function save_profile()
{
global $db, $user, $current_user, $globals, $admin_mode, $site_key, $bio_max;
$errors = 0;
// benjami: control added (2005-12-22)
$new_pass = false;
$messages = array();
$form_hash = md5($site_key . $user->id . $current_user->user_id);
if (isset($_POST['disabledme']) && intval($_POST['disable']) == 1 && $_POST['form_hash'] == $form_hash && $_POST['user_id'] == $current_user->user_id) {
$old_user_login = $user->username;
$old_user_id = $user->id;
$user->disable(true);
Log::insert('user_delete', $old_user_id, $old_user_id);
syslog(LOG_NOTICE, "Meneame, disabling {$old_user_id} ({$old_user_login}) by {$current_user->user_login} -> {$user->username} ");
$current_user->Logout(get_user_uri($user->username));
die;
}
if (!isset($_POST['save_profile']) || !isset($_POST['process']) || $_POST['user_id'] != $current_user->user_id && !$admin_mode) {
return;
}
if (empty($_POST['form_hash']) || $_POST['form_hash'] != $form_hash) {
array_push($messages, _('Falta la clave de control'));
$errors++;
}
if (!empty($_POST['username']) && trim($_POST['username']) != $user->username) {
$newname = trim($_POST['username']);
if (strlen($newname) < 3) {
array_push($messages, _('nombre demasiado corto'));
$errors++;
}
if (!check_username($newname)) {
array_push($messages, _('nombre de usuario erróneo, caracteres no admitidos'));
$errors++;
} elseif (user_exists($newname, $user->id)) {
array_push($messages, _('el usuario ya existe'));
$errors++;
} else {
$user->username = $newname;
}
}
if (!empty($_POST['bio']) || $user->bio) {
$bio = clean_text($_POST['bio'], 0, false, $bio_max);
if ($bio != $user->bio) {
$user->bio = $bio;
}
}
if ($user->email != trim($_POST['email']) && !check_email(trim($_POST['email']))) {
array_push($messages, _('el correo electrónico no es correcto'));
$errors++;
} elseif (!$admin_mode && trim($_POST['email']) != $current_user->user_email && email_exists(trim($_POST['email']), false)) {
array_push($messages, _('ya existe otro usuario con esa dirección de correo'));
$errors++;
} else {
$user->email = trim($_POST['email']);
}
$user->url = htmlspecialchars(clean_input_url($_POST['url']));
// Check IM address
if (!empty($_POST['public_info'])) {
$_POST['public_info'] = htmlspecialchars(clean_input_url($_POST['public_info']));
$public = $db->escape($_POST['public_info']);
$im_count = intval($db->get_var("select count(*) from users where user_id != {$user->id} and user_level != 'disabled' and user_level != 'autodisabled' and user_public_info='{$public}'"));
if ($im_count > 0) {
array_push($messages, _('ya hay otro usuario con la misma dirección de MI, no se ha grabado'));
$_POST['public_info'] = '';
$errors++;
}
}
$user->phone = $_POST['phone'];
$user->public_info = htmlspecialchars(clean_input_url($_POST['public_info']));
// End check IM address
if ($user->id == $current_user->user_id) {
// Check phone number
if (!empty($_POST['phone'])) {
if (!preg_match('/^\\+[0-9]{9,16}$/', $_POST['phone'])) {
array_push($messages, _('número telefónico erróneo, no se ha grabado'));
$_POST['phone'] = '';
$errors++;
} else {
$phone = $db->escape($_POST['phone']);
$phone_count = intval($db->get_var("select count(*) from users where user_id != {$user->id} and user_level != 'disabled' and user_level != 'autodisabled' and user_phone='{$phone}'"));
if ($phone_count > 0) {
