예제 #1
0
         $ERROR++;
         $ERRORSTR[] = "You must provide the firstname of the key contact.";
     }
     if (isset($_POST["keys_lastname"]) && ($tmp_input = clean_input($_POST["keys_lastname"], array("trim", "notags")))) {
         $PROCESSED["keys_lastname"] = $tmp_input;
     } else {
         $ERROR++;
         $ERRORSTR[] = "You must provide the lastname of the key contact.";
     }
     if (isset($_POST["keys_phone"]) && ($tmp_input = clean_input($_POST["keys_phone"], array("trim", "notags")))) {
         $PROCESSED["keys_phone"] = $tmp_input;
     } else {
         $ERROR++;
         $ERRORSTR[] = "You must provide the telephone number of the key contact.";
     }
     if (isset($_POST["keys_email"]) && ($tmp_input = clean_input($_POST["keys_email"], array("trim", "notags"))) && valid_address($tmp_input)) {
         $PROCESSED["keys_email"] = $tmp_input;
     } else {
         $ERROR++;
         $ERRORSTR[] = "You must provide a valid e-mail address for the key contact.";
     }
 }
 /**
  * Required field "release_date" / Available Start (validated through validate_calendars function).
  * Non-required field "release_until" / Available Finish (validated through validate_calendars function).
  */
 $available_date = validate_calendars("available", true, false, false);
 if (isset($available_date["start"]) && (int) $available_date["start"]) {
     $PROCESSED["available_start"] = (int) $available_date["start"];
 } else {
     $PROCESSED["available_start"] = 0;
예제 #2
0
if (isset($_POST['submit_edits'])) {
    $firstname = $_POST['textbox_FirstName'];
    $lastname = $_POST['textbox_LastName'];
    $address = $_POST['textbox_Address'];
    $gender = $_POST['gender'];
    $mobile = $_POST['textbox_Mobile'];
    $firstname = htmlspecialchars($firstname);
    $lastname = htmlspecialchars($lastname);
    $address = htmlspecialchars($address);
    if (!valid_name($firstname)) {
        echo "Invalid First name<br/>";
    } else {
        if (!valid_name($lastname)) {
            echo "Invalid Last name<br/>";
        } else {
            if (!valid_address($address)) {
                echo "Invalid Address name<br/>";
            } else {
                if (!ctype_digit($mobile)) {
                    echo "Invalid Mobile Number<br/>";
                } else {
                    update_user($user_id, 'FirstName', $firstname);
                    update_user($user_id, 'LastName', $lastname);
                    update_user($user_id, 'Address', $address);
                    update_user($user_id, 'Gender', $gender);
                    update_user($user_id, 'Mobile', $mobile);
                }
            }
        }
    }
}
예제 #3
0
switch ($STEP) {
    case 6:
    case 5:
        if (isset($_POST["admin_firstname"]) && ($admin_firstname = clean_input($_POST["admin_firstname"], "trim"))) {
            $PROCESSED["admin_firstname"] = $admin_firstname;
        } else {
            $ERROR++;
            $ERRORSTR[] = "The first name of the administrator for your install of Entrada must be entered before continuing.";
        }
        if (isset($_POST["admin_lastname"]) && ($admin_lastname = clean_input($_POST["admin_lastname"], "trim"))) {
            $PROCESSED["admin_lastname"] = $admin_lastname;
        } else {
            $ERROR++;
            $ERRORSTR[] = "The last name of the administrator for your install of Entrada must be entered before continuing.";
        }
        if (isset($_POST["admin_email"]) && ($admin_email = clean_input($_POST["admin_email"], array("trim", "lower"))) && @valid_address($admin_email)) {
            $PROCESSED["admin_email"] = $admin_email;
        } else {
            $ERROR++;
            $ERRORSTR[] = "A valid E-mail for the administrator of your install of Entrada must be entered before continuing.";
        }
        if (isset($_POST["admin_username"]) && ($admin_username = clean_input($_POST["admin_username"], "credentials"))) {
            $PROCESSED["admin_username"] = $admin_username;
        } else {
            $ERROR++;
            $ERRORSTR[] = "The username of the administrator for your install of Entrada must be entered before continuing.";
        }
        if (isset($_POST["admin_password"]) && ($admin_password = $_POST["admin_password"])) {
            if (isset($_POST["re_admin_password"]) && ($re_admin_password = $_POST["re_admin_password"]) && $re_admin_password == $admin_password) {
                $PROCESSED["admin_password_hash"] = md5($re_admin_password);
            } else {
}
$BREADCRUMB[] = array("url" => ENTRADA_RELATIVE . "/", "title" => APPLICATION_NAME);
$BREADCRUMB[] = array("url" => ENTRADA_RELATIVE . "/password_reset", "title" => "Password Reset");
if (!isset($_SESSION["reset_page_accesses"])) {
    $_SESSION["reset_page_accesses"] = 1;
} else {
    $_SESSION["reset_page_accesses"]++;
}
/**
 * Fetch the hash from the URL if it exists.
