static function showEditProfileForm($user, $error = null) { if ($error == null && count($_POST) > 0) { /* information already insered */ $data = array(); $error = array(); if (isset($_POST["avatar"]) && $_POST["avatar"] != "") { $data["avatar"] = $_POST["avatar"]; } if (isset($_POST["nickname"]) && $_POST["nickname"] != "") { $data["nickname"] = $_POST["nickname"]; } else { $error[] = "non c'è il nickname"; } if (isset($_POST["current_password"]) && $_POST["current_password"] != "") { if ($user->getPassword() == Filter::encodePassword($_POST["current_password"])) { if (isset($_POST["check_password"]) && $_POST["check_password"] != "" && isset($_POST["new_password"]) && $_POST["new_password"] != "") { if ($_POST["new_password"] == $_POST["check_password"]) { $data["password"] = $_POST["new_password"]; } else { $error[] = "le password non corrispondono"; } } } else { $error[] = "password non corretta"; } } else { $error[] = "E' necessaria la password per modificare i tuoi dati"; } if (isset($_POST["name"]) && $_POST["name"] != "") { $data["name"] = $_POST["name"]; } if (isset($_POST["surname"]) && $_POST["surname"] != "") { $data["surname"] = $_POST["surname"]; } if (isset($_POST["email"]) && $_POST["email"] != "") { $data["email"] = $_POST["email"]; } else { $error[] = "non c'è l'email"; } if (isset($_POST["gender"])) { if ($_POST["gender"] == "male") { $data["gender"] = "m"; } else { $data["gender"] = "f"; } } if (isset($_POST["job"]) && $_POST["job"] != "") { $data["job"] = $_POST["job"]; } if (isset($_POST["birthday_year"]) && $_POST["birthday_year"] != "" && isset($_POST["birthday_month"]) && $_POST["birthday_month"] != "" && isset($_POST["birthday_day"]) && $_POST["birthday_day"] != "") { $birthday_timestamp = mktime(0, 0, 0, $_POST["birthday_month"], $_POST["birthday_day"], $_POST["birthday_year"]); $data["birthday"] = $birthday_timestamp; } else { $error[] = "inserisci una data completa di giorno, mese e anno"; } if (isset($_POST["birthplace"]) && $_POST["birthplace"] != "") { $data["birthplace"] = $_POST["birthplace"]; } if (isset($_POST["livingPlace"]) && $_POST["livingPlace"] != "") { $data["livingPlace"] = $_POST["livingPlace"]; } if (isset($_POST["hobbies"]) && $_POST["hobbies"] != "") { $data["hobbies"] = $_POST["hobbies"]; } /* show error message or apply changes and show the profile page updated*/ if (count($error) > 0) { self::showEditProfileForm($user, $error); return; } else { $dataFiltered = Filter::filterArray($data); UserManager::editUser($user, $dataFiltered); self::showProfile($user); } } else { /*show form with user's information POST_data == true -> user insered information in the form with error, the form will be reloaded with these information POST_data == false -> first time user view the page, the form will be loaded with db information */ $POST_data = count($_POST) > 0; ?> <form name="editProfile" action="" method="post"> <?php if ($error != null) { ?> <div class="error"> <?php foreach ($error as $err) { ?> <p><?php echo $err; ?> </p> <?php } ?> </div> <?php } ?> <div class="userProfile" id="<?php echo $user->getID(); ?> "> Avatar: <input type="text" name="avatar" value="<?php if (!$POST_data) { echo Filter::decodeFilteredText($user->getAvatar()); } else { echo $_POST["avatar"]; } ?> " /> <br> Nickname*: <input type="text" name="nickname" value="<?php if (!$POST_data) { echo Filter::decodeFilteredText($user->getNickname()); } else { echo $_POST["nickname"]; } ?> " /> <br> Current Password*: <input type="password" name="current_password" value="" /> <br> New Password: <input type="password" name="new_password" value="" /> <br> Check Password: <input type="password" name="check_password" value="" /> <br> Name: <input type="text" name="name" value="<?php if (!$POST_data) { echo Filter::decodeFilteredText($user->getName()); } else { echo $_POST["name"]; } ?