/**
* Shows the user edit form
*
* @param int $uid User to edit
* @param int $msg Error message to display
* @return string HTML for user edit form
*
*/
function edituser($uid = '', $msg = '')
{
global $_CONF, $_TABLES, $_USER, $LANG28, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
if (!empty($msg)) {
$retval .= COM_showMessageText($MESSAGE[$msg], $LANG28[22]);
}
if (!empty($msg) && !empty($uid) && $uid > 1) {
// an error occured while editing a user - if it was a new account,
// don't bother trying to read the user's data from the database ...
$cnt = DB_count($_TABLES['users'], 'uid', $uid);
if ($cnt == 0) {
$uid = '';
}
}
if (!empty($uid) && $uid > 1) {
$result = DB_query("SELECT * FROM {$_TABLES['users']} WHERE uid = '{$uid}'");
$A = DB_fetchArray($result);
if (empty($A['uid'])) {
return COM_refresh($_CONF['site_admin_url'] . '/user.php');
}
if (SEC_inGroup('Root', $uid) and !SEC_inGroup('Root')) {
// the current admin user isn't Root but is trying to change
// a root account. Deny them and log it.
$retval .= COM_showMessageText($LANG_ACCESS['editrootmsg'], $LANG28[1]);
COM_accessLog("User {$_USER['username']} tried to edit a Root account with insufficient privileges.");
return $retval;
}
$curtime = COM_getUserDateTimeFormat($A['regdate']);
$lastlogin = DB_getItem($_TABLES['userinfo'], 'lastlogin', "uid = '{$uid}'");
$lasttime = COM_getUserDateTimeFormat($lastlogin);
} else {
$A['uid'] = '';
$uid = '';
$curtime = COM_getUserDateTimeFormat();
$lastlogin = '';
$lasttime = '';
$A['status'] = USER_ACCOUNT_ACTIVE;
}
// POST data can override, in case there was an error while editing a user
if (isset($_POST['username'])) {
$A['username'] = strip_tags($_POST['username']);
}
if (isset($_POST['fullname'])) {
$A['fullname'] = strip_tags($_POST['fullname']);
}
if (isset($_POST['email'])) {
$A['email'] = strip_tags($_POST['email']);
}
if (isset($_POST['homepage'])) {
$A['homepage'] = strip_tags($_POST['homepage']);
}
if (isset($_POST['userstatus'])) {
$A['status'] = COM_applyFilter($_POST['userstatus'], true);
}
$token = SEC_createToken();
$retval .= COM_startBlock($LANG28[1], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= SEC_getTokenExpiryNotice($token);
$user_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/user');
$user_templates->set_file(array('form' => 'edituser.thtml', 'password' => 'password.thtml', 'groupedit' => 'groupedit.thtml'));
$user_templates->set_var('lang_save', $LANG_ADMIN['save']);
if (!empty($uid) && $A['uid'] != $_USER['uid'] && SEC_hasRights('user.delete')) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$user_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$user_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
}
$user_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$user_templates->set_var('lang_userid', $LANG28[2]);
if (empty($A['uid'])) {
$user_templates->set_var('user_id', $LANG_ADMIN['na']);
} else {
$user_templates->set_var('user_id', $A['uid']);
}
$user_templates->set_var('lang_regdate', $LANG28[14]);
$user_templates->set_var('regdate_timestamp', $curtime[1]);
$user_templates->set_var('user_regdate', $curtime[0]);
$user_templates->set_var('lang_lastlogin', $LANG28[35]);
if (empty($lastlogin)) {
$user_templates->set_var('user_lastlogin', $LANG28[36]);
} else {
$user_templates->set_var('user_lastlogin', $lasttime[0]);
}
$user_templates->set_var('lang_username', $LANG28[3]);
if (isset($A['username'])) {
$user_templates->set_var('username', $A['username']);
} else {
$user_templates->set_var('username', '');
}
$remoteservice = '';
if ($_CONF['show_servicename']) {
if (!empty($A['remoteservice'])) {
$remoteservice = '@' . $A['remoteservice'];
}
}
$user_templates->set_var('remoteservice', $remoteservice);
if ($_CONF['allow_user_photo'] && $A['uid'] > 0) {
$photo = USER_getPhoto($A['uid'], $A['photo'], $A['email'], -1);
$user_templates->set_var('user_photo', $photo);
if (empty($A['photo'])) {
$user_templates->set_var('lang_delete_photo', '');
$user_templates->set_var('delete_photo_option', '');
} else {
$user_templates->set_var('lang_delete_photo', $LANG28[28]);
$user_templates->set_var('delete_photo_option', '<input type="checkbox" name="delete_photo"' . XHTML . '>');
}
} else {
$user_templates->set_var('user_photo', '');
$user_templates->set_var('lang_delete_photo', '');
$user_templates->set_var('delete_photo_option', '');
}
$user_templates->set_var('lang_fullname', $LANG28[4]);
if (isset($A['fullname'])) {
$user_templates->set_var('user_fullname', htmlspecialchars($A['fullname']));
} else {
$user_templates->set_var('user_fullname', '');
}
if (empty($A['remoteservice'])) {
$user_templates->set_var('lang_password', $LANG28[5]);
$user_templates->set_var('lang_password_conf', $LANG28[39]);
$user_templates->parse('password_option', 'password', true);
} else {
$user_templates->set_var('password_option', '');
}
$user_templates->set_var('lang_emailaddress', $LANG28[7]);
if (isset($A['email'])) {
$user_templates->set_var('user_email', htmlspecialchars($A['email']));
} else {
$user_templates->set_var('user_email', '');
}
$user_templates->set_var('lang_homepage', $LANG28[8]);
if (isset($A['homepage'])) {
$user_templates->set_var('user_homepage', htmlspecialchars($A['homepage']));
} else {
$user_templates->set_var('user_homepage', '');
}
$user_templates->set_var('do_not_use_spaces', '');
$statusarray = array(USER_ACCOUNT_AWAITING_ACTIVATION => $LANG28[43], USER_ACCOUNT_ACTIVE => $LANG28[45]);
$allow_ban = true;
if (!empty($uid)) {
if ($A['uid'] == $_USER['uid']) {
$allow_ban = false;
// do not allow to ban yourself
} elseif (SEC_inGroup('Root', $A['uid'])) {
// editing a Root user?