 */
$hash = isset($_GET["hash"]) && ($tmp_input = clean_input($_GET["hash"], array("notags", "nows"))) ? $tmp_input : false;
/**
 * Fetch the e-mail address from the form post if it exists.
 */
if (isset($_POST["email_address"]) && valid_address($_POST["email_address"]) && ($tmp_input = clean_input($_POST["email_address"]))) {
    $email_address = $tmp_input;
} else {
    $email_address = false;
}
?>

<h1><?php 
echo APPLICATION_NAME;
?>
 Password Reset</h1>

<?php 
if ($hash) {
    if (isset($_POST["npassword1"]) && isset($_POST["npassword2"])) {
        $STEP = 4;
예제 #5
0
     $ERROR++;
     $ERRORSTR[] = "The primary e-mail address is a required field.";
 }
 /**
  * Non-required field "office_hours" / Office Hours.
  */
 if (isset($_POST["office_hours"]) && ($office_hours = clean_input($_POST["office_hours"], array("notags", "encode", "trim")))) {
     $PROCESSED["office_hours"] = strlen($office_hours) > 100 ? substr($office_hours, 0, 97) . "..." : $office_hours;
 } else {
     $PROCESSED["office_hours"] = "";
 }
 /**
  * Non-required field "email_alt" / Alternative E-Mail.
  */
 if (isset($_POST["email_alt"]) && ($email_alt = clean_input($_POST["email_alt"], "trim", "lower"))) {
     if (@valid_address($email_alt)) {
         $PROCESSED["email_alt"] = $email_alt;
     } else {
         $ERROR++;
         $ERRORSTR[] = "The alternative e-mail address you have provided is invalid. Please make sure that you provide a properly formatted e-mail address or leave this field empty if you do not wish to display one.";
     }
 } else {
     $PROCESSED["email_alt"] = "";
 }
 /**
  * Non-required field "telephone" / Telephone Number.
  */
 if (isset($_POST["telephone"]) && ($telephone = clean_input($_POST["telephone"], "trim")) && strlen($telephone) >= 10 && strlen($telephone) <= 25) {
     $PROCESSED["telephone"] = $telephone;
 } else {
     $PROCESSED["telephone"] = "";
예제 #6
0
     $ERRORSTR[] = "The firstname of the user is a required field.";
 }
 /**
  * Required field "lastname" / Lastname.
  */
 if (isset($_POST["lastname"]) && ($lastname = clean_input($_POST["lastname"], "trim"))) {
     $PROCESSED["lastname"] = $lastname;
 } else {
     $ERROR++;
     $ERRORSTR[] = "The lastname of the user is a required field.";
 }
 /**
  * Required field "email" / Primary E-Mail.
