/** * Display a form for updating profile info * * @return void */ public function updateTask() { // Check if the user is logged in if (User::isGuest()) { return App::abort(500, Lang::txt('COM_MEMBERS_REGISTER_ERROR_SESSION_EXPIRED')); } $force = false; $updateEmail = false; // Set the pathway $this->_buildPathway(); // Set the page title $this->_buildTitle(); // Instantiate a new registration object $xregistration = new \Components\Members\Models\Registration(); $xprofile = Member::oneOrFail(User::get('id')); $hzal = \Hubzero\Auth\Link::find_by_id(User::get('auth_link_id')); // Get users component config options, specifically whether or not 'simple' registration is enabled $method = Request::getMethod(); $usersConfig = Component::params('com_members'); $simpleRegistration = $usersConfig->get('simple_registration', false); if ($method == 'POST') { // Load POSTed data $xregistration->loadPOST(); } else { // Load data from the user object $xregistration->loadProfile($xprofile); $username = User::get('username'); $email = User::get('email'); if ($username[0] == '-' && is_object($hzal)) { $sub_email = explode('@', (string) $hzal->email, 2); $tmp_username = Session::get('auth_link.tmp_username', $sub_email[0]); $xregistration->set('login', $tmp_username); $xregistration->set('orcid', Session::get('auth_link.tmp_orcid', '')); $xregistration->set('email', $hzal->email); $xregistration->set('confirmEmail', $hzal->email); if ($simpleRegistration) { $force = false; $method = 'POST'; } else { $force = true; } } } $check = $xregistration->check('update'); if (!$force && $check && $method == 'GET') { Session::set('registration.incomplete', false); if ($_SERVER['REQUEST_URI'] == rtrim(Request::base(true), '/') . '/register/update' || $_SERVER['REQUEST_URI'] == rtrim(Request::base(true), '/') . '/members/register/update') { App::redirect(rtrim(Request::base(true), '/') . '/'); } else { App::redirect($_SERVER['REQUEST_URI']); } return true; } if (!$force && $check && $method == 'POST') { // Before going any further, we need to do a sanity check to make sure username isn't being changed. // This really only happens on a race condition where someone is creating the same account // using a 3rd party auth service in two different browsers. Yes, it's crazy! if ($xregistration->get('login') && substr(User::get('username'), 0, 1) == '-') { // Make sure the username hasn't since been set in the database if (substr(User::getInstance(User::get('id'))->get('username'), 0, 1) != '-') { App::redirect(Route::url('index.php?option=com_users&view=logout'), Lang::txt('This account appears to already exist. Please try logging in again.'), 'warning'); return; } } $hubHomeDir = rtrim($this->config->get('homedir'), DS); $updateEmail = false; if ($xprofile->get('homeDirectory') == '') { $xprofile->set('homeDirectory', $hubHomeDir . DS . $xprofile->get('username')); } if ($xprofile->get('registerIP') == '') { $xprofile->set('registerIP', Request::getVar('REMOTE_ADDR', '', 'server')); } if ($xprofile->get('registerDate') == '') { $xprofile->set('registerDate', Date::toSql()); } if ($xregistration->get('email') != $xprofile->get('email')) { if (is_object($hzal) && $xregistration->get('email') == $hzal->email) { $xprofile->set('activation', 3); } else { $code = \Components\Members\Helpers\Utility::genemailconfirm(); $xprofile->set('activation', $code); $updateEmail = true; } } if ($xregistration->get('login') != $xprofile->get('username')) { $xprofile->set('homeDirectory', $hubHomeDir . DS . $xregistration->get('login')); } $keys = array('email', 'name', 'surname', 'givenName', 'middleName', 'usageAgreement', 'sendEmail', 'password'); foreach ($keys as $key) { if ($xregistration->get($key) !