$count_root_sql = "SELECT COUNT(ug_uid) AS root_count FROM {$_TABLES['group_assignments']} WHERE ug_main_grp_id = 1 GROUP BY ug_uid;";
$count_root_result = DB_query($count_root_sql);
$C = DB_fetchArray($count_root_result);
// how many are left?
if ($C['root_count'] < 2) {
$allow_ban = false;
// prevent banning the last root user
}
}
}
if ($allow_ban) {
$statusarray[USER_ACCOUNT_DISABLED] = $LANG28[42];
}
if ($_CONF['usersubmission'] == 1 && !empty($uid)) {
$statusarray[USER_ACCOUNT_AWAITING_APPROVAL] = $LANG28[44];
}
asort($statusarray);
$statusselect = '<select name="userstatus">';
foreach ($statusarray as $key => $value) {
$statusselect .= '<option value="' . $key . '"';
if ($key == $A['status']) {
$statusselect .= ' selected="selected"';
}
$statusselect .= '>' . $value . '</option>' . LB;
}
$statusselect .= '</select><input type="hidden" name="oldstatus" value="' . $A['status'] . '"' . XHTML . '>';
$user_templates->set_var('user_status', $statusselect);
$user_templates->set_var('lang_user_status', $LANG28[46]);
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userEdit')) {
if (!empty($uid) && $uid > 1) {
$user_templates->set_var('customfields', CUSTOM_userEdit($uid));
} else {
$user_templates->set_var('customfields', CUSTOM_userEdit($A['uid']));
}
}
if (SEC_hasRights('group.assign')) {
$user_templates->set_var('lang_securitygroups', $LANG_ACCESS['securitygroups']);
$user_templates->set_var('lang_groupinstructions', $LANG_ACCESS['securitygroupsmsg']);
if (!empty($uid)) {
$usergroups = SEC_getUserGroups($uid);
if (is_array($usergroups) && !empty($uid)) {
$selected = implode(' ', $usergroups);
} else {
$selected = '';
}
} else {
$selected = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'All Users'") . ' ';
$selected .= DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Logged-in Users'");
// add default groups, if any
$result = DB_query("SELECT grp_id FROM {$_TABLES['groups']} WHERE grp_default = 1");
$num_defaults = DB_numRows($result);
for ($i = 0; $i < $num_defaults; $i++) {
list($def_grp) = DB_fetchArray($result);
$selected .= ' ' . $def_grp;
}
}
// in case of an error we may have previously selected a different
// mix of groups already - reconstruct those from the POST data
if (isset($_POST['groups']) && count($_POST['groups']) > 0) {
$selected = implode(' ', $_POST['groups']);
}
$thisUsersGroups = SEC_getUserGroups();
$remoteGroup = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
if (!empty($remoteGroup)) {
$thisUsersGroups[] = $remoteGroup;
}
$whereGroups = 'grp_id IN (' . implode(',', $thisUsersGroups) . ')';
$header_arr = array(array('text' => $LANG28[86], 'field' => 'checkbox', 'sort' => false), array('text' => $LANG_ACCESS['groupname'], 'field' => 'grp_name', 'sort' => true), array('text' => $LANG_ACCESS['description'], 'field' => 'grp_descr', 'sort' => true));
$defsort_arr = array('field' => 'grp_name', 'direction' => 'asc');
$form_url = $_CONF['site_admin_url'] . '/user.php?mode=edit&uid=' . $uid;
$text_arr = array('has_menu' => false, 'title' => '', 'instructions' => '', 'icon' => '', 'form_url' => $form_url, 'inline' => true);
$sql = "SELECT grp_id, grp_name, grp_descr FROM {$_TABLES['groups']} WHERE " . $whereGroups;
$query_arr = array('table' => 'groups', 'sql' => $sql, 'query_fields' => array('grp_name'), 'default_filter' => '', 'query' => '', 'query_limit' => 0);
$groupoptions = ADMIN_list('usergroups', 'ADMIN_getListField_usergroups', $header_arr, $text_arr, $query_arr, $defsort_arr, '', explode(' ', $selected));
$user_templates->set_var('group_options', $groupoptions);
$user_templates->parse('group_edit', 'groupedit', true);
} else {
// user doesn't have the rights to edit a user's groups so set to -1
// so we know not to handle the groups array when we save
$user_templates->set_var('group_edit', '<input type="hidden" name="groups" value="-1"' . XHTML . '>');
}
$user_templates->set_var('gltoken_name', CSRF_TOKEN);
$user_templates->set_var('gltoken', $token);
$user_templates->parse('output', 'form');
$retval .= $user_templates->finish($user_templates->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Shows the user's current settings
*
*/
function edituser()
{
global $_CONF, $_TABLES, $_USER, $LANG_MYACCOUNT, $LANG04, $LANG_ADMIN;
$result = DB_query("SELECT fullname,cookietimeout,email,homepage,sig,emailstories,about,location,pgpkey,photo FROM {$_TABLES['users']},{$_TABLES['userprefs']},{$_TABLES['userinfo']} WHERE {$_TABLES['users']}.uid = {$_USER['uid']} AND {$_TABLES['userprefs']}.uid = {$_USER['uid']} AND {$_TABLES['userinfo']}.uid = {$_USER['uid']}");
$A = DB_fetchArray($result);
$preferences = new Template($_CONF['path_layout'] . 'preferences');
$preferences->set_file(array('profile' => 'profile.thtml', 'photo' => 'userphoto.thtml', 'username' => 'username.thtml', 'deleteaccount' => 'deleteaccount.thtml'));
include $_CONF['path_system'] . 'classes/navbar.class.php';
$navbar = new navbar();
$cnt = 0;
foreach ($LANG_MYACCOUNT as $id => $label) {
$navbar->add_menuitem($label, 'showhideProfileEditorDiv("' . $id . '",' . $cnt . ');return false;', true);
$cnt++;
}
$navbar->set_selected($LANG_MYACCOUNT['pe_namepass']);
$preferences->set_var('xhtml', XHTML);
$preferences->set_var('navbar', $navbar->generate());
$preferences->set_var('site_url', $_CONF['site_url']);
$preferences->set_var('layout_url', $_CONF['layout_url']);
$preferences->set_var('no_javascript_warning', $LANG04[150]);
$preferences->set_var('cssid1', 1);
$preferences->set_var('cssid2', 2);
$preferences->set_var('preview', userprofile($_USER['uid']));
$preferences->set_var('prefs', editpreferences());
// some trickery to ensure alternating colors with the available options ...