  */
 if (isset($_POST["email"]) && ($email = clean_input($_POST["email"], "trim", "lower"))) {
     if (@valid_address($email)) {
         $query = "SELECT * FROM `" . AUTH_DATABASE . "`.`user_data`\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN `" . AUTH_DATABASE . "`.`user_access` ON `user_access`.`user_id` = `user_data`.`id`\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE `user_data`.`email` = " . $db->qstr($email) . "\n\t\t\t\t\t\t\t\t\t\t\t\tAND (`user_access`.`group` != 'guest' && `user_access`.`role` != 'communityinvite');";
         $result = $db->GetRow($query);
         if ($result) {
             $ERROR++;
             $ERRORSTR[] = "The e-mail address <strong>" . html_encode($email) . "</strong> already exists in the system for username <strong>" . html_encode($result["username"]) . "</strong>. Please provide a unique e-mail address for this user or select the existing user on the <strong>Add Members</strong> tab.";
         } else {
             $PROCESSED["email"] = $email;
         }
     } else {
         $ERROR++;
         $ERRORSTR[] = "The primary e-mail address you have provided is invalid. Please make sure that you provide a properly formatted e-mail address.";
     }
 } else {
     $ERROR++;
     $ERRORSTR[] = "The primary e-mail address is a required field.";
예제 #7
0
function regionaled_apartment_notification($type, $to = array(), $keywords = array())
{
    global $ERROR, $NOTICE, $SUCCESS, $ERRORSTR, $NOTICESTR, $SUCCESSSTR, $AGENT_CONTACTS, $ENTRADA_TEMPLATE;
    if (!is_array($to) || !isset($to["email"]) || !valid_address($to["email"]) || !isset($to["firstname"]) || !isset($to["lastname"])) {
        application_log("error", "Attempting to send a regionaled_apartment_notification() how the recipient information was not complete.");
        return false;
    }
    if (!in_array($type, array("delete", "confirmation", "rejected"))) {
        application_log("error", "Encountered an unrecognized notification type [" . $type . "] when attempting to send a regionaled_apartment_notification().");
        return false;
    }
    $xml_file = $ENTRADA_TEMPLATE->absolute() . "/email/regionaled-learner-accommodation-" . $type . ".xml";
    $xml = @simplexml_load_file($xml_file);
    if ($xml && isset($xml->lang->{DEFAULT_LANGUAGE})) {
        $subject = trim($xml->lang->{DEFAULT_LANGUAGE}->subject);
        $message = trim($xml->lang->{DEFAULT_LANGUAGE}->body);
        foreach ($keywords as $keyword => $value) {
            $subject = str_ireplace("%" . strtoupper($keyword) . "%", $value, $subject);
            $message = str_ireplace("%" . strtoupper($keyword) . "%", $value, $message);
        }
        /**
         * Notify the learner they have been removed from this apartment.
         */
        $mail = new Zend_Mail();
        $mail->addHeader("X-Originating-IP", $_SERVER["REMOTE_ADDR"]);
        $mail->addHeader("X-Section", $keywords["department_tile"] . " Accommodations Module", true);
        $mail->clearFrom();
        $mail->clearSubject();
        $mail->setFrom($AGENT_CONTACTS["agent-regionaled"][$keywords["department_id"]]["email"], APPLICATION_NAME . $keywords["department_tile"] . " Accommodation System");
        $mail->setSubject($subject);
        $mail->setBodyText(clean_input($message, "emailcontent"));
        $mail->clearRecipients();
        $mail->addTo($to["email"], $to["firstname"] . " " . $to["lastname"]);
        if ($mail->send()) {
            return true;
        } else {
            $NOTICE++;
            $NOTICESTR[] = "We were unable to e-mail an e-mail notification <strong>" . $to["email"] . "</strong>.<br /><br />A system administrator was notified of this issue, but you may wish to contact this learner manually and let them know their accommodation has ben removed.";
            application_log("error", "Unable to send accommodation notification to [" . $to["email"] . "] / type [" . $type . "]. Zend_Mail said: " . $mail->ErrorInfo);
        }
    } else {
        application_log("error", "Unable to load the XML file [" . $xml_file . "] or the XML file did not contain the language requested [" . DEFAULT_LANGUAGE . "], when attempting to send a regional education notification.");
    }
    return false;
}
예제 #8
0
     $ERRORSTR[] = "You have selected &quot;Other Teacher&quot; from the teacher list but have not provided their firstname.";
 }
 /**
  * Required: other_teacher_lname / Lastname
  */
 if (isset($_POST["other_teacher_lname"]) && ($other_teacher_lname = clean_input($_POST["other_teacher_lname"], array("trim", "notags")))) {
     $PROCESSED_TEACHER["lastname"] = $other_teacher_lname;
 } else {
     $ERROR++;
     $ERRORSTR[] = "You have selected &quot;Other Teacher&quot; from the teacher list but have not provided their lastname.";
 }
 /**
  * Not Required: other_teacher_email / E-Mail Address
  */
 if (isset($_POST["other_teacher_email"]) && ($other_teacher_email = clean_input($_POST["other_teacher_email"], array("trim", "notags")))) {
     if (valid_address($other_teacher_email)) {
         $PROCESSED_TEACHER["email"] = $other_teacher_email;
     } else {
         $ERROR++;
         $ERRORSTR[] = "You have selected &quot;Other Teacher&quot; from the teacher list but you have provided us with an invalid e-mail address.";
     }
 } else {
     $PROCESSED_TEACHER["email"] = "";
 }
 if (!$ERROR) {
     if ($PROCESSED_TEACHER["email"]) {
         $query = "SELECT `id` FROM `" . AUTH_DATABASE . "`.`user_data` WHERE `email` = " . $db->qstr($PROCESSED_TEACHER["email"]);
         $result = $db->GetRow($query);
         if ($result) {
             $PROCESSED["instructor_id"] = $result["id"];
         }
  */
 if (isset($_POST["fax"]) && ($fax = clean_input($_POST["fax"], array("notags", "trim")))) {
     $PROCESSED["fax"] = $fax;
 }
 /**
  * Non-required field "phone" / Phone.
