checkCSRF($ajax, $csrf_token);
if (count($validator->errors) > 0) {
    apiReturnError($ajax, getReferralPage());
}
// Special case to update the logged in user (self)
$self = false;
if ($user_id == "0") {
    $self = true;
    $user_id = $loggedInUser->user_id;
}
//Check if selected user exists
if (!$user_id or !userIdExists($user_id)) {
    addAlert("danger", lang("ACCOUNT_INVALID_USER_ID"));
    apiReturnError($ajax, getReferralPage());
}
$userdetails = fetchUserAuthById($user_id);
//Fetch user details
$error_count = 0;
$success_count = 0;
//Update display name if specified and different from current value
if ($display_name && $userdetails['display_name'] != $display_name) {
    if (!updateUserDisplayName($user_id, $display_name)) {
        $error_count++;
        $display_name = $userdetails['display_name'];
    } else {
        $success_count++;
    }
} else {
    $display_name = $userdetails['display_name'];
}
//Update email if specified and different from current value
Esempio n. 2
0
/**
 * Update user's title based on $user_id and new $title.
 * @param int $user_id the id of the user to update.
 * @param string $title the validated $_POST['title']
 * @return boolean true on success false on failure
 */
function updateUserTitle($user_id, $title)
{
    // This block automatically checks this action against the permissions database before running.
    if (!checkActionPermissionSelf(__FUNCTION__, func_get_args())) {
        addAlert("danger", "Sorry, you do not have permission to access this resource.");
        return false;
    }
    //Validate title
    if (minMaxRange(1, 150, $title)) {
        addAlert("danger", lang("ACCOUNT_TITLE_CHAR_LIMIT", array(1, 150)));
        return false;
    }
    if (updateUserField($user_id, 'title', $title)) {
        $details = fetchUserAuthById($user_id);
        $display_name = $details['display_name'];
        addAlert("success", lang("ACCOUNT_TITLE_UPDATED", array($display_name, $title)));
        return true;
    } else {
        return false;
    }
}