function profile_update($p_user_id, $p_profile_id, $p_platform, $p_os, $p_os_build, $p_description) { $c_user_id = db_prepare_int($p_user_id); $c_profile_id = db_prepare_int($p_profile_id); $c_platform = db_prepare_string($p_platform); $c_os = db_prepare_string($p_os); $c_os_build = db_prepare_string($p_os_build); $c_description = db_prepare_string($p_description); if (ALL_USERS != $p_user_id) { user_ensure_unprotected($p_user_id); } # platform cannot be blank if (is_blank($c_platform)) { error_parameters(lang_get('platform')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } # os cannot be blank if (is_blank($c_os)) { error_parameters(lang_get('operating_system')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } # os_build cannot be blank if (is_blank($c_os_build)) { error_parameters(lang_get('version')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } $t_user_profile_table = config_get('mantis_user_profile_table'); # Add item $query = "UPDATE {$t_user_profile_table}\n\t\t\t\t SET platform='{$c_platform}',\n\t\t\t\t \t os='{$c_os}',\n\t\t\t\t\t os_build='{$c_os_build}',\n\t\t\t\t\t description='{$c_description}'\n\t\t\t\t WHERE id='{$c_profile_id}' AND user_id='{$c_user_id}'"; $result = db_query($query); # db_query() errors on failure so: return true; }
/** * delete all preferences for a user in all projects * returns true if the prefs were successfully deleted * * It is far more efficient to delete them all in one query than to * call user_pref_delete() for each one and the code is short so that's * what we do * @param int $p_user_id * @return true */ function user_pref_delete_all( $p_user_id ) { $c_user_id = db_prepare_int( $p_user_id ); user_ensure_unprotected( $p_user_id ); $t_user_pref_table = db_get_table( 'user_pref' ); $query = 'DELETE FROM ' . $t_user_pref_table . ' WHERE user_id=' . db_param(); db_query_bound( $query, Array( $c_user_id ) ); user_pref_clear_cache( $p_user_id ); # db_query errors on failure so: return true; }
/** * Set the user's password to the given string, encoded as appropriate * * @param integer $p_user_id A valid user identifier. * @param string $p_password A password to set. * @param boolean $p_allow_protected Whether Allow password change to a protected account. This defaults to false. * @return boolean always true */ function user_set_password($p_user_id, $p_password, $p_allow_protected = false) { if (!$p_allow_protected) { user_ensure_unprotected($p_user_id); } # When the password is changed, invalidate the cookie to expire sessions that # may be active on all browsers. $c_cookie_string = auth_generate_unique_cookie_string(); $c_password = auth_process_plain_password($p_password); $t_query = 'UPDATE {user} SET password='******', cookie_string=' . db_param() . ' WHERE id=' . db_param(); db_query($t_query, array($c_password, $c_cookie_string, (int) $p_user_id)); return true; }
/** * Triggers an ERROR if the current user account is protected. * The $g_anonymous_account user is always considered protected. * * @access public */ function current_user_ensure_unprotected() { user_ensure_unprotected(auth_get_current_user_id()); }
function user_set_password($p_user_id, $p_password, $p_allow_protected = false) { if (!$p_allow_protected) { user_ensure_unprotected($p_user_id); } $t_email = user_get_field($p_user_id, 'email'); $t_username = user_get_field($p_user_id, 'username'); # When the password is changed, invalidate the cookie to expire sessions that # may be active on all browsers. $t_seed = $t_email . $t_username; $c_cookie_string = db_prepare_string(auth_generate_unique_cookie_string($t_seed)); $c_user_id = db_prepare_int($p_user_id); $c_password = db_prepare_string(auth_process_plain_password($p_password)); $c_user_table = config_get('mantis_user_table'); $query = "UPDATE {$c_user_table}\n\t\t\t\t SET password='******',\n\t\t\t\t cookie_string='{$c_cookie_string}'\n\t\t\t\t WHERE id='{$c_user_id}'"; db_query($query); #db_query() errors on failure so: return true; }
/** * Edit Printing preferences * @param int $p_user_id user id * @param bool $p_error_if_protected error if account protected * @param string $p_redirect_url redirect url */ function edit_printing_prefs($p_user_id = null, $p_error_if_protected = true, $p_redirect_url = '') { if (null === $p_user_id) { $p_user_id = auth_get_current_user_id(); } $c_user_id = db_prepare_int($p_user_id); # protected account check if ($p_error_if_protected) { user_ensure_unprotected($p_user_id); } $t_user_print_pref_table = db_get_table('user_print_pref'); if (is_blank($p_redirect_url)) { $p_redirect_url = 'print_all_bug_page.php'; } # get the fields list $t_field_name_arr = get_field_names(); $field_name_count = count($t_field_name_arr); # Grab the data $query = "SELECT print_pref\n\t\t\tFROM {$t_user_print_pref_table}\n\t\t\tWHERE user_id=" . db_param(); $result = db_query_bound($query, array($c_user_id)); ## OOPS, No