$Users[$Pivot_Vars['username']]['nick'] = $Pivot_Vars['nick'];
$Users[$Pivot_Vars['username']]['userlevel'] = 1;
$Users[$Pivot_Vars['username']]['language'] = $Cfg['deflang'];
$Cfg['users'] .= '|' . $Pivot_Vars['username'];
// set the categories.,
if (!isset($selfreg_cats)) {
$selfreg_cats = cfg_getarray('cats');
}
foreach ($selfreg_cats as $category) {
// add the user..
$allowed_users = explode("|", $Cfg['cat-' . $category]);
$allowed_users[] = $Pivot_Vars['username'];
$allowed_users = array_unique($allowed_users);
$Cfg['cat-' . $category] = implode("|", $allowed_users);
}
PutUserInfo();
}
}
$var = "Setupstep{$setupstepn}";
if ($setupstepn == 1) {
$next = lang('general', 'go');
} else {
SaveSettings();
redirect('index.php');
}
$selfurl = $Paths['pivot_url'] . 'selfreg.php';
if (isset($_GET['w']) && !empty($_GET['w'])) {
$selfurl .= '?w=' . $_GET['w'];
}
// Printing out the form - not using the StartForm function
// since we need this file as the action URL.
/**
* Saves the user settings.
*
* @param int $admin
*/
function libsave_change_user($admin = 0)
{
global $Pivot_Vars, $Users, $Cfg, $Paths;
// Sanitize passed variables to prevent people from inserting characters that
// could be interpreted as dividers.
foreach ($Pivot_Vars as $key => $val) {
$Pivot_Vars[$key] = preg_replace("/[!|\n]/i", "", $Pivot_Vars[$key]);
}
$userfields = get_userfields($admin);
$ufields = GetUserFields();
if ($admin == 1) {
$theuser = $Pivot_Vars['username'];
} else {
$theuser = $Pivot_Vars['user'];
}
if ($Pivot_Vars['delete_user'] == 1 && $Users[$Pivot_Vars['user']]['userlevel'] >= 3) {
if ($Pivot_Vars['confirmed'] == 1) {
//delete him from the config file, nothing else.
$tmp_arr = explode("|", $Cfg['users']);
foreach ($tmp_arr as $candidate) {
if ($candidate != $Pivot_Vars['username']) {
$tmp_arr2[] = $candidate;
}
}
$Cfg['users'] = implode("|", $tmp_arr2);
unset($Users[$Pivot_Vars['username']]);
unset($Cfg['user-' . $Pivot_Vars['username']]);
see_users();
} else {
$vars = array('username', $Pivot_Vars['username'], 'delete_user', 1);
ConfirmPage(lang('ufield_main', 'del_title'), $vars, sprintf(lang('config', 'delete_user_confirm'), $Pivot_Vars['username']));
}
} else {
foreach ($ufields as $keyname => $intarr) {
// Skipping fields that we aren't allowed to change
if ($admin != 1 && $Users[$theuser]['userlevel'] < $ufields[$keyname]['minlevel']) {
continue;
}
array_push($userfields, array($keyname, $ufields[$keyname]['disp'], '', $ufields[$keyname]['type'], $Users[$theuser][$keyname], $ufields[$keyname]['size'], $maxl));
if ($ufields[$keyname]['filter'] != '' && strlen($Pivot_Vars[$keyname]) > 0) {
$tfunk = 'is' . $ufields[$keyname]['filter'];
if (!$tfunk($Pivot_Vars[$keyname])) {
$userfields[count($userfields) - 1][2] = 'hey, that input doesn\'t go along with the filter in place';
$Piverr++;
}
}
}
$arraycount = Count($userfields);
if (strlen($Pivot_Vars['pass1']) + strlen($Pivot_Vars['pass2']) >= 1) {
if (trim($Pivot_Vars['pass1']) != trim($Pivot_Vars['pass2'])) {
$userfields[2][2] = lang('userinfo', 'pass_dont_match');
$Piverr++;
}
if (strlen($Pivot_Vars['pass1']) < 4) {
$userfields[1][2] = lang('userinfo', 'pass_too_short');
$Piverr++;
}
if ($Pivot_Vars['pass1'] == $Pivot_Vars['username']) {
$userfields[1][2] = lang('userinfo', 'pass_equal_name');
$Piverr++;
}
}
if ($Piverr == 0) {
// make sure the superadmin doesn't demote himsef/herself..
