public function action_edit($account_id = '')
{
// set redirect url
$redirect = $this->getAndSetSubmitRedirection();
// check permission
if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_edit_perm') == false) {
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
\Response::redirect($redirect);
}
// if editing guest.
if ($account_id == '0') {
\Response::redirect($redirect);
}
// if no account id, get current user's' account id
if ($account_id == null) {
$cookie = \Model_Accounts::forge()->getAccountCookie('admin');
if (isset($cookie['account_id'])) {
$account_id = $cookie['account_id'];
} else {
unset($cookie);
\Response::redirect($redirect);
}
unset($cookie);
}
// load language
\Lang::load('account');
// load config from db.
$cfg_values = array('allow_avatar', 'avatar_size', 'avatar_allowed_types', 'site_timezone');
$config = \Model_Config::getvalues($cfg_values);
$output['config'] = $config;
// set config data to display in view file.
$output['allow_avatar'] = $config['allow_avatar']['value'];
$output['avatar_size'] = $config['avatar_size']['value'];
$output['avatar_allowed_types'] = $config['avatar_allowed_types']['value'];
unset($cfg_values);
// read flash message for display errors.
$form_status = \Session::get_flash('form_status');
if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) {
$output['form_status'] = $form_status['form_status'];
$output['form_status_message'] = $form_status['form_status_message'];
}
unset($form_status);
// get timezone list to display.
\Config::load('timezone', 'timezone');
$output['timezone_list'] = \Config::get('timezone.timezone', array());
$output['default_timezone'] = $config['site_timezone']['value'];
// get levels to select
$output['account_levels'] = \Model_AccountLevelGroup::listLevels(array('no_guest' => true));
// get selected user data. -------------------------------------------------------------------------------------
$row = \Model_Accounts::find($account_id);
$output['account_id'] = $account_id;
if ($row == null) {
// not found selected user.
unset($config, $output, $row);
\Response::redirect($redirect);
}
// loop set form field.
foreach ($row as $key => $value) {
$output[$key] = $value;
}
foreach ($row->account_level as $lvl) {
$output['level_group_id'][] = $lvl->level_group_id;
}
// check if editing account that has higher level
if (\Model_Accounts::forge()->canIAddEditAccount($output['level_group_id']) == false) {
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('account_you_cannot_edit_account_that_contain_role_higher_than_yours')));
\Response::redirect($redirect);
}
// if form submitted --------------------------------------------------------------------------------------------
if (\Input::method() == 'POST') {
// store data for accounts table
$data['account_id'] = $account_id;
$data['account_username'] = $row->account_username;
//trim(\Input::post('account_username'));//no, do not edit username.
$data['account_old_email'] = $row->account_email;
$data['account_email'] = \Security::strip_tags(trim(\Input::post('account_email')));
$data['account_password'] = trim(\Input::post('account_password'));
$data['account_new_password'] = trim(\Input::post('account_new_password'));
$data['account_display_name'] = \Security::htmlentities(\Input::post('account_display_name'));
$data['account_firstname'] = \Security::htmlentities(trim(\Input::post('account_firstname', null)));
if ($data['account_firstname'] == null) {
$data['account_firstname'] = null;
}
$data['account_middlename'] = \Security::htmlentities(trim(\Input::post('account_middlename', null)));
if ($data['account_middlename'] == null) {
$data['account_middlename'] = null;
}
$data['account_lastname'] = \Security::htmlentities(trim(\Input::post('account_lastname', null)));
if ($data['account_lastname'] == null) {
$data['account_lastname'] = null;
}
$data['account_birthdate'] = \Security::strip_tags(trim(\Input::post('account_birthdate', null)));
if ($data['account_birthdate'] == null) {
$data['account_birthdate'] = null;
}
$data['account_signature'] = \Security::htmlentities(trim(\Input::post('account_signature', null)));
if ($data['account_signature'] == null) {
$data['account_signature'] = null;
}
$data['account_timezone'] = \Security::strip_tags(trim(\Input::post('account_timezone')));
$data['account_language'] = \Security::strip_tags(trim(\Input::post('account_language', null)));
if ($data['account_language'] == null) {
$data['account_language'] = null;
}
$data['account_status'] = (int) \Security::strip_tags(trim(\Input::post('account_status')));
$data['account_status_text'] = \Security::htmlentities(trim(\Input::post('account_status_text')));
if ($data['account_status'] == '1') {
$data['account_status_text'] = null;
}
// store data for account_fields
$data_field = array();
if (is_array(\Input::post('account_field'))) {
foreach (\Input::post('account_field') as $field_name => $field_value) {
if (is_string($field_name)) {
if (is_array($field_value)) {
$field_value = json_encode($field_value);
}
$data_field[$field_name] = $field_value;
}
}
}
unset($field_name, $field_value);
// store data for account_level table
$data_level['level_group_id'] = \Input::post('level_group_id');
// validate form.
