/** * Update password * * @param RecordSet $db db connection * @param array $info info to be updated with keys * "name","email","notifyPage","notifyAll","notifyReply" as fields in database * @return string "" when success otherwise error message * @throws Exception */ private function updateProf($db, $info) { error_log("updateProf info" . print_r($info, true)); $toReturn = ""; global $translate; $newArray = $db->sanitizeArray($info); $invalidInput = ""; $dataToUpdate = ""; $adminUserId = -1; foreach ($newArray as $key => $val) { if ($info[$key] != $val) { $translateKey = 'user.' . $key . ".label"; $invalidInput .= Utils::translate($translateKey) . ", "; } else { if ($key == "email") { if (!$this->checkEmail($info["email"])) { if (strlen($invalidInput) > 0) { $invalidInput .= ", "; } $invalidInput .= Utils::translate("user.email.label"); } } } if ($key != "userId") { if (isset($info['password']) && $key == "password") { $password = $info['password']; $newPass = $db->sanitize($password); if ($newPass != $password) { $invalidInput .= Utils::translate('pwd.invalidCharacters'); } else { if (strlen(trim($password)) < 5) { $invalidInput .= Utils::translate('pwd.tooShort'); } else { $dataToUpdate .= $key . " = '" . md5($password) . "' ,"; } } } else { if ($key != 'oldPassword' && $key != 'editByAdmin') { $dataToUpdate .= $key . " = '" . $val . "' ,"; } } } else { $adminUserId = $info["userId"]; } } $dataToUpdate = substr($dataToUpdate, 0, -2); if ($invalidInput == "") { if ($this->isUqFieldViolated('email', $info['email'], $adminUserId > 0 ? $adminUserId : $this->info["userId"])) { $toReturn = Utils::translate('email.duplicate'); } else { $query = "UPDATE users SET " . $dataToUpdate . " WHERE userId="; if ($adminUserId > 0) { $query .= $adminUserId . ";"; } else { $query .= $this->info["userId"] . ";"; } // $toReturn=$query; $toReturn = ""; try { $rows = $db->Run($query); } catch (Exception $e) { $toReturn = $e->getMessage(); if ($this->isUqViolated($toReturn, "email")) { $toReturn = Utils::translate('email.duplicate'); } else { if ($this->isUqViolated($toReturn, "userName")) { $toReturn = Utils::translate('username.duplicate'); } else { throw $e; } } } } if ($toReturn == "") { $myrs = new RecordSet($this->dbConnectionInfo); $query = "SELECT * FROM users WHERE userId=" . $this->info["userId"] . ";"; if ($myrs->Open($query) > 0 && $myrs->m_IsValid) { $myrs->MoveNext(); $this->info['userName'] = $myrs->Field('userName'); $this->info['userId'] = $myrs->Field('userId'); $this->info['name'] = $myrs->Field('name'); $this->info['level'] = $myrs->Field('level'); $this->info['company'] = $myrs->Field('company'); $this->info['email'] = $myrs->Field('email'); $this->info['date'] = $myrs->Field('date'); $this->info['notifyAll'] = $myrs->Field('notifyAll'); $this->info['notifyReply'] = $myrs->Field('notifyReply'); $this->info['notifyPage'] = $myrs->Field('notifyPage'); } $myrs->close(); } } else { if (substr($invalidInput, -2) == ", ") { $invalidInput = substr($invalidInput, 0, -2); } $toReturn = Utils::translate('input.invalid') . $invalidInput; } return $toReturn; }