public function action_edit() { $this->template->scripts[] = 'profile.js'; $this->template->scripts[] = 'file_uploader.js'; $this->template->styles[] = 'file_uploader.css'; $lUserId = Input::get('user_id', null); $lUser = Model_User::query()->where('id', $lUserId)->get_one()->to_array(); $lUser = array_merge($lUser, unserialize($lUser['profile_fields'])); $lIsOwner = $lUser['id'] == $this->current_user['id']; $lIsAdmin = $this->current_user['role_id'] == AuthModule::UR_ADMIN; if (!$lIsOwner && !$lIsAdmin) { throw new Exception('You do not have access'); } //$lUserData = Auth::get_profile_fields(); //$lUserData['user_id'] = $this->current_user['id']; //$lUserData['email'] = Auth::get_email(); //$lUserData['username'] = Auth::get('username'); if (!empty($lUser['avatar_id'])) { $lUser['avatar'] = Model_Avatars::getById($lUser['avatar_id']); } $this->template->content = View::forge('user_edit', ['user_data' => $lUser, 'admin_mode' => $lIsAdmin && !$lIsOwner]); return $this->template; }
public function before() { parent::before(); $this->template = View::forge('main_template'); $this->template->styles = ['bootstrap.css']; $this->template->scripts = ['jquery-1.9.0.min.js', 'sys_func.js', 'users_logout.js', 'form_getter.js', 'users_login.js', 'page.js']; $lSession = Session::instance(); $this->lang = $lSession->get('language', 'en'); $this->template->i18n = Model_Translations::getAll($this->lang); $this->is_logged = Auth::check(); $this->current_user = null; $lSession->set('translation', $this->template->i18n); if ($this->is_logged) { $this->current_user = Auth::get_profile_fields(); $this->current_user['id'] = Auth::get('id'); $this->current_user['username'] = Auth::get('username'); if (!empty($this->current_user['avatar_id'])) { $this->current_user['avatar'] = Model_Avatars::getById($this->current_user['avatar_id']); } if (!empty($this->current_user['is_deleted'])) { Auth::logout(); HTTP::redirect('/main/accessDenied?msg=error_msg_1'); } if (!empty($this->current_user['is_blocked'])) { Auth::logout(); HTTP::redirect('/main/accessDenied?msg=User is blocked'); } } if (!AuthModule::accessGuard(\Request::active()->controller, \Request::active()->action, $this->current_user)) { //Request::forge('/main/accessDenied')->execute(); Response::redirect('/main/accessDenied'); } View::set_global('is_logged', $this->is_logged, false); View::set_global('current_user', $this->current_user, false); $this->template->header = View::forge('header'); }
public function action_edit() { $lUserData = Input::post('user', null); $lAvatar = Input::post('avatar', null); $lDeleteAvatar = Input::post('delete_avatar', null); if (empty($lUserData)) { die(json_encode(['status' => 'error', 'message' => 'Empty data for updating user'], JSON_UNESCAPED_UNICODE)); } $lIsOwner = $lUserData['username'] == $this->current_user['username']; if ((empty($lUserData['username']) || !$lIsOwner) && !$this->is_admin) { die(json_encode(['status' => 'error', 'message' => 'Access denied'], JSON_UNESCAPED_UNICODE)); } $lUserName = $lUserData['username']; unset($lUserData['username']); try { DB::start_transaction(); $lOldData = Auth::get_profile_fields(); if (!empty($lAvatar)) { $lNewAvatar = FileHandler::prepareFiles($lAvatar, FileHandler::tempFolder()); foreach ($lNewAvatar as $lVal) { $lUserData['avatar_id'] = Model_Avatars::add(['file_name' => $lVal]); break; } if (!empty($lOldData['avatar_id'])) { $lToDeleteAvatar = Model_Avatars::getById($lOldData['avatar_id']); Model_Avatars::delete($lOldData['avatar_id']); } } if (!empty($lDeleteAvatar) && empty($lAvatar)) { $lOldAvatar = Model_Avatars::getById($lOldData['avatar_id']); foreach ($lDeleteAvatar as $lVal) { if ($lVal != $lOldData['avatar_id']) { break; } $lToDeleteAvatar = $lOldAvatar; Model_Avatars::delete($lVal); $lUserData['avatar_id'] = ''; break; } } $lResult = Auth::update_user($lUserData, $lUserName); if (!empty($lNewAvatar)) { FileHandler::moveFiles($lNewAvatar, FileHandler::tempFolder(), FileHandler::AVATAR_FOLDER); } if (!empty($lToDeleteAvatar)) { FileHandler::deleteFiles([FileHandler::AVATAR_FOLDER . $lToDeleteAvatar['file_name']]); } DB::commit_transaction(); } catch (Exception $e) { DB::rollback_transaction(); die(json_encode(['status' => 'error', 'message' => 'Error ' . $e], JSON_UNESCAPED_UNICODE)); } if ($lResult) { die(json_encode(['status' => 'ok'], JSON_UNESCAPED_UNICODE)); } die(json_encode(['status' => 'error', 'message' => 'Fields not were updated'], JSON_UNESCAPED_UNICODE)); }