/**
* Returns links to edit the profile, based on the permissions of the user
* that is viewing this page.
*/
public function get_edit_links_html(Website $website)
{
$viewing_user = $website->getAuth()->getCurrentUser();
$returnValue = "";
// Get privileges
$is_viewing_themselves = false;
$is_viewing_as_moderator = false;
$is_viewing_as_admin = false;
if ($viewing_user != null) {
$is_viewing_themselves = $this->user->getId() == $viewing_user->getId();
if ($website->isLoggedInAsStaff(false)) {
$is_viewing_as_moderator = true;
}
if ($website->isLoggedInAsStaff(true)) {
$is_viewing_as_admin = true;
}
}
// Gravatar link + help
if ($is_viewing_themselves) {
// No way that other admins can edit someone's avatar, so only display help text for owner
$returnValue .= <<<EOT
<p>
{$website->tReplaced("users.gravatar.explained", '<a href="http://gravatar.com/">gravatar.com</a>')}
</p>
EOT;
}
// Add all account edit links
$edit_links = [];
if (!$is_viewing_themselves && $is_viewing_as_moderator) {
// Accessed by a moderator that isn't viewing his/her own account
// Add (un)ban link
$edit_links[] = $this->get_edit_link($website, "edit_account_status", "users.status.edit");
}
if ($is_viewing_themselves || $is_viewing_as_admin) {
// Accessed by the user themselves or an admin
// Display links to edit profile
$edit_links[] = $this->get_edit_link($website, "edit_email", "users.email.edit");
$edit_links[] = $this->get_edit_link($website, "edit_password", "users.password.edit");
$edit_links[] = $this->get_edit_link($website, "edit_display_name", "users.display_name.edit");
}
if (!$is_viewing_themselves && $is_viewing_as_admin) {
// Accessed by an admin that isn't viewing his/her own account
// Add rank edit link and login link
$edit_links[] = $this->get_edit_link($website, "edit_rank", "users.rank.edit");
// Only display login link if account is not deleted/banned
if ($this->user->canLogIn()) {
$edit_links[] = $this->get_edit_link($website, "login_other", "main.log_in");
}
}
if (count($edit_links) > 0) {
$returnValue .= "<p>\n" . implode($edit_links) . "</p>\n";
}
return $returnValue;
}
/**
* Save that user object in the session. Doesn't modify the login cookie.
* Null values are not permitted. Use log_out to log the current user out.
* @param User $user The user to login
* @return boolean Whether the user object was set. Returns false when the
* account is banned or deleted.
*/
public function setCurrentUser(User $user)
{
if (!$user->canLogIn()) {
// User is banned or something
return false;
}
$_SESSION['user_id'] = $user->getId();
if ($user->hasRank(self::RANK_MODERATOR)) {
// This session vars are purely used for CKEditor.
// In rCMS there are much better, easier and safer ways to check this.
$_SESSION['moderator'] = true;
} else {
$_SESSION['moderator'] = false;
}
$this->currentUser = $user;
return true;
}
