$edituser->setVar('openid', icms_core_DataFilter::stripSlashesGPC(trim($_POST['openid'])));
$edituser->setVar('user_viewoid', isset($_POST['user_viewoid']) ? (int) $_POST['user_viewoid'] : 0);
}
// ALTERED BY FREEFORM SOLUTIONS TO SUPPORT USERS CHANGING THEIR OWN PASSWORDS FROM A SINGLE PROFILE PAGE
// A REPEAT OF THE CODE BLOCK JUST ABOVE, TO HANDLE THE CASE WHERE THE USER IS UPDATING THEIR OWN PASSWORD
if ($pass != '' and $edituser->getVar('uid') == icms::$user->getVar('uid')) {
$icmspass = new icms_core_Password();
$salt = icms_core_Password::createSalt();
$pass = $icmspass->encryptPass($pass, $salt, $icmsConfigUser['enc_type']);
$edituser->setVar('pass', $pass);
$edituser->setVar('pass_expired', 0);
$edituser->setVar('enc_type', $icmsConfigUser['enc_type']);
$edituser->setVar('salt', $salt);
}
// Dynamic fields
$profile_handler = icms_getmodulehandler('profile', basename(dirname(__FILE__)), 'profile');
// Get fields
$fields = $profile_handler->loadFields();
// Get ids of all available fields for the user groups icms::$user is a member of.
$editable_fields = icms::handler('icms_member_groupperm')->getItemIds('profile_edit', icms::$user->getGroups(), icms::$module->getVar('mid'));
$profile = $profile_handler->get($edituser->getVar('uid'));
foreach (array_keys($fields) as $i) {
if ($fields[$i]->getVar('field_edit') == 1) {
$fieldname = $fields[$i]->getVar('field_name');
if (in_array($fields[$i]->getVar('fieldid'), $editable_fields) && ($fields[$i]->getvar('field_type') == "image" || isset($_REQUEST[$fieldname]))) {
if (in_array($fieldname, $profile_handler->getUserVars())) {
$value = $fields[$i]->getValueForSave($_REQUEST[$fieldname], $edituser->getVar($fieldname, 'n'));
$edituser->setVar($fieldname, $value);
} else {
$value = $fields[$i]->getValueForSave(isset($_REQUEST[$fieldname]) ? $_REQUEST[$fieldname] : "", $profile->getVar($fieldname, 'n'));
$profile->setVar($fieldname, $value);
include 'admin_header.php';
icms_cp_header();
icms::$module->displayAdminMenu(4, _MI_PROFILE_VISIBILITY);
$op = isset($_REQUEST['op']) ? trim($_REQUEST['op']) : "visibility";
$visibility_handler = icms_getmodulehandler('visibility', basename(dirname(dirname(__FILE__))), 'profile');
if (isset($_REQUEST['submit'])) {
$visibility = $visibility_handler->create();
$visibility->setVar('fieldid', (int) $_REQUEST['fieldid']);
$visibility->setVar('user_group', (int) $_REQUEST['ug']);
$visibility->setVar('profile_group', (int) $_REQUEST['pg']);
$visibility_handler->insert($visibility);
} elseif ($op == "del") {
$visibility = $visibility_handler->get(array((int) $_REQUEST['fieldid'], (int) $_REQUEST['ug'], (int) $_REQUEST['pg']));
$visibility_handler->delete($visibility, true);
}
$field_handler = icms_getmodulehandler('field', basename(dirname(dirname(__FILE__))), 'profile');
$fields = $field_handler->getList();
$visibilities = $visibility_handler->getObjects();
foreach (array_keys($visibilities) as $i) {
$visifields[$visibilities[$i]->getVar('fieldid')][] = $visibilities[$i]->toArray();
}
$groups = icms::handler('icms_member')->getGroupList();
asort($groups);
$groups = array(0 => _AM_PROFILE_FIELDVISIBLETOALL) + $groups;
$icmsAdminTpl->assign('fields', $fields);
$icmsAdminTpl->assign('visibilities', $visifields);
$icmsAdminTpl->assign('groups', $groups);
$add_form = new icms_form_Simple('', 'addform', 'visibility.php');
