$insert_values = array();
// obtain fields
foreach ($prefs_fields as $fieldname) {
if (isset($_POST[$fieldname])) {
$value = trim($_POST[$fieldname]);
} else {
$value = "";
}
// now, check validity
if ($value != '') {
switch ($fieldname) {
case 'pref_email':
if (GALETTE_MODE === 'DEMO') {
Analog::log('Trying to set pref_email while in DEMO.', Analog::WARNING);
} else {
if (!Core\GaletteMail::isValidEmail($value)) {
$error_detected[] = _T("- Non-valid E-Mail address!");
}
}
break;
case 'pref_admin_login':
if (GALETTE_MODE === 'DEMO') {
Analog::log('Trying to set superadmin login while in DEMO.', Analog::WARNING);
} else {
if (strlen($value) < 4) {
$error_detected[] = _T("- The username must be composed of at least 4 characters!");
} else {
//check if login is already taken
if ($login->loginExists($value)) {
$error_detected[] = _T("- This username is already in use, please choose another one!");
}
}
} else {
//something went wrong :'(
$error_detected[] = _T("An error occured while storing the contribution.");
}
}
}
if (count($error_detected) == 0) {
$dyn_fields->setAllFields('contrib', $contrib->id, $contribution['dyn']);
// Get member informations
$adh = new Adherent();
$adh->load($contrib->member);
if ($preferences->pref_mail_method > GaletteMail::METHOD_DISABLED) {
$texts = new Texts($texts_fields, $preferences, array('name_adh' => custom_html_entity_decode($adh->sname), 'firstname_adh' => custom_html_entity_decode($adh->surname), 'lastname_adh' => custom_html_entity_decode($adh->name), 'mail_adh' => custom_html_entity_decode($adh->email), 'login_adh' => custom_html_entity_decode($adh->login), 'deadline' => custom_html_entity_decode($contrib->end_date), 'contrib_info' => custom_html_entity_decode($contrib->info), 'contrib_amount' => custom_html_entity_decode($contrib->amount), 'contrib_type' => custom_html_entity_decode($contrib->type->libelle)));
if ($new && isset($_POST['mail_confirm']) && $_POST['mail_confirm'] == '1') {
if (GaletteMail::isValidEmail($adh->email)) {
$text = 'contrib';
if (!$contrib->isCotis()) {
$text = 'donation';
}
$mtxt = $texts->getTexts($text, $adh->language);
$mail = new GaletteMail();
$mail->setSubject($texts->getSubject());
$mail->setRecipients(array($adh->email => $adh->sname));
$mail->setMessage($texts->getBody());
$sent = $mail->send();
if ($sent) {
$hist->add(preg_replace(array('/%name/', '/%email/'), array($adh->sname, $adh->email), _T("Mail sent to user %name (%email)")));
} else {
$txt = preg_replace(array('/%name/', '/%email/'), array($adh->sname, $adh->email), _T("A problem happened while sending contribution receipt to user %name (%email)"));
$hist->add($txt);
/**
* Check posted values validity
*
* @param array $values All values to check, basically the $_POST array
* after sending the form
* @param array $required Array of required fields
* @param array $disabled Array of disabled fields
*
* @return true|array
*/
public function check($values, $required, $disabled)
{
global $zdb, $preferences;
$errors = array();
$fields = self::getDbFields();
//reset company name if needeed
if (!isset($values['is_company']) || $values['is_company'] != 1) {
unset($values['is_company']);
unset($values['societe_adh']);
}
foreach ($fields as $key) {
//first of all, let's sanitize values
$key = strtolower($key);
$prop = '_' . $this->_fields[$key]['propname'];
if (isset($values[$key])) {
$value = trim($values[$key]);
} else {
switch ($key) {
case 'bool_admin_adh':
case 'bool_exempt_adh':
case 'bool_display_info':
$value = 0;
break;
case 'activite_adh':
//values that are setted at object instanciation