== null) { $xprofile->set($key, $xregistration->get($key)); } } $xprofile->set('username', $xregistration->get('login')); $xprofile->save(); // Update current session if appropriate // TODO: update all session of this user // TODO: only update if changed if ($xprofile->get('id') == User::get('id')) { $suser = Session::get('user'); $suser->set('username', $xprofile->get('username')); $suser->set('email', $xprofile->get('email')); $suser->set('name', $xprofile->get('name')); Session::set('user', $suser); // Get the session object $table = \JTable::getInstance('session'); $table->load(Session::getId()); $table->username = $xprofile->get('username'); $table->update(); } Session::set('registration.incomplete', false); // Notify the user if ($updateEmail) { \Components\Members\Helpers\Utility::sendConfirmEmail($xprofile, $xregistration); } // Notify administration if ($method == 'POST') { $subject = Config::get('sitename') . ' ' . Lang::txt('COM_MEMBERS_REGISTER_EMAIL_ACCOUNT_UPDATE'); $eaview = new \Hubzero\Component\View(array('name' => 'emails', 'layout' => 'adminupdate')); $eaview->option = $this->_option; $eaview->controller = $this->_controller; $eaview->sitename = Config::get('sitename'); $eaview->xprofile = $xprofile; $eaview->baseURL = $this->baseURL; $message = $eaview->loadTemplate(); $message = str_replace("\n", "\r\n", $message); } if (!$updateEmail) { $suri = Request::getVar('REQUEST_URI', '/', 'server'); if ($suri == '/register/update' || $suri == '/members/update' || $suri == '/members/register/update') { $suri = Route::url('index.php?option=' . $this->_option . '&task=myaccount'); } App::redirect($suri); return; } else { // Instantiate a new view $this->view->set('title', Lang::txt('COM_MEMBERS_REGISTER_UPDATE'))->set('sitename', Config::get('sitename'))->set('xprofile', $xprofile)->set('isSelf', true)->set('updateEmail', $updateEmail)->setErrors($this->getErrors())->display(); } return true; } return $this->_show_registration_form($xregistration, 'update'); }
/** * Display a form for updating profile info * * @return void */ public function updateTask() { // Check if the user is logged in if (User::isGuest()) { return App::abort(500, Lang::txt('COM_MEMBERS_REGISTER_ERROR_SESSION_EXPIRED')); } $force = false; $updateEmail = false; // Set the pathway $this->_buildPathway(); // Set the page title $this->_buildTitle(); // Instantiate a new registration object $xregistration = new \Components\Members\Models\Registration(); $xprofile = \Hubzero\User\Profile::getInstance(User::get('id')); $hzal = \Hubzero\Auth\Link::find_by_id(User::get('auth_link_id')); if (Request::getMethod() == 'POST') { // Load POSTed data $xregistration->loadPOST(); } else { // Load data from the user object if (is_object($xprofile)) { $xregistration->loadProfile($xprofile); } else { $xregistration->loadAccount(User::getRoot()); } $username = User::get('username'); $email = User::get('email'); if ($username[0] == '-' && is_object($hzal)) { $tmp_username = Session::get('auth_link.tmp_username', ''); $xregistration->set('login', $tmp_username); $xregistration->set('orcid', Session::get('auth_link.tmp_orcid', '')); $xregistration->set('email', $hzal->email); $xregistration->set('confirmEmail', $hzal->email); $force = true; } } $check = $xregistration->check('update'); if (!$force && $check && Request::getMethod() == 'GET') { Session::set('registration.incomplete', false); if ($_SERVER['REQUEST_URI'] == rtrim(Request::base(true), '/') . '/register/update' || $_SERVER['REQUEST_URI'] == rtrim(Request::base(true), '/') . '/members/register/update') { App::redirect(rtrim(Request::base(true), '/') . '/'); } else { App::redirect($_SERVER['REQUEST_URI']); } return true; } if (!