array_push($messages, _('ya hay otro usuario con el mismo número, no se ha grabado'));
$_POST['phone'] = '';
$errors++;
}
}
}
$user->phone = $_POST['phone'];
// End check phone number
}
// Verifies adsense code
if ($globals['external_user_ads']) {
$_POST['adcode'] = trim($_POST['adcode']);
$_POST['adchannel'] = trim($_POST['adchannel']);
if (!empty($_POST['adcode']) && $user->adcode != $_POST['adcode']) {
if (!preg_match('/pub-[0-9]{16}$/', $_POST['adcode'])) {
array_push($messages, _('código AdSense incorrecto, no se ha grabado'));
$_POST['adcode'] = '';
$errors++;
} else {
$adcode_count = intval($db->get_var("select count(*) from users where user_id != {$user->id} and user_level != 'disabled' and user_level != 'autodisabled' and user_adcode='" . $_POST['adcode'] . "'"));
if ($adcode_count > 0) {
array_push($messages, _('ya hay otro usuario con la misma cuenta, no se ha grabado'));
$_POST['adcode'] = '';
$errors++;
}
}
}
if (!empty($_POST['adcode']) && !empty($_POST['adchannel']) && $user->adchannel != $_POST['adchannel']) {
if (!preg_match('/^[0-9]{10,12}$/', $_POST['adchannel'])) {
array_push($messages, _('canal AdSense incorrecto, no se ha grabado'));
$_POST['adchannel'] = '';
$errors++;
}
}
$user->adcode = $_POST['adcode'];
$user->adchannel = $_POST['adchannel'];
}
$user->names = clean_text($_POST['names']);
if (!empty($_POST['password']) || !empty($_POST['password2'])) {
if (!check_password($_POST["password"])) {
array_push($messages, _('Clave demasiado corta, debe ser de 6 o más caracteres e incluir mayúsculas, minúsculas y números'));
$errors = 1;
} else {
if (trim($_POST['password']) !== trim($_POST['password2'])) {
array_push($messages, _('las claves no son iguales, no se ha modificado'));
$errors = 1;
} else {
$new_pass = trim($_POST['password']);
$user->pass = UserAuth::hash($new_pass);
array_push($messages, _('La clave se ha cambiado'));
$pass_changed = true;
}
}
}
if ($admin_mode && !empty($_POST['user_level'])) {
$user->level = $db->escape($_POST['user_level']);
}
if ($admin_mode && !empty($_POST['karma']) && is_numeric($_POST['karma']) && $_POST['karma'] > 4 && $_POST['karma'] <= 20) {
$user->karma = $_POST['karma'];
}
$user->comment_pref = intval($_POST['comment_pref']) + (intval($_POST['show_friends']) & 1) * 2 + (intval($_POST['show_2cols']) & 1) * 4;
// Manage avatars upload
if (!empty($_FILES['image']['tmp_name'])) {
if (avatars_check_upload_size('image')) {
$avatar_mtime = avatars_manage_upload($user->id, 'image');
if (!$avatar_mtime) {
array_push($messages, _('error guardando la imagen'));
$errors = 1;
$user->avatar = 0;
} else {
$user->avatar = $avatar_mtime;
}
} else {
array_push($messages, _('el tamaño de la imagen excede el límite'));
$errors = 1;
$user->avatar = 0;
}
} elseif ($_POST['avatar_delete']) {
$user->avatar = 0;
avatars_remove($user->id);
}
// Reset avatar for the logged user
if ($current_user->user_id == $user->id) {
$current_user->user_avatar = $user->avatar;
}
if (!$errors) {
if (empty($user->ip)) {
$user->ip = $globals['user_ip'];
}
$user->store();
$user->read();
if (!$admin_mode && ($current_user->user_login != $user->username || $current_user->user_email != $user->email || $new_pass)) {
$current_user->Authenticate($user->username, $new_pass);
}
array_push($messages, _('datos actualizados'));
}