entry in the database yet. Lets make one if (0 == db_num_rows($result)) { # create a default array, same size than $t_field_name for ($i = 0; $i < $field_name_count; $i++) { $t_default_arr[$i] = 1; } $t_default = implode('', $t_default_arr); # all fields are added by default $query = "INSERT\n\t\t\t\tINTO {$t_user_print_pref_table}\n\t\t\t\t(user_id, print_pref)\n\t\t\t\tVALUES\n\t\t\t\t(" . db_param() . "," . db_param() . ")"; $result = db_query_bound($query, array($c_user_id, $t_default)); # Rerun select query $query = "SELECT print_pref\n\t\t\t\tFROM {$t_user_print_pref_table}\n\t\t\t\tWHERE user_id=" . db_param(); $result = db_query_bound($query, array($c_user_id)); } # putting the query result into an array with the same size as $t_fields_arr $row = db_fetch_array($result); $t_prefs = $row['print_pref']; # Account Preferences Form BEGIN $t_index_count = 0; ?> <br /> <div> <form method="post" action="print_all_bug_options_update.php"> <?php echo form_security_field('print_all_bug_options_update'); ?> <input type="hidden" name="user_id" value="<?php echo $p_user_id; ?> " /> <input type="hidden" name="redirect_url" value="<?php echo string_attribute($p_redirect_url); ?> " /> <table class="width75" cellspacing="1"> <tr> <td class="form-title"> <?php echo lang_get('printing_preferences_title'); ?> </td> <td class="right"> </td> </tr> <?php # display the checkboxes for ($i = 0; $i < $field_name_count; $i++) { echo '<tr>'; ?> <th class="category"> <?php echo lang_get($t_field_name_arr[$i]); ?> </th> <td> <input type="checkbox" name="<?php echo 'print_' . $t_field_name_arr[$i]; ?> " <?php if (isset($t_prefs[$i]) && $t_prefs[$i] == 1) { echo 'checked="checked"'; } ?> /> </td> </tr> <?php } ?> <tr> <td> </td> <td> <input type="submit" class="button" value="<?php echo lang_get('update_prefs_button'); ?> " /> </td> </tr> </table> </form> </div> <br /> <div class="border center"> <form method="post" action="print_all_bug_options_reset.php"> <?php echo form_security_field('print_all_bug_options_reset'); ?> <input type="submit" class="button" value="<?php echo lang_get('reset_prefs_button'); ?> " /> </form> </div> <?php }
/** * Set the user's password to the given string, encoded as appropriate * * @param int $p_user_id User ID * @param string $p_password Password * @param bool $p_allow_protected Allow password change to protected accounts [optional - default false] * @return bool always true */ function user_set_password($p_user_id, $p_password, $p_allow_protected = false) { if (!$p_allow_protected) { user_ensure_unprotected($p_user_id); } $t_email = user_get_field($p_user_id, 'email'); $t_username = user_get_field($p_user_id, 'username'); # When the password is changed, invalidate the cookie to expire sessions that # may be active on all browsers. $c_cookie_string = auth_generate_unique_cookie_string(); $c_user_id = db_prepare_int($p_user_id); $c_password = auth_process_plain_password($p_password); $c_user_table = db_get_table('user'); $query = "UPDATE {$c_user_table}\n\t\t\t\t SET password="******",\n\t\t\t\t cookie_string=" . db_param() . "\n\t\t\t\t WHERE id=" . db_param(); db_query_bound($query, array($c_password, $c_cookie_string, $c_user_id)); # db_query errors on failure so: return true; }
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Mantis. If not, see <http://www.gnu.org/licenses/>. # -------------------------------------------------------- # $Id: account_prefs_reset.php,v 1.27.2.1 2007-10-13 22:32:05 giallu Exp $ # -------------------------------------------------------- # CALLERS # This page is called from: # - account_prefs_inc.php # EXPECTED BEHAVIOUR # - Reset the user's preferences to default values # - Redirect to account_prefs_page.php or another page, if given # CALLS # This page conditionally redirects upon completion # RESTRICTIONS & PERMISSIONS # - User must be authenticated # - User must not be protected require_once 'core.php'; $t_core_path = config_get('core_path'); require_once $t_core_path . 'user_pref_api.php'; #============ Parameters ============ $f_user_id = gpc_get_int('user_id'); $f_redirect_url = gpc_get_string('redirect_url', 'account_prefs_page.php'); #============ Permissions ============ # helper_ensure_post(); auth_ensure_user_authenticated(); user_ensure_unprotected($f_user_id); user_pref_set_default($f_user_id); print_header_redirect($f_redirect_url, true, true);