if ($_CONF['allow_username_change'] == 1) {
$first = 1;
$second = 2;
} else {
$first = 2;
$second = 1;
}
$preferences->set_var('cssid1u', $first);
$preferences->set_var('cssid2u', $second);
if ($_CONF['allow_user_photo'] == 1) {
$tmp = $first;
$first = $second;
$second = $tmp;
}
$preferences->set_var('cssid1p', $first);
$preferences->set_var('cssid2p', $second);
$preferences->set_var('lang_fullname', $LANG04[3]);
$preferences->set_var('lang_fullname_text', $LANG04[34]);
$preferences->set_var('lang_username', $LANG04[2]);
$preferences->set_var('lang_username_text', $LANG04[87]);
$preferences->set_var('lang_password_help_title', $LANG04[146]);
$preferences->set_var('lang_password_help', $LANG04[147]);
$preferences->set_var('lang_password', $LANG04[4]);
$preferences->set_var('lang_password_text', $LANG04[35]);
$preferences->set_var('lang_password_conf', $LANG04[108]);
$preferences->set_var('lang_password_text_conf', $LANG04[109]);
$preferences->set_var('lang_old_password', $LANG04[110]);
$preferences->set_var('lang_old_password_text', $LANG04[111]);
$preferences->set_var('lang_cooktime', $LANG04[68]);
$preferences->set_var('lang_cooktime_text', $LANG04[69]);
$preferences->set_var('lang_email', $LANG04[5]);
$preferences->set_var('lang_email_text', $LANG04[33]);
$preferences->set_var('lang_email_conf', $LANG04[124]);
$preferences->set_var('lang_email_conf_text', $LANG04[126]);
$preferences->set_var('lang_userinfo_help_title', $LANG04[148]);
$preferences->set_var('lang_userinfo_help', $LANG04[149]);
$preferences->set_var('lang_homepage', $LANG04[6]);
$preferences->set_var('lang_homepage_text', $LANG04[36]);
$preferences->set_var('lang_location', $LANG04[106]);
$preferences->set_var('lang_location_text', $LANG04[107]);
$preferences->set_var('lang_signature', $LANG04[32]);
$preferences->set_var('lang_signature_text', $LANG04[37]);
$preferences->set_var('lang_userphoto', $LANG04[77]);
$preferences->set_var('lang_userphoto_text', $LANG04[78]);
$preferences->set_var('lang_about', $LANG04[7]);
$preferences->set_var('lang_about_text', $LANG04[38]);
$preferences->set_var('lang_pgpkey', $LANG04[8]);
$preferences->set_var('lang_pgpkey_text', $LANG04[39]);
$preferences->set_var('lang_submit', $LANG04[9]);
$preferences->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$preferences->set_var('lang_preview_title', $LANG04[145]);
$preferences->set_var('lang_enter_current_password', $LANG04[127]);
$preferences->set_var('lang_name_legend', $LANG04[128]);
$preferences->set_var('lang_password_email_legend', $LANG04[129]);
$preferences->set_var('lang_personal_info_legend', $LANG04[130]);
$display_name = COM_getDisplayName($_USER['uid']);
//$preferences->set_var ('start_block_profile',
// COM_startBlock ($LANG04[1] . ' ' . $display_name));
//$preferences->set_var ('end_block', COM_endBlock ());
$preferences->set_var('profile_headline', $LANG04[1] . ' ' . $display_name);
if ($_CONF['allow_user_photo'] == 1) {
$preferences->set_var('enctype', 'enctype="multipart/form-data"');
} else {
$preferences->set_var('enctype', '');
}
$preferences->set_var('fullname_value', htmlspecialchars($A['fullname']));
$preferences->set_var('new_username_value', htmlspecialchars($_USER['username']));
$preferences->set_var('password_value', '');
if ($_CONF['allow_username_change'] == 1) {
$preferences->parse('username_option', 'username', true);
} else {
$preferences->set_var('username_option', '');
}
$selection = '<select id="cooktime" name="cooktime">' . LB;
$selection .= COM_optionList($_TABLES['cookiecodes'], 'cc_value,cc_descr', $A['cookietimeout'], 0);
$selection .= '</select>';
$preferences->set_var('cooktime_selector', $selection);
$preferences->set_var('email_value', htmlspecialchars($A['email']));
$preferences->set_var('homepage_value', htmlspecialchars(COM_killJS($A['homepage'])));
$preferences->set_var('location_value', htmlspecialchars(strip_tags($A['location'])));
$preferences->set_var('signature_value', htmlspecialchars($A['sig']));
if ($_CONF['allow_user_photo'] == 1) {
$photo = USER_getPhoto($_USER['uid'], $A['photo'], $A['email'], -1);
if (empty($photo)) {
$preferences->set_var('display_photo', '');
} else {
if (empty($A['photo'])) {
// external avatar
$photo = '<br' . XHTML . '>' . $photo;
} else {
// uploaded photo - add delete option
$photo = '<br' . XHTML . '>' . $photo . '<br' . XHTML . '>' . $LANG04[79] . ' <input type="checkbox" name="delete_photo"' . XHTML . '>' . LB;
}
$preferences->set_var('display_photo', $photo);
}
if (empty($_CONF['image_lib'])) {
$scaling = $LANG04[162];
} else {
$scaling = $LANG04[161];
}
$preferences->set_var('photo_max_dimensions', sprintf($LANG04[160], $_CONF['max_photo_width'], $_CONF['max_photo_height'], $_CONF['max_photo_size'], $scaling));
