function update_preferences($pref_id = 0) { /* Get current keys */ $sql = "SELECT `id`,`name`,`type` FROM `preference`"; /* If it isn't the System Account's preferences */ if ($pref_id != '-1') { $sql .= " WHERE `catagory` != 'system'"; } $db_results = Dba::read($sql); $results = array(); // Collect the current possible keys while ($r = Dba::fetch_assoc($db_results)) { $results[] = array('id' => $r['id'], 'name' => $r['name'], 'type' => $r['type']); } // end collecting keys /* Foreach through possible keys and assign them */ foreach ($results as $data) { /* Get the Value from POST/GET var called $data */ $name = $data['name']; $apply_to_all = 'check_' . $data['name']; $new_level = 'level_' . $data['name']; $id = $data['id']; $value = scrub_in($_REQUEST[$name]); /* Some preferences require some extra checks to be performed */ switch ($name) { case 'transcode_bitrate': $value = Stream::validate_bitrate($value); break; default: break; } if (preg_match('/_pass$/', $name)) { if ($value == '******') { unset($_REQUEST[$name]); } else { if (preg_match('/md5_pass$/', $name)) { $value = md5($value); } } } /* Run the update for this preference only if it's set */ if (isset($_REQUEST[$name])) { Preference::update($id, $pref_id, $value, $_REQUEST[$apply_to_all]); } if (Access::check('interface', '100') && $_REQUEST[$new_level]) { Preference::update_level($id, $_REQUEST[$new_level]); } } // end foreach preferences // Now that we've done that we need to invalidate the cached preverences Preference::clear_from_session(); }
/** * update * This updates a single preference from the given name or id */ public static function update($preference, $user_id, $value, $applytoall = false, $applytodefault = false) { // First prepare if (!is_numeric($preference)) { $id = self::id_from_name($preference); $name = $preference; } else { $name = self::name_from_id($preference); $id = $preference; } if ($applytoall and Access::check('interface', '100')) { $user_check = ""; } else { $user_check = " AND `user`='{$user_id}'"; } if ($applytodefault and Access::check('interface', '100')) { $sql = "UPDATE `preference` SET `value`='{$value}' WHERE `id`='{$id}'"; Dba::write($sql); } $value = Dba::escape($value); if (self::has_access($name)) { $user_id = Dba::escape($user_id); $sql = "UPDATE `user_preference` SET `value`='{$value}' WHERE `preference`='{$id}'{$user_check}"; Dba::write($sql); Preference::clear_from_session(); parent::remove_from_cache('get_by_user', $user_id); return true; } else { debug_event('denied', $GLOBALS['user'] ? $GLOBALS['user']->username : '******' . ' attempted to update ' . $name . ' but does not have sufficient permissions', 3); } return false; }