public function action_save_contact()
{
// Must be an administrator or the actual user saving their information
if (!$this->is_level(3) and Yii::app()->user->cid != $_REQUEST["cid"]) {
return print "You do not have permission to edit this contact.";
}
$contact = new ContactObj($_REQUEST["cid"]);
if (!$contact->loaded) {
return print "Contact could not be found.";
}
$name = $contact->firstname . " " . $contact->lastname;
foreach ($_REQUEST as $item => $value) {
$contact->{$item} = $value;
}
$log = new LogObj();
if (!$contact->save()) {
$log->type = "error";
$log->log_message = "Attempting to update information of contact (" . $contact->cid . ") \"{$name}\" bio.\n";
$log->log_message .= $contact->get_error();
if (!$log->save()) {
die($log->get_error());
}
return print $log->log_message;
}
$name = $contact->firstname . " " . $contact->lastname;
$log->type = "update";
$log->log_message = "Successfully updated information of contact (" . $contact->cid . ") \"{$name}\".";
$log->save();
if (isset($contact->username) and $contact->username != "") {
$user = new UserObj($contact->username);
if (isset($_REQUEST["permission"])) {
$permission = $_REQUEST["permission"];
if ($permission > @Yii::app()->user->userobj->permission) {
$permission = @Yii::app()->user->userobj->permission;
}
$user->permission = $permission;
$user->email = $user->username . "@colorado.edu";
$user->active = @$_REQUEST["makeuser"];
if (!$user->save()) {
return print $user->get_error();
}
}
}
return print 1;
}