$preferences->parse('userphoto_option', 'photo', true);
} else {
$preferences->set_var('userphoto_option', '');
}
$result = DB_query("SELECT about,pgpkey FROM {$_TABLES['userinfo']} WHERE uid = {$_USER['uid']}");
$A = DB_fetchArray($result);
$reqid = substr(md5(uniqid(rand(), 1)), 1, 16);
DB_change($_TABLES['users'], 'pwrequestid', $reqid, 'uid', $_USER['uid']);
$preferences->set_var('about_value', htmlspecialchars($A['about']));
$preferences->set_var('pgpkey_value', htmlspecialchars($A['pgpkey']));
$preferences->set_var('uid_value', $reqid);
$preferences->set_var('username_value', htmlspecialchars($_USER['username']));
if ($_CONF['allow_account_delete'] == 1) {
$preferences->set_var('lang_deleteaccount', $LANG04[156]);
$preferences->set_var('delete_text', $LANG04[95]);
$preferences->set_var('lang_button_delete', $LANG04[96]);
$preferences->set_var('delete_mode', 'confirmdelete');
$preferences->set_var('account_id', $reqid);
if (isset($LANG04[157])) {
$preferences->set_var('lang_deleteoption', $LANG04[157]);
} else {
$preferences->set_var('lang_deleteoption', $LANG04[156]);
}
$preferences->parse('delete_account_option', 'deleteaccount', false);
} else {
$preferences->set_var('delete_account_option', '');
}
// Call custom account form and edit function if enabled and exists
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userEdit')) {
$preferences->set_var('customfields', CUSTOM_userEdit($_USER['uid']));
}
PLG_profileVariablesEdit($_USER['uid'], $preferences);
$retval = $preferences->finish($preferences->parse('output', 'profile'));
$retval .= PLG_profileBlocksEdit($_USER['uid']);
return $retval;
}
function USER_userinfoPanel($U, $newuser = 0)
{
global $_CONF, $_SYSTEM, $_TABLES, $_USER, $LANG_MYACCOUNT, $LANG04;
$uid = $U['uid'];
// set template
$userform = new Template($_CONF['path_layout'] . 'admin/user/');
$userform->set_file('user', 'userinfopanel.thtml');
$userform->set_var(array('lang_personal_info_legend' => $LANG04[130], 'lang_userinfo_help_title' => $LANG04[148], 'lang_userinfo_help' => $LANG04[149], 'lang_homepage' => $LANG04[6], 'lang_location' => $LANG04[106], 'lang_signature' => $LANG04[32], 'lang_about' => $LANG04[7], 'lang_pgpkey' => $LANG04[8], 'lang_social_follow' => $LANG04[198], 'lang_social_info' => $LANG04[199], 'lang_social_service' => $LANG04[200], 'lang_social_username' => $LANG04[201]));
$follow_me = SOC_followMeProfile($uid);
if (is_array($follow_me) && count($follow_me) > 0) {
$userform->set_block('user', 'social_links', 'sl');
$userform->set_var('social_followme_enabled', true);
foreach ($follow_me as $service) {
$userform->set_var('service_display_name', $service['service_display_name']);
$userform->set_var('service', $service['service']);
$userform->set_var('service_username', $service['service_username']);
$userform->parse('sl', 'social_links', true);
}
} else {
$userform->unset_var('social_followme_enabled');
}
if ($_CONF['allow_user_photo'] == 1) {
$userform->set_var('lang_userphoto', $LANG04[77]);
}
$userform->set_var('homepage_value', @htmlspecialchars(COM_killJS($U['homepage']), ENT_NOQUOTES, COM_getEncodingt()));
$userform->set_var('location_value', @htmlspecialchars(strip_tags($U['location']), ENT_NOQUOTES, COM_getEncodingt()));
$userform->set_var('signature_value', @htmlspecialchars($U['sig'], ENT_NOQUOTES, COM_getEncodingt()));
$userform->set_var('about_value', @htmlspecialchars($U['about'], ENT_NOQUOTES, COM_getEncodingt()));
$userform->set_var('pgpkey_value', @htmlspecialchars($U['pgpkey'], ENT_NOQUOTES, COM_getEncodingt()));
if ($_CONF['allow_user_photo'] == 1) {
if (!empty($uid) && $uid > 1) {
$photo = USER_getPhoto($uid, $U['photo'], $U['email'], -1);
if (empty($photo)) {
$userform->set_var('display_photo', '');
} else {
if (empty($U['photo'])) {
// external avatar
$photo = '<br/>' . $photo;
} else {
// uploaded photo - add delete option
$photo = '<br/>' . $photo . '<br/>' . $LANG04[79] . ' <input type="checkbox" name="delete_photo"/>' . LB;
}
$userform->set_var('display_photo', $photo);
}
} else {
$userform->set_var('display_photo', '');
}
}
if (!empty($uid) && $uid > 1) {
$userform->set_var('plugin_userinfo_personalinfo', PLG_profileEdit($uid, 'userinfo', 'personalinfo'));
$userform->set_var('plugin_userinfo', PLG_profileEdit($uid, 'userinfo'));
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userEdit')) {
$userform->set_var('customfields', CUSTOM_userEdit($uid));
}
}
$retval = $userform->finish($userform->parse('output', 'user'));
return $retval;
}
/**
* Shows the user's current settings
*
*/
function edituser()
{
global $_CONF, $_TABLES, $_USER, $LANG_MYACCOUNT, $LANG04, $LANG_ADMIN, $_SCRIPTS;
