/**
* Writes audit information and redirects the user to the password change form.
*
* @param eZUser $user
*/
protected static function passwordHasExpired($user)
{
$userID = $user->attribute('contentobject_id');
// Password expired
eZDebugSetting::writeDebug('kernel-user', $user, 'user password expired');
// Failed login attempts should be logged
$userIDAudit = isset($userID) ? $userID : 'null';
$loginEscaped = eZDB::instance()->escapeString($user->attribute('login'));
eZAudit::writeAudit('user-failed-login', array('User id' => $userIDAudit, 'User login' => $loginEscaped, 'Comment' => 'Failed login attempt: Password Expired. eZPaExUser::loginUser()'));
// Redirect user to password change form
self::redirectToChangePasswordForm($userID);
}
/**
* Returns an associative array of all names of audit and the log files used by this class
*
* @return array
*/
static function auditNameSettings()
{
if ( isset( $GLOBALS['eZAuditNameSettings'] ) )
{
return $GLOBALS['eZAuditNameSettings'];
}
$nameSettings = eZAudit::fetchAuditNameSettings();
$GLOBALS['eZAuditNameSettings'] = $nameSettings;
return $nameSettings;
}
/**
* Does some house keeping work when a log in has failed.
*
* @param mixed $userID
* @param string $login
*/
protected static function loginFailed($userID = false, $login)
{
$loginEscaped = eZDB::instance()->escapeString($login);
// Failed login attempts should be logged
eZAudit::writeAudit('user-failed-login', array('User login' => $loginEscaped, 'Comment' => 'Failed login attempt: eZUser::loginUser()'));
// Increase number of failed login attempts.
if ($userID) {
eZUser::setFailedLoginAttempts($userID);
}
}
}
}
if( $domain != '' && $userName != '' && $userHash != '' )
{
$queryUser = $userName;
$isLogged = false;
if ( strpos( $userName, ':' ) !== false && trim( $ini->variable( 'RemoteLoginSettings', 'Sudo' ) ) == 'enabled' )
{
list( $sudoer, $login ) = explode( ':', $userName );
if ( in_array( $sudoer, $ini->variable( 'RemoteLoginSettings', 'Sudoer' ) ) )
$userName = $sudoer;
}
$user = eZUser::fetchByName( $userName );
if ( $user && eZUser::isUserLoggedIn( $user->id() ) )
{
$hasAccess = $user->hasAccessTo( 'remotelogin' );
if ( $ini->variable( 'RemoteLoginSettings', 'RemotePolicy' ) != 'enabled' || $hasAccess['accessWord'] == 'yes' )
{
$isLogged = eZRemoteLoginUser::isLoggedLocal( $user->id(), $userHash );
}
}
echo $isLogged ? 'yes' : 'no';
eZAudit::writeAudit( 'remote-verify', array( 'Domain' => $domain,
'User' => $queryUser,
'Is Logged' => $isLogged ? 'yes' : 'no' ) );
eZExecution::cleanExit();
}
eZExecution::cleanExit();
?>
$role->store();
// Set flag for audit. If true audit will be processed
$http->setSessionVariable('RoleWasChanged', true);
}
$showModules = true;
$showFunctions = false;
$showLimitations = false;
$noFunctions = false;
$noLimitations = false;
if ($http->hasPostVariable('Apply')) {
$originalRole = eZRole::fetch($role->attribute('version'));
$originalRoleName = $originalRole->attribute('name');
$originalRoleID = $originalRole->attribute('id');
// Who changes which role(s) should be logged.
if ($http->hasSessionVariable('RoleWasChanged') and $http->sessionVariable('RoleWasChanged') === true) {
eZAudit::writeAudit('role-change', array('Role ID' => $originalRoleID, 'Role name' => $originalRoleName, 'Comment' => 'Changed the current role: kernel/role/edit.php'));
$http->removeSessionVariable('RoleWasChanged');
}
$originalRole->revertFromTemporaryVersion();
eZContentCacheManager::clearAllContentCache();
$Module->redirectTo($Module->functionURI('view') . '/' . $originalRoleID . '/');
/* Clean up policy cache */
eZUser::cleanupCache();
}
if ($http->hasPostVariable('Discard')) {
$http->removeSessionVariable('RoleWasChanged');
$role = eZRole::fetch($roleID);
$originalRole = eZRole::fetch($role->attribute('version'));
$role->removeThis();
if ($originalRole != null && $originalRole->attribute('is_new') == 1) {
$originalRole->remove();
/**
* Unhide a subtree
*
* Unhide algorithm:
* if ( parent node is visible )
* {
* 1) Mark root node as not hidden and visible.
