function update($VAR) { global $C_list, $C_debug; if (!$this->checkLimits()) { return false; } // check account limits // validate the tax_id global $VAR; require_once PATH_MODULES . 'tax/tax.inc.php'; $taxObj = new tax(); $tax_arr = @$VAR['account_admin_tax_id']; if (is_array($tax_arr)) { foreach ($tax_arr as $country_id => $tax_id) { if ($country_id == $VAR['account_admin_country_id']) { $exempt = @$VAR["account_tax_id_exempt"][$country_id]; if (!($txRs = $taxObj->TaxIdsValidate($country_id, $tax_id, $exempt))) { $this->validated = false; global $C_translate; $this->val_error[] = array('field' => 'account_admin_tax_id', 'field_trans' => $taxObj->errField, 'error' => $C_translate->translate('validate_general', "", "")); } if ($exempt) { $VAR['account_admin_tax_id'] = false; } else { $VAR['account_admin_tax_id'] = $tax_id; } } } } #################################################################### ### Get required static_Vars and validate them... return an array ### w/ ALL errors... #################################################################### require_once PATH_CORE . 'static_var.inc.php'; $static_var = new CORE_static_var(); if (!isset($this->val_error)) { $this->val_error = false; } $all_error = $static_var->validate_form('account', $this->val_error); if ($all_error != false && gettype($all_error) == 'array') { $this->validated = false; } else { $this->validated = true; } #################################################################### # If validation was failed, skip the db insert & # set the errors & origonal fields as Smarty objects, # and change the page to be loaded. #################################################################### if (!$this->validated) { global $smarty; # set the errors as a Smarty Object $smarty->assign('form_validation', $all_error); # set the page to be loaded if (!defined("FORCE_PAGE")) { define('FORCE_PAGE', $VAR['_page_current']); } return; } ### Get the old username ( for db mapping ) $db =& DB(); $sql = 'SELECT username FROM ' . AGILE_DB_PREFIX . 'account WHERE site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND id = ' . $db->qstr($VAR['account_admin_id']); $result = $db->Execute($sql); if ($result->RecordCount() > 0) { $old_username = $result->fields['username']; } ### Update the password: $update_password = false; if (!empty($VAR['_password'])) { $VAR['account_admin_password'] = $VAR['_password']; /* check if new password is ok */ if ($C_list->is_installed('account_password_history')) { include_once PATH_MODULES . 'account_password_history/account_password_history.inc.php'; $accountHistory = new account_password_history(); if (!$accountHistory->getIsPasswordOk($VAR['account_admin_id'], $VAR['account_admin_password'], false)) { $C_debug->alert("The password you have selected has been used recently and cannot be used again at this time for security purposes."); unset($VAR['account_admin_password']); } else { $update_password = true; } } } ### Update the record $type = "update"; $this->method["{$type}"] = explode(",", $this->method["{$type}"]); $db = new CORE_database(); $ok = $db->update($VAR, $this, $type); if ($ok) { /* password logging class */ if ($update_password && is_object($accountHistory)) { $accountHistory->setNewPassword($VAR['account_admin_id'], $VAR["account_admin_password"], false); } ### Update the static vars: $static_var->update($VAR, 'account', $VAR['account_admin_id']); ### Do any db_mapping if ($C_list->is_installed('db_mapping')) { include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php'; $db_map = new db_mapping(); if (!empty($VAR['account_admin_password'])) { $db_map->plaintext_password = $VAR['account_admin_password']; } else { $db_map->plaintext_password = false; } $db_map->account_edit($VAR['account_admin_id'], $old_username); } // remove login lock if ($VAR['account_admin_status']) { $db =& DB(); $delrs = $db->Execute($sql = sqlDelete($db, "login_lock", "account_id={$VAR['account_admin_id']}")); $delrs = $db->Execute($sql = sqlDelete($db, "login_log", "account_id={$VAR['account_admin_id']} AND status=0")); } return true; } }
function update($VAR) { global $VAR; ### Check that user is logged in: if (SESS_LOGGED != '1') { echo "Sorry, you must be logged in!"; } /* check for sub account */ $issubaccount = false; if (!empty($VAR['account_id']) && $VAR['account_id'] != SESS_ACCOUNT) { if ($this->isParentAccount($VAR['account_id'])) { $VAR['id'] = $VAR['account_id']; global $smarty; $issubaccount = true; } else { return false; } } else { $VAR['id'] = SESS_ACCOUNT; $VAR['account_id'] = SESS_ACCOUNT; } $VAR['account_date_last'] = time(); // validate the tax_id require_once PATH_MODULES . 'tax/tax.inc.php'; $taxObj = new tax(); $tax_arr = @$VAR['account_tax_id']; if (is_array($tax_arr)) { foreach ($tax_arr as $country_id => $tax_id) { if ($country_id == $VAR['cid']) { $exempt = @$VAR["account_tax_id_exempt"][$country_id]; if (!