function WSEditUserWithPicture($params) { global $_configuration; if (!WSHelperVerifyKey($params)) { return return_error(WS_ERROR_SECRET_KEY); } $userManager = UserManager::getManager(); $userRepository = UserManager::getRepository(); $table_user = Database::get_main_table(TABLE_MAIN_USER); $original_user_id_value = $params['original_user_id_value']; $original_user_id_name = $params['original_user_id_name']; $firstname = $params['firstname']; $lastname = $params['lastname']; $username = $params['username']; $password = null; $auth_source = null; $email = $params['email']; $expiration_date = null; $expirationDateStatement = ''; $status = $params['status']; $official_code = ''; $phone = $params['phone']; $picture_url = $params['picture_url']; $pictureUri = ''; $active = 1; $creator_id = null; $hr_dept_id = 0; $extra = null; $extra_list = $params['extra']; if (!empty($params['expiration_date'])) { $expiration_date = $params['expiration_date']; } if (!empty($params['password'])) { $password = $params['password']; } // Get user id from external id $user_id = UserManager::get_user_id_from_original_id($original_user_id_value, $original_user_id_name); // Get picture and generate uri. $filename = basename($picture_url); $tempdir = sys_get_temp_dir(); $tempDir = api_get_path(SYS_ARCHIVE_PATH); // Make sure the file download was OK by checking the HTTP headers for OK if (strpos(get_headers($picture_url)[0], "OK")) { file_put_contents($tempDir . $filename, file_get_contents($picture_url)); $pictureUri = UserManager::update_user_picture($user_id, $filename, $tempDir . $filename); } if ($user_id == 0) { return 0; } else { $sql = "SELECT id FROM {$table_user} WHERE id ={$user_id} AND active= 0"; $resu = Database::query($sql); $r_check_user = Database::fetch_row($resu); if (!empty($r_check_user[0])) { return 0; } } // Check whether username already exits. $sql = "SELECT username FROM {$table_user} WHERE username = '******' AND id <> {$user_id}"; $res_un = Database::query($sql); $r_username = Database::fetch_row($res_un); if (!empty($r_username[0])) { return 0; } /** @var User $user */ $user = $userRepository->find($user_id); if (!empty($lastname)) { $user->setLastname($lastname); //$sql .= " lastname='".Database::escape_string($lastname)."', "; } if (!empty($firstname)) { $user->setFirstname($firstname); //$sql .= " firstname='".Database::escape_string($firstname)."', "; } $user->setUsername($username); //$sql .= " username='******',"; if (!is_null($password)) { //$password = $_configuration['password_encryption'] ? api_get_encrypted_password($password) : $password; //$sql .= " password='******',"; $user->setPlainPassword($password); } if (!is_null($auth_source)) { $user->setAuthSource($auth_source); } // Exception for admins in case no status is provided in WS call... $t_admin = Database::get_main_table(TABLE_MAIN_ADMIN); $sqladmin = "SELECT user_id FROM {$t_admin} WHERE user_id = " . intval($user_id); $resadmin = Database::query($sqladmin); $is_admin = Database::num_rows($resadmin); if (empty($status)) { $status = $user->getStatus(); } if ($is_admin) { $status = 1; } if (!empty($expiration_date)) { $expiration_date = new DateTime($expiration_date); } $user->setEmail($email)->setStatus($status)->setOfficialCode($official_code)->setPhone($phone)->setExpirationDate($expiration_date)->setHrDeptId($hr_dept_id)->setActive(true)->setPictureUri($pictureUri); if (!is_null($creator_id)) { $user->setCreatorId($creator_id); //$sql .= ", creator_id='".Database::escape_string($creator_id)."'"; } $userManager->updateUser($user, true); if (is_array($extra_list) && count($extra_list) > 0) { foreach ($extra_list as $extra) { $extra_field_name = $extra['field_name']; $extra_field_value = $extra['field_value']; // Save the external system's id into user_field_value table. UserManager::update_extra_field_value($user_id, $extra_field_name, $extra_field_value); } } return $user_id; }
