public function UpdateField($fieldAlias, $newValue, &$pkVal = NULL)
{
$this->_SetupFields();
if (!array_key_exists($fieldAlias, $this->fields)) {
return;
}
if ($pkVal === NULL && !$this->flag_is_set(ALLOW_ADD, $fieldAlias)) {
throw new Exception('Module does not allow adding records');
}
if ($pkVal !== NULL && !$this->flag_is_set(ALLOW_EDIT, $fieldAlias)) {
throw new Exception('Module does not allow editing records');
}
if (!$this->bypassSecurity && !$this->flag_is_set(PERSISTENT, $fieldAlias) && uEvents::TriggerEvent('CanAccessModule', $this) === FALSE) {
throw new Exception('Access Denied when attempting to update field');
}
$tableAlias = $this->fields[$fieldAlias]['tablename'];
if (!$tableAlias) {
return FALSE;
}
// cannot update a field that has no table
if (uEvents::TriggerEvent('BeforeUpdateField', $this, array($fieldAlias, $newValue, &$pkVal)) === FALSE) {
$this->ResetField($fieldAlias, $pkVal);
return FALSE;
}
$oldPkVal = $pkVal;
$fieldPK = $this->GetPrimaryKey($fieldAlias);
$tbl = $this->fields[$fieldAlias]['vtable'];
$values = $this->GetValues($fieldAlias, $pkVal);
$fieldType = $this->GetFieldType($fieldAlias);
if ($this->fields[$fieldAlias]['inputtype'] == itPASSWORD && $fieldType !== ftRAW) {
if (empty($newValue)) {
return FALSE;
}
$newValue = uCrypt::Encrypt($newValue);
}
$originalValue = $newValue;
$field = $this->fields[$fieldAlias]['field'];
$table = $tbl['tModule'];
$tablePk = $tbl['pk'];
if (preg_match('/{[^}]+}/', $field) > 0 || IsSelectStatement($field) || is_array($field)) {
$this->ResetField($fieldAlias, $pkVal);
return FALSE;
// this field is a pragma, select statement or callback
}
$preModPk = NULL;
if ($table !== $this->GetTabledef()) {
if ($pkVal === NULL) {
// current module PK if not row exists, create it
$this->UpdateField($this->GetPrimaryKey(), null, $pkVal);
}
$row = $this->LookupRecord($pkVal, true);
$pkLinkTo = null;
$pkLinkFrom = null;
$pkValTo = null;
$pkValFrom = null;
foreach ($tbl['joins'] as $fromField => $toField) {
if ($toField == $this->sqlTableSetupFlat[$tbl['parent']]['pk']) {
$pkLinkFrom = $fromField;
$pkLinkTo = $toField;
// from (parent) pk / to (child) pk
foreach ($this->fields as $_f => $_finfo) {
if ($_finfo['tablename'] == $this->sqlTableSetupFlat[$tbl['parent']]['alias'] && $_finfo['field'] == $fromField) {
$pkValFrom = $row[$_f];
} elseif ($_finfo['tablename'] == $this->sqlTableSetupFlat[$tbl['alias']]['alias'] && $_finfo['field'] == $toField) {
$pkValTo = $row[$_f];
}
}
}
}
$tableObj = utopia::GetInstance($table);
if ($pkValTo === NULL && $pkValFrom) {
$tableObj->UpdateField($pkLinkTo, $pkValFrom);
$row = $this->LookupRecord($pkVal, true);
}
$tableObj = utopia::GetInstance($table);
if ($tableObj instanceof iLinkTable) {
// delete all where tofield is oldpk
database::query('DELETE FROM `' . $tableObj->tablename . '` WHERE `' . $pkLinkTo . '` = ?', array($pkVal));
// loop through new values (unless empty) and add them to the link table
if ($newValue !== NULL && $newValue !== '') {
if (!is_array($newValue)) {
$newValue = array($newValue);
}
foreach ($newValue as $v) {
$n = null;
$tableObj->UpdateField($pkLinkTo, $pkVal, $n, $fieldType);
//set left
$tableObj->UpdateField($field, $v, $n, $fieldType);
//set right
}
}
return true;
}
// pk of table
$preModPk = $pkVal;
$pkVal = $row['_' . $tableAlias . '_pk'];
if ($pkVal === NULL) {
// linked target does not exist, create it
if ($pkLinkTo == $field) {