* 2) Recursively mark child nodes as visible (except for nodes previosly marked as hidden, and all their children).
* }
* else
* {
* Mark root node as not hidden.
* }
*
* Transaction unsafe. If you call several transaction unsafe methods you must enclose
* the calls within a db transaction; thus within db->begin and db->commit.
*
* @param eZContentObjectTreeNode $node Root node of the subtree
* @param bool $modifyRootNode Whether to modify the root node (true/false)
*/
static function unhideSubTree(eZContentObjectTreeNode $node, $modifyRootNode = true)
{
$nodeID = $node->attribute('node_id');
$nodePath = $node->attribute('path_string');
$nodeInvisible = $node->attribute('is_invisible');
$parentNode = $node->attribute('parent');
if (!$parentNode instanceof eZContentObjectTreeNode) {
eZDebug::writeError("Parent of Node #{$nodeID} doesn't exist or inaccesible.", __METHOD__);
return;
}
$time = time();
if (eZAudit::isAuditEnabled()) {
// Set audit params.
$objectID = $node->attribute('contentobject_id');
$objectName = $node->attribute('name');
eZAudit::writeAudit('content-hide', array('Node ID' => $nodeID, 'Object ID' => $objectID, 'Content Name' => $objectName, 'Time' => $time, 'Comment' => 'Node has been unhidden: eZContentObjectTreeNode::unhideSubTree()'));
}
$db = eZDB::instance();
$db->begin();
if (!$parentNode->attribute('is_invisible')) {
// 1) Mark root node as not hidden and visible.
if ($modifyRootNode) {
$db->query("UPDATE ezcontentobject_tree SET is_invisible=0, is_hidden=0, modified_subnode={$time} WHERE node_id={$nodeID}");
}
// 2) Recursively mark child nodes as visible (except for nodes previosly marked as hidden, and all their children).
// 2.1) $hiddenChildren = Fetch all hidden children for the root node
$hiddenChildren = $db->arrayQuery("SELECT path_string FROM ezcontentobject_tree " . "WHERE node_id <> {$nodeID} AND is_hidden=1 AND path_string LIKE '{$nodePath}%'");
$skipSubtreesString = '';
foreach ($hiddenChildren as $i) {
$skipSubtreesString .= " AND path_string NOT LIKE '" . $i['path_string'] . "%'";
}
// 2.2) Mark those children as visible which are not under nodes in $hiddenChildren
$db->query("UPDATE ezcontentobject_tree SET is_invisible=0, modified_subnode={$time} WHERE path_string LIKE '{$nodePath}%' {$skipSubtreesString}");
} else {
// Mark root node as not hidden.
if ($modifyRootNode) {
$db->query("UPDATE ezcontentobject_tree SET is_hidden=0, modified_subnode={$time} WHERE node_id={$nodeID}");
}
}
$node->updateAndStoreModified();
$db->commit();
eZContentObjectTreeNode::clearViewCacheForSubtree($node, $modifyRootNode);
}
static function cleanup()
{
$db = eZDB::instance();
$rows = $db->arrayQuery("SELECT productcollection_id FROM ezorder");
$db = eZDB::instance();
$db->begin();
if (count($rows) > 0) {
$productCollectionIDList = array();
foreach ($rows as $row) {
$productCollectionIDList[] = $row['productcollection_id'];
}
eZProductCollection::cleanupList($productCollectionIDList);
}
// Who deletes which order in shop should be logged.
eZAudit::writeAudit('order-delete', array('Comment' => 'Removed all orders from the database: eZOrder::cleanup()'));
eZOrderItem::cleanup();
$db->query("DELETE FROM ezorder_status_history");
$db->query("DELETE FROM ezorder");
$db->commit();
}
/**
* Archives the current object and removes assigned nodes
*
* Transaction unsafe. If you call several transaction unsafe methods you must enclose
* the calls within a db transaction; thus within db->begin and db->commit.
