$ERROR++;
$ERRORSTR[] = "You must provide the firstname of the key contact.";
}
if (isset($_POST["keys_lastname"]) && ($tmp_input = clean_input($_POST["keys_lastname"], array("trim", "notags")))) {
$PROCESSED["keys_lastname"] = $tmp_input;
} else {
$ERROR++;
$ERRORSTR[] = "You must provide the lastname of the key contact.";
}
if (isset($_POST["keys_phone"]) && ($tmp_input = clean_input($_POST["keys_phone"], array("trim", "notags")))) {
$PROCESSED["keys_phone"] = $tmp_input;
} else {
$ERROR++;
$ERRORSTR[] = "You must provide the telephone number of the key contact.";
}
if (isset($_POST["keys_email"]) && ($tmp_input = clean_input($_POST["keys_email"], array("trim", "notags"))) && valid_address($tmp_input)) {
$PROCESSED["keys_email"] = $tmp_input;
} else {
$ERROR++;
$ERRORSTR[] = "You must provide a valid e-mail address for the key contact.";
}
}
/**
* Required field "release_date" / Available Start (validated through validate_calendars function).
* Non-required field "release_until" / Available Finish (validated through validate_calendars function).
*/
$available_date = validate_calendars("available", true, false, false);
if (isset($available_date["start"]) && (int) $available_date["start"]) {
$PROCESSED["available_start"] = (int) $available_date["start"];
} else {
$PROCESSED["available_start"] = 0;
if (isset($_POST['submit_edits'])) {
$firstname = $_POST['textbox_FirstName'];
$lastname = $_POST['textbox_LastName'];
$address = $_POST['textbox_Address'];
$gender = $_POST['gender'];
$mobile = $_POST['textbox_Mobile'];
$firstname = htmlspecialchars($firstname);
$lastname = htmlspecialchars($lastname);
$address = htmlspecialchars($address);
if (!valid_name($firstname)) {
echo "Invalid First name<br/>";
} else {
if (!valid_name($lastname)) {
echo "Invalid Last name<br/>";
} else {
if (!valid_address($address)) {
echo "Invalid Address name<br/>";
} else {
if (!ctype_digit($mobile)) {
echo "Invalid Mobile Number<br/>";
} else {
update_user($user_id, 'FirstName', $firstname);
update_user($user_id, 'LastName', $lastname);
update_user($user_id, 'Address', $address);
update_user($user_id, 'Gender', $gender);
update_user($user_id, 'Mobile', $mobile);
}
}
}
}
}
switch ($STEP) {
case 6:
case 5:
if (isset($_POST["admin_firstname"]) && ($admin_firstname = clean_input($_POST["admin_firstname"], "trim"))) {
$PROCESSED["admin_firstname"] = $admin_firstname;
} else {
$ERROR++;
$ERRORSTR[] = "The first name of the administrator for your install of Entrada must be entered before continuing.";
}
if (isset($_POST["admin_lastname"]) && ($admin_lastname = clean_input($_POST["admin_lastname"], "trim"))) {
$PROCESSED["admin_lastname"] = $admin_lastname;
} else {
$ERROR++;
$ERRORSTR[] = "The last name of the administrator for your install of Entrada must be entered before continuing.";
}
if (isset($_POST["admin_email"]) && ($admin_email = clean_input($_POST["admin_email"], array("trim", "lower"))) && @valid_address($admin_email)) {
$PROCESSED["admin_email"] = $admin_email;
} else {
$ERROR++;
$ERRORSTR[] = "A valid E-mail for the administrator of your install of Entrada must be entered before continuing.";
}
if (isset($_POST["admin_username"]) && ($admin_username = clean_input($_POST["admin_username"], "credentials"))) {
$PROCESSED["admin_username"] = $admin_username;
} else {
$ERROR++;
$ERRORSTR[] = "The username of the administrator for your install of Entrada must be entered before continuing.";
}
if (isset($_POST["admin_password"]) && ($admin_password = $_POST["admin_password"])) {
if (isset($_POST["re_admin_password"]) && ($re_admin_password = $_POST["re_admin_password"]) && $re_admin_password == $admin_password) {
$PROCESSED["admin_password_hash"] = md5($re_admin_password);
} else {
}
$BREADCRUMB[] = array("url" => ENTRADA_RELATIVE . "/", "title" => APPLICATION_NAME);
$BREADCRUMB[] = array("url" => ENTRADA_RELATIVE . "/password_reset", "title" => "Password Reset");
if (!isset($_SESSION["reset_page_accesses"])) {
$_SESSION["reset_page_accesses"] = 1;
} else {
$_SESSION["reset_page_accesses"]++;
}
/**
* Fetch the hash from the URL if it exists.
