public function execute() { $tp = SJB_System::getTemplateProcessor(); $user_info = SJB_Authorization::getCurrentUserInfo(); if (!empty($user_info['subuser'])) { SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . '/sub-accounts/edit/?user_id=' . $user_info['subuser']['sid']); } if (!empty($user_info)) { $user_info = array_merge($user_info, $_REQUEST); $username = $user_info['username']; $user_group_info = SJB_UserGroupManager::getUserGroupInfoBySID($user_info['user_group_sid']); $delete_profile = SJB_Request::getVar('command', '', 'post') == 'unregister-user'; $errors = array(); if ($delete_profile && SJB_Acl::getInstance()->isAllowed('delete_user_profile')) { try { $user = SJB_UserManager::getObjectBySID($user_info['sid']); SJB_UserManager::deleteUserById($user_info['sid']); SJB_AdminNotifications::sendAdminDeletingUserProfile($user, SJB_Request::getVar('reason', '', 'post')); SJB_Authorization::logout(); $user_info = array(); SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . '/edit-profile/?profile_deleted=true'); } catch (Exception $e) { $errors[] = $e->getMessage(); } } $user = new SJB_User($user_info, $user_info['user_group_sid']); $user->setSID($user_info['sid']); $user->deleteProperty("active"); $user->deleteProperty("featured"); $user->makePropertyNotRequired("password"); $user->getProperty('email')->type->disableEmailConfirmation(); $edit_profile_form = new SJB_Form($user); $edit_profile_form->registerTags($tp); $edit_profile_form->makeDisabled("username"); $form_submitted = SJB_Request::getVar('action', false) == 'save_info'; if ($form_submitted && $edit_profile_form->isDataValid($errors)) { $password_value = $user->getPropertyValue('password'); if (empty($password_value['original'])) { $user->deleteProperty('password'); } SJB_UserManager::saveUser($user); SJB_Authorization::updateCurrentUserSession(); // >>> SJB-1197 // needs to check session for ajax-uploaded files, and set it to user profile $tmpUploadsStorage = SJB_Session::getValue('tmp_uploads_storage'); $formToken = SJB_Request::getVar('form_token'); if (!empty($formToken)) { $tmpUploadedFields = SJB_Array::getPath($tmpUploadsStorage, $formToken); if (!is_null($tmpUploadsStorage) && is_array($tmpUploadedFields)) { // prepare user profile fields array $userProfileFieldsInfo = SJB_UserProfileFieldManager::getAllFieldsInfo(); $userProfileFields = array(); foreach ($userProfileFieldsInfo as $field) { $userProfileFields[$field['id']] = $field; } // look for temporary values foreach ($tmpUploadedFields as $fieldId => $fieldInfo) { // check field ID for valid ID in user profile fields if (!array_key_exists($fieldId, $userProfileFields) || empty($fieldInfo)) { continue; } $fieldType = $userProfileFields[$fieldId]['type']; $profilePropertyId = $fieldId . '_' . $user->getSID(); switch (strtolower($fieldType)) { case 'video': case 'file': // change temporary file ID SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` = ?s", $profilePropertyId, $fieldInfo['file_id']); // set value of user property to new uploaded file $user->setPropertyValue($fieldId, $profilePropertyId); break; case 'logo': // change temporary file ID and thumb ID SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` = ?s", $profilePropertyId, $fieldInfo['file_id']); SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` = ?s", $profilePropertyId . '_thumb', $fieldInfo['file_id'] . '_thumb'); // set value of user property to new uploaded file $user->setPropertyValue($fieldId, $profilePropertyId); break; default: break; } $tmpUploadsStorage = SJB_Array::unsetValueByPath($tmpUploadsStorage, "{$formToken}/{$fieldId}"); } // and save user with new fields data SJB_UserManager::saveUser($user); SJB_Authorization::updateCurrentUserSession(); // clean temporary storage $tmpUploadsStorage = SJB_Array::unsetValueByPath($tmpUploadsStorage, "{$formToken}"); // CLEAR TEMPORARY SESSION STORAGE SJB_Session::setValue('tmp_uploads_storage', $tmpUploadsStorage); } } // <<< SJB-1197 $tp->assign("form_is_submitted", true); } else { $tp->assign("errors", $errors); } $form_fields = $edit_profile_form->getFormFieldsInfo(); $metaDataProvider = SJB_ObjectMother::getMetaDataProvider(); $tp->assign("METADATA", array("form_fields" => $metaDataProvider->getFormFieldsMetadata($form_fields))); $tp->assign("show_mailing_flag", $user_group_info['show_mailing_flag']); $tp->assign("form_fields", $form_fields); $tp->assign('userTree', true); $tp->display('edit_profile.tpl'); } elseif (empty($user_info) && SJB_Request::getVar('profile_deleted', '') == true) { $user = new SJB_User(array()); $edit_profile_form = new SJB_Form($user); $edit_profile_form->registerTags($tp); $edit_profile_form->makeDisabled("username"); $form_fields = $edit_profile_form->getFormFieldsInfo(); $metaDataProvider = SJB_ObjectMother::getMetaDataProvider(); $tp->assign("METADATA", array("form_fields" => $metaDataProvider->getFormFieldsMetadata($form_fields))); $tp->assign("form_fields", $form_fields); $tp->assign('action', 'delete_profile'); $tp->assign('tree_link_users', 'users'); $tp->assign('userTree', true); $tp->display('edit_profile.tpl'); } else { $tp->assign("ERROR", "NOT_LOGIN"); $tp->display("../miscellaneous/error.tpl"); return; } }
public function execute() { $tp = SJB_System::getTemplateProcessor(); $errors = array(); $template = 'sub_accounts.tpl'; $currentUserInfo = SJB_UserManager::getCurrentUserInfo(); $listSubusers = false; if (!empty($currentUserInfo['subuser']) && SJB_Request::getVar('action_name') != 'edit' && SJB_Request::getVar('user_id', 0) != $currentUserInfo['subuser']['sid']) { $errors['ACCESS_DENIED'] = 'ACCESS_DENIED'; } switch (SJB_Request::getVar('action_name')) { case 'new': $form_submitted = SJB_Request::getMethod() === SJB_Request::METHOD_POST; $user_group_sid = $currentUserInfo['user_group_sid']; $user_group_info = SJB_UserGroupManager::getUserGroupInfoBySID($user_group_sid); $_REQUEST['user_group_id'] = $user_group_info['id']; $user = SJB_ObjectMother::createUser($_REQUEST, $user_group_sid); $props = $user->getProperties(); $allowedProperties = array('username', 'email', 'password'); foreach ($props as $prop) { if (!in_array($prop->getID(), $allowedProperties)) { $user->deleteProperty($prop->getID()); } } $registration_form = SJB_ObjectMother::createForm($user); $registration_form->registerTags($tp); if (SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($user_group_sid) && $form_submitted) { $email = $user->getPropertyValue('email'); if (is_array($email)) { $email = $email['original']; } $user->setPropertyValue('username', $email); } $registration_form = SJB_ObjectMother::createForm($user); if ($form_submitted && $registration_form->isDataValid($errors)) { $user->addParentProperty($currentUserInfo['sid']); $subuserPermissions = array('subuser_add_listings' => array('title' => 'Add new listings', 'value' => 'deny'), 'subuser_manage_listings' => array('title' => 'Manage listings and applications of other sub users', 'value' => 'deny'), 'subuser_manage_subscription' => array('title' => 'View and update subscription', 'value' => 'deny'), 'subuser_use_screening_questionnaires' => array('title' => 'Manage Questionnaries', 'value' => 'deny')); SJB_UserManager::saveUser($user); SJB_Statistics::addStatistics('addSubAccount', $user->getUserGroupSID(), $user->getSID()); SJB_Acl::clearPermissions('user', $user->getSID()); foreach ($subuserPermissions as $permissionID => $permission) { $allowDeny = SJB_Request::getVar($permissionID, 'deny'); $subuserPermissions[$permissionID]['value'] = $allowDeny; SJB_Acl::allow($permissionID, 'user', $user->getSID(), $allowDeny); } SJB_UserManager::activateUserByUserName($user->getUserName()); SJB_Notifications::sendSubuserRegistrationLetter($user, SJB_Request::get(), $subuserPermissions); $tp->assign('isSubuserRegistered', true); $listSubusers = true; } else { if (SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($user_group_sid)) { $user->deleteProperty("username"); } $registration_form = SJB_ObjectMother::createForm($user); if ($form_submitted) { $registration_form->isDataValid($errors); } $registration_form->registerTags($tp); $form_fields = $registration_form->getFormFieldsInfo(); $user_group_info = SJB_UserGroupManager::getUserGroupInfoBySID($user_group_sid); $tp->assign("user_group_info", $user_group_info); $tp->assign("errors", $errors); $tp->assign("form_fields", $form_fields); $metaDataProvider = SJB_ObjectMother::getMetaDataProvider(); $tp->assign("METADATA", array("form_fields" => $metaDataProvider->getFormFieldsMetadata($form_fields))); $tp->display('subuser_registration_form.tpl'); } break; case 'edit': $userInfo = SJB_UserManager::getUserInfoBySID(SJB_Request::getVar('user_id', 0)); if (!empty($userInfo) && $userInfo['parent_sid'] === $currentUserInfo['sid']) { $userInfo = array_merge($userInfo, $_REQUEST); $user_group_info = SJB_UserGroupManager::getUserGroupInfoBySID($currentUserInfo['user_group_sid']); $user = new SJB_User($userInfo, $userInfo['user_group_sid']); $user->setSID($userInfo['sid']); $user->addParentProperty($currentUserInfo['sid']); $props = $user->getProperties(); $allowedProperties = array('username', 'email', 'password'); foreach ($props as $prop) { if (!in_array($prop->getID(), $allowedProperties)) { $user->deleteProperty($prop->getID()); } } $user->makePropertyNotRequired("password"); $edit_profile_form = SJB_ObjectMother::createForm($user); $edit_profile_form->registerTags($tp); $edit_profile_form->makeDisabled("username"); $form_submitted = SJB_Request::getMethod() == SJB_Request::METHOD_POST; if (empty($errors) && $form_submitted && $edit_profile_form->isDataValid($errors)) { $password_value = $user->getPropertyValue('password'); if (empty($password_value['original'])) { $user->deleteProperty('password'); } $currentUser = SJB_UserManager::getCurrentUser(); if (!$currentUser->isSubuser()) { $subuserPermissions = array('subuser_add_listings', 'subuser_manage_listings', 'subuser_manage_subscription', 'subuser_use_screening_questionnaires'); SJB_Acl::clearPermissions('user', $user->getSID()); foreach ($subuserPermissions as $permission) { SJB_Acl::allow($permission, 'user', $user->getSID(), SJB_Request::getVar($permission, 'deny')); } } SJB_UserManager::saveUser($user); $tp->assign("form_is_submitted", true); } else { $tp->assign("errors", $errors); } $form_fields = $edit_profile_form->getFormFieldsInfo(); $metaDataProvider = SJB_ObjectMother::getMetaDataProvider(); $tp->assign("METADATA", array("form_fields" => $metaDataProvider->getFormFieldsMetadata($form_fields))); $tp->assign("form_fields", $form_fields); $tp->assign('user_info', $userInfo); $tp->display('edit_subuser_profile.tpl'); } break; case 'delete': $users = SJB_Request::getVar('user_id', array()); foreach ($users as $user) { SJB_UserManager::deleteUserById($user); } $listSubusers = true; break; default: $listSubusers = true; break; } if ($listSubusers) { $tp->assign('errors', $errors); $tp->assign('subusers', SJB_UserManager::getSubusers($currentUserInfo['sid'])); $tp->assign('isEmailAsUsername', SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($currentUserInfo['user_group_sid'])); $tp->display($template); } }
public function execute() { $tp = SJB_System::getTemplateProcessor(); $parent_name = null; $user_sid = SJB_Request::getVar('user_sid', false); if (!is_null($user_sid)) { $user_info = SJB_UserManager::getUserInfoBySID($user_sid); $user_info = array_merge($user_info, $_REQUEST); $form_submitted = SJB_Request::getVar('action_name'); $user = new SJB_User($user_info, $user_info['user_group_sid']); if (!empty($user_info['parent_sid'])) { $props = $user->getProperties(); $allowedProperties = array('username', 'email', 'password'); foreach ($props as $prop) { if (!in_array($prop->getID(), $allowedProperties)) { $user->deleteProperty($prop->getID()); } } $parent_name = SJB_UserManager::getUserNameByUserSID($user_info['parent_sid']); } $user->setSID($user_info['sid']); $user->getProperty('email')->type->disableEmailConfirmation(); $user->deleteProperty("active"); $user->makePropertyNotRequired("password"); if (SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($user_info['user_group_sid'])) { if ($form_submitted) { $email = $user->getPropertyValue('email'); if (is_array($email)) { $email = $email['original']; } $user->setPropertyValue('username', $email); } } $user->addExtUserIDProperty($user_info['extUserID']); $edit_user_form = new SJB_Form($user); $errors = array(); if ($form_submitted && $edit_user_form->isDataValid($errors)) { $password_value = $user->getPropertyValue('password'); $properties = null; if (empty($password_value['original'])) { $properties = $user->getProperties(); $user->deleteProperty('password'); } SJB_UserManager::saveUser($user); // >>> SJB-1197 // needs to check session for ajax-uploaded files, and set it to user profile $tmpUploadsStorage = SJB_Session::getValue('tmp_uploads_storage'); $formToken = SJB_Request::getVar('form_token'); if (!empty($formToken)) { $tmpUploadedFields = SJB_Array::getPath($tmpUploadsStorage, $formToken); if (!is_null($tmpUploadsStorage) && is_array($tmpUploadedFields)) { // prepare user profile fields array $userProfileFieldsInfo = SJB_UserProfileFieldManager::getAllFieldsInfo(); $userProfileFields = array(); foreach ($userProfileFieldsInfo as $field) { $userProfileFields[$field['id']] = $field; } // look for temporary values foreach ($tmpUploadedFields as $fieldId => $fieldInfo) { // check field ID for valid ID in user profile fields if (!array_key_exists($fieldId, $userProfileFields) || empty($fieldInfo)) { continue; } $fieldType = $userProfileFields[$fieldId]['type']; $profilePropertyId = $fieldId . '_' . $user->getSID(); switch (strtolower($fieldType)) { case 'video': case 'file': // change temporary file ID SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` = ?s", $profilePropertyId, $fieldInfo['file_id']); // set value of user property to new uploaded file $user->setPropertyValue($fieldId, $profilePropertyId); break; case 'logo': // change temporary file ID and thumb ID SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` = ?s", $profilePropertyId, $fieldInfo['file_id']); SJB_DB::query("UPDATE `uploaded_files` SET `id` = ?s WHERE `id` = ?s", $profilePropertyId . '_thumb', $fieldInfo['file_id'] . '_thumb'); // set value of user property to new uploaded file $user->setPropertyValue($fieldId, $profilePropertyId); break; default: break; } $tmpUploadsStorage = SJB_Array::unsetValueByPath($tmpUploadsStorage, "{$formToken}/{$fieldId}"); } // and save user with new fields data SJB_UserManager::saveUser($user); SJB_Authorization::updateCurrentUserSession(); // clean temporary storage $tmpUploadsStorage = SJB_Array::unsetValueByPath($tmpUploadsStorage, "{$formToken}"); // CLEAR TEMPORARY SESSION STORAGE SJB_Session::setValue('tmp_uploads_storage', $tmpUploadsStorage); } } // <<< SJB-1197 if (SJB_Request::isAjax()) { echo "<p class=\"green\">User Saved</p>"; exit; } if ($form_submitted == 'save_info') { $userGroupInfo = SJB_UserGroupManager::getUserGroupInfoBySID($user_info['user_group_sid']); SJB_HelperFunctions::redirect(SJB_System::getSystemSettings('SITE_URL') . "/manage-users/" . mb_strtolower($userGroupInfo['id'], 'utf8')); } if (!empty($properties)) { $user->details->properties = $properties; } } if (SJB_UserGroupManager::isUserEmailAsUsernameInUserGroup($user_info['user_group_sid'])) { $user->deleteProperty("username"); } $listingTypes = SJB_ListingTypeManager::getAllListingTypesInfo(); $products = SJB_ProductsManager::getProductsInfoByUserGroupSID($user_info['user_group_sid']); $allowedListingTypes = array(); foreach ($products as $product) { if (!empty($product['listing_type_sid']) && empty($allowedListingTypes[$product['listing_type_sid']])) { foreach ($listingTypes as $listingType) { if ($product['listing_type_sid'] == $listingType['sid']) { $allowedListingTypes[$product['listing_type_sid']] = $listingType; } } } } $edit_user_form = SJB_ObjectMother::createForm($user); $edit_user_form->registerTags($tp); $userGroupInfo = SJB_UserGroupManager::getUserGroupInfoBySID($user_info['user_group_sid']); if (SJB_UserManager::checkBan($errors, $user_info['ip'])) { $user_info['ip_is_banned'] = 1; } $tp->assign("form_fields", $edit_user_form->getFormFieldsInfo()); $tp->assign("uploadMaxFilesize", SJB_UploadFileManager::getIniUploadMaxFilesize()); $tp->assign("errors", $errors); $tp->assign("listingTypes", $allowedListingTypes); $tp->assign("user_info", $user_info); $tp->assign("user_group_info", $userGroupInfo); $tp->assign('userTree', true); $tp->assign("parent_name", $parent_name); $tp->assign("restore", preg_match('/manage-(jobseekers)|(employers)|([a-z0-9\\_]-users)/', SJB_Request::getVar('HTTP_REFERER', '', 'SERVER'))); SJB_System::setGlobalTemplateVariable('wikiExtraParam', $userGroupInfo['id']); $tp->display("edit_user.tpl"); } }