/**
* Update the info of an user
*
* @access public
* @param int $id User's ID
* @param array $uData User information data
* @return bool Returns true if user was successfully updated, false if not
*/
function UpdateUser($id, $uData)
{
// unset invalid keys
$invalids = array_diff(array_keys($uData), array('username', 'nickname', 'email', 'new_email', 'password', 'superadmin', 'status', 'concurrents', 'logon_hours', 'expiry_date'));
foreach ($invalids as $invalid) {
unset($uData[$invalid]);
}
// username
$uData['username'] = trim($uData['username'], '-_.@');
if (!preg_match('/^[[:alnum:]-_.@]{3,32}$/', $uData['username'])) {
return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_USERNAME'), __FUNCTION__, JAWS_ERROR_NOTICE);
}
$uData['username'] = strtolower($uData['username']);
// nickname
$uData['nickname'] = Jaws_UTF8::trim($uData['nickname']);
if (empty($uData['nickname'])) {
return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INCOMPLETE_FIELDS'), __FUNCTION__, JAWS_ERROR_NOTICE);
}
// email
$uData['email'] = trim($uData['email']);
if (!preg_match("/^[[:alnum:]-_.]+\\@[[:alnum:]-_.]+\\.[[:alnum:]-_]+\$/", $uData['email'])) {
return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_EMAIL_ADDRESS'), __FUNCTION__, JAWS_ERROR_NOTICE);
}
$uData['email'] = strtolower($uData['email']);
$blockedDomains = $GLOBALS['app']->Registry->fetch('blocked_domains', 'Policy');
if (false !== strpos($blockedDomains, "\n" . substr(strrchr($uData['email'], '@'), 1))) {
return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_EMAIL_DOMAIN', substr(strrchr($uData['email'], '@'), 1)), __FUNCTION__, JAWS_ERROR_NOTICE);
}
// new email
if (isset($uData['new_email']) && !empty($uData['new_email'])) {
$uData['new_email'] = trim($uData['new_email']);
if (!preg_match("/^[[:alnum:]-_.]+\\@[[:alnum:]-_.]+\\.[[:alnum:]-_]+\$/", $uData['new_email'])) {
return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_EMAIL_ADDRESS'), __FUNCTION__, JAWS_ERROR_NOTICE);
}
$uData['new_email'] = strtolower($uData['new_email']);
if (false !== strpos($blockedDomains, "\n" . substr(strrchr($uData['new_email'], '@'), 1))) {
return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_EMAIL_DOMAIN', substr(strrchr($uData['new_email'], '@'), 1)), __FUNCTION__, JAWS_ERROR_NOTICE);
}
}
// password & complexity
if (isset($uData['password']) && $uData['password'] !== '') {
$min = (int) $GLOBALS['app']->Registry->fetch('password_min_length', 'Policy');
if (!preg_match("/^[[:print:]]{{$min},24}\$/", $uData['password'])) {
return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_PASSWORD', $min), __FUNCTION__, JAWS_ERROR_NOTICE);
}
if ($GLOBALS['app']->Registry->fetch('password_complexity', 'Policy') == 'yes') {
if (!preg_match('/(?=.*[[:lower:]])(?=.*[[:upper:]])(?=.*[[:digit:]])(?=.*[[:punct:]])/', $uData['password'])) {
return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_COMPLEXITY'), __FUNCTION__, JAWS_ERROR_NOTICE);
}
}
// password hash
$uData['password'] = Jaws_User::GetHashedPassword($uData['password']);
$uData['password_verify_key'] = '';
} else {
unset($uData['password']);
}
// get user information, we need it for rename avatar
$user = Jaws_User::GetUser((int) $id, true, true);
if (Jaws_Error::IsError($user) || empty($user)) {
return false;
}
// set new avatar name if username changed
if ($uData['username'] !== $user['username'] && !empty($user['avatar'])) {
$fileinfo = pathinfo($user['avatar']);
if (isset($fileinfo['extension']) && !empty($fileinfo['extension'])) {
$uData['avatar'] = $uData['username'] . '.' . $fileinfo['extension'];
}
}
$uData['last_update'] = time();
if (isset($uData['status'])) {
$uData['status'] = (int) $uData['status'];
if ($uData['status'] == 1) {
$uData['email_verify_key'] = '';
}
}
if (isset($uData['expiry_date'])) {
if (empty($uData['expiry_date'])) {
$uData['expiry_date'] = 0;
} else {
$objDate = Jaws_Date::getInstance();
$uData['expiry_date'] = $GLOBALS['app']->UserTime2UTC((int) $objDate->ToBaseDate(preg_split('/[- :]/', $uData['expiry_date']), 'U'));
}
}
$usersTable = Jaws_ORM::getInstance()->table('users');
$result = $usersTable->update($uData)->where('id', $id)->exec();
if (Jaws_Error::IsError($result)) {
if (MDB2_ERROR_CONSTRAINT == $result->getCode()) {
$result->SetMessage(_t('USERS_USERS_ALREADY_EXISTS', $uData['username']));
}
return $result;
}
// rename avatar name
if (isset($uData['avatar'])) {
Jaws_Utils::Delete(AVATAR_PATH . $uData['avatar']);
@rename(AVATAR_PATH . $user['avatar'], AVATAR_PATH . $uData['avatar']);
}
if (isset($GLOBALS['app']->Session) && $GLOBALS['app']->Session->GetAttribute('user') == $id) {
$GLOBALS['app']->Session->SetAttribute('username', $uData['username']);
$GLOBALS['app']->Session->SetAttribute('nickname', $uData['nickname']);
$GLOBALS['app']->Session->SetAttribute('email', $uData['email']);
if (isset($uData['avatar'])) {
$GLOBALS['app']->Session->SetAttribute('avatar', $this->GetAvatar($uData['avatar'], $uData['email'], 48, $uData['last_update']));
}
}
// Let everyone know a user has been updated
$res = $GLOBALS['app']->Listener->Shout('Users', 'UpdateUser', $id);
if (Jaws_Error::IsError($res)) {
return false;
}
return true;
}