$result = DB_query("SELECT fullname,cookietimeout,email,homepage,sig,emailstories,about,location,pgpkey,photo,remoteservice FROM {$_TABLES['users']},{$_TABLES['userprefs']},{$_TABLES['userinfo']} WHERE {$_TABLES['users']}.uid = {$_USER['uid']} AND {$_TABLES['userprefs']}.uid = {$_USER['uid']} AND {$_TABLES['userinfo']}.uid = {$_USER['uid']}");
$A = DB_fetchArray($result);
$preferences = COM_newTemplate($_CONF['path_layout'] . 'preferences');
$preferences->set_file(array('profile' => 'profile.thtml', 'photo' => 'userphoto.thtml', 'username' => 'username.thtml', 'password' => 'password.thtml', 'current_password' => 'current_password.thtml', 'resynch' => 'resynch.thtml', 'deleteaccount' => 'deleteaccount.thtml'));
include $_CONF['path_system'] . 'classes/navbar.class.php';
$navbar = new navbar();
$cnt = 0;
foreach ($LANG_MYACCOUNT as $id => $label) {
$navbar->add_menuitem($label, 'showhideProfileEditorDiv("' . $id . '",' . $cnt . ');return false;', true);
$cnt++;
}
$navbar->set_selected($LANG_MYACCOUNT['pe_namepass']);
$preferences->set_var('navbar', $navbar->generate());
//$preferences->set_var ('no_javascript_warning', $LANG04[150]);
$preferences->set_var('noscript', COM_getNoScript());
$preferences->set_var('cssid1', 1);
$preferences->set_var('cssid2', 2);
$preferences->set_var('preview', USER_showProfile($_USER['uid'], true));
$preferences->set_var('prefs', editpreferences());
// Add JavaScript
$_SCRIPTS->setJavaScriptFile('profile_editor', '/javascript/profile_editor.js');
$js = '<!-- JS Functions which will execute only if JS enabled will un-hide the special features that enhance the profile editor -->
<script type="text/JavaScript">
//<![CDATA[
/* Initially the navbar is hidden - in case JS is disabled. Enable it now */
document.getElementById("pe_navbar").style.display="";
/* Now cycle through the profile tabs as the number in the template could have been modified (personalized)
If you add custom panels, just ensure you use the class jsenabled_hide or jsenabled_show
Build an object that can then be referenced in the functon showhideProfileEditorDiv
*/
var profilepanels = new Object;
var el;
el=document.getElementsByTagName("div");
for(i=0;i<el.length;i++) {
var divname = el[i].id
if(el[i].className == "jsenabled_show"){
el[i].style.display = "";
profilepanels[divname] = "show";
} else if(el[i].className == "jsenabled_hide"){
el[i].style.display = "none";
profilepanels[divname] = "hidden";
}
}
//]]>
</script>';
$_SCRIPTS->setJavaScript($js);
// some trickery to ensure alternating colors with the available options ...
if ($_CONF['allow_username_change'] == 1) {
$first = 1;
$second = 2;
} else {
$first = 2;
$second = 1;
}
$preferences->set_var('cssid1u', $first);
$preferences->set_var('cssid2u', $second);
if ($_CONF['allow_user_photo'] == 1) {
$tmp = $first;
$first = $second;
$second = $tmp;
}
$preferences->set_var('cssid1p', $first);
$preferences->set_var('cssid2p', $second);
$preferences->set_var('lang_fullname', $LANG04[3]);
$preferences->set_var('lang_fullname_text', $LANG04[34]);
$preferences->set_var('lang_username', $LANG04[2]);
$preferences->set_var('lang_username_text', $LANG04[87]);
$preferences->set_var('lang_password_help_title', $LANG04[146]);
$preferences->set_var('lang_password_help', $LANG04[147]);
$preferences->set_var('lang_password', $LANG04[4]);
$preferences->set_var('lang_password_text', $LANG04[35]);
$preferences->set_var('lang_password_conf', $LANG04[108]);
$preferences->set_var('lang_password_text_conf', $LANG04[109]);
$preferences->set_var('lang_old_password', $LANG04[110]);
$preferences->set_var('lang_old_password_text', $LANG04[111]);
$preferences->set_var('lang_cooktime', $LANG04[68]);
$preferences->set_var('lang_cooktime_text', $LANG04[69]);
$preferences->set_var('lang_email', $LANG04[5]);
$preferences->set_var('lang_email_text', $LANG04[33]);
$preferences->set_var('lang_email_conf', $LANG04[124]);
$preferences->set_var('lang_email_conf_text', $LANG04[126]);
$preferences->set_var('lang_userinfo_help_title', $LANG04[148]);
$preferences->set_var('lang_userinfo_help', $LANG04[149]);
$preferences->set_var('lang_homepage', $LANG04[6]);
$preferences->set_var('lang_homepage_text', $LANG04[36]);
$preferences->set_var('lang_location', $LANG04[106]);
$preferences->set_var('lang_location_text', $LANG04[107]);
$preferences->set_var('lang_signature', $LANG04[32]);
$preferences->set_var('lang_signature_text', $LANG04[37]);
$preferences->set_var('lang_userphoto', $LANG04[77]);
$preferences->set_var('lang_userphoto_text', $LANG04[78]);
$preferences->set_var('lang_about', $LANG04[7]);
$preferences->set_var('lang_about_text', $LANG04[38]);
$preferences->set_var('lang_pgpkey', $LANG04[8]);
$preferences->set_var('lang_pgpkey_text', $LANG04[39]);
$preferences->set_var('lang_submit', $LANG04[9]);