$sel_field = new icms_form_elements_Select(_AM_PROFILE_FIELDVISIBLE, 'fieldid');
$sel_field->addOptionArray($fields);
$add_form->addElement($sel_field);
$member_handler = icms::handler('icms_member');
if (count($_POST) == 0) {
unset($_SESSION['profile']);
}
$template_dir = ICMS_ROOT_PATH . '/language/' . $icmsConfig['language'] . '/mail_template';
if (!file_exists($template_dir)) {
$template_dir = ICMS_ROOT_PATH . '/language/english/mail_template';
}
$newuser = isset($_SESSION['profile']['uid']) ? $member_handler->getUser($_SESSION['profile']['uid']) : $member_handler->createUser();
$profile_handler = icms_getmodulehandler('profile', basename(dirname(__FILE__)), 'profile');
$profile = $profile_handler->get($newuser->getVar('uid'));
$op = !isset($_POST['op']) ? 'register' : $_POST['op'];
$current_step = isset($_POST['step']) ? $_POST['step'] : 0;
$criteria = new icms_db_criteria_Compo();
$criteria->setSort('step_order');
$regstep_handler = icms_getmodulehandler('regstep', basename(dirname(__FILE__)), 'profile');
$steps = $regstep_handler->getObjects($criteria);
if (count($steps) == 0) {
redirect_header(ICMS_URL . '/', 6, _MD_PROFILE_NOSTEPSAVAILABLE);
}
switch ($op) {
case 'step':
// Get dynamic fields
$fields = $profile_handler->loadFields();
if (count($fields) > 0) {
foreach (array_keys($fields) as $i) {
$fieldname = $fields[$i]->getVar('field_name');
if (isset($_POST[$fieldname])) {
if ($fields[$i]->getVar('field_type') == 'date' || $fields[$i]->getVar('field_type') == 'longdate') {
$_SESSION['profile'][$fieldname] = trim(strtotime($_POST[$fieldname]));
} elseif ($fields[$i]->getVar('field_type') == 'datetime') {
$ratingObj->showFieldOnForm(array('item', 'itemid', 'uid', 'date', 'rate'));
break;
}
}
}
$sform = $ratingObj->getForm(_CO_ICMS_RATINGS_CREATE, 'addrating');
$sform->assign($icmsAdminTpl);
$icmsAdminTpl->assign('icms_rating_title', _CO_ICMS_RATINGS_CREATE_INFO);
$icmsAdminTpl->display('db:admin/rating/system_adm_rating.html');
}
}
icms_loadLanguageFile('system', 'common');
$icms_rating_handler = icms_getmodulehandler('rating');
if (!empty($_POST)) foreach ($_POST as $k => $v) ${$k} = StopXSS($v);
if (!empty($_GET)) foreach ($_GET as $k => $v) ${$k} = StopXSS($v);
$op = (isset($_POST['op']))
? trim(filter_input(INPUT_POST, 'op'))
: ((isset($_GET['op']))
? trim(filter_input(INPUT_GET, 'op'))
: '');
switch ($op) {
/* case "mod":
case "changedField";
$ratingid = isset($_GET['ratingid']) ? (int) ($_GET['ratingid']) : 0 ;
/**
* Get {@link icms_form_Theme} for editing a user
*
* @param object $user {@link icms_member_user_Object} to edit
*
* @return object
*/
function getUserForm(&$user, $profile = false, $action = false)
{
global $icmsConfig, $icmsConfigUser, $icmsConfigAuth;
if ($action === false) {
$action = $_SERVER['REQUEST_URI'];
}
$title = $user->isNew() ? _AM_PROFILE_ADDUSER : _MD_PROFILE_EDITPROFILE;
icms_loadLanguageFile('core', 'user');
$form = new icms_form_Theme($title, 'userinfo', $action, 'post', true);
$profile_handler = icms_getModuleHandler('profile', basename(dirname(dirname(__FILE__))), 'profile');
// Dynamic fields
if (!$profile) {
$profile_handler = icms_getModuleHandler('profile', basename(dirname(dirname(__FILE__))), 'profile');
$profile = $profile_handler->get($user->getVar('uid'));
}
// Get fields
$fields = $profile_handler->loadFields();
// Get ids of fields that can be edited