  */
 if (isset($_POST["phone"]) && ($phone = clean_input($_POST["phone"], array("notags", "trim")))) {
     $PROCESSED["phone"] = $phone;
 }
 /**
  * Required field "email" /  Email.
  */
 if (isset($_POST["email"]) && ($email = clean_input($_POST["email"], array("notags", "trim", "emailcontent")))) {
     $PROCESSED["email"] = $email;
     if (!valid_address($email)) {
         $ERROR++;
         $ERRORSTR[] = "The <strong>Email</strong> you provided is not valid.";
     }
 } else {
     $ERROR++;
     $ERRORSTR[] = "The <strong>Email</strong> field is required.";
 }
 /**
  * Required field "status" /  Status.
  */
 if (isset($_POST["event_status"]) && ($status = clean_input($_POST["event_status"], array("notags")))) {
     $PROCESSED["event_status"] = $status;
 } else {
     $ERROR++;
     $ERRORSTR[] = "The <strong>Status</strong> field is required.";
예제 #10
0
<?php

include "../controller/headers.php";
$conn = db_connect(_DB_SERVER_, _DB_USER_, _DB_PASSWD_, _DB_NAME_);
if (isset($_SESSION['id_customer']) && isset($_POST["mail"]) && valid_mail($_POST["mail"]) && isset($_POST["phone"]) && valid_phone($_POST["phone"]) && isset($_POST["address"]) && valid_address($_POST["address"]) && isset($_POST["delivery_address"]) && valid_address($_POST["delivery_address"]) && isset($_POST["shipping_address"]) && valid_address($_POST["shipping_address"]) && isset($_POST["postal"]) && valid_postal($_POST["postal"]) && isset($_POST["city"]) && valid_name($_POST["city"]) && isset($_POST["shipping_postal"]) && valid_postal($_POST["shipping_postal"]) && isset($_POST["shipping_city"]) && valid_name($_POST["shipping_city"]) && isset($_POST["delivery_postal"]) && valid_postal($_POST["delivery_postal"]) && isset($_POST["delivery_city"]) && valid_name($_POST["delivery_city"])) {
    $stmt = $conn->prepare("UPDATE gc_customers SET mail=:r_mail, phone=:r_phone, address=:r_address, \n\t\tdelivery_address=:r_delivery_address, shipping_address=:r_shipping_address, postal_code=:r_postal_code, city=:r_city, \n\t\tdelivery_postal_code=:r_delivery_postal_code, delivery_city=:r_delivery_city, \n\t\tshipping_postal_code=:r_shipping_postal_code, shipping_city=:r_shipping_city WHERE id_customer=:r_customer");
    $stmt->execute(array('r_mail' => $_POST['mail'], 'r_phone' => $_POST['phone'], 'r_address' => $_POST['address'], 'r_delivery_address' => $_POST['delivery_address'], 'r_shipping_address' => $_POST['shipping_address'], 'r_postal_code' => $_POST['postal'], 'r_city' => $_POST['city'], 'r_delivery_postal_code' => $_POST['delivery_postal'], 'r_delivery_city' => $_POST['delivery_city'], 'r_shipping_postal_code' => $_POST['shipping_postal'], 'r_shipping_city' => $_POST['shipping_city'], 'r_customer' => $_SESSION['id_customer']));
    $stmt->closeCursor();
}
if (isset($_SESSION['id_customer']) && isset($_POST["firstname"]) && isset($_POST["lastname"]) && isset($_POST["card_type"]) && isset($_POST["card_number"]) && isset($_POST["cryptogram"]) && isset($_POST["expiring_date"])) {
    $stmt = $conn->prepare("UPDATE gc_cards SET firstname_customer=:r_firstname_card, lastname_customer=:r_lastname_card, \n\t\tcard_type=:r_card_type, card_number=:r_card_number, cryptogram=:r_cryptogram, expiring_date=:r_expiring_date\n\t\tWHERE id_customer=:r_customer");
