Exemplo n.º 1
0
 public function action_save_contact()
 {
     // Must be an administrator or the actual user saving their information
     if (!$this->is_level(3) and Yii::app()->user->cid != $_REQUEST["cid"]) {
         return print "You do not have permission to edit this contact.";
     }
     $contact = new ContactObj($_REQUEST["cid"]);
     if (!$contact->loaded) {
         return print "Contact could not be found.";
     }
     $name = $contact->firstname . " " . $contact->lastname;
     foreach ($_REQUEST as $item => $value) {
         $contact->{$item} = $value;
     }
     $log = new LogObj();
     if (!$contact->save()) {
         $log->type = "error";
         $log->log_message = "Attempting to update information of contact (" . $contact->cid . ") \"{$name}\" bio.\n";
         $log->log_message .= $contact->get_error();
         if (!$log->save()) {
             die($log->get_error());
         }
         return print $log->log_message;
     }
     $name = $contact->firstname . " " . $contact->lastname;
     $log->type = "update";
     $log->log_message = "Successfully updated information of contact (" . $contact->cid . ") \"{$name}\".";
     $log->save();
     if (isset($contact->username) and $contact->username != "") {
         $user = new UserObj($contact->username);
         if (isset($_REQUEST["permission"])) {
             $permission = $_REQUEST["permission"];
             if ($permission > @Yii::app()->user->userobj->permission) {
                 $permission = @Yii::app()->user->userobj->permission;
             }
             $user->permission = $permission;
             $user->email = $user->username . "@colorado.edu";
             $user->active = @$_REQUEST["makeuser"];
             if (!$user->save()) {
                 return print $user->get_error();
             }
         }
     }
     return print 1;
 }