$gperm_handler = icms::handler('icms_member_groupperm');
$editable_fields = $gperm_handler->getItemIds('profile_edit', icms::$user->getGroups(), icms::$module->getVar('mid'));
$email_tray = new icms_form_elements_Tray(_MD_PROFILE_EMAIL, '<br />');
if ($user->isNew() || icms::$user->isAdmin()) {
$elements[0][] = array('element' => new icms_form_elements_Text(_US_LOGIN_NAME, 'login_name', 25, 75, $user->getVar('login_name', 'e')), 'required' => 1);
$weights[0][] = 0;
$elements[0][] = array('element' => new icms_form_elements_Text(_US_NICKNAME, 'uname', 25, 75, $user->getVar('uname', 'e')), 'required' => 1);
$weights[0][] = 0;
$elements[0][] = array('element' => new icms_form_elements_Text(_MD_PROFILE_EMAIL, 'email', 30, 60, $user->getVar('email')), 'required' => 1);
$weights[0][] = 0;
} else {
$elements[0][] = array('element' => new icms_form_elements_Label(_US_LOGIN_NAME, $user->getVar('login_name', 'e')), 'required' => 0);
$weights[0][] = 0;
if ($icmsConfigUser['allow_chguname'] == 1) {
$elements[0][] = array('element' => new icms_form_elements_Text(_US_NICKNAME, 'uname', 25, 75, $user->getVar('uname', 'e')), 'required' => 1);
} else {
$elements[0][] = array('element' => new icms_form_elements_Label(_US_NICKNAME, $user->getVar('uname')), 'required' => 0);
}
$weights[0][] = 0;
$elements[0][] = array('element' => new icms_form_elements_Label(_MD_PROFILE_EMAIL, $user->getVar('email')), 'required' => 0);
$weights[0][] = 0;
}
if ($icmsConfigAuth['auth_openid'] == 1) {
$openid_tray = new icms_form_elements_Tray(_MD_PROFILE_OPENID, '<br />');
$openid_tray->addElement(new icms_form_elements_Text('', 'openid', 30, 255, $user->getVar('openid')));
$openid_checkbox = new icms_form_elements_Checkbox('', 'user_viewoid', $user->getVar('user_viewoid'));
$openid_checkbox->addOption('1', _MD_PROFILE_OPENID_VIEW);
$openid_tray->addElement($openid_checkbox);
$elements[0][] = array('element' => $openid_tray, 'required' => 0);
$weights[0][] = 0;
}
if (icms::$user->isAdmin() && $user->getVar('uid') != icms::$user->getVar('uid') or $user->getVar('uid') == icms::$user->getVar('uid')) {
// ALTERED BY FREEFORM SOLUTIONS TO ALLOW USERS TO CHANGE THEIR OWN PASSWORDS
//If the user is an admin and is editing someone else
$pwd_text = new icms_form_elements_Password('', 'password', 10, 32, "", false, $icmsConfigUser['pass_level'] ? 'password_adv' : '');
$pwd_text2 = new icms_form_elements_Password('', 'vpass', 10, 32);
$pwd_tray = new icms_form_elements_Tray(_MD_PROFILE_PASSWORD . '<br />' . _MD_PROFILE_TYPEPASSTWICE);
$pwd_tray->addElement($pwd_text, $user->isNew());
$pwd_tray->addElement($pwd_text2, $user->isNew());
$elements[0][] = array('element' => $pwd_tray, 'required' => 1);
//cannot set an element tray required
$weights[0][] = 0;
if (icms::$user->isAdmin() && $user->getVar('uid') != icms::$user->getVar('uid')) {
// ALTERED BY FREEFORM SOLUTIONS SO THAT USERS CAN'T ALTER THEIR OWN LEVEL
$level_radio = new icms_form_elements_Radio(_MD_PROFILE_ACTIVEUSER, 'level', $user->getVar('level'));
$level_radio->addOption(1, _MD_PROFILE_ACTIVE);
$level_radio->addOption(0, _MD_PROFILE_INACTIVE);
$level_radio->addOption(-1, _MD_PROFILE_DISABLED);
$elements[0][] = array('element' => $level_radio, 'required' => 0);
$weights[0][] = 0;
}
}
$elements[0][] = array('element' => new icms_form_elements_Hidden('uid', $user->getVar('uid')), 'required' => 0);
$weights[0][] = 0;
