Esempio n. 1
0
function userSave( $option, $uid ) {
	global $_CB_framework, $_CB_database, $_POST, $_PLUGINS;

	// simple spoof check security
	cbSpoofCheck( 'userEdit' );

	// check rights to access:

	if ( $uid == null ) {
		echo _UE_USER_PROFILE_NOT;
		return;
	}
	$msg						=	cbCheckIfUserCanPerformUserTask( $uid, 'allowModeratorsUserEdit' );
	if ( $msg ) {
		echo $msg;
		return;
	}

	$_PLUGINS->loadPluginGroup('user');

	// Get current user state:

	$userComplete				=	new moscomprofilerUser( $_CB_database );
	if ( ! $userComplete->load( (int) $uid ) ) {
		echo _UE_USER_PROFILE_NOT;
		return;
	}

	// Update lastupdatedate of profile by user:
	if ( $_CB_framework->myId() == $uid ) {
		$userComplete->lastupdatedate	=	$_CB_framework->dateDbOfNow();
	}

	// Store new user state:

	$saveResult					=	$userComplete->saveSafely( $_POST, $_CB_framework->getUi(), 'edit' );
	if ( ! $saveResult ) {
		$regErrorMSG			=	$userComplete->getError();
		echo "<script type=\"text/javascript\">alert('" . str_replace( '\\\\n', '\\n', addslashes( strip_tags( str_replace( '<br />', '\n', $regErrorMSG ) ) ) ) . "'); </script>\n";
		// userEdit( $option, $uid, _UE_UPDATE, $userComplete->getError() );
		HTML_comprofiler::userEdit( $userComplete, $option, _UE_UPDATE, $regErrorMSG );
		return;
	}

	cbRedirectToProfile( $uid, _USER_DETAILS_SAVE );
}
Esempio n. 2
0
	function saveUser( $option ) {
		global $_CB_framework, $_CB_database, $_POST, $_PLUGINS;

		$this->_importNeeded();
		$this->_importNeededSave();

		if ( ! ( isset( $_POST['approved'] ) && isset( $_POST['confirmed'] ) && isset( $_POST['username'] ) ) ) {
			echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Not Authorized') ) ."'); window.history.go(-1);</script>\n";
			exit;
		}
	
		// Check rights to access:
	
		$myGid						=	userGID( $_CB_framework->myId() );
		$userIdPosted				=	(int) cbGetParam($_POST, "id", 0 );
		if ( $userIdPosted == 0 ) {
			$_POST['id']			=	null;
		}

		$adminGroups				=	$_CB_framework->acl->mapGroupNamesToValues( array( 'Administrator', 'Superadministrator' ) );
		
		if ( $userIdPosted != 0 ) {
			$msg					=	checkCBpermissions( array( $userIdPosted ), 'save', in_array( $myGid, $adminGroups ) );
		} else {
			$msg					=	checkCBpermissions( null, 'save', in_array( $myGid, $adminGroups ) );
		}
		if ($msg) {
			echo "<script type=\"text/javascript\"> alert('" . addslashes( $msg ) . "'); window.history.go(-1);</script>\n";
			exit;
		}
	
		$_PLUGINS->loadPluginGroup('user');
	
		// Get current user state:
	
		$userComplete				=	new moscomprofilerUser( $_CB_database );
		if ( $userIdPosted != 0 ) {
			if ( ! $userComplete->load( (int) $userIdPosted ) ) {
				echo "<script type=\"text/javascript\"> alert('" . addslashes( _UE_USER_PROFILE_NOT ) . "'); window.history.go(-1);</script>\n";
				return;
			}
		}
	
		// Store new user state:
	
		$saveResult					=	$userComplete->saveSafely( $_POST, $_CB_framework->getUi(), 'edit' );
		if ( ! $saveResult ) {
			$regErrorMSG			=	$userComplete->getError();
	
			$msg					=	checkCBpermissions( array( $userComplete->id ), "edit", true );
			if ($msg) {
				echo "<script type=\"text/javascript\"> alert('" . addslashes( $msg ) ."'); window.history.go(-1);</script>\n";
				exit;
			}
	
			echo "<script type=\"text/javascript\">alert('" . str_replace( '\\\\n', '\\n', addslashes( strip_tags( str_replace( '<br />', '\\n', $regErrorMSG ) ) ) ) . "'); </script>\n";
			global $_CB_Backend_task;
			$_CB_Backend_task		=	'edit';			// so the toolbar comes up...
			$_PLUGINS->loadPluginGroup( 'user' );		// resets plugin errors
			$usersView					=	_CBloadView( 'user' );
			$usersView->edituser( $userComplete, $option, ( $userComplete->user_id != null ? '0' : '1' ), $_POST );
			// echo "<script type=\"text/javascript\">alert('" . addslashes( str_replace( '<br />', '\n', $userComplete->getError() ) ) . "'); window.history.go(-1);</script>\n";
			return;
		}
	
		// Checks-in the row:
		$userComplete->checkin();
	
		cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=showusers" ), sprintf(CBTxt::T('Successfully Saved User: %s'), $userComplete->username) );
	}