function userSave($option, $uid) { global $database; $user_id = intval(mosGetParam($_POST, 'id', 0)); // do some security checks if ($uid == 0 || $user_id == 0 || $user_id != $uid) { mosNotAuth(); return; } $row = new mosUser($database); $row->load($user_id); $row->orig_password = $row->password; if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (isset($_POST["password"]) && $_POST["password"] != "") { if (isset($_POST["verifyPass"]) && $_POST["verifyPass"] == $_POST["password"]) { $row->password = md5($_POST["password"]); } else { echo "<script> alert(\"" . _PASS_MATCH . "\"); window.history.go(-1); </script>\n"; exit; } } else { // Restore 'original password' $row->password = $row->orig_password; } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } unset($row->orig_password); // prevent DB error!! if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } //extended stuff.... // save extended details include "administrator/components/com_user_extended/user_extended.class.php"; $rowExtended = new mosUser_Extended($database); if (!$rowExtended->bind($_POST)) { echo "<script> alert('" . $rowExtended->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (!$rowExtended->check()) { echo "<script> alert('" . $rowExtended->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (!$rowExtended->storeExtended($user_id)) { echo "<script> alert('" . $rowExtended->getError() . "'); window.history.go(-1); </script>\n"; exit; } mosRedirect("index.php?option={$option}", _USER_DETAILS_SAVE); }
function saveUser($option) { global $database, $my; global $mosConfig_live_site; $row = new mosUser($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $isNew = !$row->id; $pwd = ''; if ($isNew) { //extended user stuff $row->user_id = $row->id; // new user stuff if ($row->password == '') { $pwd = mosMakePassword(); $row->password = md5($pwd); } else { $pwd = $row->password; $row->password = md5($row->password); } } else { // existing user stuff if ($row->password == '') { // password set to null if empty $row->password = null; } else { $row->password = md5($row->password); } } $row->registerDate = date("Y-m-d H:i:s"); if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n"; exit; } if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n"; exit; } // update the ACL if ($isNew) { } else { $database->setQuery("SELECT aro_id FROM #__core_acl_aro WHERE value='{$row->id}'"); $aro_id = $database->loadResult(); $database->setQuery("UPDATE #__core_acl_groups_aro_map" . "\nSET group_id = '{$row->gid}'" . "\nWHERE aro_id = '{$aro_id}'"); $database->query() or die($database->stderr()); } $row->checkin(); if ($isNew) { $database->setQuery("SELECT email FROM #__users WHERE id={$my->id}"); $adminEmail = $database->loadResult(); $subject = "New User Details"; $message = "Hello {$row->name},\r \n \r \n"; $message .= "You have been added as a user to {$mosConfig_live_site} by an Administrator.\r \n"; $message .= "This email contains your username and password to log into the {$mosConfig_live_site} site:\r \n \r \n"; $message .= "Username - {$row->username}\r \n"; $message .= "Password - {$pwd}\r \n \r \n \r \n"; $message .= "Please do not respond to this message as it is automatically generated and is for information purposes only\r \n"; $headers .= "From: {$adminEmail}\r\n"; $headers .= "Reply-To: {$adminEmail}\r\n"; $headers .= "X-Priority: 3\r\n"; $headers .= "X-MSMail-Priority: Low\r\n"; $headers .= "X-Mailer: Mambo Open Source 4.5\r\n"; mail($row->email, $subject, $message, $headers); } $limit = intval(mosGetParam($_REQUEST, 'limit', 10)); $limitstart = intval(mosGetParam($_REQUEST, 'limitstart', 0)); $row = null; $row = new mosUser_Extended($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n"; exit; } if (!$row->storeExtended(0)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n"; exit; } mosRedirect("index2.php?option={$option}"); }