    $stmt->execute(array('r_firstname_card' => ucfirst(strtolower($_POST['firstname'])), 'r_lastname_card' => ucfirst(strtolower($_POST['lastname'])), 'r_card_type' => $_POST['card_type'], 'r_card_number' => $_POST['card_number'], 'r_cryptogram' => $_POST['cryptogram'], 'r_expiring_date' => $_POST['expiring_date'], 'r_customer' => $_SESSION['id_customer']));
    $stmt->closeCursor();
}
header('Location: ../view/account.php');
예제 #11
0
<?php

include "../controller/headers.php";
$conn = db_connect(_DB_SERVER_, _DB_USER_, _DB_PASSWD_, _DB_NAME_);
if (is_Not_Null($_POST["lastname"]) && valid_name($_POST["lastname"]) && is_Not_Null($_POST["firstname"]) && valid_name($_POST["firstname"]) && is_Not_Null($_POST["birthday"]) && valid_birthday($_POST["birthday"]) && is_Not_Null($_POST["phone"]) && valid_phone($_POST["phone"]) && is_Not_Null($_POST["address"]) && valid_address($_POST["address"]) && is_Not_Null($_POST["postal"]) && valid_postal($_POST["postal"]) && is_Not_Null($_POST["city"]) && valid_name($_POST["city"]) && is_Not_Null($_POST["email"]) && valid_mail($_POST["email"]) && is_Not_Null($_POST["pwd"]) && is_Not_Null($_POST["pwd2"]) && valid_pwd($_POST["pwd"], $_POST["pwd2"])) {
    $stmt3 = $conn->prepare("SELECT mail FROM gc_customers WHERE mail = :r_mail");
    $stmt3->execute(array('r_mail' => $_POST['email']));
    if ($stmt3->fetch() == false) {
        $stmt = $conn->prepare("INSERT INTO gc_customers (firstname_customer, lastname_customer, birthday, mail, \n\t\t\tphone, pwd, address ,delivery_address, shipping_address, postal_code, city, delivery_postal_code, delivery_city, shipping_postal_code, \n\t\t\tshipping_city) VALUES(:r_firstname, :r_lastname, :r_birthday, :r_mail, :r_phone, :r_pwd, :r_address, :r_address, :r_address, :r_postal, \n\t\t\t:r_city, :r_postal, :r_city, :r_postal, :r_city)");
        $stmt->execute(array('r_lastname' => ucfirst(strtolower($_POST["lastname"])), 'r_firstname' => ucfirst(strtolower($_POST["firstname"])), 'r_birthday' => $_POST["birthday"], 'r_phone' => $_POST["phone"], 'r_address' => $_POST["address"], 'r_postal' => $_POST["postal"], 'r_city' => $_POST["city"], 'r_mail' => $_POST['email'], 'r_pwd' => md5($_POST['pwd'])));
        $stmt->closeCursor();
        $stmt = $conn->prepare("SELECT id_customer, firstname_customer FROM gc_customers WHERE mail = :r_mail");
        $stmt->execute(array('r_mail' => $_POST['email']));
        $res = $stmt->fetch();
        $stmt2 = $conn->prepare("INSERT INTO gc_cards (firstname_customer, lastname_customer, card_type, id_customer) \n\t\t\t\t\tVALUES('','','',:r_customer)");
        $stmt2->execute(array('r_customer' => $res['id_customer']));
        $_SESSION['id_customer'] = $res['id_customer'];
        $_SESSION['firstname_customer'] = $res['firstname_customer'];
        header('Location: ../view/index.php');
        $stmt2->closeCursor();
        $stmt->closeCursor();
    } else {
        echo '<script>alert("' . utf8_decode("Ce compte existe déja!") . '")</script>';
        header('Refresh: 0; URL=../view/login.php');
    }
} else {
    header('Location: ../view/login.php');
}
예제 #12
0
/**
 * Processes the personal info update. source data retrieved from POST. modifies the $PROCESSED variable 
 */
function profile_update_personal_info()
{
    global $db, $PROCESSED, $PROFILE_NAME_PREFIX, $ERROR, $ERRORSTR, $SUCCESS, $SUCCESSSTR, $NOTICE, $NOTICESTR, $PROCESSED_PHOTO, $PROCESSED_PHOTO_STATUS, $PROCESSED_NOTIFICATIONS, $VALID_MIME_TYPES, $ENTRADA_USER;
    if (isset($_POST["custom"]) && $_POST["custom"]) {
