_value, 0, $max_length_value);
}
$field_value = $wpdb->escape($field_value);
if ($i > 0) {
$field_ids .= ", ";
} else {
$i = 1;
}
$field_ids .= $field_id;
$query .= " WHEN " . $field_id . " THEN ";
switch ($type) {
case 'dropdown':
case 'dropdown-multi':
$ret = cimy_dropDownOptions($label, $field_value);
$label = $ret['label'];
case 'picture-url':
case 'textarea':
case 'textarea-rich':
case 'password':
case 'text':
$value = "'" . $field_value . "'";
$prev_value = "'" . $prev_value . "'";
break;
case 'checkbox':
$value = $field_value == '1' ? "'YES'" : "'NO'";
$prev_value = $prev_value == "YES" ? "'YES'" : "'NO'";
break;
case 'radio':
$value = $field_value == $field_id ? "'selected'" : "''";
$prev_value = "'" . $prev_value . "'";
break;
}
$query .= $value;
} else {
$rules = $thisField['RULES'];
if (in_array($type, $cimy_uef_file_types)) {
if ($type == "avatar") {
// since avatars are drawn max to 512px then we can save bandwith resizing, do it!
$rules['equal_to'] = 512;
}
if (isset($_POST[$input_name . '_del'])) {
$delete_file = true;
} else {
$delete_file = false;
}
if (isset($_POST[$input_name . "_" . $field_id . "_prev_value"])) {
$old_file = stripslashes($_POST[$input_name . "_" . $field_id . "_prev_value"]);
} else {
$old_file = false;
}
$field_value = cimy_manage_upload($input_name, $user_login, $rules, $old_file, $delete_file, $type, !empty($advanced_options["filename"]) ? $advanced_options["filename"] : "");
if (!empty($field_value) || $delete_file) {
if ($i > 0) {
$field_ids .= ", ";
} else {
$i = 1;
}
$field_ids .= $field_id;
$value = "'" . $field_value . "'";
$prev_value = "'" . $prev_value . "'";
$query .= " WHEN " . $field_id . " THEN ";
$query .= $value;
} else {
$prev_value = $value;
$file_on_server = cimy_uef_get_dir_or_filename($user_login, $old_file, false);
if ($type == "picture" || $type == "avatar") {
cimy_uef_crop_image($file_on_server, $field_id_data);
}
}
}
if ($type == 'checkbox') {
// if can be editable then write NO
// there is no way to understand if was YES or NO previously
// without adding other hidden inputs so write always
if ($i > 0) {
$field_ids .= ", ";
} else {
$i = 1;
}
$field_ids .= $field_id;
$field_value = "NO";
$value = "'" . $field_value . "'";
$prev_value = $prev_value == "YES" ? "'YES'" : "'NO'";
$query .= " WHEN " . $field_id . " THEN ";
$query .= $value;
}
if ($type == 'dropdown-multi') {
// if can be editable then write ''
// there is no way to understand if was YES or NO previously
// without adding other hidden inputs so write always
if ($i > 0) {
$field_ids .= ", ";
} else {
$i = 1;
}
$field_ids .= $field_id;
$field_value = '';
$value = "'" . $field_value . "'";
$prev_value = "'" . $prev_value . "'";
$ret = cimy_dropDownOptions($label, $field_value);
$label = $ret['label'];
$query .= " WHEN " . $field_id . " THEN ";
$query .= $value;
}
}
if ($rules["email_admin"] && $value != $prev_value && $type != "registration-date") {
$mail_changes .= sprintf(__("%s previous value: %s new value: %s", $cimy_uef_domain), $label, stripslashes($prev_value), stripslashes($value));
$mail_changes .= "\r\n";
}
}
if ($i > 0) {
$query .= " ELSE FIELD_ID END WHERE FIELD_ID IN(" . $field_ids . ") AND USER_ID = " . $get_user_id;
// $query WILL BE: UPDATE <table> SET VALUE=CASE FIELD_ID WHEN <field_id1> THEN <value1> [WHEN ... THEN ...] ELSE FIELD_ID END WHERE FIELD_ID IN(<field_id1>, [<field_id2>...]) AND USER_ID=<user_id>
$wpdb->query($query);
}
// mail only if set and if there is something to mail
if (!empty($mail_changes)) {
$admin_email = get_option('admin_email');
$mail_subject = sprintf(__("%s (%s) has changed one or more fields", $cimy_uef_domain), $user_displayname, $user_login);