*/
$hash = isset($_GET["hash"]) && ($tmp_input = clean_input($_GET["hash"], array("notags", "nows"))) ? $tmp_input : false;
/**
* Fetch the e-mail address from the form post if it exists.
*/
if (isset($_POST["email_address"]) && valid_address($_POST["email_address"]) && ($tmp_input = clean_input($_POST["email_address"]))) {
$email_address = $tmp_input;
} else {
$email_address = false;
}
?>
<h1><?php
echo APPLICATION_NAME;
?>
Password Reset</h1>
<?php
if ($hash) {
if (isset($_POST["npassword1"]) && isset($_POST["npassword2"])) {
$STEP = 4;
$ERROR++;
$ERRORSTR[] = "The primary e-mail address is a required field.";
}
/**
* Non-required field "office_hours" / Office Hours.
*/
if (isset($_POST["office_hours"]) && ($office_hours = clean_input($_POST["office_hours"], array("notags", "encode", "trim")))) {
$PROCESSED["office_hours"] = strlen($office_hours) > 100 ? substr($office_hours, 0, 97) . "..." : $office_hours;
} else {
$PROCESSED["office_hours"] = "";
}
/**
* Non-required field "email_alt" / Alternative E-Mail.
*/
if (isset($_POST["email_alt"]) && ($email_alt = clean_input($_POST["email_alt"], "trim", "lower"))) {
if (@valid_address($email_alt)) {
$PROCESSED["email_alt"] = $email_alt;
} else {
$ERROR++;
$ERRORSTR[] = "The alternative e-mail address you have provided is invalid. Please make sure that you provide a properly formatted e-mail address or leave this field empty if you do not wish to display one.";
}
} else {
$PROCESSED["email_alt"] = "";
}
/**
* Non-required field "telephone" / Telephone Number.
*/
if (isset($_POST["telephone"]) && ($telephone = clean_input($_POST["telephone"], "trim")) && strlen($telephone) >= 10 && strlen($telephone) <= 25) {
$PROCESSED["telephone"] = $telephone;
} else {
$PROCESSED["telephone"] = "";
$ERRORSTR[] = "The firstname of the user is a required field.";
}
/**
* Required field "lastname" / Lastname.
*/
if (isset($_POST["lastname"]) && ($lastname = clean_input($_POST["lastname"], "trim"))) {
$PROCESSED["lastname"] = $lastname;
} else {
$ERROR++;
$ERRORSTR[] = "The lastname of the user is a required field.";
}
/**
* Required field "email" / Primary E-Mail.
