/**
*
* @param int $oldUserId
* @param array $editUser a post-variable which contains a user..
* working var-names:
* password = cleartext-password<br />
* name = the name of the user..<br />
* username = the username<br />
* role = the new role
* @param PDO $connection
*/
public static function editUser($oldUserId, $editUser, $connection)
{
if (!empty($editUser)) {
$fakeOldUser = usertools::getAlienUserbyId($oldUserId, $connection);
$changes = false;
$changeSQL = array();
$remeberExisting = array();
$userRoleIds = array();
$getUsedRoles = array();
foreach (array_keys($_POST) as $key) {
if (substr($key, 0, 5) == "role_") {
$getUsedRoles[] = $_POST[$key];
}
}
foreach ($fakeOldUser->getRoles() as $uRole) {
$userRoleIds[] = $uRole->getId();
}
if (!empty($editUser['role']) && $fakeOldUser->getUsername() != $editUser['username']) {
array_push($changeSQL, ' name="' . $editUser['name'] . '"');
if ($_SESSION['user']->getId() == $oldUserId) {
$_SESSION['user']->setName($editUser['name']);
}
$changes = true;
}
if (!empty($editUser['password'])) {
$password = hash($GLOBALS["password_hash"], $editUser['password']);
if ($fakeOldUser->getPassword() != $password) {
usertools::setPassword($fakeOldUser->getUsername(), $editUser['password'], $connection);
$changes = true;
}
}
usertools::setRole($fakeOldUser, $getUsedRoles, $connection);
$changes = true;
}
if ($changes) {
$SQLUpdate = "UPDATE users_profile SET";
foreach ($changeSQL as $singlechange) {
$SQLUpdate .= $singlechange;
}
$SQLUpdate .= ' WHERE user_profile_id="' . $fakeOldUser->getId() . '";';
$connection->exec($SQLUpdate);
}
}
case "edit":
$template->assign("allcss", array("js/dojo/dojox/editor/plugins/resources/css/Preview.css", "js/dojo/dojox/form/resources/FileUploader.css", "js/dojo/dojox/editor/plugins/resources/css/FindReplace.css"));
$template->assign("onLoadCode", 'dojo.connect(customfieldList,"onDndDrop",function(e){updateCustomfieldList()});');
$template->assign("dojorequire", array("dojo.dnd.Source", "dojox.editor.plugins.Preview", "dojox.editor.plugins.FindReplace"));
if (isset($_POST)) {
usertools::editUser($user->getId(), $_POST, $connection);
}
if (isset($_GET['editId'])) {
$template->assign("editCustomField", $user->getCustomfieldById($_GET['editId']));
}
$template->assign("customfields", $user->getCustomfields($connection));
$template->assign("roles", $user->getRoles());
$template->assign("username", $user->getUsername());
$template->display('profile_edit.tpl');
break;
default:
if (isset($_GET['userid']) && usertools::userIdExists($_GET['userid'], $connection) && $_GET['userid'] != $user->getId()) {
$user = usertools::getAlienUserbyId($_GET['userid'], $connection);
} elseif (isset($_GET['userid']) && $_GET['userid'] == -1) {
$user = new alienuser();
$user->setId(-1);
$user->setUsername("Guest");
} else {
$template->assign("own", true);
$template->assign("roles", $user->getRoles());
}
$template->assign("customfields", $user->getCustomfields($connection));
$template->assign("username", $user->getUsername());
$template->display("profile.tpl");
break;
}