wp_mail($admin_email, $mail_subject, $mail_changes);
}
}
function cimy_register_user_extra_fields($user_id, $password = "", $meta = array())
{
global $wpdb_data_table, $wpdb, $max_length_value, $fields_name_prefix, $wp_fields_name_prefix, $wp_hidden_fields, $cimy_uef_file_types, $user_level, $cimy_uef_file_images_types, $rule_maxlen_is_str;
if (isset($meta["blog_id"]) || isset($meta["from_blog_id"])) {
cimy_switch_to_blog($meta);
}
// avoid to save stuff if user created from wp_create_user function
if (empty($meta) && empty($_POST)) {
return;
}
// avoid to save stuff if user is being added from: /wp-admin/user-new.php and shit WP 3.1 changed the value just to create new bugs :@
if (!empty($_POST["action"]) && ($_POST["action"] == "adduser" || $_POST["action"] == "createuser")) {
return;
}
$my_user_level = $user_level;
// -1 == anonymous
if (!is_user_logged_in()) {
$my_user_level = -1;
}
$options = cimy_get_options();
$extra_fields = get_cimyFields(false, true);
$wp_fields = get_cimyFields(true);
$user_signups = false;
if (!is_multisite() && $options["confirm_email"] && empty($meta)) {
$user_signups = true;
}
$user = new WP_User((int) $user_id);
$user_login = $user->user_login;
// ok ok this is yet another call from wp_create_user function under cimy_uef_activate_signup, we are not yet ready for this, aboooort!
if ($user_signups) {
$signup = $wpdb->get_row($wpdb->prepare("SELECT * FROM " . $wpdb->prefix . "signups WHERE user_login = %s AND active = 0", $user_login));
if (!empty($signup)) {
return;
}
}
if (!empty($meta)) {
$meta_db = $wpdb->get_var($wpdb->prepare("SELECT meta FROM " . $wpdb->prefix . "signups WHERE user_login = %s", $user_login));
$meta_db = unserialize($meta_db);
// password detected, kill it!
if (!empty($meta_db['cimy_uef_wp_PASSWORD'])) {
unset($meta_db['cimy_uef_wp_PASSWORD']);
if (!empty($meta_db['cimy_uef_wp_PASSWORD2'])) {
unset($meta_db['cimy_uef_wp_PASSWORD2']);
}
$wpdb->update($wpdb->prefix . "signups", array('meta' => serialize($meta_db)), array('user_login' => $user_login));
}
}
$i = 1;
// do first for the WP fields then for EXTRA fields
while ($i <= 2) {
if ($i == 1) {
$are_wp_fields = true;
$fields = $wp_fields;
$prefix = $wp_fields_name_prefix;
} else {
$are_wp_fields = false;
$fields = $extra_fields;
$prefix = $fields_name_prefix;
}
foreach ($fields as $thisField) {
$type = $thisField["TYPE"];
$name = $thisField["NAME"];
$field_id = $thisField["ID"];
$label = $thisField["LABEL"];
$rules = $thisField["RULES"];
$unique_id = $prefix . $field_id;
$input_name = $prefix . esc_attr($name);
$field_id_data = $input_name . "_" . $field_id . "_data";
$advanced_options = cimy_uef_parse_advanced_options($rules["advanced_options"]);
// if the current user LOGGED IN has not enough permissions to see the field, skip it
if ($rules['show_level'] == 'view_cimy_extra_fields') {
if (!current_user_can($rules['show_level'])) {
continue;
}
} else {
if ($my_user_level < $rules['show_level']) {
continue;
}
}
// if show_level == anonymous then do NOT ovverride other show_xyz rules
if ($rules['show_level'] == -1) {
// if flag to show the field in the registration is NOT activated, skip it
if (!$rules['show_in_reg']) {
continue;
}
}
// uploading a file is not supported when confirmation email is enabled (on MS is turned on by default yes)
if ((is_multisite() || $options["confirm_email"]) && in_array($type, $cimy_uef_file_types)) {
continue;
}
if (isset($meta[$input_name])) {
$data = stripslashes($meta[$input_name]);
} else {
if (isset($_POST[$input_name])) {
// if form confirmation is enabled then there is no more an array but a string!
