function validate_user_info($user_r, &$HTTP_VARS, &$address_provided_r, &$errors)
{
$address_attribs_provided = NULL;
$is_address_validated = TRUE;
// cannot change your role unless you have the permissions
if (is_array($user_r) && !is_user_granted_permission(PERM_ADMIN_USER_PROFILE)) {
$HTTP_VARS['user_role'] = $user_r['user_role'];
} else {
if ($HTTP_VARS['op'] == 'signup' && !is_valid_signup_role($HTTP_VARS['user_role'])) {
opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, 'Invalid Signup User Role specified', $HTTP_VARS);
return FALSE;
}
}
$role_r = fetch_role_r($HTTP_VARS['user_role']);
if (!is_array($role_r)) {
opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, 'Invalid User Role specified', $HTTP_VARS);
return FALSE;
}
$HTTP_VARS['fullname'] = filter_input_field("text(30,100)", $HTTP_VARS['fullname']);
$HTTP_VARS['email_addr'] = filter_input_field("email(30,100)", $HTTP_VARS['email_addr']);
if (!validate_input_field(get_opendb_lang_var('fullname'), "text(30,100)", "Y", $HTTP_VARS['fullname'], $errors) || !validate_input_field(get_opendb_lang_var('email'), "email(30,100)", "Y", $HTTP_VARS['email_addr'], $errors)) {
return FALSE;
}
if (get_opendb_config_var('user_admin', 'user_themes_support') === FALSE || !is_exists_theme($HTTP_VARS['uid_theme'])) {
$HTTP_VARS['uid_theme'] = FALSE;
// Do not update theme!
}
// Do not allow update with illegal language.
if (get_opendb_config_var('user_admin', 'user_language_support') === FALSE || !is_exists_language($HTTP_VARS['uid_language'])) {
$HTTP_VARS['uid_language'] = NULL;
}
$addr_results = fetch_address_type_rs(TRUE);
if ($addr_results) {
while ($address_type_r = db_fetch_assoc($addr_results)) {
$v_address_type = strtolower($address_type_r['s_address_type']);
$address_provided_r[$v_address_type] = FALSE;
$attr_results = fetch_address_type_attribute_type_rs($address_type_r['s_address_type'], 'update', TRUE);
if ($attr_results) {
while ($addr_attribute_type_r = db_fetch_assoc($attr_results)) {
$fieldname = get_field_name($addr_attribute_type_r['s_attribute_type'], $addr_attribute_type_r['order_no']);
$HTTP_VARS[$v_address_type][$fieldname] = filter_item_input_field($addr_attribute_type_r, $HTTP_VARS[$v_address_type][$fieldname]);
if (is_empty_attribute($addr_attribute_type_r['s_attribute_type'], $HTTP_VARS[$v_address_type][$fieldname]) !== FALSE) {
$address_provided_r[$v_address_type] = TRUE;
if (!validate_item_input_field($addr_attribute_type_r, $HTTP_VARS[$v_address_type][$fieldname], $errors)) {
$is_address_validated = FALSE;
}
}
}
db_free_result($attr_results);
}
//if($addr_results)
}
db_free_result($addr_results);
}
//if($addr_results)
return $is_address_validated;
}
session_name(get_opendb_session_cookie_name());
session_start();
handle_opendb_remember_me();
//allows specific pages to overide themes
if (is_exists_theme($_OVRD_OPENDB_THEME)) {
$_OPENDB_THEME = $_OVRD_OPENDB_THEME;
} else {
unset($_OPENDB_THEME);
if (strlen(get_opendb_session_var('user_id')) > 0 && get_opendb_config_var('user_admin', 'user_themes_support') !== FALSE) {
$user_theme = fetch_user_theme(get_opendb_session_var('user_id'));
if (is_exists_theme($user_theme)) {
$_OPENDB_THEME = $user_theme;
}
}
if (strlen($_OPENDB_THEME) == 0) {
if (is_exists_theme(get_opendb_config_var('site', 'theme'))) {
