public function updateMeta($data, $key, $value, $add = false)
{
global $pawUsers;
// VALIDATE
$data = paw_xss_cleaner($data);
$key = paw_xss_cleaner($key);
$value = paw_xss_cleaner($value);
$value = paw_serializer($value, true);
// CHECK PERMISSION
if ($data === false) {
if (!startsWith($key, "field_") || !$pawUsers->permissions->hasPermission("user_fields_config")) {
return false;
}
$user = (object) array("id" => 0);
} else {
if (($user = $pawUsers->getUser($data)) === false) {
return false;
}
if (!in_array($key, array("activation_status", "forgot_password", "forgot_password_code", "forgot_password_date"))) {
if ($user->id !== $pawUsers->getCurrentUserID() && !$pawUsers->permissions->hasPermission("user_edit")) {
$this->_error(__("You don't have the Permission to perform this action!"));
return false;
}
}
}
// CHECK IF EXIST
$query = "SELECT meta_id FROM " . TABLE_PREFIX . "user_meta WHERE user_id=" . $user->id . " AND meta_key=:key";
$query = Record::query($query, array(":key" => $key));
if (empty($query)) {
if ($add === true) {
return $this->addMeta($data, $key, $value);
} elseif ($add === "unique") {
return $this->addMeta($data, $key, $value, "unique");
}
return false;
}
$query = $query[0];
// UPDATE META DATA
$query = "UPDATE " . TABLE_PREFIX . "user_meta SET meta_value=:value WHERE meta_id=" . $query->meta_id . " AND user_id=" . $user->id;
$query = Record::query($query, array(":value" => $value));
if ($query !== false) {
return true;
}
return false;
}
public function updateData($id, $type, $value, $status = false, $config = "")
{
global $pawUsers;
// CHECK PERMISSIONS
if ($pawUsers->permissions->hasPermission("pawu_list_manage") === false) {
$this->_error(__("You don't have the Permission to perform this action!"));
return false;
}
// VALIDATE
$value = paw_xss_cleaner($value);
$status = in_array($status, array(1, "1", true)) ? 1 : 0;
if ($this->validateData($type, $value) !== true) {
return false;
}
$settings = $this->_settings($type, $config);
// CHECK IF ITEM EXIST
$query = "SELECT * FROM " . TABLE_PREFIX . "blacklist WHERE id=:id";
$query = Record::query($query, array(":id" => $id));
if (empty($query) || !isset($query[0])) {
$this->_error(__("The blacklist item does not exists!"));
return false;
}
// UPDATE BLACKLIST ITEM
$data = array("value=:value", "type=" . Record::escape($type), "status=" . Record::escape($status), "settings=" . Record::escape(paw_serializer($settings)));
$query = "UPDATE " . TABLE_PREFIX . "blacklist SET " . implode(", ", $data) . " WHERE id=" . $id;
$query = Record::query($query, array(":value" => $value));
if ($query !== false) {
return true;
}
$this->_error(__("An unknown error is occurred!"));
return false;
}