        /*
         * Fetch the custom fields
         */
        $query = "SELECT * FROM `profile_custom_fields` WHERE `organisation_id` = " . $db->qstr($ENTRADA_USER->getActiveOrganisation()) . " ORDER BY `organisation_id`, `department_id`, `id`";
        $dep_fields = $db->GetAssoc($query);
        if ($dep_fields) {
            foreach ($dep_fields as $field_id => $field) {
                switch (strtolower($field["type"])) {
                    case "checkbox":
                        if (isset($_POST["custom"][$field["department_id"]][$field_id])) {
                            $PROCESSED["custom"][$field_id] = "1";
                        } else {
                            $PROCESSED["custom"][$field_id] = "0";
                        }
                        break;
                    default:
                        if ($_POST["custom"][$field["department_id"]][$field_id]) {
                            if ($field["length"] != NULL && strlen($_POST["custom"][$field["department_id"]][$field_id]) > $field["length"]) {
                                add_error("<strong>" . $field["title"] . "</strong> has a character limit of <strong>" . $field["length"] . "</strong> and you have entered <strong>" . strlen($_POST["custom"][$field["department_id"]][$field_id]) . "</strong> characters. Please edit your response and re-save your profile.");
                            } else {
                                $PROCESSED["custom"][$field_id] = clean_input($_POST["custom"][$field["department_id"]][$field_id], array("trim", strtolower($field["type"]) == "richtext" ? "html" : (strtolower($field["type"]) == "twitter" ? "alphanumeric" : "striptags")));
                            }
                        } else {
                            if ($field["mandatory"] == "1") {
                                add_error("<strong>" . $field["title"] . "</strong> is a required field, please enter a response and re-save your profile.");
                            }
                        }
                        break;
                }
            }
        }
    }
    if (isset($_POST["publications"]) && $_POST["publications"]) {
        foreach ($_POST["publications"] as $pub_type => $ppublications) {
            foreach ($ppublications as $department_id => $publications) {
                foreach ($publications as $publication_id => $status) {
                    $PROCESSED["publications"][$pub_type][$department_id][] = clean_input($publication_id, "numeric");
                }
            }
        }
    }
    if (isset($PROFILE_NAME_PREFIX) && is_array($PROFILE_NAME_PREFIX) && isset($_POST["prefix"]) && in_array($_POST["prefix"], $PROFILE_NAME_PREFIX)) {
        /*
         * To prevent students from providing a prefix when they shouldn't be setting
         * one I need to know if they already have one or not.
         */
        if ($ENTRADA_USER->getGroup() == "student") {
            $query = "SELECT `prefix` FROM `" . AUTH_DATABASE . "`.`user_data` WHERE `id` = " . $db->qstr($ENTRADA_USER->GetProxyId());
            $prefix = $db->GetOne($query);
        } else {
            $prefix = false;
        }
        if ($ENTRADA_USER->getGroup() != "student" || $prefix) {
            /*
             * Doing this safe because we are checking that the value of $_POST["prefix"] is set in the $PROFILE_NAME_PREFIX array above.