*
* @param int $nodeID
*/
function removeThis( $nodeID = null )
{
$delID = $this->ID;
// Who deletes which content should be logged.
eZAudit::writeAudit( 'content-delete', array( 'Object ID' => $delID, 'Content Name' => $this->attribute( 'name' ),
'Comment' => 'Setted archived status for the current object: eZContentObject::remove()' ) );
$nodes = $this->attribute( 'assigned_nodes' );
if ( $nodeID === null or count( $nodes ) <= 1 )
{
$db = eZDB::instance();
$db->begin();
$mainNodeKey = false;
foreach ( $nodes as $key => $node )
{
if ( $node->attribute( 'main_node_id' ) == $node->attribute( 'node_id' ) )
{
$mainNodeKey = $key;
}
else
{
$node->removeThis();
}
}
if ( $mainNodeKey !== false )
{
$nodes[$mainNodeKey]->removeNodeFromTree( true );
}
$this->setAttribute( 'status', eZContentObject::STATUS_ARCHIVED );
eZSearch::removeObjectById( $delID );
$this->store();
eZContentObject::fixReverseRelations( $delID, 'trash' );
// Delete stored attribute from other tables
$db->commit();
}
else if ( $nodeID !== null )
{
$node = eZContentObjectTreeNode::fetch( $nodeID , false );
if ( is_object( $node ) )
{
if ( $node->attribute( 'main_node_id' ) == $nodeID )
{
$db = eZDB::instance();
$db->begin();
foreach ( $additionalNodes as $additionalNode )
{
if ( $additionalNode->attribute( 'node_id' ) != $node->attribute( 'main_node_id' ) )
{
$additionalNode->remove();
}
}
$node->removeNodeFromTree( true );
$this->setAttribute( 'status', eZContentObject::STATUS_ARCHIVED );
eZSearch::removeObjectById( $delID );
$this->store();
eZContentObject::fixReverseRelations( $delID, 'trash' );
$db->commit();
}
else
{
eZContentObjectTreeNode::removeNode( $nodeID );
}
}
}
else
{
eZContentObjectTreeNode::removeNode( $nodeID );
}
}
/**
* Fetches all variables from the object
*
* @return bool true if fetching of class attributes are successfull, false if not
*/
function fetchObjectAttributeHTTPInput($http, $base, $contentObjectAttribute)
{
$contentObjectID = $contentObjectAttribute->attribute("contentobject_id");
// check if paex object for the current coID exists, create if needed.
$paex = $contentObjectAttribute->content();
if ($paex === null) {
$paex = eZPaEx::create($contentObjectID);
}
// Set current values as default ones
$passwordvalidationregexp = $paex->attribute('passwordvalidationregexp');
$passwordlifetime = $paex->attribute('passwordlifetime');
$expirationnotification = $paex->attribute('expirationnotification');
$passwordLastUpdated = $paex->attribute('password_last_updated');
$updatechildren = $paex->attribute('updatechildren');
$expirationnotificationSent = $paex->attribute('expirationnotification_sent');
// Update current values with new ones entered in the form if there are any
if ($http->hasPostVariable($base . "_data_paex_passwordvalidationregexp_" . $contentObjectAttribute->attribute("id"))) {
$passwordvalidationregexp = $http->postVariable($base . "_data_paex_passwordvalidationregexp_" . $contentObjectAttribute->attribute("id"));
}
if ($http->hasPostVariable($base . "_data_paex_passwordlifetime_" . $contentObjectAttribute->attribute("id"))) {
$passwordlifetime = $http->postVariable($base . "_data_paex_passwordlifetime_" . $contentObjectAttribute->attribute("id"));
}
if ($http->hasPostVariable($base . "_data_paex_expirationnotification_" . $contentObjectAttribute->attribute("id"))) {
$expirationnotification = $http->postVariable($base . "_data_paex_expirationnotification_" . $contentObjectAttribute->attribute("id"));
}
// Be sure passwordlifetime is set
if (trim($passwordlifetime) == '') {
$passwordlifetime = eZPaEx::NOT_DEFINED;
}
// Be sure expirationnotification is set
if (trim($expirationnotification) == '') {
$expirationnotification = eZPaEx::NOT_DEFINED;
}
// If we are editing a user account set it's password_last_updated as needed.