$elements[0][] = array('element' => new icms_form_elements_Hidden('op', 'save'), 'required' => 0);
$weights[0][] = 0;
$profile_cat_handler = icms_getmodulehandler('category', basename(dirname(dirname(__FILE__))), 'profile');
$categories = $profile_cat_handler->getObjects(null, true, false);
foreach (array_keys($fields) as $i) {
if (in_array($fields[$i]->getVar('fieldid'), $editable_fields)) {
if ($fields[$i]->getVar('field_edit') == 1) {
$fieldinfo['element'] = $fields[$i]->getEditElement($user, $profile);
$fieldinfo['required'] = $fields[$i]->getVar('field_required');
$key = $fields[$i]->getVar('catid');
$elements[$key][] = $fieldinfo;
$weights[$key][] = $fields[$i]->getVar('field_weight');
// Image upload
if ($fields[$i]->getVar('field_type') == "image") {
$form->setExtra('enctype="multipart/form-data"');
}
}
}
}
if (icms::$user && icms::$user->isAdmin()) {
icms_loadLanguageFile(basename(dirname(dirname(__FILE__))), 'admin');
//If user has admin rights on groups
include_once ICMS_ROOT_PATH . "/modules/system/constants.php";
if ($gperm_handler->checkRight("system_admin", XOOPS_SYSTEM_GROUP, icms::$user->getGroups(), 1)) {
//add group selection
$group_select = new icms_form_elements_select_Group(_AM_PROFILE_GROUP, 'groups', false, $user->getGroups(), 15, true);
// UPDATED BY FREEFORM SOLUTIONS - MAKE LIST TALLER
$elements[0][] = array('element' => $group_select, 'required' => 0);
$weights[0][] = 15000;
}
}
ksort($elements);
foreach (array_keys($elements) as $k) {
array_multisort($weights[$k], SORT_ASC, array_keys($elements[$k]), SORT_ASC, $elements[$k]);
$title = isset($categories[$k]) ? $categories[$k]['cat_title'] : _MD_PROFILE_DEFAULT;
$desc = isset($categories[$k]) ? $categories[$k]['cat_description'] : "";
$form->addElement(new icms_form_elements_Label($title, $desc), false);
foreach (array_keys($elements[$k]) as $i) {
$form->addElement($elements[$k][$i]['element'], $elements[$k][$i]['required']);
}
}
$form->addElement(new icms_form_elements_Button('', 'submit', _MD_PROFILE_SAVECHANGES, 'submit'));
return $form;
}
protected function afterInsert(&$obj)
{
$profile_tribetopic_handler = icms_getmodulehandler('tribetopic', basename(dirname(dirname(__FILE__))), 'profile');
$tribetopicObj = $profile_tribetopic_handler->get($obj->getVar('topic_id'));
// send notifications for new post if this is a reply
if ($tribetopicObj->getVar('replies') > 0) {
$thisUser = icms::handler("icms_member")->getUser($obj->getVar('poster_uid'));
$module = icms::handler("icms_module")->getByDirname(basename(dirname(dirname(__FILE__))), TRUE);
$tags['TRIBETOPIC_TITLE'] = $tribetopicObj->getVar('title');
$tags['POSTER_UNAME'] = $thisUser->getVar('uname');
$start = '';
if ($tribetopicObj->getVar('replies') + 1 > $module->config['tribepostsperpage']) {
$start = '&start=' . ($tribetopicObj->getVar('replies') + 1 - ($tribetopicObj->getVar('replies') + 1) % $module->config['tribepostsperpage']);
}
$tags['TRIBEPOST_URL'] = str_replace($tribetopicObj->handler->_itemname . '.php?', 'tribes.php?tribes_id=' . $obj->getVar('tribes_id') . '&', $tribetopicObj->getItemLink(true));
$tags['TRIBEPOST_URL'] = $tags['TRIBEPOST_URL'] . $start . '#post' . $obj->getVar('post_id');
$profile_tribes_handler = icms_getModuleHandler('tribes', basename(dirname(dirname(__FILE__))), 'profile');
$tribesObj = $profile_tribes_handler->get($obj->getVar('tribes_id'));