$force && $check && Request::getMethod() == 'POST') { // Before going any further, we need to do a sanity check to make sure username isn't being changed. // This really only happens on a race condition where someone is creating the same account // using a 3rd party auth service in two different browsers. Yes, it's crazy! if ($xregistration->get('login') && substr(User::get('username'), 0, 1) == '-') { // Make sure the username hasn't since been set in the database if (substr(User::getInstance(User::get('id'))->get('username'), 0, 1) != '-') { App::redirect(Route::url('index.php?option=com_users&view=logout'), Lang::txt('This account appears to already exist. Please try logging in again.'), 'warning'); return; } } //$params = Component::params('com_members'); $hubHomeDir = rtrim($this->config->get('homedir'), '/'); $updateEmail = false; if ($xprofile->get('homeDirectory') == '') { $xprofile->set('homeDirectory', $hubHomeDir . '/' . $xprofile->get('username')); } if ($xprofile->get('regIP') == '') { $xprofile->set('regIP', Request::getVar('REMOTE_ADDR', '', 'server')); } if ($xprofile->get('regHost') == '') { if (isset($_SERVER['REMOTE_HOST'])) { $xprofile->set('regHost', Request::getVar('REMOTE_HOST', '', 'server')); } } if ($xprofile->get('registerDate') == '') { $xprofile->set('registerDate', Date::toSql()); } if ($xregistration->get('email') != $xprofile->get('email')) { if (is_object($hzal) && $xregistration->get('email') == $hzal->email) { $xprofile->set('emailConfirmed', 3); } else { $xprofile->set('emailConfirmed', -rand(1, pow(2, 31) - 1)); $updateEmail = true; } } if ($xregistration->get('login') != $xprofile->get('username')) { $xprofile->set('homeDirectory', $hubHomeDir . '/' . $xregistration->get('login')); } $xprofile->loadRegistration($xregistration); $xprofile->update(); // Update user table // TODO: only update if changed $myuser = User::getInstance($xprofile->get('uidNumber')); $myuser->set('username', $xprofile->get('username')); $myuser->set('email', $xprofile->get('email')); $myuser->set('name', $xprofile->get('name')); $myuser->save(); // Update current session if appropriate // TODO: update all session of this user // TODO: only update if changed if ($myuser->get('id') == User::get('id')) { $suser = Session::get('user'); $suser->set('username', $xprofile->get('username')); $suser->set('email', $xprofile->get('email')); $suser->set('name', $xprofile->get('name')); Session::set('user', $suser); // Get the session object $table = \JTable::getInstance('session'); $table->load(Session::getId()); $table->username = $xprofile->get('username'); $table->update(); } Session::set('registration.incomplete', false); // Notify the user if ($updateEmail) { $subject = Config::get('sitename') . ' ' . Lang::txt('COM_MEMBERS_REGISTER_EMAIL_CONFIRMATION'); $eview = new \Hubzero\Component\View(array('name' => 'emails', 'layout' => 'update')); $eview->option = $this->_option; $eview->controller = $this->_controller; $eview->sitename = Config::get('sitename'); $eview->xprofile = $xprofile; $eview->baseURL = $this->baseURL; $message = $eview->loadTemplate(); $message = str_replace("\n", "\r\n", $message); $msg = new \Hubzero\Mail\Message(); $msg->setSubject($subject)->addTo($xprofile->get('email'))->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' Administrator')->addHeader('X-Component', $this->_option)->setBody($message); if (!$msg->send()) { $this->setError(Lang::txt('COM_MEMBERS_REGISTER_ERROR_EMAILING_CONFIRMATION')); // @FIXME: LOG ERROR SOMEWHERE } } // Notify administration if (Request::getMethod() == 'POST') { $subject = Config::get('sitename') . ' ' . Lang::txt('COM_MEMBERS_REGISTER_EMAIL_ACCOUNT_UPDATE'); $eaview = new \Hubzero\Component\View(array('name' => 'emails', 'layout' => 'adminupdate')); $eaview->option = $this->_option; $eaview->controller = $this->_controller; $eaview->sitename = Config::get('sitename'); $eaview->xprofile = $xprofile; $eaview->baseURL = $this->baseURL; $message = $eaview->loadTemplate(); $message = str_replace("\n", "\r\n", $message); /*$msg = new \Hubzero\Mail\Message(); $msg->setSubject($subject) ->addTo($hubMonitorEmail) ->addFrom(Config::get('mailfrom'), Config::get('sitename') . ' Administrator') ->addHeader('X-Component', $this->_option) ->setBody($message) ->send();*/ // @FIXME: LOG ACCOUNT UPDATE ACTIVITY SOMEWHERE } if (!