if ($paex->isUser()) {
// Search for password entered in the form
$newPassword = "";
foreach ($http->postVariable($base . '_id') as $coaid) {
if ($http->hasPostVariable($base . '_data_user_password_' . $coaid)) {
$newPassword = $http->postVariable($base . '_data_user_password_' . $coaid);
break;
}
}
// Check if the password has changed
if (trim($newPassword) && $newPassword != "_ezpassword") {
$currentUserID = eZUser::currentUserID();
if ($currentUserID == $contentObjectID) {
// If self editing, set last_updated to current time
$passwordLastUpdated = time();
// if audit is enabled password changes should be logged
eZAudit::writeAudit('user-password-change-self', array());
} else {
if ($currentUserID == eZUser::anonymousId()) {
// register, @see http://issues.ez.no/15391
$passwordLastUpdated = time();
} else {
// If changing other user's password, set last_updated to 0 to force
// password change in the next connection
$passwordLastUpdated = 0;
// if audit is enabled password changes should be logged
$targetUser = eZUser::fetch($contentObjectID);
eZAudit::writeAudit('user-password-change', array('User id' => $targetUser->attribute('contentobject_id'), 'User login' => $targetUser->attribute('login')));
}
}
// Password has changed, reset expirationnotification_sent flag to send again a notification when this new password be about to expire
$expirationnotificationSent = 0;
}
} else {
// If we are updating a user group and don't have the updatechildren post var, set updatechildren flag to disabled
if ($http->hasPostVariable($base . "_data_paex_updatechildren_" . $contentObjectAttribute->attribute("id"))) {
$updatechildren = $http->postVariable($base . "_data_paex_updatechildren_" . $contentObjectAttribute->attribute("id"));
} else {
$updatechildren = 0;
}
}
if ($paex->canEdit()) {
// If user has permission, update full paex object with possible new values
$paex->setInformation($contentObjectID, $passwordvalidationregexp, $passwordlifetime, $expirationnotification, $passwordLastUpdated, $updatechildren, $expirationnotificationSent);
} else {
// If user don't have permission to update paex data, only update the password_last_updated and expirationnotification_sent fields
$paex->setAttribute('password_last_updated', $passwordLastUpdated);
$paex->setAttribute('expirationnotification_sent', $expirationnotificationSent);
}
$contentObjectAttribute->setContent($paex);
return true;
}
function assignToUser($userID, $limitIdent = '', $limitValue = '')
{
$db = eZDB::instance();
$limitIdent = $db->escapeString($limitIdent);
$limitValue = $db->escapeString($limitValue);
$userID = (int) $userID;
// Who assign which role to whom should be logged.
$object = eZContentObject::fetch($userID);
$objectName = $object ? $object->attribute('name') : 'null';
eZAudit::writeAudit('role-assign', array('Role ID' => $this->ID, 'Role name' => $this->attribute('name'), 'Assign to content object ID' => $userID, 'Content object name' => $objectName, 'Comment' => 'Assigned the current role to user or user group identified by the id: eZRole::assignToUser()'));
switch ($limitIdent) {
case 'subtree':
$node = eZContentObjectTreeNode::fetch($limitValue, false, false);
if ($node) {
$limitIdent = 'Subtree';
$limitValue = $node['path_string'];
} else {
$limitValue = '';
$limitIdent = '';
}
break;
case 'section':
$limitIdent = 'Section';
break;
}
$query = "SELECT * FROM ezuser_role WHERE role_id='{$this->ID}' AND contentobject_id='{$userID}' AND limit_identifier='{$limitIdent}' AND limit_value='{$limitValue}'";
$rows = $db->arrayQuery($query);
if (count($rows) > 0) {
return false;
}
$db->begin();
$query = "INSERT INTO ezuser_role ( role_id, contentobject_id, limit_identifier, limit_value ) VALUES ( '{$this->ID}', '{$userID}', '{$limitIdent}', '{$limitValue}' )";
$db->query($query);
$db->commit();
return true;
}
/**
* Logs in the user if applied login and password is valid.