$_OPENDB_THEME = get_opendb_config_var('site', 'theme');
} else {
$_OPENDB_THEME = 'default';
}
}
}
if (is_exists_language($_OVRD_OPENDB_LANGUAGE)) {
$_OPENDB_LANGUAGE = $_OVRD_OPENDB_LANGUAGE;
} else {
unset($_OPENDB_LANGUAGE);
if (strlen(get_opendb_session_var('user_id')) > 0 && get_opendb_config_var('user_admin', 'user_language_support') !== FALSE) {
$user_language = fetch_user_language(get_opendb_session_var('user_id'));
if (is_exists_language($user_language)) {
$_OPENDB_LANGUAGE = $user_language;
}
function validate_s_config_group_item($group_id, $id, $keyid, $value)
{
if (strlen($group_id) > 0 && strlen($id) > 0 && strlen($keyid) > 0) {
$query = "SELECT type, subtype FROM s_config_group_item WHERE group_id = '{$group_id}' AND id = '{$id}' ";
if (is_numeric($keyid)) {
$query .= " AND (type = 'array' OR keyid = '{$keyid}') ";
} else {
$query .= " AND keyid = '{$keyid}' ";
}
$query .= "LIMIT 0,1";
$result = db_query($query);
if ($result && db_num_rows($result) > 0) {
$found = db_fetch_assoc($result);
$value = trim($value);
// will not directly validate an array, but instead the subtype of the array.
if ($found['type'] == 'array') {
// by default its text
if (strlen($found['subtype']) == 0) {
$found['subtype'] = 'text';
}
if ($found['subtype'] == 'usertype') {
$found['type'] = 'usertype';
} else {
if ($found['subtype'] == 'number') {
$found['type'] = 'number';
} else {
$found['type'] = 'text';
}
}
}
switch ($found['type']) {
case 'boolean':
$value = strtoupper($value);
if ($value == 'TRUE' || $value == 'FALSE') {
return $value;
} else {
return 'FALSE';
}
case 'email':
if (is_valid_email_addr($value)) {
return $value;
} else {
return FALSE;
}
case 'number':
// filter out any non-numeric characters, but pass the rest in.
$value = remove_illegal_chars($value, expand_chars_exp('0-9'));
if (strlen($value) > 0) {
return $value;
} else {
return FALSE;
}
case 'datemask':
// TODO: Provide a date-mask filter
return $value;
case 'language':
if (is_exists_language($value)) {
return $value;
} else {
return FALSE;
}
case 'theme':
if (is_exists_theme($value)) {
return $value;
} else {
return FALSE;
}
case 'export':
if (strlen($value) == 0 || is_export_plugin($value)) {
return $value;
} else {
return FALSE;
}
case 'value_select':
if (strlen($found['subtype']) > 0) {
$options_r = explode(',', $found['subtype']);
}
if (!is_array($options_r) || in_array($value, $options_r) !== FALSE) {
return $value;
} else {
return FALSE;
}
//case 'readonly':
// return $value;
//case 'text':
//case 'password':
//case 'textarea':
// return addslashes(replace_newlines(trim($value)));
//case 'readonly':
// return $value;
//case 'text':
//case 'password':
//case 'textarea':
// return addslashes(replace_newlines(trim($value)));
default:
return addslashes(replace_newlines(trim($value)));
}
//switch
db_free_result($result);
} else {
return FALSE;
}
}
//else
return FALSE;
}
/**
Generate a list of user themes.
*/
function get_user_theme_r()
{
$handle = opendir('./theme');
while ($file = readdir($handle)) {
if (!ereg("^[.]", $file) && is_dir("./theme/{$file}")) {
if (is_exists_theme($file)) {
$themes[] = $file;
}
}
}
closedir($handle);
if (is_not_empty_array($themes)) {
return $themes;
} else {
// empty array as last resort.
return array();
}
}