/**
  * 10d. Check if there is user with linkedin id
  */
 public function get_linkedin_user($in_id)
 {
     $query = $this->db->where('linkedin_id', $in_id)->get('users');
     if ($query->num_rows() === 1) {
         $user = new dbFullUser();
         $user->copy($query->row());
         $user->password = $user->password ? '***' : '';
         return $user;
     } else {
         return false;
     }
 }
예제 #2
0
 /**
  * 8. Actions with user profile
  *    Security of this function relies only on user id stored in the cookie: $this->session->userdata('id').
  *    The seesion cookie should be encrypted via /application/config/config.php (it is not at the moment)
  *    
  *    $action parameter is passed via request URL: /i/profile/$action/
  *    $action values:
  *      '' - shows the user's profile (view_profile.php)
  *      'edit' - form to edit user profile
  *      'update' - validate and update user's profile
  *		'verify' - verify email
  *      'password' - change password, $param = 'validate' for form validation
  *		'facebook' - connect/disconnect Facebook profile
  *      'twitter' - connect/disconnect Twitter profile
  *      'linkedin' - connect/disconnect LinkedIn profile
  */
 public function profile($action = '', $param = '')
 {
     // show, edit and validate&save profile
     if ($this->session->userdata('logged_in')) {
         $this->load->model('model_users');
         $user_id = $this->session->userdata('id');
         $user = $this->model_users->get_user($user_id);
         $previous_page = $this->input->server('HTTP_REFERER');
         switch ($action) {
             case '':
                 // show profile
                 if (user_profile_url() != base_url() . 'i/profile') {
                     redirect(user_profile_url());
                 }
                 $this->load->view('includes/view_template', array('user' => $user, 'content' => 'profile', 'title' => my_page_title('page_myProfile_title')));
                 break;
             case 'edit':
                 // edit profile
                 $this->settings($user);
                 break;
             case 'update':
                 // validate & update profile
                 $this->form_validation->set_rules('fullname', lang('form_profile_fullname_field'), 'required|trim|xss_clean');
                 $this->form_validation->set_rules('email', lang('form_profile_email_field'), ($user->password ? 'required|' : '') . 'trim|valid_email|xss_clean|callback_validate_email' . ($user->email ? '[' . $user->email . ']' : ''));
                 // validate_email() is called when validation is run
                 $this->form_validation->set_rules('location', lang('form_profile_location_field'), 'trim|xss_clean');
                 $this->form_validation->set_rules('web', lang('form_profile_web_field'), 'trim|xss_clean');
                 $this->form_validation->set_rules('bio', lang('form_profile_bio_field'), 'trim|xss_clean');
                 $this->form_validation->set_rules('interested_in', lang('form_profile_interestedin_field'), 'trim|xss_clean');
                 $updated_user = new dbFullUser();
                 $updated_user->copy($user);
                 $updated_user->location = $this->input->post('location');
                 $updated_user->web = $this->input->post('web');
                 $updated_user->bio = $this->input->post('bio');
                 $updated_user->interested_in = $this->input->post('interested_in');
                 if ($this->form_validation->run()) {
                     $updated_user->email = $this->input->post('email');
                     $updated_user->verified = $updated_user->email != $user->email ? false : $user->verified;
                     $updated_user->fullname = $this->input->post('fullname');
                     if ($this->model_users->update_user($user_id, $updated_user)) {
                         // profile updated, checking if email changed and sending verification email
                         if ($updated_user->email != $user->email) {
                             // old keys are deleted so that only new email can be verified
                             $this->model_users->delete_keys($user_id);
                             // new key is generated
                             $key = $this->model_users->unique_key($user_id);
                             if ($this->resend_verification_email($updated_user, $key)) {
                                 // verification email sent
                                 $this->session->set_flashdata('success', my_lang('msg_success_verification_msg_sent', $updated_user->email));
                             } else {
                                 // recovery email not sent
                                 $this->session->set_flashdata('error', my_lang('msg_error_cant_send_verification_msg'));
                             }
                         }
                         // also saving updated user data in session
                         $user_session_data = new dbUser();
                         $user_session_data->copy($updated_user);
                         $this->session->set_userdata($user_session_data);
                         redirect(user_profile_url());
                     } else {
                         // Could not update user, open form with original data
                         $this->settings($user);
                     }
                 } else {
                     // Did not validate form, open form with changed data, but fullname and email will be original
                     $this->settings($updated_user);
                 }
                 break;
             case 'verify':
                 // verify email (in case user didn't verify it previously)
                 $key = $this->model_users->unique_key($user_id);
                 if ($this->resend_verification_email($user, $key)) {
                     // verification email sent
                     $this->session->set_flashdata('success', my_lang('msg_success_verification_msg_sent', $user->email));
                 } else {
                     // recovery email not sent
                     $this->session->set_flashdata('error', my_lang('msg_error_cant_send_verification_msg'));
                 }
                 redirect($previous_page);
                 break;
             case 'password':
                 // change password form and validation/action
                 if ($param = '') {
                     $this->change_password_form();
                 } elseif ($param = 'validate') {
                     $this->form_validation->set_rules('old_password', my_lang('form_password_old_password_field'), 'trim|xss_clean' . ($user->password ? '|required' : ''));
                     $this->form_validation->set_rules('password', my_lang('form_password_password_field'), 'required|matches[c_password]|trim|xss_clean');
                     $this->form_validation->set_rules('c_password', my_lang('form_password_c_password_field'), 'required|trim|xss_clean');