> " /> <br> Surname: <input type="text" name="surname" value="<?php if (!$POST_data) { echo Filter::decodeFilteredText($user->getSurname()); } else { echo $_POST["surname"]; } ?> " /> <br> email: <input type="text" name="email" value="<?php if (!$POST_data) { echo Filter::decodeFilteredText($user->getEMail()); } else { echo $_POST["email"]; } ?> " /> <br> Gender: <label for="male">Male</label><input type="radio" name="gender" value="male" <?php if ($user->getGender() == "m") { echo 'checked="checked"'; } ?> /> <label for="female">Female</label> <input type="radio" name="gender" value="female" <?php if ($user->getGender() == "f") { echo 'checked="checked"'; } ?> /><br> Job: <input type="text" name="job" value="<?php if (!$POST_data) { echo Filter::decodeFilteredText($user->getJob()); } else { echo $_POST["job"]; } ?> " /> <br> <p>Birthday: <br><?php if ($POST_data == false) { $birthday_year = date('Y', $user->getBirthday()); $birthday_month = date('m', $user->getBirthday()); $birthday_day = date('d', $user->getBirthday()); } else { $birthday_year = $_POST["birthday_year"]; $birthday_month = $_POST["birthday_month"]; $birthday_day = $_POST["birthday_day"]; } ?> Year: <input type="text" name="birthday_year" value="<?php echo $birthday_year; ?> " /><br> Month: <input type="text" name="birthday_month" value="<?php echo $birthday_month; ?> " /><br> Day: <input type="text" name="birthday_day" value="<?php echo $birthday_day; ?> " /><br></p> Birthplace: <input type="text" name="birthplace" value="<?php if (!$POST_data) { echo Filter::decodeFilteredText($user->getBirthplace()); } else { echo $_POST["birthplace"]; } ?> " /> <br> <!-- TODO: geolocate --> Living Place: <input type="text" name="livingPlace" value="<?php if (!$POST_data) { echo Filter::decodeFilteredText($user->getLivingPlace()); } else { echo $_POST["livingPlace"]; } ?> " /> <br> <br> <!-- TODO: geolocate--> <?php if (!$POST_data) { $hobbies = $user->getHobbies(); } else { $hobbies = $_POST["hobbies"]; } ?> Hobbies: <br><textarea cols="50" rows="4" name="hobbies"><?php echo $hobbies; ?> </textarea><br> <input type="submit" value="Edit"></div> </form> <?php } }
static function editUser($user, $data, $error = null) { require_once "common.php"; $data["password"] = Filter::encodePassword($data["password"]); $data = Filter::filterArray($data); return $user->edit($data); }
static function editUser($user, $data) { if (isset($data[User::PASSWORD]) && $data[User::PASSWORD] != "") { $data[User::PASSWORD] = Filter::encodePassword($data[User::PASSWORD]); } $data = Filter::filterArray($data); $user->edit($data); $userdao = new UserDao(); return $userdao->update($user, $editor); }
} else { //DEBUG $s = str_replace(",", ",<br />", $queries[$i]); $s = str_replace(") ENGINE", ")<br />ENGINE", $s); echo $s; //DEBUG echo $db->display_error("Install.php"); } } $s = "INSERT INTO `" . DB::TABLE_ROLE . "` \n\t\t(`" . DB::ROLE_NAME . "`, `" . DB::READ . "`, \n\t\t`" . DB::CREATE_NEWS . "`, `" . DB::EDIT_NEWS . "`, `" . DB::DELETE_NEWS . "`, \n\t\t`" . DB::CREATE_PHOTOREP . "`, `" . DB::EDIT_PHOTOREP . "`, `" . DB::DELETE_PHOTOREP . "`, \n\t\t`" . DB::CREATE_VIDEOREP . "`, `" . DB::EDIT_VIDEOREP . "`, `" . DB::DELETE_VIDEOREP . "`, \n\t\t`" . DB::CHANGE_VISIBILITY . "`, `" . DB::CREATE_LIST . "`, `" . DB::EDIT_LIST . "`, `" . DB::DELETE_LIST . "`, \n\t\t`" . DB::COMMENT . "`, `" . DB::DELETE_COMMENT . "`, `" . DB::VOTE . "`, `" . DB::FOLLOW . "`, \n\t\t`" . DB::STOP_FOLLOW . "`, `" . DB::CREATE_FEEDBACK . "`, `" . DB::DELETE_FEEDBACK . "`, \n\t\t`" . DB::SEND_MESSAGE . "`, `" . DB::CREATE_DIRECTORY . "`, `" . DB::EDIT_DIRECTORY . "`, `" . DB::DELETE_DIRECTORY . "`, \n\t\t`" . DB::MARK_AS_READ . "`, `" . DB::MOVE_MESSAGE . "`, `" . DB::EMPTY_RECYCLE_BIN . "`, \n\t\t`" . DB::CREATE_RESOURCE . "`, `" . DB::EDIT_RESOURCE . "`, `" . DB::DELETE_RESOURCE . "`, \n\t\t`" . DB::EDIT_PROFILE . "`, `" . DB::CREATE_CONTEST . "`, `" . DB::EDIT_CONTEST . "`, `" . DB::DELETE_CONTEST . "`, \n\t\t`" . DB::SUBSCRIBE . "`, `" . DB::UNSUBSCRIBE . "`, `" . DB::CREATE_USER . "`, `" . DB::DELETE_USER . "`, \n\t\t`" . DB::BLOCK_USER . "`, `" . DB::SUSPEND_USER . "`, `" . DB::SIGNAL . "`, \n\t\t`" . DB::CREATE_CATEGORY . "`, `" . DB::EDIT_CATEGORY . "`, `" . DB::DELETE_CATEGORY . "`, \n\t\t`" . DB::CREATE_TEMPLATE . "`, `" . DB::EDIT_TEMPLATE . "`, `" . DB::DELETE_TEMPLATE . "`, \n\t\t`" . DB::ADVANCED_TPL_MANAGER . "`, `" . DB::EDIT_OTHER_NEWS . "`, `" . DB::EDIT_OTHER_PHOTOREP . "`, \n\t\t`" . DB::EDIT_OTHER_VIDEOREP . "`, `" . DB::EDIT_OTHER_LIST . "`, `" . DB::EDIT_OTHER_PROFILE . "`, \n\t\t`" . DB::EDIT_OTHER_RESOURCE . "`, `" . DB::UNSUBSCRIBE_OTHER . "`, `" . DB::DELETE_OTHER_FEEDBACK . "`, \n\t\t`" . DB::HIDE_OTHER . "`, `" . DB::CREATE_OTHER_TEMPLATE . "`, `" . DB::EDIT_OTHER_TEMPLATE . "`, `" . DB::DELETE_OTHER_TEMPLATE . "`, \n\t\t`" . DB::REQUEST_SUSPEND . "`, `" . DB::REQUEST_BLOCK . "`, `" . DB::VIEW_MOD_DECISION . "`, \n\t\t`" . DB::VIEW_EDIT_DECISION . "`, `" . DB::VIEW_HISTORY . "`, `" . DB::VIEW_BLOCK_REQUEST . "`, `" . DB::VIEW_SUSPEND_REQUEST . "`) VALUES\n('admin', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1),\n('chief-editor', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1),\n('editor', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 0, 1),\n('guest', 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0),\n('historian', 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1),\n('level1', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0),\n('level2', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0),\n('level3', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0),\n('level4', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0),\n('level5', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0),\n('moderator', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1, 0, 0),\n('sponsor', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0),\n('suspended', 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0),\n('user-manager', 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1);"; $db->execute($s, null, LOGMANAGER); $ra = $db->affected_rows(); echo "<p>INSERTED " . $ra . " ROLES</p>"; // DEBUG require_once 'filter.php'; $db->execute("INSERT INTO `User` VALUES(1, 'ioesisto', '*****@*****.**', '" . Filter::encodePassword("ciccia") . "', 'Io', 'Esisto', 'm', NULL, NULL, NULL, NULL, NULL, NULL, 'admin', '2010-08-27 11:49:28', 1, 1, 0, 0, 0, 0, 0, 0, 0, NULL)", "User", null); if ($db->affected_rows() == 1) { echo "<p>INSERTED FAKE USER</p>"; } $db->execute("INSERT INTO `" . DB::TABLE_MAIL_DIRECTORY . "` VALUES(1, '" . TRASH . "', 1)", "MailDirectory", null); $ra = $db->affected_rows(); $db->execute("INSERT INTO `" . DB::TABLE_MAIL_DIRECTORY . "` VALUES(2, '" . MAILBOX . "', 1)", "MailDirectory", null); $ra += $db->affected_rows(); $db->execute("INSERT INTO `" . DB::TABLE_MAIL_DIRECTORY . "` VALUES(3, '" . SPAM . "', 1)", "MailDirectory", null); $ra += $db->affected_rows(); if ($ra == 3) { echo "<p>INSERTED FAKE MAIL DIRECTORIES</p>"; } // END DEBUG $cat = array("Novità" => array(), "Cronaca" => array(), "Politica" => array(), "Finanza" => array("Economia", "Borsa e finanza"), "Scienza" => array("Tecnologia", "Medicina"), "Sport" => array("Calcio" => array("Serie A", "Serie B", "Mercato"), "Basket", "Pallavolo", "Nuoto", "Tennis", "Golf", "Rugby", "Football americano", "Motociclismo", "Automobilismo", "Atletica", "Altri sport"), "Spettacoli" => array("Musica", "Cinema", "TV", "Teatro"), "Cultura e tendenza" => array("Libri", "Moda", "Arte", "Fotografia", "Religione", "Gossip", "Web"), "Motori" => array("Auto", "Moto", "Altro"), "Tempo libero" => array("Viaggi", "Cucina", "Casa", "Animali")); require_once 'manager/CategoryManager.php';