$value = true;
break;
case 'date_crea_adh':
case 'sexe_adh':
case 'titre_adh':
case 'id_statut':
case 'pref_lang':
case 'parent_id':
//values that are setted at object instanciation
$value = $this->{$prop};
break;
default:
$value = '';
}
}
// if the field is enabled, check it
if (!isset($disabled[$key])) {
// fill up the adherent structure
if ($value !== null) {
$this->{$prop} = stripslashes($value);
}
// now, check validity
if ($value !== null && $value != '') {
switch ($key) {
// dates
case 'date_crea_adh':
case 'ddn_adh':
try {
$d = \DateTime::createFromFormat(_T("Y-m-d"), $value);
if ($d === false) {
//try with non localized date
$d = \DateTime::createFromFormat("Y-m-d", $value);
if ($d === false) {
throw new \Exception('Incorrect format');
}
}
$this->{$prop} = $d->format('Y-m-d');
} catch (\Exception $e) {
Analog::log('Wrong date format. field: ' . $key . ', value: ' . $value . ', expected fmt: ' . _T("Y-m-d") . ' | ' . $e->getMessage(), Analog::INFO);
$errors[] = str_replace(array('%date_format', '%field'), array(_T("Y-m-d"), $this->_fields[$key]['label']), _T("- Wrong date format (%date_format) for %field!"));
}
break;
case 'titre_adh':
if ($value !== null && $value !== '') {
if ($value == '-1') {
$this->{$prop} = null;
} else {
$this->{$prop} = new Title((int) $value);
}
} else {
$this->{$prop} = null;
}
break;
case 'email_adh':
case 'msn_adh':
if (!GaletteMail::isValidEmail($value)) {
$errors[] = _T("- Non-valid E-Mail address!") . ' (' . $this->getFieldName($key) . ')';
}
if ($key == 'email_adh') {
try {
$select = $zdb->select(self::TABLE);
$select->columns(array(self::PK))->where(array('email_adh' => $value));
if ($this->_id != '' && $this->_id != null) {
$select->where(self::PK . ' != ' . $this->_id);
}
$results = $zdb->execute($select);
if ($results->count() !== 0) {
$errors[] = _T("- This E-Mail address is already used by another member!");
}
} catch (\Exception $e) {
Analog::log('An error occured checking member email unicity.', Analog::ERROR);
$errors[] = _T("An error has occured while looking if login already exists.");
}
}
break;
case 'url_adh':
if ($value == 'http://') {
$this->{$prop} = '';
} elseif (!isValidWebUrl($value)) {
$errors[] = _T("- Non-valid Website address! Maybe you've skipped the http:// ?");
}
break;
case 'login_adh':
/** FIXME: add a preference for login lenght */
if (strlen($value) < 2) {
$errors[] = str_replace('%i', 2, _T("- The username must be composed of at least %i characters!"));
} else {
//check if login does not contain the @ character
if (strpos($value, '@') != false) {
$errors[] = _T("- The username cannot contain the @ character");
} else {
//check if login is already taken
try {
$select = $zdb->select(self::TABLE);
$select->columns(array(self::PK))->where(array('login_adh' => $value));
if ($this->_id != '' && $this->_id != null) {
$select->where(self::PK . ' != ' . $this->_id);
}
$results = $zdb->execute($select);
if ($results->count() !== 0 || $value == $preferences->pref_admin_login) {
$errors[] = _T("- This username is already in use, please choose another one!");
}
} catch (\Exception $e) {
Analog::log('An error occured checking member login unicity.', Analog::ERROR);
$errors[] = _T("An error has occured while looking if login already exists.");
}
}
}
break;
case 'mdp_adh':
/** TODO: check password complexity, set by a preference */
/** FIXME: add a preference for password lenght */
if (strlen($value) < 6) {
$errors[] = str_replace('%i', 6, _T("- The password must be of at least %i characters!"));
} else {