$tableObj->UpdateField($pkLinkTo, $newValue, $pkVal, $fieldType);
} else {
$tableObj->UpdateField($field, $newValue, $pkVal, $fieldType);
}
foreach ($this->fields as $_f => $_finfo) {
// set pkLinkFrom to newly created record in linked table
if (isset($_finfo['vtable']) && $_finfo['vtable']['tModule'] == $this->GetTabledef() && $_finfo['field'] == $pkLinkFrom) {
$this->UpdateField($_f, $pkVal, $preModPk);
break;
}
}
}
}
// lets update the field
$tableObj = utopia::GetInstance($table);
try {
$ret = $tableObj->UpdateField($field, $newValue, $pkVal, $fieldType) === FALSE ? FALSE : TRUE;
} catch (Exception $e) {
$ret = false;
switch ($e->getCode()) {
case 1062:
// duplicate key
uNotices::AddNotice('An entry already exists with this value.', NOTICE_TYPE_ERROR);
break;
default:
throw $e;
}
}
if ($preModPk !== NULL) {
$pkVal = $preModPk;
}
if ($oldPkVal === NULL) {
// new record added
// update default values
if (!$this->noDefaults) {
$this->noDefaults = true;
foreach ($this->fields as $dalias => $fieldData) {
if ($fieldAlias == $dalias) {
continue;
}
// dont update the default for the field which is being set.
if ($dalias == $this->GetPrimaryKey()) {
continue;
}
$default = $this->GetDefaultValue($dalias);
if (!empty($default)) {
//echo "//setting default for $dalias to $default PK $pkVal\n";
$this->UpdateField($dalias, $default, $pkVal);
}
}
$this->noDefaults = false;
}
// new record has been created. pass the info on to child modules, incase they need to act on it.
uEvents::TriggerEvent('OnNewRecord', $this, $pkVal);
}
if (array_key_exists('onupdate', $this->fields[$fieldAlias])) {
foreach ($this->fields[$fieldAlias]['onupdate'] as $callback) {
list($callback, $arr) = $callback;
//echo "$callback,".print_r($arr,true);
if (is_string($callback)) {
// $callback = array($this,$callback);
$callback = array($this, $callback);
}
array_unshift($arr, $pkVal);
$newRet = call_user_func_array($callback, $arr);
if ($ret === TRUE) {
$ret = $newRet;
}
}
}
$this->ResetField($fieldAlias, $pkVal);
if ($oldPkVal !== $pkVal) {
$this->ResetField($fieldAlias, $oldPkVal);
}
if (uEvents::TriggerEvent('AfterUpdateField', $this, array($fieldAlias, $newValue, &$pkVal)) === FALSE) {
return FALSE;
}
return $ret;
}
public function UpdateField($fieldAlias, $newValue, &$pkVal = NULL)
{
if ($fieldAlias == 'role' && isset($_SESSION['current_user']) && $pkVal == $_SESSION['current_user']) {
uNotices::AddNotice('You cannot edit your own role', NOTICE_TYPE_ERROR);
return;
}
if ($fieldAlias == '_validate_user') {
return $this->UpdateField('email_confirm_code', true, $pkVal);
}
if ($fieldAlias == '_validate_send') {
uVerifyEmail::VerifyAccount($pkVal);
return;
}
parent::UpdateField($fieldAlias, $newValue, $pkVal);
}
public function UpdateField($fieldAlias, $newValue, &$pkVal = NULL)
{
$cUser = $this->LookupRecord(array('user_id' => uUserLogin::IsLoggedIn()));
if ($fieldAlias == 'username') {
$newValue = trim($newValue);
if ($newValue === $cUser['username']) {
return;
}
if (!preg_match('/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,4}$/i', $newValue)) {
uNotices::AddNotice('You must enter a valid email address.', NOTICE_TYPE_ERROR);
return;
}
if (uUsersList::TestCredentials($cUser['username'], $_POST[$this->CreateSqlField('current_password_email', $pkVal)]) === false) {
uNotices::AddNotice('The password you entered does not match our records.', NOTICE_TYPE_ERROR);
return;
}