/** * Update a profile for the user * @param int $p_user_id * @param int $p_profile_id * @param string $p_platform * @param string $p_os * @param string $p_os_build * @param string $p_description * @return true */ function profile_update( $p_user_id, $p_profile_id, $p_platform, $p_os, $p_os_build, $p_description ) { $c_user_id = db_prepare_int( $p_user_id ); $c_profile_id = db_prepare_int( $p_profile_id ); if( ALL_USERS != $p_user_id ) { user_ensure_unprotected( $p_user_id ); } # platform cannot be blank if( is_blank( $p_platform ) ) { error_parameters( lang_get( 'platform' ) ); trigger_error( ERROR_EMPTY_FIELD, ERROR ); } # os cannot be blank if( is_blank( $p_os ) ) { error_parameters( lang_get( 'operating_system' ) ); trigger_error( ERROR_EMPTY_FIELD, ERROR ); } # os_build cannot be blank if( is_blank( $p_os_build ) ) { error_parameters( lang_get( 'version' ) ); trigger_error( ERROR_EMPTY_FIELD, ERROR ); } $t_user_profile_table = db_get_table( 'user_profile' ); # Add item $query = "UPDATE $t_user_profile_table SET platform=" . db_param() . ", os=" . db_param() . ", os_build=" . db_param() . ", description=" . db_param() . " WHERE id=" . db_param() . " AND user_id=" . db_param(); $result = db_query_bound( $query, Array( $p_platform, $p_os, $p_os_build, $p_description, $c_profile_id, $c_user_id ) ); # db_query errors on failure so: return true; }
/** * delete all preferences for a user in all projects * returns true if the prefs were successfully deleted * * It is far more efficient to delete them all in one query than to * call user_pref_delete() for each one and the code is short so that's * what we do * @param integer $p_user_id A valid user identifier. * @return void */ function user_pref_delete_all($p_user_id) { user_ensure_unprotected($p_user_id); $t_query = 'DELETE FROM {user_pref} WHERE user_id=' . db_param(); db_query($t_query, array($p_user_id)); user_pref_clear_cache($p_user_id); }
function user_set_password($p_user_id, $p_password, $p_allow_protected = false) { $c_user_id = db_prepare_int($p_user_id); if (!$p_allow_protected) { user_ensure_unprotected($p_user_id); } $t_password = auth_process_plain_password($p_password); $t_user_table = config_get('mantis_user_table'); $query = "UPDATE {$t_user_table}\n\t\t\t\t SET password='******'\n\t\t\t\t WHERE id='{$c_user_id}'"; db_query($query); #db_query() errors on failure so: return true; }
/** * Update a profile for the user * @param integer $p_user_id A valid user identifier. * @param integer $p_profile_id A profile identifier. * @param string $p_platform Value for profile platform. * @param string $p_os Value for profile operating system. * @param string $p_os_build Value for profile operation system build. * @param string $p_description Description of profile. * @return void */ function profile_update($p_user_id, $p_profile_id, $p_platform, $p_os, $p_os_build, $p_description) { if (ALL_USERS != $p_user_id) { user_ensure_unprotected($p_user_id); } # platform cannot be blank if (is_blank($p_platform)) { error_parameters(lang_get('platform')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } # os cannot be blank if (is_blank($p_os)) { error_parameters(lang_get('os')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } # os_build cannot be blank if (is_blank($p_os_build)) { error_parameters(lang_get('version')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } # Add item db_param_push(); $t_query = 'UPDATE {user_profile} SET platform=' . db_param() . ', os=' . db_param() . ', os_build=' . db_param() . ', description=' . db_param() . ' WHERE id=' . db_param() . ' AND user_id=' . db_param(); db_query($t_query, array($p_platform, $p_os, $p_os_build, $p_description, $p_profile_id, $p_user_id)); }
/** * Update a profile for the user * @param int $p_user_id * @param int $p_profile_id * @param string $p_platform * @param string $p_os * @param string $p_os_build * @param string $p_description * @return true */ function profile_update($p_user_id, $p_profile_id, $p_platform, $p_os, $p_os_build, $p_description) { if (ALL_USERS != $p_user_id) { user_ensure_unprotected($p_user_id); } # platform cannot be blank if (is_blank($p_platform)) { error_parameters(lang_get('platform')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } # os cannot be blank if (is_blank($p_os)) { error_parameters(lang_get('operating_system')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } # os_build cannot be blank if (is_blank($p_os_build)) { error_parameters(lang_get('version')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } $t_user_profile_table = db_get_table('user_profile'); # Add item $query = "UPDATE {$t_user_profile_table}\n\t\t\t\t SET platform=" . db_param() . ",\n\t\t\t\t \t os=" . db_param() . ",\n\t\t\t\t\t os_build=" . db_param() . ",\n\t\t\t\t\t description=" . db_param() . "\n\t\t\t\t WHERE id=" . db_param() . " AND user_id=" . db_param(); $result = db_query_bound($query, array($p_platform, $p_os, $p_os_build, $p_description, $p_profile_id, $p_user_id)); }
function user_pref_delete_all($p_user_id) { $c_user_id = db_prepare_int($p_user_id); user_ensure_unprotected($p_user_id); $t_user_pref_table = config_get('mantis_user_pref_table'); $query = "DELETE FROM {$t_user_pref_table}\r\n\t\t\t\t WHERE user_id='{$c_user_id}'"; db_query($query); user_pref_clear_cache($p_user_id); # db_query() errors on failure so: return true; }