function update($VAR)
    {
        global $C_list, $C_debug;
        if (!$this->checkLimits()) {
            return false;
        }
        // check account limits
        // validate the tax_id
        global $VAR;
        require_once PATH_MODULES . 'tax/tax.inc.php';
        $taxObj = new tax();
        $tax_arr = @$VAR['account_admin_tax_id'];
        if (is_array($tax_arr)) {
            foreach ($tax_arr as $country_id => $tax_id) {
                if ($country_id == $VAR['account_admin_country_id']) {
                    $exempt = @$VAR["account_tax_id_exempt"][$country_id];
                    if (!($txRs = $taxObj->TaxIdsValidate($country_id, $tax_id, $exempt))) {
                        $this->validated = false;
                        global $C_translate;
                        $this->val_error[] = array('field' => 'account_admin_tax_id', 'field_trans' => $taxObj->errField, 'error' => $C_translate->translate('validate_general', "", ""));
                    }
                    if ($exempt) {
                        $VAR['account_admin_tax_id'] = false;
                    } else {
                        $VAR['account_admin_tax_id'] = $tax_id;
                    }
                }
            }
        }
        ####################################################################
        ### Get required static_Vars and validate them... return an array
        ### w/ ALL errors...
        ####################################################################
        require_once PATH_CORE . 'static_var.inc.php';
        $static_var = new CORE_static_var();
        if (!isset($this->val_error)) {
            $this->val_error = false;
        }
        $all_error = $static_var->validate_form('account', $this->val_error);
        if ($all_error != false && gettype($all_error) == 'array') {
            $this->validated = false;
        } else {
            $this->validated = true;
        }
        ####################################################################
        # If validation was failed, skip the db insert &
        # set the errors & origonal fields as Smarty objects,
        # and change the page to be loaded.
        ####################################################################
        if (!$this->validated) {
            global $smarty;
            # set the errors as a Smarty Object
            $smarty->assign('form_validation', $all_error);
            # set the page to be loaded
            if (!defined("FORCE_PAGE")) {
                define('FORCE_PAGE', $VAR['_page_current']);
            }
            return;
        }
        ### Get the old username ( for db mapping )
        $db =& DB();
        $sql = 'SELECT username FROM ' . AGILE_DB_PREFIX . 'account WHERE
					site_id     = ' . $db->qstr(DEFAULT_SITE) . ' AND
					id          = ' . $db->qstr($VAR['account_admin_id']);
        $result = $db->Execute($sql);
        if ($result->RecordCount() > 0) {
            $old_username = $result->fields['username'];
        }
        ### Update the password:
        $update_password = false;
        if (!empty($VAR['_password'])) {
            $VAR['account_admin_password'] = $VAR['_password'];
            /* check if new password is ok */
            if ($C_list->is_installed('account_password_history')) {
                include_once PATH_MODULES . 'account_password_history/account_password_history.inc.php';
                $accountHistory = new account_password_history();
                if (!$accountHistory->getIsPasswordOk($VAR['account_admin_id'], $VAR['account_admin_password'], false)) {
                    $C_debug->alert("The password you have selected has been used recently and cannot be used again at this time for security purposes.");
                    unset($VAR['account_admin_password']);
                } else {
                    $update_password = true;
                }
            }
        }
        ### Update the record
        $type = "update";
        $this->method["{$type}"] = explode(",", $this->method["{$type}"]);
        $db = new CORE_database();
        $ok = $db->update($VAR, $this, $type);
        if ($ok) {
            /* password logging class */
            if ($update_password && is_object($accountHistory)) {
                $accountHistory->setNewPassword($VAR['account_admin_id'], $VAR["account_admin_password"], false);
            }
            ### Update the static vars:
            $static_var->update($VAR, 'account', $VAR['account_admin_id']);
            ### Do any db_mapping
            if ($C_list->is_installed('db_mapping')) {
                include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php';
                $db_map = new db_mapping();
                if (!empty($VAR['account_admin_password'])) {
                    $db_map->plaintext_password = $VAR['account_admin_password'];
                } else {
                    $db_map->plaintext_password = false;
                }
                $db_map->account_edit($VAR['account_admin_id'], $old_username);
            }
            // remove login lock
            if ($VAR['account_admin_status']) {
                $db =& DB();
                $delrs = $db->Execute($sql = sqlDelete($db, "login_lock", "account_id={$VAR['account_admin_id']}"));
                $delrs = $db->Execute($sql = sqlDelete($db, "login_log", "account_id={$VAR['account_admin_id']} AND status=0"));
            }
            return true;
        }
    }
Example #2
0
    function update($VAR)
    {
        global $VAR;
        ### Check that user is logged in:
        if (SESS_LOGGED != '1') {
            echo "Sorry, you must be logged in!";
        }
        /* check for sub account */
        $issubaccount = false;
        if (!empty($VAR['account_id']) && $VAR['account_id'] != SESS_ACCOUNT) {
            if ($this->isParentAccount($VAR['account_id'])) {
                $VAR['id'] = $VAR['account_id'];
                global $smarty;
                $issubaccount = true;
            } else {
                return false;
            }
        } else {
            $VAR['id'] = SESS_ACCOUNT;
            $VAR['account_id'] = SESS_ACCOUNT;
        }
        $VAR['account_date_last'] = time();
        // validate the tax_id
        require_once PATH_MODULES . 'tax/tax.inc.php';
        $taxObj = new tax();
        $tax_arr = @$VAR['account_tax_id'];
        if (is_array($tax_arr)) {
            foreach ($tax_arr as $country_id => $tax_id) {
                if ($country_id == $VAR['cid']) {
                    $exempt = @$VAR["account_tax_id_exempt"][$country_id];
                    if (!($txRs = $taxObj->TaxIdsValidate($country_id, $tax_id, $exempt))) {
                        $this->validated = false;
                        global $C_translate;
                        $this->val_error[] = array('field' => 'account_tax_id', 'field_trans' => $taxObj->errField, 'error' => $C_translate->translate('validate_general', "", ""));
                    }
                    if ($exempt) {
                        $VAR['account_tax_id'] = false;
                    } else {
                        $VAR['account_tax_id'] = $tax_id;
