function save_profile(&$vars, &$user) { global $db, $config; global $_amember_id, $member_additional_fields, $email_confirmation_required; $email_confirmation_required = 0; $fields_to_change = (array) $config['profile_fields']; $maf = array(); foreach ($member_additional_fields as $f) { $maf[$f['name']] = $f; // Set empty values for all fields that were not submited. // Need to do this to get validation functions working for radio buttons. if (!$vars[$f[name]]) { $vars[$f[name]] = ''; } } $error = array(); if ($config['use_address_info'] == 1) { $error = vsf_address($vars, $is_signup = false); } foreach ($vars as $k => $v) { $field = $k; if (in_array($k, $fields_to_change)) { $field_type = 1; } elseif (($maf[$k]['display_profile'] || $maf[$k]['display_affiliate_profile']) && is_additional_fields_avalable(get_active_price_groups(), $maf[$k])) { $field_type = 2; } else { continue; } ///check username if ($k == 'login' && $v != $_SESSION['_amember_login'] && ($err = check_new_username($v))) { $error[] = sprintf(_MEMBER_PROFILE_ERROR1, $err); $user['login'] = $v; continue; } //// if ($config['verify_email_profile'] && $k == 'email' && $v != $user['email']) { $email_confirmation_required = 1; $old_email = $user['email']; $new_email = $v; } if ($k == 'email' && !check_email($v)) { $error[] = _MEMBER_PROFILE_ERROR2; $user['email'] = $v; continue; } elseif ($k == 'email' && $config['unique_email']) { $ul = $db->users_find_by_string($vars['email'], 'email', 1); if ($ul && $ul[0][member_id] != $_amember_id) { $error[] = _MEMBER_PROFILE_ERROR3; continue; } } if ($k == 'name_f' && !strlen($v)) { $error[] = _MEMBER_PROFILE_ERROR4; $user['name_f'] = $v; continue; } if ($k == 'name_l' && !strlen($v)) { $error[] = _MEMBER_PROFILE_ERROR5; $user['name_l'] = $v; continue; } if ($k == 'name_f' && preg_match('/[<>"]/', $v)) { $error[] = _MEMBER_PROFILE_ERROR4; $user['name_f'] = $v; continue; } if ($k == 'name_l' && preg_match('/[<>"]/', $v)) { $error[] = _MEMBER_PROFILE_ERROR5; $user['name_l'] = $v; continue; } /// check password if ($k == 'pass0') { if (strlen($v) == 0) { //don't change at all continue; } if (strlen($v) < $config['pass_min_length']) { $error[] = sprintf(_MEMBER_PROFILE_ERROR6, $config[pass_min_length]); continue; } if (strlen($v) > $config['pass_max_length']) { $error[] = sprintf(_MEMBER_PROFILE_ERROR7, $config[pass_max_length]); continue; } if ($vars['pass0'] != $vars['pass1']) { $error[] = _MEMBER_PROFILE_ERROR8; continue; } $field = 'pass'; } /// set value if ($field_type == 1) { $user[$field] = $v; } elseif ($field_type == 2) { $ff = $maf[$k]; foreach ((array) $ff['validate_func'] as $func) { if (!strlen($func)) { continue; } if ($ff['display_profile'] > 0 && ($err = $func($v, $ff['title'], $ff))) { $error[] = $err; } } if ($ff['display_profile'] > 0) { if ($ff['sql']) { $user[$k] = $v; } else { $user['data'][$k] = $v; } } } else { fatal_error(sprintf(_MEMBER_PROFILE_ERROR9, $k, $field_type)); } } if (!$error) { if ($email_confirmation_required) { // Restore old email address and send message to user; $user['email'] = $old_email; $user['data']['email_new'] = $new_email; $user['data']['email_confirm_code'] = substr(uniqid(rand(), true), 0, 12); $user['data']['email_confirm_code_exp'] = time() + 3600 * 24; // Expire link in 24 hours. } $db->update_user($_amember_id, $user); if (in_array('login', $fields_to_change)) { $_SESSION['_amember_login'] = $user['login']; } $_SESSION['_amember_pass'] = $user['pass']; } return $error; }
function member_check_additional_fields(&$vars, $scope = 'signup', $price_group = null) { global $member_additional_fields; $error = array(); // Get price group from request for signup form if ($scope == 'signup' && isset($vars['price_group'])) { $price_group = explode(',', $vars['price_group']); } foreach ($member_additional_fields as $f) { if (!is_additional_fields_avalable($price_group, $f)) { continue; } if (!$f['display_' . $scope]) { continue; } $v = $vars[$fn = $f['name']]; foreach ((array) $f['validate_func'] as $func) { if (!strlen($func)) { continue; } if ($err = $func($v, $f['title'], $f)) { $error[] = $err; } } } return $error; }