uNotices::AddNotice('You must validate your new email address before you are able to log in with it.');
}
if ($fieldAlias == 'password') {
if (!$newValue) {
return;
}
if ($newValue !== $_POST[$this->CreateSqlField('confirm_password', $pkVal)]) {
uNotices::AddNotice('Password confirmation did not match, please try again.', NOTICE_TYPE_WARNING);
return;
}
if (uUsersList::TestCredentials($cUser['username'], $_POST[$this->CreateSqlField('current_password', $pkVal)]) === false) {
uNotices::AddNotice('The password you entered does not match our records.', NOTICE_TYPE_ERROR);
return;
}
uNotices::AddNotice('Your password has been updated.');
}
return parent::UpdateField($fieldAlias, $newValue, $pkVal);
}
public function RunModule()
{
$email = array_key_exists('e', $_REQUEST) ? $_REQUEST['e'] : '';
$notice = '';
$rec = $this->LookupRecord(array('username' => $email));
if (!empty($email) && !$rec) {
uNotices::AddNotice('No account was found with this email address. Please try again.', NOTICE_TYPE_ERROR);
}
if (empty($email) || !$rec) {
echo '<h1>Reset Password</h1>';
echo '<form id="reset-password-form" action="' . $this->GetURL(array()) . '" method="post">';
echo '<p>What is your email address?</p>';
echo '<div style="margin-left:20px;">My e-mail address is ' . utopia::DrawInput('e', itTEXT) . '</div>';
echo '<input type="submit" class="btn" value="Reset Password" />';
echo '</form>';
return;
}
if (!array_key_exists('c', $_REQUEST)) {
// reset pw
echo '<p>An email has been sent to "' . $email . '" with your password reset link. Please click the link and enter a new password for your account.</p><p>Please be patient; the delivery of email may be delayed. Remember to confirm that the email above is correct and to check your junk or spam folder or filter if you do not receive this email.</p>';
$this->ResetPW($email);
return true;
}
if ($rec['email_confirm_code'] !== $_REQUEST['c']) {
echo '<p>Unfortunately we could not validate this request.</p><p>If you are trying to activate your account or reset your password, please <a href="' . $this->GetURL(array('e' => $email)) . '">click here</a> for a new link.</p>';
return;
}
if (array_key_exists('__newpass_c', $_POST)) {
if ($_POST['__newpass'] !== $_POST['__newpass_c']) {
uNotices::AddNotice('Password confirmation did not match, please try again.', NOTICE_TYPE_ERROR);
} else {
$this->SetFieldOptions('email_confirm_code', ALLOW_EDIT);
$this->SetFieldOptions('password', ALLOW_EDIT);
$this->UpdateFields(array('email_confirm_code' => '', 'password' => $_POST['__newpass']), $rec['user_id']);
$this->SetFieldOptions('email_confirm_code', NULL);
$this->SetFieldOptions('password', NULL);
echo '<p>You have successfully reset your password.</p>';
return;
}
}
if (empty($rec['password'])) {
$action = 'Activate Account';
} else {
$action = 'Reset Password';
}
echo '<h1>' . $action . '</h1>';
echo '<form id="loginForm" action="" method="post"><input type="hidden" name="e" value="' . $email . '"><input type="hidden" name="c" value="' . $_REQUEST['c'] . '">';
echo '<table style="margin-left:20px;margin-top:10px;" cellpadding="5">';
echo '<tr><td align="right">New Password:</td><td>' . utopia::DrawInput('__newpass', itPASSWORD) . '</td></tr>';
echo '<tr><td align="right">Confirm Password:</td><td>' . utopia::DrawInput('__newpass_c', itPASSWORD) . '</td></tr>';
echo '<tr><td colspan="2" align="right"><input type="submit" class="btn" value="Set Password" /></td></tr>';
echo '</table></form>';
}