                    }
                }
            }
        }
        ####################################################################
        ### Get required static_Vars and validate them... return an array
        ### w/ ALL errors...
        ####################################################################
        require_once PATH_CORE . 'static_var.inc.php';
        $static_var = new CORE_static_var();
        if (!isset($this->val_error)) {
            $this->val_error = false;
        }
        $all_error = $static_var->validate_form('account', $this->val_error);
        if ($all_error != false && gettype($all_error) == 'array') {
            $this->validated = false;
        } else {
            $this->validated = true;
        }
        ####################################################################
        # If validation was failed, skip the db insert &
        # set the errors & origonal fields as Smarty objects,
        # and change the page to be loaded.
        ####################################################################
        if (!$this->validated) {
            global $smarty;
            # set the errors as a Smarty Object
            $smarty->assign('form_validation', $all_error);
            # set the page to be loaded
            if (!defined("FORCE_PAGE")) {
                define('FORCE_PAGE', $VAR['_page_current']);
            }
            return;
        }
        ### Change password
        $password_changed = false;
        if (isset($VAR['account_password']) && $VAR['account_password'] != "") {
            if (isset($VAR['confirm_password']) && $VAR['account_password'] == $VAR['confirm_password']) {
                $password = $VAR['account_password'];
                unset($VAR['account_password']);
                @($VAR["account_password"] = $password);
                ### Alert: the password has been changed!
                global $C_debug, $C_translate;
                $C_debug->alert($C_translate->translate('password_changed', 'account', ''));
                $password_changed = true;
                /* check if new password is ok */
                global $C_list;
                if ($C_list->is_installed('account_password_history')) {
                    include_once PATH_MODULES . 'account_password_history/account_password_history.inc.php';
                    $accountHistory = new account_password_history();
                    if (!$accountHistory->getIsPasswordOk(SESS_ACCOUNT, $VAR['account_password'], false)) {
                        $C_debug->alert("The password you have selected has been used recently and cannot be used again at this time for security purposes.");
                        unset($VAR["account_password"]);
                        $password_changed = false;
                    }
                }
            } else {
                ### ERROR: The passwords provided do not match!
                global $C_debug, $C_translate;
                $C_debug->alert($C_translate->translate('password_change_match', 'account', ''));
                unset($VAR["account_password"]);
            }
        } else {
            unset($VAR["account_password"]);
        }
        ### Change theme
        if (isset($VAR['tid']) && $VAR['tid'] != "") {
            @($VAR["account_theme_id"] = $VAR['tid']);
        }
        ### Change Language
        if (isset($VAR['lid']) && $VAR['lid'] != "") {
            @($VAR["account_language_id"] = $VAR['lid']);
        }
        ### Change country
        if (isset($VAR['cid']) && $VAR['cid'] != "") {
            @($VAR["account_country_id"] = $VAR['cid']);
        }
        ### Change currency
        if (isset($VAR['cyid']) && $VAR['cyid'] != "") {
            @($VAR["account_currency_id"] = $VAR['cyid']);
        }
        ### Get the old username ( for db mapping )
        $db =& DB();
        $sql = 'SELECT username FROM ' . AGILE_DB_PREFIX . 'account WHERE
					site_id     = ' . $db->qstr(DEFAULT_SITE) . ' AND
					id          = ' . $db->qstr(SESS_ACCOUNT);
        $result = $db->Execute($sql);
        if ($result->RecordCount() > 0) {
            $old_username = $result->fields['username'];
        }
        ### Update the record
        $this->account_construct();
        $type = "update";
        $this->method["{$type}"] = split(",", $this->method["{$type}"]);
        $db = new CORE_database();
        $db->update($VAR, $this, $type);
        /* password logging class */
        if ($password_changed && is_object($accountHistory)) {
            $accountHistory->setNewPassword(SESS_ACCOUNT, $VAR['account_password'], false);
        }
        ### Update the static vars:
        $static_var->update($VAR, 'account', SESS_ACCOUNT);
        ### Do any db_mapping
        global $C_list;
        if ($C_list->is_installed('db_mapping')) {
            include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php';
            $db_map = new db_mapping();
            if (!empty($password)) {
                $db_map->plaintext_password = $password;
            } else {
                $db_map->plaintext_password = false;
            }
            $db_map->account_edit(SESS_ACCOUNT, $old_username);
        }
        /* update groups for subaccount */
        if ($issubaccount) {
            $db =& DB();
            $db->Execute(sqlDelete($db, "account_group", "group_id>2 and \n\t\t\t\t(service_id is null or service_id=0 or service_id='') \n\t\t\t\tand account_id=" . $db->qstr($VAR['account_id'])));
            if (!empty($VAR['groups'])) {
                global $C_auth;
                foreach ($VAR['groups'] as $gid => $val) {
                    if ($gid == $val && $C_auth->auth_group_by_id($gid)) {
                        $fields = array('account_id' => $VAR['account_id'], 'group_id' => $gid, 'active' => 1, 'date_orig' => time());
                        $db->Execute(sqlInsert($db, "account_group", $fields));
                    }
                }
            }
        }
    }