checkCSRF($ajax, $csrf_token);
if (count($validator->errors) > 0) {
apiReturnError($ajax, getReferralPage());
}
// Special case to update the logged in user (self)
$self = false;
if ($user_id == "0") {
$self = true;
$user_id = $loggedInUser->user_id;
}
//Check if selected user exists
if (!$user_id or !userIdExists($user_id)) {
addAlert("danger", lang("ACCOUNT_INVALID_USER_ID"));
apiReturnError($ajax, getReferralPage());
}
$userdetails = fetchUserAuthById($user_id);
//Fetch user details
$error_count = 0;
$success_count = 0;
//Update display name if specified and different from current value
if ($display_name && $userdetails['display_name'] != $display_name) {
if (!updateUserDisplayName($user_id, $display_name)) {
$error_count++;
$display_name = $userdetails['display_name'];
} else {
$success_count++;
}
} else {
$display_name = $userdetails['display_name'];
}
//Update email if specified and different from current value
/**
* Update user's title based on $user_id and new $title.
* @param int $user_id the id of the user to update.
* @param string $title the validated $_POST['title']
* @return boolean true on success false on failure
*/
function updateUserTitle($user_id, $title)
{
// This block automatically checks this action against the permissions database before running.
if (!checkActionPermissionSelf(__FUNCTION__, func_get_args())) {
addAlert("danger", "Sorry, you do not have permission to access this resource.");
return false;
}
//Validate title
if (minMaxRange(1, 150, $title)) {
addAlert("danger", lang("ACCOUNT_TITLE_CHAR_LIMIT", array(1, 150)));
return false;
}
if (updateUserField($user_id, 'title', $title)) {
$details = fetchUserAuthById($user_id);
$display_name = $details['display_name'];
addAlert("success", lang("ACCOUNT_TITLE_UPDATED", array($display_name, $title)));
return true;
} else {
return false;
}
}