$preferences->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$preferences->set_var('lang_preview_title', $LANG04[145]);
$preferences->set_var('lang_enter_current_password', $LANG04[127]);
$preferences->set_var('lang_name_legend', $LANG04[128]);
$preferences->set_var('lang_password_email_legend', $LANG04[129]);
$preferences->set_var('lang_personal_info_legend', $LANG04[130]);
$preferences->set_var('lang_resynch', $LANG04[166]);
$display_name = COM_getDisplayName($_USER['uid']);
//$preferences->set_var ('start_block_profile',
// COM_startBlock ($LANG04[1] . ' ' . $display_name));
//$preferences->set_var ('end_block', COM_endBlock ());
$preferences->set_var('profile_headline', $LANG04[1] . ' ' . $display_name);
if ($_CONF['allow_user_photo'] == 1) {
$preferences->set_var('enctype', 'enctype="multipart/form-data"');
} else {
$preferences->set_var('enctype', '');
}
$preferences->set_var('fullname_value', htmlspecialchars($A['fullname']));
$preferences->set_var('new_username_value', htmlspecialchars($_USER['username']));
if ($A['remoteservice'] == '') {
$preferences->set_var('password_value', '');
$preferences->parse('password_option', 'password', true);
$preferences->parse('current_password_option', 'current_password', true);
$preferences->set_var('resynch_option', '');
} else {
$preferences->set_var('password_option', '');
$preferences->set_var('current_password_option', '');
if ($_CONF['user_login_method']['oauth'] && strpos($_USER['remoteservice'], 'oauth.') === 0) {
// OAuth only supports re-synch at the moment
$preferences->set_var('resynch_checked', '');
$preferences->parse('resynch_option', 'resynch', true);
} else {
$preferences->set_var('resynch_option', '');
}
}
if ($_CONF['allow_username_change'] == 1) {
$preferences->parse('username_option', 'username', true);
} else {
$preferences->set_var('username_option', '');
}
$selection = '<select id="cooktime" name="cooktime">' . LB;
$selection .= COM_optionList($_TABLES['cookiecodes'], 'cc_value,cc_descr', $A['cookietimeout'], 0);
$selection .= '</select>';
$preferences->set_var('cooktime_selector', $selection);
$preferences->set_var('email_value', htmlspecialchars($A['email']));
$preferences->set_var('homepage_value', htmlspecialchars(COM_killJS($A['homepage'])));
$preferences->set_var('location_value', htmlspecialchars(strip_tags($A['location'])));
$preferences->set_var('signature_value', htmlspecialchars($A['sig']));
if ($_CONF['allow_user_photo'] == 1) {
$photo = USER_getPhoto($_USER['uid'], $A['photo'], $A['email'], -1);
if (empty($photo)) {
$preferences->set_var('display_photo', '');
} else {
if (empty($A['photo'])) {
// external avatar
$photo = '<br' . XHTML . '>' . $photo;
} else {
// uploaded photo - add delete option
$photo = '<br' . XHTML . '>' . $photo . '<br' . XHTML . '>' . $LANG04[79] . ' <input type="checkbox" name="delete_photo"' . XHTML . '>' . LB;
}
$preferences->set_var('display_photo', $photo);
}
if (empty($_CONF['image_lib'])) {
$scaling = $LANG04[162];
} else {
$scaling = $LANG04[161];
}
$preferences->set_var('photo_max_dimensions', sprintf($LANG04[160], $_CONF['max_photo_width'], $_CONF['max_photo_height'], $_CONF['max_photo_size'], $scaling));
$preferences->parse('userphoto_option', 'photo', true);
} else {
$preferences->set_var('userphoto_option', '');
}
$result = DB_query("SELECT about,pgpkey FROM {$_TABLES['userinfo']} WHERE uid = {$_USER['uid']}");
$A = DB_fetchArray($result);
$reqid = substr(md5(uniqid(rand(), 1)), 1, 16);
DB_change($_TABLES['users'], 'pwrequestid', $reqid, 'uid', $_USER['uid']);
$preferences->set_var('about_value', htmlspecialchars($A['about']));
$preferences->set_var('pgpkey_value', htmlspecialchars($A['pgpkey']));
$preferences->set_var('uid_value', $reqid);
$preferences->set_var('username_value', htmlspecialchars($_USER['username']));
if ($_CONF['allow_account_delete'] == 1) {
$preferences->set_var('lang_deleteaccount', $LANG04[156]);
$preferences->set_var('delete_text', $LANG04[95]);
$preferences->set_var('lang_button_delete', $LANG04[96]);
$preferences->set_var('delete_mode', 'confirmdelete');
$preferences->set_var('account_id', $reqid);
if (isset($LANG04[157])) {
$preferences->set_var('lang_deleteoption', $LANG04[157]);
} else {
$preferences->set_var('lang_deleteoption', $LANG04[156]);
}
$preferences->parse('delete_account_option', 'deleteaccount', false);
} else {
$preferences->set_var('delete_account_option', '');
}
// Call custom account form and edit function if enabled and exists
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userEdit')) {
$preferences->set_var('customfields', CUSTOM_userEdit($_USER['uid']));
}
PLG_profileVariablesEdit($_USER['uid'], $preferences);
$retval = $preferences->finish($preferences->parse('output', 'profile'));
$retval .= PLG_profileBlocksEdit($_USER['uid']);
