public function action_edit()
{
$this->template->scripts[] = 'profile.js';
$this->template->scripts[] = 'file_uploader.js';
$this->template->styles[] = 'file_uploader.css';
$lUserId = Input::get('user_id', null);
$lUser = Model_User::query()->where('id', $lUserId)->get_one()->to_array();
$lUser = array_merge($lUser, unserialize($lUser['profile_fields']));
$lIsOwner = $lUser['id'] == $this->current_user['id'];
$lIsAdmin = $this->current_user['role_id'] == AuthModule::UR_ADMIN;
if (!$lIsOwner && !$lIsAdmin) {
throw new Exception('You do not have access');
}
//$lUserData = Auth::get_profile_fields();
//$lUserData['user_id'] = $this->current_user['id'];
//$lUserData['email'] = Auth::get_email();
//$lUserData['username'] = Auth::get('username');
if (!empty($lUser['avatar_id'])) {
$lUser['avatar'] = Model_Avatars::getById($lUser['avatar_id']);
}
$this->template->content = View::forge('user_edit', ['user_data' => $lUser, 'admin_mode' => $lIsAdmin && !$lIsOwner]);
return $this->template;
}
public function before()
{
parent::before();
$this->template = View::forge('main_template');
$this->template->styles = ['bootstrap.css'];
$this->template->scripts = ['jquery-1.9.0.min.js', 'sys_func.js', 'users_logout.js', 'form_getter.js', 'users_login.js', 'page.js'];
$lSession = Session::instance();
$this->lang = $lSession->get('language', 'en');
$this->template->i18n = Model_Translations::getAll($this->lang);
$this->is_logged = Auth::check();
$this->current_user = null;
$lSession->set('translation', $this->template->i18n);
if ($this->is_logged) {
$this->current_user = Auth::get_profile_fields();
$this->current_user['id'] = Auth::get('id');
$this->current_user['username'] = Auth::get('username');
if (!empty($this->current_user['avatar_id'])) {
$this->current_user['avatar'] = Model_Avatars::getById($this->current_user['avatar_id']);
}
if (!empty($this->current_user['is_deleted'])) {
Auth::logout();
HTTP::redirect('/main/accessDenied?msg=error_msg_1');
}
if (!empty($this->current_user['is_blocked'])) {
Auth::logout();
HTTP::redirect('/main/accessDenied?msg=User is blocked');
}
}
if (!AuthModule::accessGuard(\Request::active()->controller, \Request::active()->action, $this->current_user)) {
//Request::forge('/main/accessDenied')->execute();
Response::redirect('/main/accessDenied');
}
View::set_global('is_logged', $this->is_logged, false);
View::set_global('current_user', $this->current_user, false);
$this->template->header = View::forge('header');
}
public function action_edit()
{
$lUserData = Input::post('user', null);
$lAvatar = Input::post('avatar', null);
$lDeleteAvatar = Input::post('delete_avatar', null);
if (empty($lUserData)) {
die(json_encode(['status' => 'error', 'message' => 'Empty data for updating user'], JSON_UNESCAPED_UNICODE));
}
$lIsOwner = $lUserData['username'] == $this->current_user['username'];
if ((empty($lUserData['username']) || !$lIsOwner) && !$this->is_admin) {
die(json_encode(['status' => 'error', 'message' => 'Access denied'], JSON_UNESCAPED_UNICODE));
}
$lUserName = $lUserData['username'];
unset($lUserData['username']);
try {
DB::start_transaction();
$lOldData = Auth::get_profile_fields();
if (!empty($lAvatar)) {
$lNewAvatar = FileHandler::prepareFiles($lAvatar, FileHandler::tempFolder());
foreach ($lNewAvatar as $lVal) {
$lUserData['avatar_id'] = Model_Avatars::add(['file_name' => $lVal]);
break;
}
if (!empty($lOldData['avatar_id'])) {
$lToDeleteAvatar = Model_Avatars::getById($lOldData['avatar_id']);
Model_Avatars::delete($lOldData['avatar_id']);
}
}
if (!empty($lDeleteAvatar) && empty($lAvatar)) {
$lOldAvatar = Model_Avatars::getById($lOldData['avatar_id']);
foreach ($lDeleteAvatar as $lVal) {
if ($lVal != $lOldData['avatar_id']) {
break;
}
$lToDeleteAvatar = $lOldAvatar;
Model_Avatars::delete($lVal);
$lUserData['avatar_id'] = '';
break;
}
}
$lResult = Auth::update_user($lUserData, $lUserName);
if (!empty($lNewAvatar)) {
FileHandler::moveFiles($lNewAvatar, FileHandler::tempFolder(), FileHandler::AVATAR_FOLDER);
}
if (!empty($lToDeleteAvatar)) {
FileHandler::deleteFiles([FileHandler::AVATAR_FOLDER . $lToDeleteAvatar['file_name']]);
}
DB::commit_transaction();
} catch (Exception $e) {
DB::rollback_transaction();
die(json_encode(['status' => 'error', 'message' => 'Error ' . $e], JSON_UNESCAPED_UNICODE));
}
if ($lResult) {
die(json_encode(['status' => 'ok'], JSON_UNESCAPED_UNICODE));
}
die(json_encode(['status' => 'error', 'message' => 'Fields not were updated'], JSON_UNESCAPED_UNICODE));
}