*/
if (isset($_POST["email"]) && ($email = clean_input($_POST["email"], "trim", "lower"))) {
if (@valid_address($email)) {
$query = "SELECT * FROM `" . AUTH_DATABASE . "`.`user_data`\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN `" . AUTH_DATABASE . "`.`user_access` ON `user_access`.`user_id` = `user_data`.`id`\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE `user_data`.`email` = " . $db->qstr($email) . "\n\t\t\t\t\t\t\t\t\t\t\t\tAND (`user_access`.`group` != 'guest' && `user_access`.`role` != 'communityinvite');";
$result = $db->GetRow($query);
if ($result) {
$ERROR++;
$ERRORSTR[] = "The e-mail address <strong>" . html_encode($email) . "</strong> already exists in the system for username <strong>" . html_encode($result["username"]) . "</strong>. Please provide a unique e-mail address for this user or select the existing user on the <strong>Add Members</strong> tab.";
} else {
$PROCESSED["email"] = $email;
}
} else {
$ERROR++;
$ERRORSTR[] = "The primary e-mail address you have provided is invalid. Please make sure that you provide a properly formatted e-mail address.";
}
} else {
$ERROR++;
$ERRORSTR[] = "The primary e-mail address is a required field.";
function regionaled_apartment_notification($type, $to = array(), $keywords = array())
{
global $ERROR, $NOTICE, $SUCCESS, $ERRORSTR, $NOTICESTR, $SUCCESSSTR, $AGENT_CONTACTS, $ENTRADA_TEMPLATE;
if (!is_array($to) || !isset($to["email"]) || !valid_address($to["email"]) || !isset($to["firstname"]) || !isset($to["lastname"])) {
application_log("error", "Attempting to send a regionaled_apartment_notification() how the recipient information was not complete.");
return false;
}
if (!in_array($type, array("delete", "confirmation", "rejected"))) {
application_log("error", "Encountered an unrecognized notification type [" . $type . "] when attempting to send a regionaled_apartment_notification().");
return false;
}
$xml_file = $ENTRADA_TEMPLATE->absolute() . "/email/regionaled-learner-accommodation-" . $type . ".xml";
$xml = @simplexml_load_file($xml_file);
if ($xml && isset($xml->lang->{DEFAULT_LANGUAGE})) {
$subject = trim($xml->lang->{DEFAULT_LANGUAGE}->subject);
$message = trim($xml->lang->{DEFAULT_LANGUAGE}->body);
foreach ($keywords as $keyword => $value) {
$subject = str_ireplace("%" . strtoupper($keyword) . "%", $value, $subject);
$message = str_ireplace("%" . strtoupper($keyword) . "%", $value, $message);
}
/**
* Notify the learner they have been removed from this apartment.
*/
$mail = new Zend_Mail();
$mail->addHeader("X-Originating-IP", $_SERVER["REMOTE_ADDR"]);
$mail->addHeader("X-Section", $keywords["department_tile"] . " Accommodations Module", true);
$mail->clearFrom();
$mail->clearSubject();
$mail->setFrom($AGENT_CONTACTS["agent-regionaled"][$keywords["department_id"]]["email"], APPLICATION_NAME . $keywords["department_tile"] . " Accommodation System");
$mail->setSubject($subject);
$mail->setBodyText(clean_input($message, "emailcontent"));
$mail->clearRecipients();
$mail->addTo($to["email"], $to["firstname"] . " " . $to["lastname"]);
if ($mail->send()) {
return true;
} else {
$NOTICE++;
$NOTICESTR[] = "We were unable to e-mail an e-mail notification <strong>" . $to["email"] . "</strong>.<br /><br />A system administrator was notified of this issue, but you may wish to contact this learner manually and let them know their accommodation has ben removed.";
application_log("error", "Unable to send accommodation notification to [" . $to["email"] . "] / type [" . $type . "]. Zend_Mail said: " . $mail->ErrorInfo);
}
} else {
application_log("error", "Unable to load the XML file [" . $xml_file . "] or the XML file did not contain the language requested [" . DEFAULT_LANGUAGE . "], when attempting to send a regional education notification.");
}
return false;
}
$ERRORSTR[] = "You have selected "Other Teacher" from the teacher list but have not provided their firstname.";
}
/**
* Required: other_teacher_lname / Lastname
*/
if (isset($_POST["other_teacher_lname"]) && ($other_teacher_lname = clean_input($_POST["other_teacher_lname"], array("trim", "notags")))) {
$PROCESSED_TEACHER["lastname"] = $other_teacher_lname;
} else {
$ERROR++;
$ERRORSTR[] = "You have selected "Other Teacher" from the teacher list but have not provided their lastname.";
}
/**
* Not Required: other_teacher_email / E-Mail Address
*/
if (isset($_POST["other_teacher_email"]) && ($other_teacher_email = clean_input($_POST["other_teacher_email"], array("trim", "notags")))) {
if (valid_address($other_teacher_email)) {
$PROCESSED_TEACHER["email"] = $other_teacher_email;
} else {
$ERROR++;
$ERRORSTR[] = "You have selected "Other Teacher" from the teacher list but you have provided us with an invalid e-mail address.";
}
} else {
$PROCESSED_TEACHER["email"] = "";
}
if (!$ERROR) {
if ($PROCESSED_TEACHER["email"]) {
$query = "SELECT `id` FROM `" . AUTH_DATABASE . "`.`user_data` WHERE `email` = " . $db->qstr($PROCESSED_TEACHER["email"]);
$result = $db->GetRow($query);
if ($result) {
$PROCESSED["instructor_id"] = $result["id"];
}
*/
if (isset($_POST["fax"]) && ($fax = clean_input($_POST["fax"], array("notags", "trim")))) {
$PROCESSED["fax"] = $fax;
}
/**
* Non-required field "phone" / Phone.