return $retval;
}
/**
* Shows the user's current settings
*
*/
function edituser()
{
global $_CONF, $_SYSTEM, $_TABLES, $_USER, $LANG_MYACCOUNT, $LANG04, $LANG_ADMIN;
$result = DB_query("SELECT fullname,cookietimeout,email,homepage,sig,emailstories,about,location,pgpkey,photo,remoteservice,account_type FROM {$_TABLES['users']},{$_TABLES['userprefs']},{$_TABLES['userinfo']} WHERE {$_TABLES['users']}.uid = {$_USER['uid']} AND {$_TABLES['userprefs']}.uid = {$_USER['uid']} AND {$_TABLES['userinfo']}.uid=" . (int) $_USER['uid']);
$A = DB_fetchArray($result);
$preferences = new Template($_CONF['path_layout'] . 'preferences');
$preferences->set_file(array('profile' => 'profile.thtml', 'photo' => 'userphoto.thtml', 'username' => 'username.thtml', 'current_password' => 'current_password.thtml', 'password' => 'password.thtml', 'resynch' => 'resynch.thtml', 'deleteaccount' => 'deleteaccount.thtml'));
include $_CONF['path_system'] . 'classes/navbar.class.php';
$navbar = new navbar();
$cnt = 0;
if (is_array($LANG_MYACCOUNT)) {
foreach ($LANG_MYACCOUNT as $id => $label) {
if ($id == 'pe_content' && $_CONF['hide_exclude_content'] == 1 && $_CONF['emailstories'] == 0) {
continue;
} else {
$navbar->add_menuitem($label, 'showhideProfileEditorDiv("' . $id . '",' . $cnt . ');return false;', true);
$cnt++;
}
}
$navbar->set_selected($LANG_MYACCOUNT['pe_namepass']);
}
$preferences->set_var('navbar', $navbar->generate());
$preferences->set_var('no_javascript_warning', $LANG04[150]);
$preferences->set_var('cssid1', 1);
$preferences->set_var('cssid2', 2);
$preferences->set_var('preview', userprofile($_USER['uid']));
$preferences->set_var('prefs', editpreferences());
// some trickery to ensure alternating colors with the available options ...
if ($_CONF['allow_username_change'] == 1) {
$first = 1;
$second = 2;
} else {
$first = 2;
$second = 1;
}
$preferences->set_var('cssid1u', $first);
$preferences->set_var('cssid2u', $second);
if ($_CONF['allow_user_photo'] == 1) {
$tmp = $first;
$first = $second;
$second = $tmp;
}
$preferences->set_var('cssid1p', $first);
$preferences->set_var('cssid2p', $second);
$preferences->set_var('lang_fullname', $LANG04[3]);
$preferences->set_var('lang_fullname_text', $LANG04[34]);
$preferences->set_var('lang_username', $LANG04[2]);
$preferences->set_var('lang_username_text', $LANG04[87]);
$preferences->set_var('lang_password_help_title', $LANG04[146]);
$preferences->set_var('lang_password_help', $LANG04[147]);
$preferences->set_var('lang_password', $LANG04[4]);
$preferences->set_var('lang_password_text', $LANG04[35]);
$preferences->set_var('lang_password_conf', $LANG04[108]);
$preferences->set_var('lang_password_text_conf', $LANG04[109]);
$preferences->set_var('lang_old_password', $LANG04[110]);
$preferences->set_var('lang_old_password_text', $LANG04[111]);
$preferences->set_var('lang_cooktime', $LANG04[68]);
$preferences->set_var('lang_cooktime_text', $LANG04[69]);
$preferences->set_var('lang_email', $LANG04[5]);
$preferences->set_var('lang_email_text', $LANG04[33]);
$preferences->set_var('lang_email_conf', $LANG04[124]);
$preferences->set_var('lang_email_conf_text', $LANG04[126]);
$preferences->set_var('lang_userinfo_help_title', $LANG04[148]);
$preferences->set_var('lang_userinfo_help', $LANG04[149]);
$preferences->set_var('lang_homepage', $LANG04[6]);
$preferences->set_var('lang_homepage_text', $LANG04[36]);
$preferences->set_var('lang_location', $LANG04[106]);
$preferences->set_var('lang_location_text', $LANG04[107]);
$preferences->set_var('lang_signature', $LANG04[32]);
$preferences->set_var('lang_signature_text', $LANG04[37]);
$preferences->set_var('lang_userphoto', $LANG04[77]);
$preferences->set_var('lang_userphoto_text', $LANG04[78]);
$preferences->set_var('lang_about', $LANG04[7]);
$preferences->set_var('lang_about_text', $LANG04[38]);
$preferences->set_var('lang_pgpkey', $LANG04[8]);
$preferences->set_var('lang_pgpkey_text', $LANG04[39]);
$preferences->set_var('lang_submit', $LANG04[9]);
$preferences->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$preferences->set_var('lang_preview_title', $LANG04[145]);
$preferences->set_var('lang_enter_current_password', $LANG04[127]);
$preferences->set_var('lang_name_legend', $LANG04[128]);
$preferences->set_var('lang_password_email_legend', $LANG04[129]);
$preferences->set_var('lang_personal_info_legend', $LANG04[130]);
$preferences->set_var('lang_resynch', $LANG04[178]);
$display_name = COM_getDisplayName($_USER['uid']);
$preferences->set_var('profile_headline', $LANG04[1] . ' ' . $display_name);
if ($_CONF['allow_user_photo'] == 1) {
$preferences->set_var('enctype', 'enctype="multipart/form-data"');
} else {
$preferences->set_var('enctype', '');
}
$preferences->set_var('fullname_value', htmlspecialchars($A['fullname']));