*
* @param string $login
* @param string $password
* @param bool $authenticationMatch
* @return mixed eZUser or false
*/
public static function loginUser( $login, $password, $authenticationMatch = false )
{
$ip = array_key_exists( 'HTTP_X_FORWARDED_FOR', $_SERVER ) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
$ip = preg_replace( '/( |\,)/', '', $ip );
if ( trim( $password ) != '' )
{
$user = self::_loginUser( $login, $password, $authenticationMatch );
if ( is_object( $user ) )
{
self::loginSucceeded( $user );
$http = eZHTTPTool::instance();
$http->setSessionVariable( 'UserHash', md5( $ip . $_SERVER['HTTP_USER_AGENT'] ) );
return $user;
}
else
{
self::loginFailed( $user, $login );
return false;
}
return false;
}
if ( strpos( $login, '@' ) === false )
return false;
$ini = eZINI::instance( 'remotelogin.ini' );
list( $username, $path ) = explode( '@', $login );
$domain = preg_replace( '/\/.*/', '', $path );
// check for allowed domains
if ( !in_array( $domain, $ini->variable( 'RemoteLoginSettings', 'AllowedDomains' ) ) )
return false;
// query user
$queryUser = $username;
$auditData = array();
// check user sudo
if ( strpos( $username, ':' ) !== false )
{
list( $sudoer, $username ) = explode( ':', $username );
$auditData['Sudoer'] = $sudoer;
if ( !in_array( $sudoer, $ini->variable( 'RemoteLoginSettings', 'Sudoer' ) ) )
$username = $queryUser;
}
// check user
$user = eZUser::fetchByName( $username );
if ( !$user )
return false;
// check access
$hasAccess = $user->hasAccessTo( 'remotelogin' );
if ( $ini->variable( 'RemoteLoginSettings', 'LocalPolicy' ) == 'enabled' && $hasAccess['accessWord'] != 'yes' )
return false;
// check ssl query
$prefix = 'https://';
$SSLDomains = $ini->variable( 'RemoteLoginSettings', 'SSLDomains' );
if ( array_key_exists( $domain, $SSLDomains ) && $SSLDomains[$domain] != 'enabled' && !isset( $sudoer ) )
$prefix = 'http://';
// host
$domain = $_SERVER['HTTP_HOST'];
$url = $prefix . preg_replace( '/\/$/', '', $path ) . '/index.php/remotelogin/query/'
. base64_encode( $domain ) . '/' . base64_encode( $queryUser ) . '/' . md5( $ip . $_SERVER['HTTP_USER_AGENT'] );
$validate = @file_get_contents( $url );
if ( $validate == 'yes' && $user->isEnabled() )
{
self::loginSucceeded( $user );
// audit login
$auditData['Authenticated by'] = $domain;
eZAudit::writeAudit( 'remote-login', $auditData );
return $user;
}
return false;
}
$tpl->setVariable('newPasswordNotValidate', true);
} else {
$newHash = $user->createHash($login, $newPassword, $site, $type);
if ($newHash == $user->attribute('password_hash')) {
// if audit is enabled password changes should be logged
eZAudit::writeAudit('user-forgotpassword-fail', array('UserID' => $UserID, 'Login' => $login, 'Comment: ' => 'New and old password are the same'));
$tpl->setVariable('newPasswordMustDiffer', true);
} else {
// if audit is enabled password changes should be logged
eZAudit::writeAudit('user-forgotpassword', array('UserID' => $UserID, 'Login' => $login, 'Comment: ' => 'Password changed successfully'));
$user->setAttribute("password_hash", $newHash);
$user->store();
$paex->resetPasswordLastUpdated();
$forgotPasswdObj->remove();
$tpl->setVariable('password_changed', true);
}
}
}
} else {
// if audit is enabled password changes should be logged
eZAudit::writeAudit('user-forgotpassword-fail', array('UserID' => $UserID, 'Login' => $login, 'Comment: ' => 'Password not match password confirmation'));
$tpl->setVariable('newPasswordNotMatch', true);
}
}
}
$Result = array();
$Result['content'] = $tpl->fetch('design:userpaex/forgotpassword.tpl');
$Result['path'] = array(array('text' => ezpI18n::tr('kernel/user', 'User'), 'url' => false), array('text' => ezpI18n::tr('kernel/user', 'Forgot password'), 'url' => false));
if ($ini->variable('SiteSettings', 'LoginPage') == 'custom') {
$Result['pagelayout'] = 'loginpagelayout.tpl';
}
function move($newParentNodeID, $nodeID = 0)
{
if ($nodeID == 0) {
$node = $this;
$nodeID = $node->attribute('node_id');
} else {
$node = eZContentObjectTreeNode::fetch($nodeID);
}
$oldPath = $node->attribute('path_string');
$oldParentNodeID = $node->attribute('parent_node_id');
$newParentNodeID = (int) $newParentNodeID;
if ($oldParentNodeID != $newParentNodeID) {
$node->updateAndStoreModified();
// Who moves which content should be logged.