$error_drh = false; // Validate form if ($form->validate()) { $user = $form->getSubmitValues(1); $is_user_subscribed_in_course = CourseManager::is_user_subscribed_in_course($user['user_id']); if ($user['status'] == DRH && $is_user_subscribed_in_course) { $error_drh = true; } else { $userInfo = api_get_user_info($user_id); $picture_element = $form->getElement('picture'); $picture = $picture_element->getValue(); $picture_uri = $user_data['picture_uri']; if (isset($user['delete_picture']) && $user['delete_picture']) { $picture_uri = UserManager::delete_user_picture($user_id); } elseif (!empty($picture['name'])) { $picture_uri = UserManager::update_user_picture($user_id, $_FILES['picture']['name'], $_FILES['picture']['tmp_name']); } $lastname = $user['lastname']; $firstname = $user['firstname']; $password = $user['password']; $auth_source = isset($user['auth_source']) ? $user['auth_source'] : $userInfo['auth_source']; $official_code = $user['official_code']; $email = $user['email']; $phone = $user['phone']; $username = isset($user['username']) ? $user['username'] : $userInfo['username']; $status = intval($user['status']); $platform_admin = intval($user['platform_admin']); $send_mail = intval($user['send_mail']); $reset_password = intval($user['reset_password']); $hr_dept_id = isset($user['hr_dept_id']) ? intval($user['hr_dept_id']) : null; $language = $user['language'];
if (!check_user_email($user_data['email'])) { $changeemail = $user_data['email']; } } else { // Normal behaviour if (!check_user_email($user_data['email']) && $validPassword) { $changeemail = $user_data['email']; } if (!check_user_email($user_data['email']) && empty($user_data['password0'])) { Display::addFlash(Display::return_message(get_lang('ToChangeYourEmailMustTypeYourPassword'), 'error', false)); } } } // Upload picture if a new one is provided if ($_FILES['picture']['size']) { $new_picture = UserManager::update_user_picture(api_get_user_id(), $_FILES['picture']['name'], $_FILES['picture']['tmp_name'], $user_data['cropResult']); if ($new_picture) { $user_data['picture_uri'] = $new_picture; Display::addFlash(Display::return_message(get_lang('PictureUploaded'), 'normal', false)); } } elseif (!empty($user_data['remove_picture'])) { // remove existing picture if asked UserManager::delete_user_picture(api_get_user_id()); $user_data['picture_uri'] = ''; } // Remove production. if (isset($user_data['remove_production']) && is_array($user_data['remove_production'])) { foreach (array_keys($user_data['remove_production']) as $production) { UserManager::remove_user_production(api_get_user_id(), urldecode($production)); } if ($production_list = UserManager::build_production_list(api_get_user_id(), true, true)) {
if (api_get_setting('profile', 'picture') == 'true') { $form = new FormValidator('profile', 'post', 'home.php', null, array()); // PICTURE $form->addElement('file', 'picture', get_lang('AddImage')); $form->add_progress_bar(); if (!empty($user_data['picture_uri'])) { $form->addElement('checkbox', 'remove_picture', null, get_lang('DelImage')); } $allowed_picture_types = api_get_supported_image_extensions(); $form->addRule('picture', get_lang('OnlyImagesAllowed') . ' (' . implode(',', $allowed_picture_types) . ')', 'filetype', $allowed_picture_types); $form->addButtonSave(get_lang('SaveSettings'), 'apply_change'); if ($form->validate()) { $user_data = $form->getSubmitValues(); // upload picture if a new one is provided if ($_FILES['picture']['size']) { if ($new_picture = UserManager::update_user_picture(api_get_user_id(), $_FILES['picture']['name'], $_FILES['picture']['tmp_name'])) { $table_user = Database::get_main_table(TABLE_MAIN_USER); $sql = "UPDATE {$table_user}\n SET picture_uri = '{$new_picture}' WHERE user_id = " . api_get_user_id(); $result = Database::query($sql); } } } } //Block Menu $social_menu_block = SocialManager::show_social_menu('home'); $social_search_block = Display::panel(UserManager::get_search_form(''), get_lang("SearchUsers")); $results = $userGroup->get_groups_by_age(1, false); $groups_newest = array(); if (!empty($results)) { foreach ($results as $result) { $id = $result['id'];