if ($type == "dropdown-multi" && is_array($_POST[$input_name])) {
$data = stripslashes(implode(",", $_POST[$input_name]));
} else {
$data = stripslashes($_POST[$input_name]);
}
} else {
$data = "";
}
}
if ($type == "avatar") {
// since avatars are drawn max to 512px then we can save bandwith resizing, do it!
$rules['equal_to'] = 512;
}
if (in_array($type, $cimy_uef_file_types)) {
if (isset($_POST["register_confirmation"]) && $_POST["register_confirmation"] == 2) {
$temp_user_login = $_POST["temp_user_login"];
$temp_dir = cimy_uef_get_dir_or_filename($temp_user_login);
$final_dir = cimy_uef_get_dir_or_filename($user_login);
if (is_dir($temp_dir)) {
rename($temp_dir, $final_dir);
}
$data = str_replace("/" . $temp_user_login . "/", "/" . $user_login . "/", $data);
$file_on_server = cimy_uef_get_dir_or_filename($user_login, $data, false);
if (in_array($type, $cimy_uef_file_images_types)) {
cimy_uef_crop_image($file_on_server, $field_id_data);
}
} else {
$data = cimy_manage_upload($input_name, $user_login, $rules, false, false, $type, !empty($advanced_options["filename"]) ? $advanced_options["filename"] : "");
}
} else {
if (!in_array($type, $rule_maxlen_is_str)) {
if ($type == "picture-url") {
$data = str_replace('../', '', $data);
}
if (isset($rules['max_length'])) {
$data = substr($data, 0, $rules['max_length']);
} else {
$data = substr($data, 0, $max_length_value);
}
}
}
$data = esc_sql($data);
if ($user_signups) {
$meta[$input_name] = $data;
} else {
if (!$are_wp_fields) {
$sql = "INSERT INTO " . $wpdb_data_table . " SET USER_ID = " . $user_id . ", FIELD_ID=" . $field_id . ", ";
switch ($type) {
case 'date':
case 'avatar':
case 'picture-url':
case 'picture':
case 'textarea':
case 'textarea-rich':
case 'dropdown':
case 'dropdown-multi':
case 'password':
case 'text':
case 'file':
$field_value = $data;
break;
case 'checkbox':
$field_value = $data == '1' ? "YES" : "NO";
break;
case 'radio':
$field_value = $data == $field_id ? "selected" : "";
break;
case 'registration-date':
$field_value = time();
break;
}
$sql .= "VALUE='" . $field_value . "'";
$wpdb->query($sql);
} else {
$f_name = strtolower($thisField['NAME']);
$userdata = array();
$userdata['ID'] = $user_id;
$userdata[$wp_hidden_fields[$f_name]['userdata_name']] = $data;
wp_update_user($userdata);
}
}
}
$i++;
}
if ($user_signups) {
$sql = $wpdb->prepare("SELECT * FROM {$wpdb->users} WHERE ID=%d", $user_id);
$saved_user = array_shift($wpdb->get_results($sql));
$key = substr(md5(time() . rand() . $saved_user->user_email), 0, 16);
$wpdb->insert($wpdb->prefix . "signups", array('user_login' => $saved_user->user_login, 'user_email' => $saved_user->user_email, 'registered' => $saved_user->user_registered, 'active' => '0', 'activation_key' => $key, 'meta' => serialize($meta)));
$sql = $wpdb->prepare("DELETE FROM {$wpdb->users} WHERE ID=%d", $user_id);
$wpdb->query($sql);
$sql = $wpdb->prepare("DELETE FROM {$wpdb->usermeta} WHERE user_id=%d", $user_id);
$wpdb->query($sql);
cimy_signup_user_notification($saved_user->user_login, $saved_user->user_email, $key, serialize($meta));
}
cimy_switch_current_blog(true);
}