*/
if (isset($_POST["phone"]) && ($phone = clean_input($_POST["phone"], array("notags", "trim")))) {
$PROCESSED["phone"] = $phone;
}
/**
* Required field "email" / Email.
*/
if (isset($_POST["email"]) && ($email = clean_input($_POST["email"], array("notags", "trim", "emailcontent")))) {
$PROCESSED["email"] = $email;
if (!valid_address($email)) {
$ERROR++;
$ERRORSTR[] = "The <strong>Email</strong> you provided is not valid.";
}
} else {
$ERROR++;
$ERRORSTR[] = "The <strong>Email</strong> field is required.";
}
/**
* Required field "status" / Status.
*/
if (isset($_POST["event_status"]) && ($status = clean_input($_POST["event_status"], array("notags")))) {
$PROCESSED["event_status"] = $status;
} else {
$ERROR++;
$ERRORSTR[] = "The <strong>Status</strong> field is required.";
<?php
include "../controller/headers.php";
$conn = db_connect(_DB_SERVER_, _DB_USER_, _DB_PASSWD_, _DB_NAME_);
if (isset($_SESSION['id_customer']) && isset($_POST["mail"]) && valid_mail($_POST["mail"]) && isset($_POST["phone"]) && valid_phone($_POST["phone"]) && isset($_POST["address"]) && valid_address($_POST["address"]) && isset($_POST["delivery_address"]) && valid_address($_POST["delivery_address"]) && isset($_POST["shipping_address"]) && valid_address($_POST["shipping_address"]) && isset($_POST["postal"]) && valid_postal($_POST["postal"]) && isset($_POST["city"]) && valid_name($_POST["city"]) && isset($_POST["shipping_postal"]) && valid_postal($_POST["shipping_postal"]) && isset($_POST["shipping_city"]) && valid_name($_POST["shipping_city"]) && isset($_POST["delivery_postal"]) && valid_postal($_POST["delivery_postal"]) && isset($_POST["delivery_city"]) && valid_name($_POST["delivery_city"])) {
$stmt = $conn->prepare("UPDATE gc_customers SET mail=:r_mail, phone=:r_phone, address=:r_address, \n\t\tdelivery_address=:r_delivery_address, shipping_address=:r_shipping_address, postal_code=:r_postal_code, city=:r_city, \n\t\tdelivery_postal_code=:r_delivery_postal_code, delivery_city=:r_delivery_city, \n\t\tshipping_postal_code=:r_shipping_postal_code, shipping_city=:r_shipping_city WHERE id_customer=:r_customer");
$stmt->execute(array('r_mail' => $_POST['mail'], 'r_phone' => $_POST['phone'], 'r_address' => $_POST['address'], 'r_delivery_address' => $_POST['delivery_address'], 'r_shipping_address' => $_POST['shipping_address'], 'r_postal_code' => $_POST['postal'], 'r_city' => $_POST['city'], 'r_delivery_postal_code' => $_POST['delivery_postal'], 'r_delivery_city' => $_POST['delivery_city'], 'r_shipping_postal_code' => $_POST['shipping_postal'], 'r_shipping_city' => $_POST['shipping_city'], 'r_customer' => $_SESSION['id_customer']));
$stmt->closeCursor();
}
if (isset($_SESSION['id_customer']) && isset($_POST["firstname"]) && isset($_POST["lastname"]) && isset($_POST["card_type"]) && isset($_POST["card_number"]) && isset($_POST["cryptogram"]) && isset($_POST["expiring_date"])) {