$object = $node->object();
eZAudit::writeAudit('content-move', array('Node ID' => $node->attribute('node_id'), 'Old parent node ID' => $oldParentNodeID, 'New parent node ID' => $newParentNodeID, 'Object ID' => $object->attribute('id'), 'Content Name' => $object->attribute('name'), 'Comment' => 'Moved the node to the given node: eZContentObjectTreeNode::move()'));
$newParentNode = eZContentObjectTreeNode::fetch($newParentNodeID);
$newParentPath = $newParentNode->attribute('path_string');
$newParentDepth = $newParentNode->attribute('depth');
$newPath = $newParentPath . $nodeID;
$oldDepth = $node->attribute('depth');
$oldPathLength = strlen($oldPath);
$moveQuery = "UPDATE\n ezcontentobject_tree\n SET\n parent_node_id = {$newParentNodeID}\n WHERE\n node_id = {$nodeID}";
$db = eZDB::instance();
$subStringString = $db->subString('path_string', $oldPathLength);
$newPathString = $db->concatString(array("'{$newPath}'", $subStringString));
$moveQuery1 = "UPDATE\n ezcontentobject_tree\n SET\n path_string = {$newPathString},\n depth = depth + {$newParentDepth} - {$oldDepth} + 1\n WHERE\n path_string LIKE '{$oldPath}%'";
$db->begin();
$db->query($moveQuery);
$db->query($moveQuery1);
/// role system clean up
// Clean up policies and limitations
$expireRoleCache = false;
$limitationsToFix = eZPolicyLimitation::findByType('SubTree', $node->attribute('path_string'), false);
if (count($limitationsToFix) > 0) {
$limitationIDString = $db->generateSQLINStatement($limitationsToFix, 'limitation_id');
$subStringString = $db->subString('value', $oldPathLength);
$newValue = $db->concatString(array("'{$newPath}'", $subStringString));
$query = "UPDATE\n ezpolicy_limitation_value\n SET\n value = {$newValue}\n WHERE\n value LIKE '{$oldPath}%' AND {$limitationIDString}";
$db->query($query);
$expireRoleCache = true;
}
// clean up limitations on role assignment level
$countRows = $db->arrayQuery("SELECT COUNT(*) AS row_count FROM ezuser_role WHERE limit_identifier='Subtree' AND limit_value LIKE '{$oldPath}%'");
$assignmentsToFixCount = $countRows[0]['row_count'];
if ($assignmentsToFixCount > 0) {
$subStringString = $db->subString('limit_value', $oldPathLength);
$newValue = $db->concatString(array("'{$newPath}'", $subStringString));
$db->query("UPDATE\n ezuser_role\n SET\n limit_value = {$newValue}\n WHERE\n limit_identifier='Subtree' AND limit_value LIKE '{$oldPath}%'");
$expireRoleCache = true;
}
if ($expireRoleCache) {
eZRole::expireCache();
}
// Update "is_invisible" node attribute.
$newNode = eZContentObjectTreeNode::fetch($nodeID);
eZContentObjectTreeNode::updateNodeVisibility($newNode, $newParentNode);
$db->commit();
}
}
}
}
$newPassword = '';
$confirmPassword = '';
$message = true;
} else {
// if audit is enabled password changes should be logged
eZAudit::writeAudit('user-password-change-self-fail', array('UserID: ' => $UserID, 'Login: '******'Comment: ' => 'Password not match password confirmation'));
$newPassword = "";
$confirmPassword = "";
$newPasswordNotMatch = 1;
$message = true;
}
} else {
// if audit is enabled password changes should be logged
eZAudit::writeAudit('user-password-change-self-fail', array('UserID: ' => $UserID, 'Login: '******'Comment: ' => 'Old password incorrect'));
$oldPassword = "";
$oldPasswordNotValid = 1;
$message = true;
}
}
if ($http->hasPostVariable("CancelButton") || !$user) {
if ($http->hasPostVariable("RedirectOnCancel")) {
return $Module->redirectTo($http->postVariable("RedirectOnCancel"));
}
eZRedirectManager::redirectTo($Module, $redirectionURI);
return;
}
$Module->setTitle("Edit user information");
// Template handling
require_once "kernel/common/template.php";