function WSEditUserWithPicture($params) { global $_configuration; if(!WSHelperVerifyKey($params)) { return return_error(WS_ERROR_SECRET_KEY); } $table_user = Database :: get_main_table(TABLE_MAIN_USER); $t_uf = Database::get_main_table(TABLE_MAIN_USER_FIELD); $t_ufv = Database::get_main_table(TABLE_MAIN_USER_FIELD_VALUES); $original_user_id_value = $params['original_user_id_value']; $original_user_id_name = $params['original_user_id_name']; $firstname = $params['firstname']; $lastname = $params['lastname']; $username = $params['username']; $password = null; $auth_source = null; $email = $params['email']; $status = $params['status']; $official_code = ''; $phone = $params['phone']; $picture_url = $params['picture_url']; $picture_uri = ''; $expiration_date = $params['expiration_date']; $active = 1; $creator_id = null; $hr_dept_id = 0; $extra = null; $extra_list = $params['extra']; if (!empty($params['password'])) { $password = $params['password']; } // Get user id from id wiener $user_id = UserManager::get_user_id_from_original_id($original_user_id_value, $original_user_id_name); // Get picture and generate uri. $filename = basename($picture_url); $tempdir = sys_get_temp_dir(); $tempDir = api_get_path(SYS_ARCHIVE_PATH); file_put_contents($tempDir.$filename, file_get_contents($picture_url)); $picture_uri = UserManager::update_user_picture($user_id, $filename, $tempDir.$filename); if ($user_id == 0) { return 0; } else { $sql = "SELECT user_id FROM $table_user WHERE user_id ='$user_id' AND active= '0'"; $resu = Database::query($sql); $r_check_user = Database::fetch_row($resu); if (!empty($r_check_user[0])) { return 0; } } // Check whether username already exits. $sql = "SELECT username FROM $table_user WHERE username = '******' AND user_id <> '$user_id'"; $res_un = Database::query($sql); $r_username = Database::fetch_row($res_un); if (!empty($r_username[0])) { return 0; } // Edit lastname an firstname only if not empty $sql = "UPDATE $table_user SET "; if (!empty($lastname)) { $sql .= " lastname='".Database::escape_string($lastname)."', "; } if (!empty($firstname)) { $sql .= " firstname='".Database::escape_string($firstname)."', "; } $sql .= " username='******',"; if (!is_null($password)) { $password = $_configuration['password_encryption'] ? api_get_encrypted_password($password) : $password; $sql .= " password='******',"; } if (!is_null($auth_source)) { $sql .= " auth_source='".Database::escape_string($auth_source)."',"; } // Exception for admins in case no status is provided in WS call... $t_admin = Database::get_main_table(TABLE_MAIN_ADMIN); $sqladmin = "SELECT user_id FROM $t_admin WHERE user_id = ".intval($user_id); $resadmin = Database::query($sqladmin); $is_admin = Database::num_rows($resadmin); if (empty($status)) { $status = 5; } if ($is_admin) { $status = 1; } $sql .= " email='".Database::escape_string($email)."', status='".Database::escape_string($status)."', official_code='".Database::escape_string($official_code)."', phone='".Database::escape_string($phone)."', picture_uri='".Database::escape_string($picture_uri)."', expiration_date='".Database::escape_string($expiration_date)."', active='".Database::escape_string($active)."', hr_dept_id=".intval($hr_dept_id); if (!is_null($creator_id)) { $sql .= ", creator_id='".Database::escape_string($creator_id)."'"; } $sql .= " WHERE user_id='$user_id'"; $return = @Database::query($sql); if (is_array($extra_list) && count($extra_list) > 0) { foreach ($extra_list as $extra) { $extra_field_name = $extra['field_name']; $extra_field_value = $extra['field_value']; // Save the external system's id into user_field_value table. $res = UserManager::update_extra_field_value($user_id, $extra_field_name, $extra_field_value); } } return $return; }