$tags['TRIBE_TITLE'] = $tribesObj->getVar('title');
icms::handler('icms_data_notification')->triggerEvent('tribepost', $obj->getVar('topic_id'), 'new_tribepost', $tags, array(), $module->getVar('mid'));
}
// update tribetopic object
if ($tribetopicObj->getVar('replies') == 0) {
$tribetopicObj->setVar('post_id', $obj->getVar('post_id'));
}
$tribetopicObj->setVar('last_post_id', $obj->getVar('post_id'));
$tribetopicObj->setVar('last_post_time', $obj->getVar('post_time'));
return $tribetopicObj->store();
}
/**
* Overridding IcmsPersistable::toArray() method to add a few info
*
* @return array of tribeuser info
*/
public function toArray()
{
$ret = parent::toArray();
$profile_tribes_handler = icms_getmodulehandler('tribes', basename(dirname(dirname(__FILE__))), 'profile');
$tribe = $profile_tribes_handler->get($this->getVar('tribe_id'))->toArray();
$ret['tribe_itemLink'] = $tribe['itemLink'];
unset($profile_tribes_handler, $tribe);
$ret['tribeuser_avatar'] = $this->getTribeuserAvatar();
$ret['editItemLink'] = $this->getEditItemLink(false, true, true);
$ret['deleteItemLink'] = $this->getDeleteItemLink(false, true, true);
$ret['userCanEditAndDelete'] = $this->userCanEditAndDelete();
$ret['tribeuser_sender_link'] = $this->getTribeuserSender();
return $ret;
}
}
unset($tribes);
// get tribes where the user is a member
$tribes = $profile_tribes_handler->getMembershipTribes($uid);
foreach ($tribes as $tribe) {
$rtn[$i]['title'] = $tribe['title'];
$rtn[$i]['itemLink'] = $tribe['itemLink'];
$i++;
}
// finally sort the array
usort($rtn, 'sortList');
$icmsTpl->assign('tribes', $rtn);
unset($tribes);
// get awaiting approvals
if ($isOwner) {
$profile_tribeuser_handler = icms_getmodulehandler('tribeuser', basename(dirname(__FILE__)), 'profile');
$tribeusers = $profile_tribeuser_handler->getApprovals($ownTribes);
$rtn = array();
$i = 0;
foreach ($tribeusers as $tribeuser) {
$rtn[$i]['tribeuser_id'] = $tribeuser['tribeuser_id'];
$rtn[$i]['uid'] = $tribeuser['user_id'];
$rtn[$i]['uname'] = icms_member_user_Handler::getUserLink($tribeuser['user_id']);
$rtn[$i]['tribes_id'] = $tribeuser['tribe_id'];
$rtn[$i]['tribe_itemLink'] = $tribeuser['tribe_itemLink'];
$i++;
}
$icmsTpl->assign('tribes_approvals', $rtn);
$icmsTpl->assign('lang_approvals', _MD_PROFILE_TRIBES_APPROVALS);
$icmsTpl->assign('lang_approve', _MD_PROFILE_TRIBEUSER_APPROVE);
unset($tribeusers);
/**
* delete a profile field from the database
*
* @param object $obj reference to the object to delete
* @param bool $force
* @return bool FALSE if failed.
**/
public function delete(&$obj, $force = false)
{
$profile_handler = icms_getmodulehandler('profile', basename(dirname(dirname(__FILE__))), 'profile');
$sql = "ALTER TABLE " . $profile_handler->table . " DROP " . $obj->getVar('field_name', 'n');
if ($this->db->query($sql)) {
if (!parent::delete($obj, $force)) {
return false;
}
if ($obj->getVar('field_show') || $obj->getVar('field_edit')) {
$profile_module = icms::handler('icms_module')->getByDirname(basename(dirname(dirname(__FILE__))));
if (is_object($profile_module)) {
// Remove group permissions
$criteria = new icms_db_criteria_Compo(new icms_db_criteria_Item('gperm_modid', $profile_module->getVar('mid')));
$criteria->add(new icms_db_criteria_Item('gperm_itemid', $obj->getVar('fieldid')));
return icms::handler('icms_member_groupperm')->deleteAll($criteria);
}
}
}
return false;
}