public function settingsProcess()
{
$callbackId = PFunctions::hex2base64(sha1(__METHOD__));
if (PPostHandler::isHandling()) {
if (!($User = APP_User::login())) {
return false;
}
$vars =& PPostHandler::getVars();
$errors = array();
// password
if (isset($vars['p']) && strlen($vars['p']) > 0) {
if (strlen($vars['p']) < 8) {
$errors[] = 'pwlength';
}
if (!isset($vars['pc'])) {
$errors[] = 'pwc';
} elseif ($vars['p'] != $vars['pc']) {
$errors[] = 'pwmismatch';
}
}
if (count($errors) > 0) {
$vars['errors'] = $errors;
return false;
}
$messages = array();
if (isset($vars['p']) && strlen($vars['p']) > 0) {
$pwenc = MOD_user::passwordEncrypt($vars['p']);
$query = 'UPDATE `user` SET `pw` = \'' . $pwenc . '\' WHERE `id` = ' . (int) $User->getId();
if ($this->dao->exec($query)) {
$messages[] = 'password_updated';
} else {
$errors[] = 'password_not_updated';
}
}
// Location
// Check if the location already exists in our DB and add it if necessary
if (isset($vars['geonameid']) && $vars['geonameid'] && $vars['latitude'] && $vars['longitude'] && $vars['geonamename'] && $vars['geonamecountrycode'] && $vars['admincode']) {
$Blog = new Blog();
$geoname_ok = $Blog->checkGeonamesCache($vars['geonameid'], $vars['latitude'], $vars['longitude'], $vars['geonamename'], $vars['geonamecountrycode'], $vars['admincode']);
} else {
$geoname_ok = false;
}
if ($geoname_ok) {
$query = 'UPDATE `user` SET `location` = \'' . $vars['geonameid'] . '\' WHERE `id` = ' . (int) $User->getId();
if ($this->dao->exec($query)) {
$messages[] = 'location_updated';
} else {
$errors[] = 'location_not_updated';
}
}
$vars['errors'] = $errors;
$vars['messages'] = $messages;
return false;
} else {
PPostHandler::setCallback($callbackId, __CLASS__, __FUNCTION__);
return $callbackId;
}
}
/**
* set session login cookie
*
* @param void
* @return mixed either the session key or false
*/
public function setCookie()
{
if (!$this->loggedIn) {
return false;
}
$key = MOD_user::randomString(60);
if (!self::addSetting($this->getId(), 'skey', $key)) {
return false;
}
$env = PVars::getObj('env');
$loc = parse_url($env->baseuri);
$expires = time() + 60 * 60 * 24 * 14;
$id = setcookie($env->cookie_prefix . 'userid', $this->getId(), $expires, '/');
if (!$id) {
return false;
}
$key = setcookie($env->cookie_prefix . 'userkey', $key, $expires, '/');
return $key;
}
/**
* @param string $sessionName The session key under which the user id may be found
* @param string $tableName The user table name
* @param int $authId The authentication id
*/
public function __construct($sessionName = false, $tableName = false, $authId = false)
{
parent::__construct($sessionName, $tableName);
$this->authId = $authId;
}
protected function updateUser($handle, $password)
{
$pwenc = MOD_user::passwordEncrypt($password);
$Auth = new MOD_user_Auth();
$authId = $Auth->checkAuth('defaultUser');
$query = '
UPDATE `user` SET
`auth_id`=' . (int) $authId . ',
`pw`=\'' . $this->dao->escape($pwenc) . '\'
WHERE
`handle`=\'' . $this->dao->escape($handle) . '\'
';
if (!$this->dao->exec($query)) {
$query = '
REPLACE into `user`
(`id`, `auth_id`, `handle`, `email`, `pw`, `active`)
VALUES
(
' . $_SESSION['IdMember'] . ',
' . (int) $authId . ',
\'' . $this->dao->escape($handle) . '\',
\'\',
\'' . $this->dao->escape($pwenc) . '\',
1
)
';
$s = $this->dao->query($query);
}
}