$stmt = $conn->prepare("UPDATE gc_cards SET firstname_customer=:r_firstname_card, lastname_customer=:r_lastname_card, \n\t\tcard_type=:r_card_type, card_number=:r_card_number, cryptogram=:r_cryptogram, expiring_date=:r_expiring_date\n\t\tWHERE id_customer=:r_customer");
$stmt->execute(array('r_firstname_card' => ucfirst(strtolower($_POST['firstname'])), 'r_lastname_card' => ucfirst(strtolower($_POST['lastname'])), 'r_card_type' => $_POST['card_type'], 'r_card_number' => $_POST['card_number'], 'r_cryptogram' => $_POST['cryptogram'], 'r_expiring_date' => $_POST['expiring_date'], 'r_customer' => $_SESSION['id_customer']));
$stmt->closeCursor();
}
header('Location: ../view/account.php');
<?php
include "../controller/headers.php";
$conn = db_connect(_DB_SERVER_, _DB_USER_, _DB_PASSWD_, _DB_NAME_);
if (is_Not_Null($_POST["lastname"]) && valid_name($_POST["lastname"]) && is_Not_Null($_POST["firstname"]) && valid_name($_POST["firstname"]) && is_Not_Null($_POST["birthday"]) && valid_birthday($_POST["birthday"]) && is_Not_Null($_POST["phone"]) && valid_phone($_POST["phone"]) && is_Not_Null($_POST["address"]) && valid_address($_POST["address"]) && is_Not_Null($_POST["postal"]) && valid_postal($_POST["postal"]) && is_Not_Null($_POST["city"]) && valid_name($_POST["city"]) && is_Not_Null($_POST["email"]) && valid_mail($_POST["email"]) && is_Not_Null($_POST["pwd"]) && is_Not_Null($_POST["pwd2"]) && valid_pwd($_POST["pwd"], $_POST["pwd2"])) {
$stmt3 = $conn->prepare("SELECT mail FROM gc_customers WHERE mail = :r_mail");
$stmt3->execute(array('r_mail' => $_POST['email']));
if ($stmt3->fetch() == false) {
$stmt = $conn->prepare("INSERT INTO gc_customers (firstname_customer, lastname_customer, birthday, mail, \n\t\t\tphone, pwd, address ,delivery_address, shipping_address, postal_code, city, delivery_postal_code, delivery_city, shipping_postal_code, \n\t\t\tshipping_city) VALUES(:r_firstname, :r_lastname, :r_birthday, :r_mail, :r_phone, :r_pwd, :r_address, :r_address, :r_address, :r_postal, \n\t\t\t:r_city, :r_postal, :r_city, :r_postal, :r_city)");
$stmt->execute(array('r_lastname' => ucfirst(strtolower($_POST["lastname"])), 'r_firstname' => ucfirst(strtolower($_POST["firstname"])), 'r_birthday' => $_POST["birthday"], 'r_phone' => $_POST["phone"], 'r_address' => $_POST["address"], 'r_postal' => $_POST["postal"], 'r_city' => $_POST["city"], 'r_mail' => $_POST['email'], 'r_pwd' => md5($_POST['pwd'])));
$stmt->closeCursor();
$stmt = $conn->prepare("SELECT id_customer, firstname_customer FROM gc_customers WHERE mail = :r_mail");
$stmt->execute(array('r_mail' => $_POST['email']));
$res = $stmt->fetch();
$stmt2 = $conn->prepare("INSERT INTO gc_cards (firstname_customer, lastname_customer, card_type, id_customer) \n\t\t\t\t\tVALUES('','','',:r_customer)");
$stmt2->execute(array('r_customer' => $res['id_customer']));
$_SESSION['id_customer'] = $res['id_customer'];
$_SESSION['firstname_customer'] = $res['firstname_customer'];
header('Location: ../view/index.php');
$stmt2->closeCursor();
$stmt->closeCursor();
} else {
echo '<script>alert("' . utf8_decode("Ce compte existe déja!") . '")</script>';
