function prepareInputForUpdate($input)
{
global $CFG_GLPI;
//picture manually uploaded by user
if (isset($input["_blank_picture"]) && $input["_blank_picture"]) {
self::dropPictureFiles($this->fields['picture']);
$input['picture'] = 'NULL';
} else {
if (isset($_FILES['picture'])) {
if (!count($_FILES['picture']) || empty($_FILES['picture']['name']) || !is_file($_FILES['picture']['tmp_name'])) {
switch ($_FILES['picture']['error']) {
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
Session::addMessageAfterRedirect(__('File too large to be added.'), false, ERROR);
break;
case UPLOAD_ERR_NO_FILE:
// Session::addMessageAfterRedirect(__('No file specified.'),false,ERROR);
break;
}
} else {
if (toolbox::getMime($_FILES['picture']['tmp_name'], 'image')) {
// Unlink old picture (clean on changing format)
self::dropPictureFiles($this->fields['picture']);
// Move uploaded file
$filename = uniqid($this->fields['id'] . '_');
$sub = substr($filename, -2);
/* 2 hex digit */
$tmp = explode(".", $_FILES['picture']['name']);
$extension = array_pop($tmp);
@mkdir(GLPI_PICTURE_DIR . "/{$sub}");
$picture_path = GLPI_PICTURE_DIR . "/{$sub}/{$filename}.{$extension}";
self::dropPictureFiles($filename . "." . $extension);
if (in_array($extension, array('jpg', 'jpeg', 'png', 'bmp', 'gif')) && Document::renameForce($_FILES['picture']['tmp_name'], $picture_path)) {
Session::addMessageAfterRedirect(__('The file is valid. Upload is successful.'));
// For display
$input['picture'] = "{$sub}/{$filename}.{$extension}";
//prepare a thumbnail
$thumb_path = GLPI_PICTURE_DIR . "/{$sub}/{$filename}_min.{$extension}";
Toolbox::resizePicture($picture_path, $thumb_path);
} else {
Session::addMessageAfterRedirect(__('Potential upload attack or file too large. Moving temporary file failed.'), false, ERROR);
}
} else {
Session::addMessageAfterRedirect(__('The file is not an image file.'), false, ERROR);
}
}
} else {
//ldap jpegphoto synchronisation.
if (isset($this->fields["authtype"]) && ($this->fields["authtype"] == Auth::LDAP || Auth::isAlternateAuth($this->fields['authtype'])) && ($picture = $this->syncLdapPhoto())) {
if (!empty($picture)) {
$input['picture'] = $picture;
}
}
}
}
if (isset($input["password2"])) {
// Empty : do not update
if (empty($input["password"])) {
unset($input["password"]);
} else {
if ($input["password"] == $input["password2"]) {
// Check right : my password of user with lesser rights
if (isset($input['id']) && Config::validatePassword($input["password"]) && ($input['id'] == Session::getLoginUserID() || $this->currentUserHaveMoreRightThan($input['id']) || $input['password_forget_token'] == $this->fields['password_forget_token'] && abs(strtotime($_SESSION["glpi_currenttime"]) - strtotime($this->fields['password_forget_token_date'])) < DAY_TIMESTAMP && $this->isEmail($input['email']))) {
$input["password"] = Auth::getPasswordHash(Toolbox::unclean_cross_side_scripting_deep(stripslashes($input["password"])));
} else {
unset($input["password"]);
}
unset($input["password2"]);
} else {
Session::addMessageAfterRedirect(__('Error: the two passwords do not match'), false, ERROR);
return false;
}
}
} else {
if (isset($input["password"])) {
// From login
unset($input["password"]);
}
}
// Update User in the database
if (!isset($input["id"]) && isset($input["name"])) {
if ($this->getFromDBbyName($input["name"])) {
$input["id"] = $this->fields["id"];
}
}
if (isset($input["entities_id"]) && Session::getLoginUserID() === $input['id']) {
$_SESSION["glpidefault_entity"] = $input["entities_id"];
}
// Security on default profile update
if (isset($input['profiles_id'])) {
if (!in_array($input['profiles_id'], Profile_User::getUserProfiles($input['id']))) {
unset($input['profiles_id']);
}
}
// Security on default entity update
if (isset($input['entities_id'])) {
if (!in_array($input['entities_id'], Profile_User::getUserEntities($input['id']))) {
unset($input['entities_id']);
}
}
if (isset($input['_reset_personal_token'])) {
$input['personal_token'] = self::getUniquePersonalToken();
$input['personal_token_date'] = $_SESSION['glpi_currenttime'];
}
// Manage preferences fields
if (Session::getLoginUserID() === $input['id']) {
if (isset($input['use_mode']) && $_SESSION['glpi_use_mode'] != $input['use_mode']) {
$_SESSION['glpi_use_mode'] = $input['use_mode'];
//Session::loadLanguage();
}
}
foreach ($CFG_GLPI['user_pref_field'] as $f) {
if (isset($input[$f])) {
if (Session::getLoginUserID() === $input['id']) {
if ($_SESSION["glpi{$f}"] != $input[$f]) {
$_SESSION["glpi{$f}"] = $input[$f];
// reinit translations
if ($f == 'language') {
$_SESSION['glpi_dropdowntranslations'] = DropdownTranslation::getAvailableTranslations($_SESSION["glpilanguage"]);
unset($_SESSION['glpimenu']);
}
}
}
if ($input[$f] == $CFG_GLPI[$f]) {
$input[$f] = "NULL";
}
}
}
return $input;
}