$preferences->set_var('new_username_value', htmlspecialchars($_USER['username']));
if ($A['account_type'] & LOCAL_USER) {
// if ($A['remoteservice'] == '') {
$preferences->set_var('password_value', '');
$preferences->parse('current_password_option', 'current_password', true);
$preferences->parse('password_option', 'password', true);
$preferences->set_var('resynch_option', '');
} else {
$preferences->set_var('current_password_option', '');
$preferences->set_var('password_option', '');
}
if ($A['account_type'] & REMOTE_USER) {
if ($_CONF['user_login_method']['oauth'] && strpos($_USER['remoteservice'], 'oauth.') === 0) {
// OAuth only supports re-synch at the moment
$preferences->set_var('resynch_checked', '');
$sql = "SELECT * FROM {$_TABLES['users']} WHERE email='" . DB_escapeString($A['email']) . "' AND account_type = " . LOCAL_USER;
$mergeResult = DB_query($sql);
if (DB_numRows($mergeResult) == 1) {
$localAccountData = DB_fetchArray($mergeResult);
$preferences->set_var('merge_account', true);
$preferences->set_var('localuid', $localAccountData['uid']);
$preferences->set_var('local_username', $localAccountData['username']);
$preferences->set_var('remoteuid', $_USER['uid']);
}
$preferences->parse('resynch_option', 'resynch', true);
} else {
$preferences->set_var('resynch_option', '');
}
}
$preferences->set_var('plugin_namepass_name', PLG_profileEdit($_USER['uid'], 'namepass', 'name'));
if ($_CONF['allow_username_change'] == 1) {
$preferences->parse('username_option', 'username', true);
} else {
$preferences->set_var('username_option', '');
}
$selection = '<select id="cooktime" name="cooktime">' . LB;
$selection .= COM_optionList($_TABLES['cookiecodes'], 'cc_value,cc_descr', $A['cookietimeout'], 0);
$selection .= '</select>';
$preferences->set_var('cooktime_selector', $selection);
$preferences->set_var('email_value', htmlspecialchars($A['email']));
$preferences->set_var('homepage_value', htmlspecialchars(COM_killJS($A['homepage'])));
$preferences->set_var('location_value', htmlspecialchars(strip_tags($A['location'])));
$preferences->set_var('signature_value', htmlspecialchars($A['sig']));
if ($_CONF['allow_user_photo'] == 1) {
$photo = USER_getPhoto($_USER['uid'], $A['photo'], $A['email'], -1);
if (empty($photo)) {
$preferences->set_var('display_photo', '');
} else {
if (empty($A['photo'])) {
// external avatar
$photo = '<br />' . $photo;
} else {
// uploaded photo - add delete option
$photo = '<br />' . $photo . '<br />' . $LANG04[79] . ' <input type="checkbox" name="delete_photo" />' . LB;
}
$preferences->set_var('display_photo', $photo);
}
$preferences->parse('userphoto_option', 'photo', true);
} else {
$preferences->set_var('userphoto_option', '');
}
$preferences->set_var('plugin_namepass_pwdemail', PLG_profileEdit($_USER['uid'], 'namepass', 'pwdemail'));
$preferences->set_var('plugin_namepass', PLG_profileEdit($_USER['uid'], 'namepass'));
$result = DB_query("SELECT about,pgpkey FROM {$_TABLES['userinfo']} WHERE uid=" . (int) $_USER['uid']);
$A = DB_fetchArray($result);
$reqid = substr(md5(uniqid(rand(), 1)), 1, 16);
DB_change($_TABLES['users'], 'pwrequestid', DB_escapeString($reqid), 'uid', (int) $_USER['uid']);
$preferences->set_var('about_value', htmlspecialchars($A['about']));
$preferences->set_var('pgpkey_value', htmlspecialchars($A['pgpkey']));
$preferences->set_var('uid_value', $reqid);
$preferences->set_var('username_value', htmlspecialchars($_USER['username']));
if ($_CONF['allow_account_delete'] == 1) {
$preferences->set_var('lang_deleteaccount', $LANG04[156]);
$preferences->set_var('delete_text', $LANG04[95]);
$preferences->set_var('lang_button_delete', $LANG04[96]);
$preferences->set_var('delete_mode', 'confirmdelete');
$preferences->set_var('account_id', $reqid);
if (isset($LANG04[157])) {
$preferences->set_var('lang_deleteoption', $LANG04[157]);
} else {
$preferences->set_var('lang_deleteoption', $LANG04[156]);
}
$preferences->parse('delete_account_option', 'deleteaccount', false);
} else {
$preferences->set_var('delete_account_option', '');
}
// Call custom account form and edit function if enabled and exists
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userEdit')) {
$preferences->set_var('customfields', CUSTOM_userEdit($_USER['uid']));
}
$preferences->set_var('plugin_userinfo_personalinfo', PLG_profileEdit($_USER['uid'], 'userinfo', 'personalinfo'));
$preferences->set_var('plugin_userinfo', PLG_profileEdit($_USER['uid'], 'userinfo'));
$preferences->set_var('plugin_panel', PLG_profileEdit($_USER['uid']));
PLG_profileVariablesEdit($_USER['uid'], $preferences);
$retval = $preferences->finish($preferences->parse('output', 'profile'));
$retval .= PLG_profileBlocksEdit($_USER['uid']);
return $retval;
}