header('Refresh: 0; URL=../view/login.php');
}
} else {
header('Location: ../view/login.php');
}
/**
* Processes the personal info update. source data retrieved from POST. modifies the $PROCESSED variable
*/
function profile_update_personal_info()
{
global $db, $PROCESSED, $PROFILE_NAME_PREFIX, $ERROR, $ERRORSTR, $SUCCESS, $SUCCESSSTR, $NOTICE, $NOTICESTR, $PROCESSED_PHOTO, $PROCESSED_PHOTO_STATUS, $PROCESSED_NOTIFICATIONS, $VALID_MIME_TYPES, $ENTRADA_USER;
if (isset($_POST["custom"]) && $_POST["custom"]) {
/*
* Fetch the custom fields
*/
$query = "SELECT * FROM `profile_custom_fields` WHERE `organisation_id` = " . $db->qstr($ENTRADA_USER->getActiveOrganisation()) . " ORDER BY `organisation_id`, `department_id`, `id`";
$dep_fields = $db->GetAssoc($query);
if ($dep_fields) {
foreach ($dep_fields as $field_id => $field) {
switch (strtolower($field["type"])) {
case "checkbox":
if (isset($_POST["custom"][$field["department_id"]][$field_id])) {
$PROCESSED["custom"][$field_id] = "1";
} else {
$PROCESSED["custom"][$field_id] = "0";
}
break;
default:
if ($_POST["custom"][$field["department_id"]][$field_id]) {
if ($field["length"] != NULL && strlen($_POST["custom"][$field["department_id"]][$field_id]) > $field["length"]) {
add_error("<strong>" . $field["title"] . "</strong> has a character limit of <strong>" . $field["length"] . "</strong> and you have entered <strong>" . strlen($_POST["custom"][$field["department_id"]][$field_id]) . "</strong> characters. Please edit your response and re-save your profile.");
} else {
$PROCESSED["custom"][$field_id] = clean_input($_POST["custom"][$field["department_id"]][$field_id], array("trim", strtolower($field["type"]) == "richtext" ? "html" : (strtolower($field["type"]) == "twitter" ? "alphanumeric" : "striptags")));
}
} else {
if ($field["mandatory"] == "1") {
add_error("<strong>" . $field["title"] . "</strong> is a required field, please enter a response and re-save your profile.");
}
}
break;
}
}
}
}
if (isset($_POST["publications"]) && $_POST["publications"]) {
foreach ($_POST["publications"] as $pub_type => $ppublications) {
foreach ($ppublications as $department_id => $publications) {
foreach ($publications as $publication_id => $status) {
$PROCESSED["publications"][$pub_type][$department_id][] = clean_input($publication_id, "numeric");
}
}
}
}
if (isset($PROFILE_NAME_PREFIX) && is_array($PROFILE_NAME_PREFIX) && isset($_POST["prefix"]) && in_array($_POST["prefix"], $PROFILE_NAME_PREFIX)) {
/*
* To prevent students from providing a prefix when they shouldn't be setting
* one I need to know if they already have one or not.
*/
if ($ENTRADA_USER->getGroup() == "student") {
$query = "SELECT `prefix` FROM `" . AUTH_DATABASE . "`.`user_data` WHERE `id` = " . $db->qstr($ENTRADA_USER->GetProxyId());
$prefix = $db->GetOne($query);
} else {
$prefix = false;
}
if ($ENTRADA_USER->getGroup() != "student" || $prefix) {
/*
* Doing this safe because we are checking that the value of $_POST["prefix"] is set in the $PROFILE_NAME_PREFIX array above.