                     if ($this->form_validation->run()) {
                         $ok = $this->model_users->change_user_password($user_id, $this->input->post('old_password'), $this->input->post('password'));
                         if ($ok) {
                             $this->session->set_flashdata('success', my_lang('msg_success_passwd_changed'));
                             redirect(user_profile_url());
                         } else {
                             $this->session->set_flashdata('alert', my_lang('msg_alert_passwd_wrong'));
                             redirect('/i/profile/password');
                         }
                     } else {
                         $this->change_password_form();
                     }
                 }
                 break;
             case 'facebook':
                 // connect/disconnect facebook profile to user's profile
                 if ($user->facebook_id) {
                     // facebook connected, disconnect
                     if ($user->email && $user->password) {
                         // user registered via email/password, disconnecting
                         $user->facebook_id = 0;
                         $user->facebook_name = '';
                         $user->facebook_username = '';
                         $this->model_users->update_user($user->id, $user);
                         $this->choose_best_profile_picture($user);
                         redirect('/i/profile/edit');
                     } else {
                         // no email/password, cannot disconnect facebook
                         $this->session->set_flashdata('alert', my_lang('msg_alert_social_cant_disconnect_no_email', 'Facebook'));
                         redirect('/i/profile/edit');
                     }
                 } else {
                     // facebook not connected, connect facebook
                     $this->load->library('fbconnect');
                     $this->session->set_userdata('previous_page', $previous_page);
                     $ok = $this->fbconnect->fbredirect('/i/profile_facebook');
                     if (!$ok) {
                         $this->session->set_flashdata('alert', my_lang('msg_alert_social_cant_connect', 'Facebook'));
                         redirect($previous_page);
                     }
                 }
                 break;
             case 'twitter':
                 // connect/disconnect twitter profile to user's profile
                 if ($user->twitter_id) {
                     // twitter connected, disconnect
                     if ($user->email && $user->password) {
                         // user registered via email/password, "disconnecting"
                         $user->twitter_id = 0;
                         $user->twitter_token = '';
                         $user->twitter_token_secret = '';
                         $user->twitter_name = '';
                         $user->twitter_username = '';
                         $user->twitter_img_url = '';
                         $user->twitter_verified = false;
                         $this->choose_best_profile_picture($user);
                         // updating user record
                         $this->model_users->update_user($user->id, $user);
                         // clearing twitter session data
                         $this->load->library('twconnect');
                         $this->twconnect->twclear_session_data();
                         // clearing twitter username in session
                         $this->session->unset_userdata('twitter_username');
                         redirect('/i/profile/edit');
                     } else {
                         // no email/password, cannot disconnect twitter
                         $this->session->set_flashdata('alert', my_lang('msg_alert_social_cant_disconnect_no_email', 'Twitter'));
                         redirect('/i/profile/edit');
                     }
                 } else {
                     // twitter not connected, connect twitter
                     $this->load->library('twconnect');
                     $this->session->set_userdata('previous_page', $previous_page);
                     $ok = $this->twconnect->twredirect('/i/profile_twitter');
                     if (!$ok) {
                         $this->session->set_flashdata('alert', my_lang('msg_alert_social_cant_connect', 'Twitter'));
                         $this->twconnect->twclear_session_data();
                         redirect($previous_page);
                     }
                 }
                 break;
             case 'linkedin':
                 // connect/disconnect linkedin profile to user's profile
                 if ($user->linkedin_id) {
                     // linkedin connected, disconnect
                     if ($user->email && $user->password) {
                         // user registered via email/password, "disconnecting"
                         $user->linkedin_id = '';
                         $user->linkedin_token = '';
                         $user->linkedin_token_secret = '';
                         $user->linkedin_token_expires = 0;
                         $user->linkedin_name = '';
                         $user->linkedin_username = '';
                         $user->linkedin_img_url = '';
                         $this->choose_best_profile_picture($user);
                         // updating user record
                         $this->model_users->update_user($user_id, $user);
                         // clearing linkedin session data
                         $this->load->library('in_connect');
                         $this->in_connect->in_clear_session_data();
                         redirect($previous_page);
                     } else {
                         // no email/password, cannot disconnect linkedin
                         $this->session->set_flashdata('alert', my_lang('msg_alert_social_cant_disconnect_no_email', 'LinkedIn'));
                         redirect($previous_page);
                     }
                 } else {
                     // LinkedIn not connected, connect LinkedIn
                     $this->load->library('in_connect');
                     $this->session->set_userdata('previous_page', $previous_page);
                     $ok = $this->in_connect->in_redirect('/i/profile_linkedin');
                     if (!$ok) {
                         $this->session->set_flashdata('alert', my_lang('msg_alert_social_cant_connect', 'LinkedIn'));
                         $this->in_connect->in_clear_session_data();
                         redirect('/i/profile/edit');
                     }
                 }
                 break;
             default:
                 // some wrong path after /i/profile
                 redirect(user_profile_url());
         }
     } else {
         redirect('/');
     }
 }