/** * Update the info of an user * * @access public * @param int $id User's ID * @param array $uData User information data * @return bool Returns true if user was successfully updated, false if not */ function UpdateUser($id, $uData) { // unset invalid keys $invalids = array_diff(array_keys($uData), array('username', 'nickname', 'email', 'new_email', 'password', 'superadmin', 'status', 'concurrents', 'logon_hours', 'expiry_date')); foreach ($invalids as $invalid) { unset($uData[$invalid]); } // username $uData['username'] = trim($uData['username'], '-_.@'); if (!preg_match('/^[[:alnum:]-_.@]{3,32}$/', $uData['username'])) { return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_USERNAME'), __FUNCTION__, JAWS_ERROR_NOTICE); } $uData['username'] = strtolower($uData['username']); // nickname $uData['nickname'] = Jaws_UTF8::trim($uData['nickname']); if (empty($uData['nickname'])) { return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INCOMPLETE_FIELDS'), __FUNCTION__, JAWS_ERROR_NOTICE); } // email $uData['email'] = trim($uData['email']); if (!preg_match("/^[[:alnum:]-_.]+\\@[[:alnum:]-_.]+\\.[[:alnum:]-_]+\$/", $uData['email'])) { return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_EMAIL_ADDRESS'), __FUNCTION__, JAWS_ERROR_NOTICE); } $uData['email'] = strtolower($uData['email']); $blockedDomains = $GLOBALS['app']->Registry->fetch('blocked_domains', 'Policy'); if (false !== strpos($blockedDomains, "\n" . substr(strrchr($uData['email'], '@'), 1))) { return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_EMAIL_DOMAIN', substr(strrchr($uData['email'], '@'), 1)), __FUNCTION__, JAWS_ERROR_NOTICE); } // new email if (isset($uData['new_email']) && !empty($uData['new_email'])) { $uData['new_email'] = trim($uData['new_email']); if (!preg_match("/^[[:alnum:]-_.]+\\@[[:alnum:]-_.]+\\.[[:alnum:]-_]+\$/", $uData['new_email'])) { return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_EMAIL_ADDRESS'), __FUNCTION__, JAWS_ERROR_NOTICE); } $uData['new_email'] = strtolower($uData['new_email']); if (false !== strpos($blockedDomains, "\n" . substr(strrchr($uData['new_email'], '@'), 1))) { return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_EMAIL_DOMAIN', substr(strrchr($uData['new_email'], '@'), 1)), __FUNCTION__, JAWS_ERROR_NOTICE); } } // password & complexity if (isset($uData['password']) && $uData['password'] !== '') { $min = (int) $GLOBALS['app']->Registry->fetch('password_min_length', 'Policy'); if (!preg_match("/^[[:print:]]{{$min},24}\$/", $uData['password'])) { return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_PASSWORD', $min), __FUNCTION__, JAWS_ERROR_NOTICE); } if ($GLOBALS['app']->Registry->fetch('password_complexity', 'Policy') == 'yes') { if (!preg_match('/(?=.*[[:lower:]])(?=.*[[:upper:]])(?=.*[[:digit:]])(?=.*[[:punct:]])/', $uData['password'])) { return Jaws_Error::raiseError(_t('GLOBAL_ERROR_INVALID_COMPLEXITY'), __FUNCTION__, JAWS_ERROR_NOTICE); } } // password hash $uData['password'] = Jaws_User::GetHashedPassword($uData['password']); $uData['password_verify_key'] = ''; } else { unset($uData['password']); } // get user information, we need it for rename avatar $user = Jaws_User::GetUser((int) $id, true, true); if (Jaws_Error::IsError($user) || empty($user)) { return false; } // set new avatar name if username changed if ($uData['username'] !== $user['username'] && !empty($user['avatar'])) { $fileinfo = pathinfo($user['avatar']); if (isset($fileinfo['extension']) && !empty($fileinfo['extension'])) { $uData['avatar'] = $uData['username'] . '.' . $fileinfo['extension']; } } $uData['last_update'] = time(); if (isset($uData['status'])) { $uData['status'] = (int) $uData['status']; if ($uData['status'] == 1) { $uData['email_verify_key'] = ''; } } if (isset($uData['expiry_date'])) { if (empty($uData['expiry_date'])) { $uData['expiry_date'] = 0; } else { $objDate = Jaws_Date::getInstance(); $uData['expiry_date'] = $GLOBALS['app']->UserTime2UTC((int) $objDate->ToBaseDate(preg_split('/[- :]/', $uData['expiry_date']), 'U')); } } $usersTable = Jaws_ORM::getInstance()->table('users'); $result = $usersTable->update($uData)->where('id', $id)->exec(); if (Jaws_Error::IsError($result)) { if (MDB2_ERROR_CONSTRAINT == $result->getCode()) { $result->SetMessage(_t('USERS_USERS_ALREADY_EXISTS', $uData['username'])); } return $result; } // rename avatar name if (isset($uData['avatar'])) { Jaws_Utils::Delete(AVATAR_PATH . $uData['avatar']); @rename(AVATAR_PATH . $user['avatar'], AVATAR_PATH . $uData['avatar']); } if (isset($GLOBALS['app']->Session) && $GLOBALS['app']->Session->GetAttribute('user') == $id) { $GLOBALS['app']->Session->SetAttribute('username', $uData['username']); $GLOBALS['app']->Session->SetAttribute('nickname', $uData['nickname']); $GLOBALS['app']->Session->SetAttribute('email', $uData['email']); if (isset($uData['avatar'])) { $GLOBALS['app']->Session->SetAttribute('avatar', $this->GetAvatar($uData['avatar'], $uData['email'], 48, $uData['last_update'])); } } // Let everyone know a user has been updated $res = $GLOBALS['app']->Listener->Shout('Users', 'UpdateUser', $id); if (Jaws_Error::IsError($res)) { return false; } return true; }