*/
$PROCESSED["prefix"] = $_POST["prefix"];
}
} else {
$PROCESSED["prefix"] = "";
}
if (isset($_POST["office_hours"]) && ($office_hours = clean_input($_POST["office_hours"], array("notags", "encode", "trim"))) && $_SESSION["details"]["group"] != "student") {
$PROCESSED["office_hours"] = strlen($office_hours) > 100 ? substr($office_hours, 0, 97) . "..." : $office_hours;
} else {
$PROCESSED["office_hours"] = "";
}
if ($_SESSION["permissions"][$ENTRADA_USER->getAccessId()]["group"] == "faculty") {
if (isset($_POST["email"]) && ($email = clean_input($_POST["email"], "trim", "lower"))) {
if (valid_address($email)) {
$PROCESSED["email"] = $email;
} else {
$ERROR++;
$ERRORSTR[] = "The primary e-mail address you have provided is invalid. Please make sure that you provide a properly formatted e-mail address.";
}
} else {
$ERROR++;
$ERRORSTR[] = "The primary e-mail address is a required field.";
}
}
if (isset($_POST["email_alt"]) && $_POST["email_alt"] != "") {
if (valid_address(trim($_POST["email_alt"]))) {
$PROCESSED["email_alt"] = strtolower(trim($_POST["email_alt"]));
} else {
$ERROR++;
$ERRORSTR[] = "The secondary e-mail address you have provided is invalid. Please make sure that you provide a properly formatted e-mail address or leave this field empty if you do not wish to display one.";
}
} else {
$PROCESSED["email_alt"] = "";
}
if (isset($_POST["telephone"]) && strlen(trim($_POST["telephone"])) >= 10 && strlen(trim($_POST["telephone"])) <= 25) {
$PROCESSED["telephone"] = strtolower(trim($_POST["telephone"]));
} else {
$PROCESSED["telephone"] = "";
}
if (isset($_POST["fax"]) && strlen(trim($_POST["fax"])) >= 10 && strlen(trim($_POST["fax"])) <= 25) {
$PROCESSED["fax"] = strtolower(trim($_POST["fax"]));
} else {
$PROCESSED["fax"] = "";
}
if (isset($_POST["address"]) && strlen(trim($_POST["address"])) >= 6 && strlen(trim($_POST["address"])) <= 255) {
$PROCESSED["address"] = ucwords(strtolower(trim($_POST["address"])));
} else {
$PROCESSED["address"] = "";
}
if (isset($_POST["city"]) && strlen(trim($_POST["city"])) >= 3 && strlen(trim($_POST["city"])) <= 35) {
$PROCESSED["city"] = ucwords(strtolower(trim($_POST["city"])));
} else {
$PROCESSED["city"] = "";
}
if (isset($_POST["postcode"]) && strlen(trim($_POST["postcode"])) >= 5 && strlen(trim($_POST["postcode"])) <= 12) {
$PROCESSED["postcode"] = strtoupper(trim($_POST["postcode"]));
} else {
$PROCESSED["postcode"] = "";
}
if (isset($_POST["country_id"]) && ($tmp_input = clean_input($_POST["country_id"], "int"))) {
$query = "SELECT * FROM `global_lu_countries` WHERE `countries_id` = " . $db->qstr($tmp_input);
$result = $db->GetRow($query);
if ($result) {
$PROCESSED["country_id"] = $tmp_input;
} else {
$ERROR++;
$ERRORSTR[] = "The selected country does not exist in our countries database. Please select a valid country.";
application_log("error", "Unknown countries_id [" . $tmp_input . "] was selected. Database said: " . $db->ErrorMsg());
}
} else {
$ERROR++;
$ERRORSTR[] = "You must select a country.";
}
if (isset($_POST["prov_state"]) && ($tmp_input = clean_input($_POST["prov_state"], array("trim", "notags")))) {
$PROCESSED["province_id"] = 0;
$PROCESSED["province"] = "";
if (ctype_digit($tmp_input) && ($tmp_input = (int) $tmp_input)) {
if ($PROCESSED["country_id"]) {
$query = "SELECT * FROM `global_lu_provinces` WHERE `province_id` = " . $db->qstr($tmp_input) . " AND `country_id` = " . $db->qstr($PROCESSED["country_id"]);
$result = $db->GetRow($query);
if (!$result) {
$ERROR++;
$ERRORSTR[] = "The province / state you have selected does not appear to exist in our database. Please selected a valid province / state.";
}
}
$PROCESSED["province_id"] = $tmp_input;
} else {
$PROCESSED["province"] = $tmp_input;
}
$PROCESSED["prov_state"] = $PROCESSED["province_id"] ? $PROCESSED["province_id"] : ($PROCESSED["province"] ? $PROCESSED["province"] : "");
}
if (!$ERROR) {
