Determine if a URI matches the format of a valid type/domain upload.
public static isUploadUri ( string $uri ) : boolean | ||
$uri | string | The URI to test. This would be the value saved in the database (ex. GDN_User.Photo). |
리턴 | boolean | Returns **true** if {@link uri} looks like an uploaded file or **false** otherwise. |
/** * Edit user account. * * @since 2.0.0 * @access public * @param mixed $UserReference Username or User ID. */ public function edit($UserReference = '', $Username = '', $UserID = '') { $this->permission('Garden.SignIn.Allow'); $this->getUserInfo($UserReference, $Username, $UserID, true); $UserID = valr('User.UserID', $this); $Settings = array(); // Set up form $User = Gdn::userModel()->getID($UserID, DATASET_TYPE_ARRAY); $this->Form->setModel(Gdn::userModel()); $this->Form->setData($User); // Decide if they have ability to edit the username $CanEditUsername = (bool) c("Garden.Profile.EditUsernames") || Gdn::session()->checkPermission('Garden.Users.Edit'); $this->setData('_CanEditUsername', $CanEditUsername); // Decide if they have ability to edit the email $EmailEnabled = (bool) c('Garden.Profile.EditEmails', true) && !UserModel::noEmail(); $CanEditEmail = $EmailEnabled && $UserID == Gdn::session()->UserID || checkPermission('Garden.Users.Edit'); $this->setData('_CanEditEmail', $CanEditEmail); // Decide if they have ability to confirm users $Confirmed = (bool) valr('User.Confirmed', $this); $CanConfirmEmail = UserModel::requireConfirmEmail() && checkPermission('Garden.Users.Edit'); $this->setData('_CanConfirmEmail', $CanConfirmEmail); $this->setData('_EmailConfirmed', $Confirmed); $this->Form->setValue('ConfirmEmail', (int) $Confirmed); // Decide if we can *see* email $this->setData('_CanViewPersonalInfo', Gdn::session()->UserID == val('UserID', $User) || checkPermission('Garden.PersonalInfo.View') || checkPermission('Garden.Users.Edit')); // Define gender dropdown options $this->GenderOptions = array('u' => t('Unspecified'), 'm' => t('Male'), 'f' => t('Female')); $this->fireEvent('BeforeEdit'); // If seeing the form for the first time... if ($this->Form->authenticatedPostBack(true)) { $this->Form->setFormValue('UserID', $UserID); if (!$CanEditUsername) { $this->Form->setFormValue("Name", $User['Name']); } else { $UsernameError = t('UsernameError', 'Username can only contain letters, numbers, underscores, and must be between 3 and 20 characters long.'); Gdn::userModel()->Validation->applyRule('Name', 'Username', $UsernameError); } // API // These options become available when POSTing as a user with Garden.Settings.Manage permissions if (Gdn::session()->checkPermission('Garden.Settings.Manage')) { // Role change $RequestedRoles = $this->Form->getFormValue('RoleID', null); if (!is_null($RequestedRoles)) { $RoleModel = new RoleModel(); $AllRoles = $RoleModel->getArray(); if (!is_array($RequestedRoles)) { $RequestedRoles = is_numeric($RequestedRoles) ? array($RequestedRoles) : array(); } $RequestedRoles = array_flip($RequestedRoles); $UserNewRoles = array_intersect_key($AllRoles, $RequestedRoles); // Put the data back into the forum object as if the user had submitted // this themselves $this->Form->setFormValue('RoleID', array_keys($UserNewRoles)); // Allow saving roles $Settings['SaveRoles'] = true; } // Password change $NewPassword = $this->Form->getFormValue('Password', null); if (!is_null($NewPassword)) { } } // Allow mods to confirm emails $this->Form->removeFormValue('Confirmed'); $Confirmation = $this->Form->getFormValue('ConfirmEmail', null); $Confirmation = !is_null($Confirmation) ? (bool) $Confirmation : null; if ($CanConfirmEmail && is_bool($Confirmation)) { $this->Form->setFormValue('Confirmed', (int) $Confirmation); } // Don't allow non-mods to set an explicit photo. if ($photo = $this->Form->getFormValue('Photo')) { if (!Gdn_Upload::isUploadUri($photo)) { if (!checkPermission('Garden.Users.Edit')) { $this->Form->removeFormValue('Photo'); } elseif (!filter_var($photo, FILTER_VALIDATE_URL)) { $this->Form->addError('Invalid photo URL.'); } } } if ($this->Form->save($Settings) !== false) { $User = Gdn::userModel()->getID($UserID, DATASET_TYPE_ARRAY); $this->setData('Profile', $User); $this->informMessage(sprite('Check', 'InformSprite') . t('Your changes have been saved.'), 'Dismissable AutoDismiss HasSprite'); } if (!$CanEditEmail) { $this->Form->setFormValue("Email", $User['Email']); } } $this->title(t('Edit Profile')); $this->_setBreadcrumbs(t('Edit Profile'), '/profile/edit'); $this->render(); }