/** * set the html for user settings page * this function is registered in xajax * @return xajaxResponse every xajax registered function needs to return this object */ function action_get_user_settings_page() { global $logging; global $user; global $user_settings_table_configuration; global $firstthingsfirst_portal_title; global $user_start_time_array; $logging->info("USER_ACTION " . __METHOD__ . " (user="******")"); # store start time $user_start_time_array[__METHOD__] = microtime(TRUE); # create necessary objects $result = new Result(); $response = new xajaxResponse(); $html_database_table = new HtmlDatabaseTable($user_settings_table_configuration); # create an array with selection of fields that user may change $db_fields_array = array(DB_ID_FIELD_NAME, USER_NAME_FIELD_NAME, USER_PW_FIELD_NAME, USER_LANG_FIELD_NAME, USER_DATE_FORMAT_FIELD_NAME, USER_DECIMAL_MARK_FIELD_NAME, USER_LINES_PER_PAGE_FIELD_NAME, USER_THEME_FIELD_NAME); $user_record_key_string = DatabaseTable::_get_encoded_key_string(array(DB_ID_FIELD_NAME => $user->get_id())); # set page, title, explanation and navigation $response->assign("page_title", "innerHTML", translate("LABEL_USER_SETTINGS_TITLE")); $response->assign("navigation_container", "innerHTML", get_page_navigation(PAGE_TYPE_USER_SETTINGS)); $html_database_table->get_page(translate("LABEL_USER_SETTINGS_TITLE"), $result); $response->assign("main_body", "innerHTML", $result->get_result_str()); # get action pane for current user $html_database_table->get_record($user, USER_TABLE_NAME, $user_record_key_string, $db_fields_array, $result); $response->custom_response->assign_with_effect("action_pane", $result->get_result_str()); # set footer $response->assign("footer_text", "innerHTML", " "); # check post conditions if (check_postconditions($result, $response) == FALSE) { return $response; } # log total time for this function $logging->info(get_function_time_str(__METHOD__)); return $response; }
/** * update a record * this function is registered in xajax * @param string $title title of page * @param string $key_string comma separated name value pairs * @param array $form_values values of new record (array of name value pairs) * @return xajaxResponse every xajax registered function needs to return this object */ function action_update_user_admin_record($title, $key_string, $form_values) { global $logging; global $user; global $user_admin_table_configuration; global $firstthingsfirst_field_descriptions; global $user_start_time_array; # WARNING: this function is almost identical to function UserSettings::action_update_user_setting_record # changes in this function should also lead to changes in that function $logging->info("USER_ACTION " . __METHOD__ . " (user="******", title={$title}, key_string={$key_string})"); # store start time $user_start_time_array[__METHOD__] = microtime(TRUE); $html_str = ""; $name_keys = array_keys($form_values); $new_form_values = array(); $fields = $user->get_fields(); $field_keys = array_keys($fields); # create the key_string for user admin (who always has id=1) $key_string_admin_user = DatabaseTable::_get_encoded_key_string(array(DB_ID_FIELD_NAME => "1")); # create necessary objects $result = new Result(); $response = new xajaxResponse(); $html_database_table = new HtmlDatabaseTable($user_admin_table_configuration); foreach ($name_keys as $name_key) { $value_array = explode(GENERAL_SEPARATOR, $name_key); $db_field_name = $value_array[0]; $field_type = $value_array[1]; $field_number = $value_array[2]; $check_functions = explode(" ", $firstthingsfirst_field_descriptions[$field_type][FIELD_DESCRIPTION_FIELD_INPUT_CHECKS]); $result->reset(); $logging->debug("field (name=" . $db_field_name . ", type=" . $field_type . ", number=" . $field_number . ")"); # check field values (check password field only when new password has been set) if ($db_field_name != USER_PW_FIELD_NAME || $db_field_name == USER_PW_FIELD_NAME && strlen($form_values[$name_key]) > 0) { check_field($check_functions, $db_field_name, $form_values[$name_key], $user->get_date_format(), $result); if (strlen($result->get_error_message_str()) > 0) { set_error_message($name_key, "right", $result->get_error_message_str(), "", "", $response); return $response; } } # set new value $new_form_values[$db_field_name] = $result->get_result_str(); $logging->debug("setting new form value (db_field_name=" . $db_field_name . ", result=" . $result->get_result_str() . ")"); } # check if all booleans have been set foreach ($field_keys as $db_field_name) { if ($fields[$db_field_name][1] == FIELD_TYPE_DEFINITION_BOOL) { if (!isset($new_form_values[$db_field_name])) { $logging->debug("found an unset bool field"); $new_form_values[$db_field_name] = "0"; } } } # check if someone tries to change user admin if ($key_string_admin_user == $key_string) { # check if the name of user admin is changed if ($new_form_values[USER_NAME_FIELD_NAME] != "admin") { set_error_message("record_contents_buttons", "right", "ERROR_CANNOT_UPDATE_NAME_USER_ADMIN", "", "", $response); return $response; } # check if the permissions of user admin is changed if ($new_form_values[USER_CAN_CREATE_LIST_FIELD_NAME] != "1" || $new_form_values[USER_IS_ADMIN_FIELD_NAME] != "1") { set_error_message("record_contents_buttons", "right", "ERROR_CANNOT_UPDATE_PERMISSIONS_USER_ADMIN", "", "", $response); return $response; } } # display error when insertion returns false if (!$user->update($key_string, $new_form_values)) { $logging->warn("update user admin record returns false"); $error_message_str = $user->get_error_message_str(); $error_log_str = $user->get_error_log_str(); $error_str = $user->get_error_str(); set_error_message("record_contents_buttons", "right", $error_message_str, $error_log_str, $error_str, $response); return $response; } # set content $result->reset(); $html_database_table->get_content($user, $title, "", DATABASETABLE_UNKWOWN_PAGE, $result); $response->custom_response->assign_with_effect(USER_ADMIN_CSS_NAME_PREFIX . "content_pane", $result->get_result_str()); # set action pane $html_str = $html_database_table->get_action_bar($title, ""); $response->custom_response->assign_with_effect("action_pane", $html_str); # check post conditions if (check_postconditions($result, $response) == FALSE) { return $response; } # log total time for this function $logging->info(get_function_time_str(__METHOD__)); return $response; }