($txRs = $taxObj->TaxIdsValidate($country_id, $tax_id, $exempt))) { $this->validated = false; global $C_translate; $this->val_error[] = array('field' => 'account_tax_id', 'field_trans' => $taxObj->errField, 'error' => $C_translate->translate('validate_general', "", "")); } if ($exempt) { $VAR['account_tax_id'] = false; } else { $VAR['account_tax_id'] = $tax_id; } } } } #################################################################### ### Get required static_Vars and validate them... return an array ### w/ ALL errors... #################################################################### require_once PATH_CORE . 'static_var.inc.php'; $static_var = new CORE_static_var(); if (!isset($this->val_error)) { $this->val_error = false; } $all_error = $static_var->validate_form('account', $this->val_error); if ($all_error != false && gettype($all_error) == 'array') { $this->validated = false; } else { $this->validated = true; } #################################################################### # If validation was failed, skip the db insert & # set the errors & origonal fields as Smarty objects, # and change the page to be loaded. #################################################################### if (!$this->validated) { global $smarty; # set the errors as a Smarty Object $smarty->assign('form_validation', $all_error); # set the page to be loaded if (!defined("FORCE_PAGE")) { define('FORCE_PAGE', $VAR['_page_current']); } return; } ### Change password $password_changed = false; if (isset($VAR['account_password']) && $VAR['account_password'] != "") { if (isset($VAR['confirm_password']) && $VAR['account_password'] == $VAR['confirm_password']) { $password = $VAR['account_password']; unset($VAR['account_password']); @($VAR["account_password"] = $password); ### Alert: the password has been changed! global $C_debug, $C_translate; $C_debug->alert($C_translate->translate('password_changed', 'account', '')); $password_changed = true; /* check if new password is ok */ global $C_list; if ($C_list->is_installed('account_password_history')) { include_once PATH_MODULES . 'account_password_history/account_password_history.inc.php'; $accountHistory = new account_password_history(); if (!$accountHistory->getIsPasswordOk(SESS_ACCOUNT, $VAR['account_password'], false)) { $C_debug->alert("The password you have selected has been used recently and cannot be used again at this time for security purposes."); unset($VAR["account_password"]); $password_changed = false; } } } else { ### ERROR: The passwords provided do not match! global $C_debug, $C_translate; $C_debug->alert($C_translate->translate('password_change_match', 'account', '')); unset($VAR["account_password"]); } } else { unset($VAR["account_password"]); } ### Change theme if (isset($VAR['tid']) && $VAR['tid'] != "") { @($VAR["account_theme_id"] = $VAR['tid']); } ### Change Language if (isset($VAR['lid']) && $VAR['lid'] != "") { @($VAR["account_language_id"] = $VAR['lid']); } ### Change country if (isset($VAR['cid']) && $VAR['cid'] != "") { @($VAR["account_country_id"] = $VAR['cid']); } ### Change currency if (isset($VAR['cyid']) && $VAR['cyid'] != "") { @($VAR["account_currency_id"] = $VAR['cyid']); } ### Get the old username ( for db mapping ) $db =& DB(); $sql = 'SELECT username FROM ' . AGILE_DB_PREFIX . 'account WHERE site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND id = ' . $db->qstr(SESS_ACCOUNT); $result = $db->Execute($sql); if ($result->RecordCount() > 0) { $old_username = $result->fields['username']; } ### Update the record $this->account_construct(); $type = "update"; $this->method["{$type}"] = split(",", $this->method["{$type}"]); $db = new CORE_database(); $db->update($VAR, $this, $type); /* password logging class */ if ($password_changed && is_object($accountHistory)) { $accountHistory->setNewPassword(SESS_ACCOUNT, $VAR['account_password'], false); } ### Update the static vars: $static_var->update($VAR, 'account', SESS_ACCOUNT); ### Do any db_mapping global $C_list; if ($C_list->is_installed('db_mapping')) { include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php'; $db_map = new db_mapping(); if (!empty($password)) { $db_map->plaintext_password = $password; } else { $db_map->plaintext_password = false; } $db_map->account_edit(SESS_ACCOUNT, $old_username); } /* update groups for subaccount */ if ($issubaccount) { $db =& DB(); $db->Execute(sqlDelete($db, "account_group", "group_id>2 and \n\t\t\t\t(service_id is null or service_id=0 or service_id='') \n\t\t\t\tand account_id=" . $db->qstr($VAR['account_id']))); if (!empty($VAR['groups'])) { global $C_auth; foreach ($VAR['groups'] as $gid => $val) { if ($gid == $val && $C_auth->auth_group_by_id($gid)) { $fields = array('account_id' => $VAR['account_id'], 'group_id' => $gid, 'active' => 1, 'date_orig' => time()); $db->Execute(sqlInsert($db, "account_group", $fields)); } } } } }