return $messages;
}
function save_profile()
{
global $db, $user, $current_user, $globals, $site_key;
$errors = 0;
// benjami: control added (2005-12-22)
$pass_changed = false;
$messages = '';
$form_hash = md5($site_key . $user->id . mnminclude);
if (!isset($_POST['save_profile']) || !isset($_POST['process']) || $_POST['user_id'] != $current_user->user_id) {
return;
}
if (empty($_POST['form_hash']) || $_POST['form_hash'] != $form_hash) {
$messages .= '<p class="form-error">' . _('Falta la clave de control') . '</p>';
$errors++;
}
if (!empty($_POST['username']) && trim($_POST['username']) != $user->username) {
if (strlen(trim($_POST['username'])) < 3) {
$messages .= '<p class="form-error">' . _('nombre demasiado corto') . '</p>';
$errors++;
}
if (!check_username($_POST['username'])) {
$messages .= '<p class="form-error">' . _('nombre de usuario erróneo, caracteres no admitidos') . '</p>';
$errors++;
} elseif (user_exists(trim($_POST['username']))) {
$messages .= '<p class="form-error">' . _('el usuario ya existe') . '</p>';
$errors++;
} else {
$user->username = trim($_POST['username']);
}
}
if ($user->email != trim($_POST['email']) && !check_email(trim($_POST['email']))) {
$messages .= '<p class="form-error">' . _('el correo electrónico no es correcto') . '</p>';
$errors++;
} elseif (trim($_POST['email']) != $current_user->user_email && email_exists(trim($_POST['email']))) {
$messages .= '<p class="form-error">' . _('ya existe otro usuario con esa dirección de correo') . '</p>';
$errors++;
}
$user->url = htmlspecialchars(clean_input_url($_POST['url']));
$user->names = clean_text($_POST['names']);
if (!empty($_POST['password']) || !empty($_POST['password2'])) {
if (!check_password($_POST["password"])) {
$messages .= '<p class="form-error">' . _('Clave demasiado corta, debe ser de 6 o más caracteres e incluir mayúsculas, minúsculas y números') . '</p>';
$errors = 1;
} else {
if (trim($_POST['password']) !== trim($_POST['password2'])) {
$messages .= '<p class="form-error">' . _('las claves no son iguales, no se ha modificado') . '</p>';
$errors = 1;
} else {
$user->pass = md5(trim($_POST['password']));
$messages .= '<p class="form-error">' . _('La clave se ha cambiado') . '</p>';
$pass_changed = true;
}
}
}
$user->comment_pref = intval($_POST['comment_pref']) + (intval($_POST['show_friends']) & 1) * 2 + (intval($_POST['show_2cols']) & 1) * 4;
// Manage avatars upload
if (!empty($_FILES['image']['tmp_name'])) {
if (avatars_check_upload_size('image')) {
$avatar_mtime = avatars_manage_upload($user->id, 'image');
if (!$avatar_mtime) {
$messages .= '<p class="form-error">' . _('error guardando la imagen') . '</p>';
$errors = 1;
$user->avatar = 0;
} else {
$user->avatar = $avatar_mtime;
}
} else {
$messages .= '<p class="form-error">' . _('el tamaño de la imagen excede el límite') . '</p>';
$errors = 1;
$user->avatar = 0;
}
}
if (!$errors) {
if (empty($user->ip)) {
$user->ip = $globals['user_ip'];
}
$user->store();
$user->read();
if ($current_user->user_login != $user->username || $current_user->user_email != $user->email || $pass_changed) {
$current_user->Authenticate($user->username, $user->pass);
}
$messages .= '<p class="form-error">' . _('datos actualizados') . '</p>';
}
return $messages;
}
// AFFERO GENERAL PUBLIC LICENSE is also included in the file called "COPYING".