if ($this->_self_adh !== true && (!isset($values['mdp_adh2']) || $values['mdp_adh2'] != $value)) {
$errors[] = _T("- The passwords don't match!");
} else {
if ($this->_self_adh === true && !crypt($value, $values['mdp_crypt']) == $values['mdp_crypt']) {
$errors[] = _T("Password misrepeated: ");
} else {
$this->{$prop} = password_hash($value, PASSWORD_BCRYPT);
}
}
}
break;
case 'id_statut':
try {
//check if status exists
$select = $zdb->select(Status::TABLE);
$select->where(Status::PK . '= ' . $value);
$results = $zdb->execute($select);
$result = $results->current();
if ($result === false) {
$errors[] = str_replace('%id', $value, _T("Status #%id does not exists in database."));
break;
}
//check for status unicity
$select = $zdb->select(self::TABLE, 'a');
$select->limit(1)->join(array('b' => PREFIX_DB . Status::TABLE), 'a.' . Status::PK . '=b.' . Status::PK, array('libelle_statut'))->where('b.' . Status::PK . '=' . $value);
$select->where->lessThan('b.priorite_statut', Members::NON_STAFF_MEMBERS);
if ($this->_id != '' && $this->_id != null) {
$select->where('a.' . self::PK . ' != ' . $this->_id);
}
$results = $zdb->execute($select);
$result = $results->current();
if ($result !== false) {
$errors[] = str_replace(array('%s', '%i', '%n', '%m'), array($result->libelle_statut, $result->id_adh, $result->nom_adh, $result->prenom_adh), _T("Selected status (%s) is already in use in <a href='voir_adherent.php?id_adh=%i'>%n %m's profile</a>."));
}
} catch (\Exception $e) {
Analog::log('An error occured checking status unicity: ' . $e->getMessage(), Analog::ERROR);
$errors[] = _T("An error has occured while looking if status is already in use.");
}
break;
}
} else {
if ($key == 'login_adh' && !isset($required['login_adh']) || $key == 'mdp_adh' && !isset($required['mdp_adh']) && !isset($this->_id)) {
$p = new Password();
$this->{$prop} = $p->makeRandomPassword(15);
}
}
}
}
// missing required fields?
while (list($key, $val) = each($required)) {
$prop = '_' . $this->_fields[$key]['propname'];
if (isset($disabled[$key])) {
$mandatory_missing = false;
if (!isset($this->{$prop})) {
$mandatory_missing = true;
} else {
if ($key === 'titre_adh' && $this->{$prop} == '-1') {
$mandatory_missing = true;
}
}
if ($mandatory_missing === true) {
$errors[] = _T("- Mandatory field empty: ") . ' <a href="#' . $key . '">' . $this->getFieldName($key) . '</a>';
}
}
}
//attach to/detach from parent
if (isset($values['detach_parent'])) {
$this->_parent = null;
}
if (count($errors) > 0) {
Analog::log('Some errors has been throwed attempting to edit/store a member' . print_r($errors, true), Analog::DEBUG);
return $errors;
} else {
Analog::log('Member checked successfully.', Analog::DEBUG);
return true;
}
}
$hist->add($str);
$error_detected[] = $str;
}
} else {
$str = str_replace('%s', $login_adh, _T("An error occured storing temporary password for %s. Please inform an admin."));
$hist->add($str);
$error_detected[] = $str;
}
} else {
$str = str_replace('%s', $login_adh, _T("Your account (%s) do not contain any valid mail address"));
$hist->add($str);
$error_detected[] = $str;
}
} else {
//account has not been found
if (Core\GaletteMail::isValidEmail($login_adh)) {
$str = str_replace('%s', $login_adh, _T("Mails address %s does not exist"));
$hist->add($str);
$error_detected[] = $str;
} else {
$str = str_replace('%s', $login_adh, _T("Login %s does not exist"));
$hist->add($str);
$error_detected[] = $str;
}
}
}
$tpl->assign('done', $done);
if ($from_admin) {
if (count($error_detected) > 0) {
$session['lostpasswd_errors'] = serialize($error_detected);
}