if ($db->AutoExecute(AUTH_DATABASE . ".user_data", $PROCESSED, "UPDATE", "`id` = " . $db->qstr($ENTRADA_USER->getID()))) {
$SUCCESS++;
$SUCCESSSTR[] = "Your account profile has been successfully updated.";
application_log("success", "User successfully updated their profile.");
if (isset($PROCESSED["custom"])) {
foreach ($PROCESSED["custom"] as $field_id => $value) {
$query = "DELETE FROM `profile_custom_responses` WHERE `field_id` = " . $db->qstr($field_id) . " AND `proxy_id` = " . $db->qstr($ENTRADA_USER->getID());
$db->Execute($query);
$query = "INSERT INTO `profile_custom_responses` (`field_id`, `proxy_id`, `value`) VALUES (" . $db->qstr($field_id) . ", " . $db->qstr($ENTRADA_USER->getID()) . ", " . $db->qstr($value) . ")";
$db->Execute($query);
}
}
if (isset($PROCESSED["publications"])) {
$query = "DELETE FROM `profile_publications` WHERE `proxy_id` = " . $db->qstr($ENTRADA_USER->getID());
if ($db->Execute($query)) {
foreach ($PROCESSED["publications"] as $pub_type => $ppublications) {
foreach ($ppublications as $dep_id => $publications) {
foreach ($publications as $publication) {
$query = "INSERT INTO `profile_publications` (`pub_type`, `pub_id`, `dep_id`, `proxy_id`) VALUES (" . $db->qstr($pub_type) . ", " . $db->qstr($publication) . ", " . $db->qstr($dep_id) . ", " . $db->qstr($ENTRADA_USER->getID()) . ")";
$db->Execute($query);
}
}
}
}
}
} else {
$ERROR++;
$ERRORSTR[] = "We were unfortunately unable to update your profile at this time. The system administrator has been informed of the problem, please try again later.";
application_log("error", "Unable to update user profile. Database said: " . $db->ErrorMsg());
}
}
}
/**
* Sends email based on the specified type using templates from $ENTRADA_TEMPLATE->absolute()/email directory
* @param string $type One of "reason", "noreason"
* @param array $to associative array consisting of firstname, lastname, and email
* @param array $keywords Associative array of keywords mapped to the replacement contents
*/
function submission_rejection_notification($type, $to = array(), $keywords = array())
{
global $AGENT_CONTACTS, $ENTRADA_TEMPLATE;
if (!is_array($to) || !isset($to["email"]) || !valid_address($to["email"]) || !isset($to["firstname"]) || !isset($to["lastname"])) {
application_log("error", "Attempting to send a submission_rejection_notification() however the recipient information was not complete.");
return false;
}
if (!in_array($type, array("reason", "noreason"))) {
application_log("error", "Encountered an unrecognized notification type [" . $type . "] when attempting to send a submission_rejection_notification().");
return false;
}
$xml_file = $ENTRADA_TEMPLATE->absolute() . "/email/mspr-rejection-" . $type . ".xml";
try {
require_once "Models/utility/Template.class.php";
require_once "Models/utility/TemplateMailer.class.php";
$template = new Template($xml_file);
$mail = new TemplateMailer(new Zend_Mail());
$mail->addHeader("X-Section", "MSPR Module", true);
$from = array("email" => $AGENT_CONTACTS["agent-notifications"]["email"], "firstname" => "MSPR System", "lastname" => "");
if ($mail->send($template, $to, $from, DEFAULT_LANGUAGE, $keywords)) {
return true;
} else {
add_notice("We were unable to e-mail a task notification <strong>" . $to["email"] . "</strong>.<br /><br />A system administrator was notified of this issue, but you may wish to contact this individual manually and let them know their task verification status.");
application_log("error", "Unable to send task verification notification to [" . $to["email"] . "] / type [" . $type . "]. Zend_Mail said: " . $mail->ErrorInfo);
}
} catch (Exception $e) {
application_log("error", "Unable to load the XML file [" . $xml_file . "] or the XML file did not contain the language requested [" . DEFAULT_LANGUAGE . "], when attempting to send a regional education notification.");
}
return false;
}