if ($Users[$theuser]['userlevel'] == 4) {
$Pivot_Vars['userlevel'] = 4;
}
// get confirmation if user gets admin rights
if ($Pivot_Vars['userlevel'] == 3 && $Users[$theuser]['userlevel'] < 3 && $Pivot_Vars['confirmed'] != 1) {
$vars = array();
$arraycount = Count($userfields);
for ($i = 0; $i < $arraycount; $i++) {
array_push($vars, $userfields[$i][0], $Pivot_Vars[$userfields[$i][0]]);
}
ConfirmPage(lang('userinfo', 'c_admin_title'), $vars, sprintf(lang('userinfo', 'c_admin_message'), $theuser));
} else {
//it's all good.
if (strlen($Pivot_Vars['pass1']) >= 6) {
$Users[$theuser]['pass'] = md5($Pivot_Vars['pass1']);
if ($_COOKIE['mode'] == 'stayloggedin' && $Pivot_Vars['user'] == $theuser) {
setcookie('pass', md5($Pivot_Vars['pass1']), time() + $Cfg['cookie_length'], $Paths['cookie_url']);
}
//change the session key too..
$Cfg['tempsessions'][$Pivot_Vars['session']][1] = md5($Pivot_Vars['pass1']);
}
for ($i = 0; $i < $arraycount; $i++) {
if ($userfields[$i][0] != 'heading' && $userfields[$i][0] != 'pass1' && $userfields[$i][0] != 'pass2') {
$Users[$theuser][$userfields[$i][0]] = $Pivot_Vars[$userfields[$i][0]];
}
}
// set the categories..
if ($Users[$Pivot_Vars['user']]['userlevel'] > 2) {
foreach (explode("|", $Cfg['cats']) as $category) {
$allowed_users = explode("|", $Cfg['cat-' . $category]);
if (isset($Pivot_Vars['allowed'][urlencode($category)])) {
// add the user..
if (!in_array($theuser, $allowed_users)) {
$allowed_users[] = $theuser;
}
} else {
// remove the user..
if (in_array($theuser, $allowed_users)) {
foreach ($allowed_users as $key => $user) {
if ($user == $theuser) {
unset($allowed_users[$key]);
}
}
}
}
$Cfg['cat-' . $category] = implode("|", $allowed_users);
}
}
/**
* Rather crude check to prevent corrupting the file:
* if $Users[$theuser]['username'] is empty, we refuse to save.
*/
if ($Users[$theuser]['username'] != "") {
debug("changes saved for " . $theuser);
SaveSettings();
} else {
// not right..
debug("Changes not saved..");
}
//so we can reload the languages and such
if ($admin == 1) {
redirect('index.php?session=' . $Pivot_Vars['session'] . '&menu=admin&func=admin&do=seeusers');
die;
} else {
redirect('index.php?session=' . $Pivot_Vars['session'] . '&menu=userinfo&func=u_settings');
die;
}
}
} else {
//reshow the spage
$Pivot_Vars['edituser'] = $Pivot_Vars['username'];
//regroup the old settings.
for ($i = 0; $i < $arraycount; $i++) {
if ($userfields[$i][3] == 0) {
$userfields[$i][4] = $Pivot_Vars[$userfields[$i][0]];
} elseif ($userfields[$i][3] == 3) {
$userfields[$i][6] = $Pivot_Vars[$userfields[$i][0]];
}
}
}
if ($Users[$theuser]['userlevel'] > 3) {
//ARGHH!!!!!!
$unf[0] = $userfields[4][6];
$unf[1] = 'disabled';
unset($userfields[4][6]);
$userfields[4][6] = $unf;
}
if ($admin == 1) {
change_user(1, $userfields);
} else {
u_settings_screen(1, $userfields);
}
}
PutUserInfo();
}
