Esempio n. 1
0
 /**
  * Check if user_id (or current loged user) can manage users or groups
  *
  * @param  int     $user_id
  * @return boolean
  */
 public static function canManage($userId = false)
 {
     return Security::canAddUser($userId) || Security::canAddGroup($userId);
 }
Esempio n. 2
0
 /**
  * save user profile form data
  * @param  array $p
  * @return json  response
  */
 public function saveProfileData($p)
 {
     if (!$this->isVerified()) {
         return array('success' => false, 'verify' => true);
     }
     if (!Security::canEditUser($p['id'])) {
         throw new \Exception(L\get('Access_denied'));
     }
     $cfg = $this->getUserConfig($p['id']);
     $languageSettings = Config::get('language_settings');
     $p['first_name'] = Purify::humanName($p['first_name']);
     $p['last_name'] = Purify::humanName($p['last_name']);
     $p['sex'] = strlen($p['sex']) > 1 ? null : $p['sex'];
     if (!empty($p['email'])) {
         if (!filter_var($p['email'], FILTER_VALIDATE_EMAIL)) {
             return array('success' => false, 'msg' => 'Invalid email address');
         }
     }
     $p['language_id'] = intval($p['language_id']);
     if (isset($p['country_code'])) {
         if (empty($p['country_code']) || filter_var($p['country_code'], FILTER_VALIDATE_REGEXP, array('options' => array('regexp' => '/^\\+?\\d*$/')))) {
             $cfg['country_code'] = $p['country_code'];
         } else {
             return array('success' => false, 'msg' => 'Invalid country code');
         }
     }
     if (isset($p['phone']) && !empty($p['phone'])) {
         // remove all symbols except 0-9, (, ), -, +
         $phone = preg_replace("/[^0-9 \\-\\(\\)\\+]/", '', $p['phone']);
         $cfg['phone'] = $phone;
     }
     if (isset($p['timezone'])) {
         # list of (all) valid timezones
         $zoneList = timezone_identifiers_list();
         if (empty($p['timezone']) || in_array($p['timezone'], $zoneList)) {
             $cfg['timezone'] = $p['timezone'];
         } else {
             return array('success' => false, 'msg' => 'Invalid timezone');
         }
     }
     if (isset($p['short_date_format'])) {
         if (filter_var($p['short_date_format'], FILTER_VALIDATE_REGEXP, array('options' => array('regexp' => '/^[\\.,a-z \\/\\-]*$/i')))) {
             $cfg['short_date_format'] = $p['short_date_format'];
         } else {
             return array('success' => false, 'msg' => 'Invalid short date format');
         }
     }
     if (isset($p['long_date_format'])) {
         if (filter_var($p['long_date_format'], FILTER_VALIDATE_REGEXP, array('options' => array('regexp' => '/^[\\.,a-z \\/\\-]*$/i')))) {
             $cfg['long_date_format'] = $p['long_date_format'];
         } else {
             return array('success' => false, 'msg' => 'Invalid long date format');
         }
     }
     if (empty($p['data'])) {
         $p['data'] = array();
     }
     if ($p['id'] != static::getId()) {
         if (Security::canAddUser()) {
             unset($cfg['canAddUsers']);
             if (isset($p['canAddUsers'])) {
                 $cfg['canAddUsers'] = 'true';
             }
         }
         if (Security::canAddGroup()) {
             unset($cfg['canAddGroups']);
             if (isset($p['canAddGroups'])) {
                 $cfg['canAddGroups'] = 'true';
             }
         }
     }
     DM\Users::update(array('id' => $p['id'], 'first_name' => $p['first_name'], 'last_name' => $p['last_name'], 'sex' => $p['sex'], 'email' => $p['email'], 'language_id' => $p['language_id'], 'cfg' => Util\jsonEncode($cfg), 'data' => Util\jsonEncode($p['data'])));
     /* updating session params if the updated user profile is currently logged user */
     if ($p['id'] == static::getId()) {
         $u =& $_SESSION['user'];
         $u['first_name'] = htmlentities($p['first_name'], ENT_QUOTES, 'UTF-8');
         $u['last_name'] = htmlentities($p['last_name'], ENT_QUOTES, 'UTF-8');
         $u['sex'] = $p['sex'];
         $u['email'] = $p['email'];
         $u['language_id'] = $p['language_id'];
         $u['language'] = @Config::get('languages')[$p['language_id'] - 1];
         $u['locale'] = @$languageSettings[$u['language']]['locale'];
         $u['cfg']['timezone'] = empty($cfg['timezone']) ? '' : $cfg['timezone'];
         $u['cfg']['gmt_offset'] = empty($cfg['timezone']) ? null : System::getGmtOffset($cfg['timezone']);
         if (!empty($cfg['long_date_format'])) {
             $u['cfg']['long_date_format'] = $cfg['long_date_format'];
         }
         if (!empty($cfg['short_date_format'])) {
             $u['cfg']['short_date_format'] = $cfg['short_date_format'];
         }
         $u['cfg']['time_format'] = @$languageSettings[$u['language']]['time_format'];
     }
     return array('success' => true);
 }