function save_profile(&$vars, &$user)
{
global $db, $config;
global $_amember_id, $member_additional_fields, $email_confirmation_required;
$email_confirmation_required = 0;
$fields_to_change = (array) $config['profile_fields'];
$maf = array();
foreach ($member_additional_fields as $f) {
$maf[$f['name']] = $f;
// Set empty values for all fields that were not submited.
// Need to do this to get validation functions working for radio buttons.
if (!$vars[$f[name]]) {
$vars[$f[name]] = '';
}
}
$error = array();
if ($config['use_address_info'] == 1) {
$error = vsf_address($vars, $is_signup = false);
}
foreach ($vars as $k => $v) {
$field = $k;
if (in_array($k, $fields_to_change)) {
$field_type = 1;
} elseif (($maf[$k]['display_profile'] || $maf[$k]['display_affiliate_profile']) && is_additional_fields_avalable(get_active_price_groups(), $maf[$k])) {
$field_type = 2;
} else {
continue;
}
///check username
if ($k == 'login' && $v != $_SESSION['_amember_login'] && ($err = check_new_username($v))) {
$error[] = sprintf(_MEMBER_PROFILE_ERROR1, $err);
$user['login'] = $v;
continue;
}
////
if ($config['verify_email_profile'] && $k == 'email' && $v != $user['email']) {
$email_confirmation_required = 1;
$old_email = $user['email'];
$new_email = $v;
}
if ($k == 'email' && !check_email($v)) {
$error[] = _MEMBER_PROFILE_ERROR2;
$user['email'] = $v;
continue;
} elseif ($k == 'email' && $config['unique_email']) {
$ul = $db->users_find_by_string($vars['email'], 'email', 1);
if ($ul && $ul[0][member_id] != $_amember_id) {
$error[] = _MEMBER_PROFILE_ERROR3;
continue;
}
}
if ($k == 'name_f' && !strlen($v)) {
$error[] = _MEMBER_PROFILE_ERROR4;
$user['name_f'] = $v;
continue;
}
if ($k == 'name_l' && !strlen($v)) {
$error[] = _MEMBER_PROFILE_ERROR5;
$user['name_l'] = $v;
continue;
}
if ($k == 'name_f' && preg_match('/[<>"]/', $v)) {
$error[] = _MEMBER_PROFILE_ERROR4;
$user['name_f'] = $v;
continue;
}
if ($k == 'name_l' && preg_match('/[<>"]/', $v)) {
$error[] = _MEMBER_PROFILE_ERROR5;
$user['name_l'] = $v;
continue;
}
/// check password
if ($k == 'pass0') {
if (strlen($v) == 0) {
//don't change at all
continue;
}
if (strlen($v) < $config['pass_min_length']) {
$error[] = sprintf(_MEMBER_PROFILE_ERROR6, $config[pass_min_length]);
continue;
}
if (strlen($v) > $config['pass_max_length']) {
$error[] = sprintf(_MEMBER_PROFILE_ERROR7, $config[pass_max_length]);
continue;
}
if ($vars['pass0'] != $vars['pass1']) {
$error[] = _MEMBER_PROFILE_ERROR8;
continue;
}
$field = 'pass';
}
/// set value
if ($field_type == 1) {
$user[$field] = $v;
} elseif ($field_type == 2) {
$ff = $maf[$k];
foreach ((array) $ff['validate_func'] as $func) {
if (!strlen($func)) {
continue;
}
if ($ff['display_profile'] > 0 && ($err = $func($v, $ff['title'], $ff))) {
$error[] = $err;
}
}
if ($ff['display_profile'] > 0) {
if ($ff['sql']) {
$user[$k] = $v;
} else {
$user['data'][$k] = $v;
}
}
} else {
fatal_error(sprintf(_MEMBER_PROFILE_ERROR9, $k, $field_type));
}
}
if (!$error) {
if ($email_confirmation_required) {
// Restore old email address and send message to user;
$user['email'] = $old_email;
$user['data']['email_new'] = $new_email;
$user['data']['email_confirm_code'] = substr(uniqid(rand(), true), 0, 12);
$user['data']['email_confirm_code_exp'] = time() + 3600 * 24;
// Expire link in 24 hours.
}
$db->update_user($_amember_id, $user);
if (in_array('login', $fields_to_change)) {
$_SESSION['_amember_login'] = $user['login'];
}
$_SESSION['_amember_pass'] = $user['pass'];
}
return $error;
}
function member_check_additional_fields(&$vars, $scope = 'signup', $price_group = null)
{
global $member_additional_fields;
$error = array();
// Get price group from request for signup form
if ($scope == 'signup' && isset($vars['price_group'])) {
$price_group = explode(',', $vars['price_group']);
}
foreach ($member_additional_fields as $f) {
if (!is_additional_fields_avalable($price_group, $f)) {
continue;
}
if (!$f['display_' . $scope]) {
continue;
}
$v = $vars[$fn = $f['name']];
foreach ((array) $f['validate_func'] as $func) {
if (!strlen($func)) {
continue;
}
if ($err = $func($v, $f['title'], $f)) {
$error[] = $err;
}
}
}
return $error;
}