$updateEmail) { $suri = Request::getVar('REQUEST_URI', '/', 'server'); if ($suri == '/register/update' || $suri == '/members/update') { App::redirect(Route::url('index.php?option=' . $this->_option . '&task=myaccount')); } else { App::redirect($suri); } return; } else { // Instantiate a new view $this->view->title = Lang::txt('COM_MEMBERS_REGISTER_UPDATE'); $this->view->sitename = Config::get('sitename'); $this->view->xprofile = $xprofile; $this->view->self = true; $this->view->updateEmail = $updateEmail; if ($this->getError()) { $this->view->setError($this->getError()); } $this->view->display(); } return true; } return $this->_show_registration_form($xregistration, 'update'); }
/** * Save changes to a profile * Outputs JSON when called via AJAX, redirects to profile otherwise * * @return string JSON */ public function saveTask() { // Check if they are logged in if (User::isGuest()) { return false; } Request::checkToken(array('get', 'post')); $no_html = Request::getVar("no_html", 0); // Incoming user ID $id = Request::getInt('id', 0, 'post'); // Do we have an ID? if (!$id) { App::abort(404, Lang::txt('MEMBERS_NO_ID')); return; } // Incoming profile edits $p = Request::getVar('profile', array(), 'post', 'none', 2); $n = Request::getVar('name', array(), 'post'); $a = Request::getVar('access', array(), 'post'); // Load the profile $profile = \Hubzero\User\Profile::getInstance($id); $oldemail = $profile->get('email'); if ($n) { $profile->set('givenName', trim($n['first'])); $profile->set('middleName', trim($n['middle'])); $profile->set('surname', trim($n['last'])); $name = trim($n['first']) . ' '; $name .= trim($n['middle']) != '' ? trim($n['middle']) . ' ' : ''; $name .= trim($n['last']); $profile->set('name', $name); } if (isset($p['bio'])) { $profile->set('bio', trim($p['bio'])); } if (is_array($a) && count($a) > 0) { foreach ($a as $k => $v) { $v = intval($v); if (!in_array($v, array(0, 1, 2, 3, 4))) { $v = 0; } $profile->setParam('access_' . $k, $v); } } if (isset($p['public'])) { $profile->set('public', $p['public']); } // Set some post data for the xregistration class $tags = trim(Request::getVar('tags', '')); if (isset($tags)) { Request::setVar('interests', $tags, 'post'); } // Instantiate a new \Components\Members\Models\Registration $xregistration = new \Components\Members\Models\Registration(); $xregistration->loadPOST(); // Push the posted data to the profile // Note: this is done before the required fields check so, if we need to display the edit form, it'll show all the new changes if (!is_null($xregistration->_registration['email'])) { $profile->set('email', $xregistration->_registration['email']); // Unconfirm if the email address changed if ($oldemail != $xregistration->_registration['email']) { // Get a new confirmation code $confirm = \Components\Members\Helpers\Utility::genemailconfirm(); $profile->set('emailConfirmed', $confirm); } } if (!is_null($xregistration->_registration['countryresident'])) { $profile->set('countryresident', $xregistration->_registration['countryresident']); } if (!is_null($xregistration->_registration['countryorigin'])) { $profile->set('countryorigin', $xregistration->_registration['countryorigin']); } if (!is_null($xregistration->_registration['nativetribe'])) { $profile->set('nativeTribe', $xregistration->_registration['nativetribe']); } if ($xregistration->_registration['org'] != '') { $profile->set('organization', $xregistration->_registration['org']); } elseif ($xregistration->_registration['orgtext'] != '') { $profile->set('organization', $xregistration->_registration['orgtext']); } if (!is_null($xregistration->_registration['web'])) { $profile->set('url', $xregistration->_registration['web']); } if (!is_null($xregistration->_registration['phone'])) { $profile->set('phone', $xregistration->_registration['phone']); } if (!is_null($xregistration->_registration['orgtype'])) { $profile->set('orgtype', $xregistration->_registration['orgtype']); } if (!is_null($xregistration->_registration['sex'])) { $profile->set('gender', $xregistration->_registration['sex']); } if (!is_null($xregistration->_registration['disability'])) { $profile->set('disability', $xregistration->_registration['disability']); } if (!is_null($xregistration->_registration['hispanic'])) { $profile->set('hispanic', $xregistration->_registration['hispanic']); } if (!is_null($xregistration->_registration['race'])) { $profile->set('race', $xregistration->_registration['race']); } if (!is_null($xregistration->_registration['mailPreferenceOption'])) { $profile->set('mailPreferenceOption', $xregistration->_registration['mailPreferenceOption']); } if (!is_null($xregistration->_registration['usageAgreement'])) { $profile->set('usageAgreement', $xregistration->_registration['usageAgreement']); } if (!is_null($xregistration->_registration['orcid'])) { $profile->set('orcid', $xregistration->_registration['orcid']); } $field_to_check = Request::getVar("field_to_check", array()); // Check that required fields were filled in properly if (!$xregistration->check('edit', $profile->get('uidNumber'), $field_to_check)) { if (!$no_html) { $this->_task = 'edit'; $this->editTask($xregistration, $profile); return; } else { echo json_encode($xregistration); exit; } } //are we declining the terms of use //if yes we want to set the usage agreement to 0 and profile to private $declineTOU = Request::getVar('declinetou', 0); if ($declineTOU) { $profile->set('public', 0); $profile->set('usageAgreement', 0); } // Set the last modified datetime $profile->set('modifiedDate', Date::toSql()); // Save the changes if (!$profile->update()) { App::abort(500, $profile->getError()); return false; } // Process tags if (isset($tags) && in_array('interests', $field_to_check)) { $mt = new \Components\Members\Models\Tags($id); $mt->setTags($tags, $id); } $email = $profile->get('email'); $name = $profile->get('name'); // Make sure certain changes make it back to the user table if ($id > 0) { $user = User::getInstance($id); $jname = $user->get('name'); $jemail = $user->get('email'); if ($name != trim($jname)) { $user->set('name', $name); } if ($email != trim($jemail)) { $user->set('email', $email); } if ($name != trim($jname) || $email != trim($jemail)) { if (!$user->save()) { App::abort(500, Lang::txt($user->getError())); return false; } } // Update session if name is changing if ($n && $user->get('name') != App::get('session')->get('user')->get('name')) { $suser = App::get('session')->get('user'); $user->set('name', $suser->get('name')); } // Update session if email is changing if ($user->get('email') != App::get('session')->get('user')->get('email')) { $suser = App::get('session')->get('user'); $user->set('email', $suser->get('email')); // add item to session to mark that the user changed emails // this way we can serve profile images for these users but not all // unconfirmed users $session = App::get('session'); $session->set('userchangedemail', 1); } } // Send a new confirmation code AFTER we've successfully saved the changes to the e-mail address if ($email != $oldemail) { $this->_message = $this->_sendConfirmationCode($profile->get('username'), $email, $confirm); } //if were declinging the terms we want to logout user and tell the javascript if ($declineTOU) { App::get('auth')->logout(); echo json_encode(array('loggedout' => true)); return; } if (!$no_html) { // Redirect App::redirect(Route::url('index.php?option=' . $this->_option . ($id ? '&id=' . $id . '&active=profile' : '')), $this->_message); } else { // Output JSON echo json_encode(array('success' => true)); } }