include '../config.php';
include mnminclude . 'avatars.php';
//header('Content-Type: application/json; charset=UTF-8');
header('Content-Type: text/plain; charset=UTF-8');
// It's being read in a iframe son can't be a json to avoid problems
array_push($globals['cache-control'], 'no-cache');
http_cache();
if (!$current_user->user_id) {
json_error(_('usuario no autentificado'));
}
$user = new User($current_user->user_id);
$error = false;
// Manage avatars upload
if (!empty($_FILES['image']['tmp_name'])) {
if (avatars_check_upload_size('image')) {
$avatar_mtime = avatars_manage_upload($user->id, 'image');
if (!$avatar_mtime) {
$error = _('error guardando la imagen');
}
} else {
$error = _('el tamaño de la imagen excede el límite');
}
} else {
$error = _('datos recibidos incorrectamente');
}
if ($avatar_mtime) {
$user->avatar = $avatar_mtime;
$user->store();
}
$dict['avatar_url'] = get_avatar_url($user->id, $user->avatar, 80);
function save_profile() {
global $db, $user, $current_user, $globals, $admin_mode;
$errors = 0; // benjami: control added (2005-12-22)
if(!isset($_POST['save_profile']) || !isset($_POST['process']) ||
($_POST['user_id'] != $current_user->user_id && !$admin_mode) ) return;
if(!empty($_POST['username']) && trim($_POST['username']) != $user->username) {
if (strlen(trim($_POST['username']))<3) {
echo '<p class="form-error">'._('nombre demasiado corto').'</p>';
$errors++;
}
if(!check_username($_POST['username'])) {
echo '<p class="form-error">'._('Nombre de usuario erróneo, caracteres no admitidos').'</p>';
$errors++;
} elseif (user_exists(trim($_POST['username'])) ) {
echo '<p class="form-error">'._('El usuario ya existe').'</p>';
$errors++;
} else {
$user->username=trim($_POST['username']);
}
}
if(!check_email(trim($_POST['email']))) {
echo '<p class="form-error">'._('El correo electrónico no es correcto').'</p>';
$errors++;
} elseif (!$admin_mode && trim($_POST['email']) != $current_user->user_email && email_exists(trim($_POST['email']))) {
echo '<p class="form-error">'. _('ya existe otro usuario con esa dirección de correo'). '</p>';
$errors++;
} else {
$user->email=trim($_POST['email']);
}
$user->url=htmlspecialchars(trim($_POST['url']));
$user->names=trim($_POST['names']);
if(!empty($_POST['password']) || !empty($_POST['password2'])) {
if($_POST['password'] !== $_POST['password2']) {
echo '<p class="form-error">'._('Las claves no son iguales, no se ha modificado').'</p>';
$errors = 1;
} else {
$user->pass=trim($_POST['password']);
echo '<p>'._('La clave se ha cambiado').'</p>';
}
}
if ($admin_mode && !empty($_POST['user_level'])) {
$user->level=$db->escape($_POST['user_level']);
}
if ($admin_mode && !empty($_POST['karma']) && is_numeric($_POST['karma']) && $_POST['karma'] > 4 && $_POST['karma'] <= 20) {
$user->karma=$_POST['karma'];
}
// Manage avatars upload
if (!empty($_FILES['image']['tmp_name']) ) {
if(avatars_check_upload_size($user->id, 'image')) {
if (!avatars_manage_upload($user->id, 'image')) {
echo '<p class="form-error">'._('Error guardando la imagen').'</p>';
$errors = 1;
$user->avatar = 0;
} else {
$user->avatar = 1;
}
} else {
echo '<p class="form-error">'._('El tamaño de la imagen excede el límite').'</p>';
$errors = 1;
$user->avatar = 0;
}
}
if (!$errors) { // benjami: "if" added (2005-12-22)
if (empty($user->ip)) {
$user->ip=$globals['user_ip'];
}
$user->store();
$user->read();
if (!$admin_mode)
$current_user->Authenticate($user->username, $user->pass);
echo '<p class="form-act">'._('Datos actualizados').'</p>';
}
}
function save_profile()
{