$validate = \Validation::forge();
$validate->add_callable(new \Extension\FsValidate());
$validate->add('account_username', \Lang::get('account_username'), array(), array('noSpaceBetweenText'));
$validate->add('account_email', \Lang::get('account_email'), array(), array('required', 'valid_email'));
$validate->add('account_display_name', \Lang::get('account_display_name'), array(), array('required'));
$validate->add('account_birthdate', \Lang::get('account_birthdate'))->add_rule('valid_date', 'Y-m-d');
$validate->add('account_timezone', \Lang::get('account_timezone'), array(), array('required'));
$validate->add('account_status', \Lang::get('account_status'), array(), array('required'));
$validate->add('level_group_id', \Lang::get('account_role'), array(), array('required'));
if (!\Extension\NoCsrf::check()) {
// validate token failed
$output['form_status'] = 'error';
$output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token');
} elseif (!$validate->run()) {
// validate failed
$output['form_status'] = 'error';
$output['form_status_message'] = $validate->show_errors();
} else {
// save
$result = \Model_Accounts::editAccount($data, $data_field, $data_level);
if ($result === true) {
if (\Session::get_flash('form_status', null, false) == null) {
\Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('admin_saved')));
}
\Response::redirect($redirect);
} else {
$output['form_status'] = 'error';
$output['form_status_message'] = $result;
}
}
// re-populate form
$output['account_username'] = trim(\Input::post('account_username'));
$output['account_email'] = trim(\Input::post('account_email'));
$output['account_display_name'] = trim(\Input::post('account_display_name'));
$output['account_firstname'] = trim(\Input::post('account_firstname'));
$output['account_middlename'] = trim(\Input::post('account_middlename'));
$output['account_lastname'] = trim(\Input::post('account_lastname'));
$output['account_birthdate'] = trim(\Input::post('account_birthdate'));
$output['account_signature'] = trim(\Input::post('account_signature'));
$output['account_timezone'] = trim(\Input::post('account_timezone'));
$output['account_language'] = trim(\Input::post('account_language'));
$output['account_status'] = trim(\Input::post('account_status'));
$output['account_status_text'] = trim(\Input::post('account_status_text'));
$output['level_group_id'] = \Input::post('level_group_id');
// re-populate form for account fields
if (is_array(\Input::post('account_field'))) {
foreach (\Input::post('account_field') as $field_name => $field_value) {
if (is_string($field_name)) {
$output['account_field'][$field_name] = $field_value;
}
}
}
unset($field_name, $field_value);
}
// <head> output ----------------------------------------------------------------------------------------------
$output['page_title'] = $this->generateTitle(\Lang::get('account_accounts'));
$theme = \Theme::instance();
$theme->asset->css('datepicker.css', array(), 'fuelstart');
unset($theme);
// <head> output ----------------------------------------------------------------------------------------------
// breadcrumb -------------------------------------------------------------------------------------------------
$page_breadcrumb = [];
$page_breadcrumb[0] = ['name' => \Lang::get('admin_admin_home'), 'url' => \Uri::create('admin')];
$page_breadcrumb[1] = ['name' => \Lang::get('account_accounts'), 'url' => \Uri::create('admin/account')];
$page_breadcrumb[2] = ['name' => \Lang::get('account_edit'), 'url' => \Uri::main()];
$output['page_breadcrumb'] = $page_breadcrumb;
unset($page_breadcrumb);
// breadcrumb -------------------------------------------------------------------------------------------------
return $this->generatePage('admin/templates/account/form_v', $output, false);
}