             */
            $PROCESSED["prefix"] = $_POST["prefix"];
        }
    } else {
        $PROCESSED["prefix"] = "";
    }
    if (isset($_POST["office_hours"]) && ($office_hours = clean_input($_POST["office_hours"], array("notags", "encode", "trim"))) && $_SESSION["details"]["group"] != "student") {
        $PROCESSED["office_hours"] = strlen($office_hours) > 100 ? substr($office_hours, 0, 97) . "..." : $office_hours;
    } else {
        $PROCESSED["office_hours"] = "";
    }
    if ($_SESSION["permissions"][$ENTRADA_USER->getAccessId()]["group"] == "faculty") {
        if (isset($_POST["email"]) && ($email = clean_input($_POST["email"], "trim", "lower"))) {
            if (valid_address($email)) {
                $PROCESSED["email"] = $email;
            } else {
                $ERROR++;
                $ERRORSTR[] = "The primary e-mail address you have provided is invalid. Please make sure that you provide a properly formatted e-mail address.";
            }
        } else {
            $ERROR++;
            $ERRORSTR[] = "The primary e-mail address is a required field.";
        }
    }
    if (isset($_POST["email_alt"]) && $_POST["email_alt"] != "") {
        if (valid_address(trim($_POST["email_alt"]))) {
            $PROCESSED["email_alt"] = strtolower(trim($_POST["email_alt"]));
        } else {
            $ERROR++;
            $ERRORSTR[] = "The secondary e-mail address you have provided is invalid. Please make sure that you provide a properly formatted e-mail address or leave this field empty if you do not wish to display one.";
        }
    } else {
        $PROCESSED["email_alt"] = "";
    }
    if (isset($_POST["telephone"]) && strlen(trim($_POST["telephone"])) >= 10 && strlen(trim($_POST["telephone"])) <= 25) {
        $PROCESSED["telephone"] = strtolower(trim($_POST["telephone"]));
    } else {
        $PROCESSED["telephone"] = "";
    }
    if (isset($_POST["fax"]) && strlen(trim($_POST["fax"])) >= 10 && strlen(trim($_POST["fax"])) <= 25) {
        $PROCESSED["fax"] = strtolower(trim($_POST["fax"]));
    } else {
        $PROCESSED["fax"] = "";
    }
    if (isset($_POST["address"]) && strlen(trim($_POST["address"])) >= 6 && strlen(trim($_POST["address"])) <= 255) {
        $PROCESSED["address"] = ucwords(strtolower(trim($_POST["address"])));
    } else {
        $PROCESSED["address"] = "";
    }
    if (isset($_POST["city"]) && strlen(trim($_POST["city"])) >= 3 && strlen(trim($_POST["city"])) <= 35) {
        $PROCESSED["city"] = ucwords(strtolower(trim($_POST["city"])));
    } else {
        $PROCESSED["city"] = "";
    }
    if (isset($_POST["postcode"]) && strlen(trim($_POST["postcode"])) >= 5 && strlen(trim($_POST["postcode"])) <= 12) {
        $PROCESSED["postcode"] = strtoupper(trim($_POST["postcode"]));
    } else {
        $PROCESSED["postcode"] = "";
    }
    if (isset($_POST["country_id"]) && ($tmp_input = clean_input($_POST["country_id"], "int"))) {
        $query = "SELECT * FROM `global_lu_countries` WHERE `countries_id` = " . $db->qstr($tmp_input);
        $result = $db->GetRow($query);
        if ($result) {
            $PROCESSED["country_id"] = $tmp_input;
        } else {
            $ERROR++;
            $ERRORSTR[] = "The selected country does not exist in our countries database. Please select a valid country.";
            application_log("error", "Unknown countries_id [" . $tmp_input . "] was selected. Database said: " . $db->ErrorMsg());
        }
    } else {
        $ERROR++;
        $ERRORSTR[] = "You must select a country.";
    }
    if (isset($_POST["prov_state"]) && ($tmp_input = clean_input($_POST["prov_state"], array("trim", "notags")))) {
        $PROCESSED["province_id"] = 0;
        $PROCESSED["province"] = "";
        if (ctype_digit($tmp_input) && ($tmp_input = (int) $tmp_input)) {
            if ($PROCESSED["country_id"]) {
                $query = "SELECT * FROM `global_lu_provinces` WHERE `province_id` = " . $db->qstr($tmp_input) . " AND `country_id` = " . $db->qstr($PROCESSED["country_id"]);
                $result = $db->GetRow($query);
                if (!$result) {
                    $ERROR++;
                    $ERRORSTR[] = "The province / state you have selected does not appear to exist in our database. Please selected a valid province / state.";
                }
            }
            $PROCESSED["province_id"] = $tmp_input;
        } else {
            $PROCESSED["province"] = $tmp_input;
        }
        $PROCESSED["prov_state"] = $PROCESSED["province_id"] ? $PROCESSED["province_id"] : ($PROCESSED["province"] ? $PROCESSED["province"] : "");