global $db, $user, $current_user, $globals, $admin_mode;
$errors = 0;
// benjami: control added (2005-12-22)
$pass_changed = false;
if (!isset($_POST['save_profile']) || !isset($_POST['process']) || $_POST['user_id'] != $current_user->user_id && !$admin_mode) {
return;
}
if (!empty($_POST['username']) && trim($_POST['username']) != $user->username) {
if (strlen(trim($_POST['username'])) < 3) {
echo '<p class="form-error">' . _('nombre demasiado corto') . '</p>';
$errors++;
}
if (!check_username($_POST['username'])) {
echo '<p class="form-error">' . _('Nombre de usuario erróneo, caracteres no admitidos') . '</p>';
$errors++;
} elseif (user_exists(trim($_POST['username']))) {
echo '<p class="form-error">' . _('El usuario ya existe') . '</p>';
$errors++;
} else {
$user->username = trim($_POST['username']);
}
}
if ($user->email != trim($_POST['email']) && !check_email(trim($_POST['email']))) {
echo '<p class="form-error">' . _('El correo electrónico no es correcto') . '</p>';
$errors++;
} elseif (!$admin_mode && trim($_POST['email']) != $current_user->user_email && email_exists(trim($_POST['email']))) {
echo '<p class="form-error">' . _('ya existe otro usuario con esa dirección de correo') . '</p>';
$errors++;
} else {
$user->email = trim($_POST['email']);
}
$user->url = htmlspecialchars(clean_input_url($_POST['url']));
// Verifies adsense code
if ($globals['external_user_ads']) {
$_POST['adcode'] = trim($_POST['adcode']);
if (!empty($_POST['adcode']) && $user->adcode != $_POST['adcode']) {
if (!preg_match('/^pub-[0-9]{16}$/', $_POST['adcode'])) {
echo '<p class="form-error">' . _('código AdSense incorrecto, no se ha grabado') . '</p>';
$_POST['adcode'] = '';
$errors++;
} else {
$adcode_count = intval($db->get_var("select count(*) from users where user_id != {$user->id} and user_adcode='" . $_POST['adcode'] . "'"));
if ($adcode_count > 0) {
echo '<p class="form-error">' . _('ya hay otro usuario con la misma cuenta, no se ha grabado') . '</p>';
$_POST['adcode'] = '';
$errors++;
}
}
}
$user->adcode = $_POST['adcode'];
}
$user->names = trim($_POST['names']);
if (!empty($_POST['password']) || !empty($_POST['password2'])) {
if ($_POST['password'] !== $_POST['password2']) {
echo '<p class="form-error">' . _('Las claves no son iguales, no se ha modificado') . '</p>';
$errors = 1;
} else {
$user->pass = trim($_POST['password']);
echo '<p>' . _('La clave se ha cambiado') . '</p>';
$pass_changed = true;
}
}
if ($admin_mode && !empty($_POST['user_level'])) {
$user->level = $db->escape($_POST['user_level']);
}
if ($admin_mode && !empty($_POST['karma']) && is_numeric($_POST['karma']) && $_POST['karma'] > 4 && $_POST['karma'] <= 20) {
$user->karma = $_POST['karma'];
}
$user->comment_pref = intval($_POST['comment_pref']);
// Manage avatars upload
if (!empty($_FILES['image']['tmp_name'])) {
if (avatars_check_upload_size($user->id, 'image')) {
if (!avatars_manage_upload($user->id, 'image')) {
echo '<p class="form-error">' . _('Error guardando la imagen') . '</p>';
$errors = 1;
$user->avatar = 0;
} else {
$user->avatar = 1;
}
} else {
echo '<p class="form-error">' . _('El tamaño de la imagen excede el límite') . '</p>';
$errors = 1;
$user->avatar = 0;
}
}
if (!$errors) {
// benjami: "if" added (2005-12-22)
if (empty($user->ip)) {
$user->ip = $globals['user_ip'];
}
$user->store();
$user->read();
if (!$admin_mode && ($current_user->user_login != $user->username || $current_user->user_email != $user->email || $pass_changed)) {
$current_user->Authenticate($user->username, $user->pass);
}
echo '<p class="form-act">' . _('Datos actualizados') . '</p>';
}
}