    }
    if (!$ERROR) {
        if ($db->AutoExecute(AUTH_DATABASE . ".user_data", $PROCESSED, "UPDATE", "`id` = " . $db->qstr($ENTRADA_USER->getID()))) {
            $SUCCESS++;
            $SUCCESSSTR[] = "Your account profile has been successfully updated.";
            application_log("success", "User successfully updated their profile.");
            if (isset($PROCESSED["custom"])) {
                foreach ($PROCESSED["custom"] as $field_id => $value) {
                    $query = "DELETE FROM `profile_custom_responses` WHERE `field_id` = " . $db->qstr($field_id) . " AND `proxy_id` = " . $db->qstr($ENTRADA_USER->getID());
                    $db->Execute($query);
                    $query = "INSERT INTO `profile_custom_responses` (`field_id`, `proxy_id`, `value`) VALUES (" . $db->qstr($field_id) . ", " . $db->qstr($ENTRADA_USER->getID()) . ", " . $db->qstr($value) . ")";
                    $db->Execute($query);
                }
            }
            if (isset($PROCESSED["publications"])) {
                $query = "DELETE FROM `profile_publications` WHERE `proxy_id` = " . $db->qstr($ENTRADA_USER->getID());
                if ($db->Execute($query)) {
                    foreach ($PROCESSED["publications"] as $pub_type => $ppublications) {
                        foreach ($ppublications as $dep_id => $publications) {
                            foreach ($publications as $publication) {
                                $query = "INSERT INTO `profile_publications` (`pub_type`, `pub_id`, `dep_id`, `proxy_id`) VALUES (" . $db->qstr($pub_type) . ", " . $db->qstr($publication) . ", " . $db->qstr($dep_id) . ", " . $db->qstr($ENTRADA_USER->getID()) . ")";
                                $db->Execute($query);
                            }
                        }
                    }
                }
            }
        } else {
            $ERROR++;
            $ERRORSTR[] = "We were unfortunately unable to update your profile at this time. The system administrator has been informed of the problem, please try again later.";
            application_log("error", "Unable to update user profile. Database said: " . $db->ErrorMsg());
        }
    }
}
예제 #13
0
/**
 * Sends email based on the specified type using templates from $ENTRADA_TEMPLATE->absolute()/email directory
 * @param string $type One of "reason", "noreason"
 * @param array $to associative array consisting of firstname, lastname, and email
 * @param array $keywords Associative array of keywords mapped to the replacement contents
 */
function submission_rejection_notification($type, $to = array(), $keywords = array())
{
    global $AGENT_CONTACTS, $ENTRADA_TEMPLATE;
    if (!is_array($to) || !isset($to["email"]) || !valid_address($to["email"]) || !isset($to["firstname"]) || !isset($to["lastname"])) {
        application_log("error", "Attempting to send a submission_rejection_notification() however the recipient information was not complete.");
        return false;
    }
    if (!in_array($type, array("reason", "noreason"))) {
        application_log("error", "Encountered an unrecognized notification type [" . $type . "] when attempting to send a submission_rejection_notification().");
        return false;
    }
    $xml_file = $ENTRADA_TEMPLATE->absolute() . "/email/mspr-rejection-" . $type . ".xml";
    try {
        require_once "Models/utility/Template.class.php";
        require_once "Models/utility/TemplateMailer.class.php";
        $template = new Template($xml_file);
        $mail = new TemplateMailer(new Zend_Mail());
        $mail->addHeader("X-Section", "MSPR Module", true);
        $from = array("email" => $AGENT_CONTACTS["agent-notifications"]["email"], "firstname" => "MSPR System", "lastname" => "");
        if ($mail->send($template, $to, $from, DEFAULT_LANGUAGE, $keywords)) {
            return true;
        } else {
            add_notice("We were unable to e-mail a task notification <strong>" . $to["email"] . "</strong>.<br /><br />A system administrator was notified of this issue, but you may wish to contact this individual manually and let them know their task verification status.");
            application_log("error", "Unable to send task verification notification to [" . $to["email"] . "] / type [" . $type . "]. Zend_Mail said: " . $mail->ErrorInfo);
        }
    } catch (Exception $e) {
        application_log("error", "Unable to load the XML file [" . $xml_file . "] or the XML file did not contain the language requested [" . DEFAULT_LANGUAGE . "], when attempting to send a regional education notification.");
    }
    return false;
}