XOOPS 2.5.6  Final
 All Classes Namespaces Files Functions Variables Pages
edituser.php
Go to the documentation of this file.
1 <?php
19 include dirname(__FILE__) . DIRECTORY_SEPARATOR . 'mainfile.php';
20 
22 $xoopsPreload->triggerEvent('core.edituser.start');
23 
24 xoops_loadLanguage('user');
25 include_once $GLOBALS['xoops']->path('class/xoopsformloader.php');
26 
27 // If not a user, redirect
28 if (! is_object($xoopsUser)) {
29  redirect_header('index.php', 3, _US_NOEDITRIGHT);
30  exit();
31 }
32 
33 // initialize $op variable
34 $op = 'editprofile';
35 if (! empty($_POST['op'])) {
36  $op = $_POST['op'];
37 }
38 if (! empty($_GET['op'])) {
39  $op = $_GET['op'];
40 }
41 
45 if ($op == 'saveuser') {
46  if (!$GLOBALS['xoopsSecurity']->check()) {
47  redirect_header('index.php', 3, _US_NOEDITRIGHT . "<br />" . implode('<br />', $GLOBALS['xoopsSecurity']->getErrors()));
48  exit();
49  }
50  $uid = 0;
51  if (!empty($_POST['uid'])) {
52  $uid = intval($_POST['uid']);
53  }
54  if (empty($uid) || $xoopsUser->getVar('uid') != $uid) {
55  redirect_header('index.php', 3, _US_NOEDITRIGHT);
56  exit();
57  }
58  $errors = array();
59  if ($xoopsConfigUser['allow_chgmail'] == 1) {
60  $email = '';
61  if (!empty($_POST['email'])) {
62  $email = $myts->stripSlashesGPC(trim($_POST['email']));
63  }
64  if ($email == '' || ! checkEmail($email)) {
66  }
67  }
68  $password = '';
69  if (!empty($_POST['password'])) {
70  $password = $myts->stripSlashesGPC(trim($_POST['password']));
71  }
72  if ($password != '') {
73  if (strlen($password) < $xoopsConfigUser['minpass']) {
74  $errors[] = sprintf(_US_PWDTOOSHORT, $xoopsConfigUser['minpass']);
75  }
76  $vpass = '';
77  if (!empty($_POST['vpass'])) {
78  $vpass = $myts->stripSlashesGPC(trim($_POST['vpass']));
79  }
80  if ($password != $vpass) {
82  }
83  }
84  if (count($errors) > 0) {
85  include $GLOBALS['xoops']->path('header.php');
86  echo '<div>';
87  foreach ($errors as $er) {
88  echo '<span class="red bold">' . $er . '</span><br />';
89  }
90  echo '</div><br />';
91  $op = 'editprofile';
92  } else {
93  $member_handler =& xoops_gethandler('member');
94  $edituser =& $member_handler->getUser($uid);
95  $edituser->setVar('name', $_POST['name']);
96  if ($xoopsConfigUser['allow_chgmail'] == 1) {
97  $edituser->setVar('email', $email, true);
98  }
99  $edituser->setVar('url', formatURL($_POST['url']));
100  $edituser->setVar('user_icq', $_POST['user_icq']);
101  $edituser->setVar('user_from', $_POST['user_from']);
102  $edituser->setVar('user_sig', xoops_substr($_POST['user_sig'], 0, 255));
103  $user_viewemail = (!empty($_POST['user_viewemail'])) ? 1 : 0;
104  $edituser->setVar('user_viewemail', $user_viewemail);
105  $edituser->setVar('user_aim', $_POST['user_aim']);
106  $edituser->setVar('user_yim', $_POST['user_yim']);
107  $edituser->setVar('user_msnm', $_POST['user_msnm']);
108  if ($password != '') {
109  $edituser->setVar('pass', md5($password), true);
110  }
111  $attachsig = (!empty($_POST['attachsig'])) ? 1 : 0;
112  $edituser->setVar('attachsig', $attachsig);
113  $edituser->setVar('timezone_offset', $_POST['timezone_offset']);
114  $edituser->setVar('uorder', $_POST['uorder']);
115  $edituser->setVar('umode', $_POST['umode']);
116  $edituser->setVar('notify_method', $_POST['notify_method']);
117  $edituser->setVar('notify_mode', $_POST['notify_mode']);
118  $edituser->setVar('bio', xoops_substr($_POST['bio'], 0, 255));
119  $edituser->setVar('user_occ', $_POST['user_occ']);
120  $edituser->setVar('user_intrest', $_POST['user_intrest']);
121  $edituser->setVar('user_mailok', $_POST['user_mailok']);
122  if (!empty($_POST['usecookie'])) {
123  setcookie($xoopsConfig['usercookie'], $xoopsUser->getVar('uname'), time() + 31536000, '/', XOOPS_COOKIE_DOMAIN);
124  } else {
125  setcookie($xoopsConfig['usercookie']);
126  }
127  if (! $member_handler->insertUser($edituser)) {
128  include $GLOBALS['xoops']->path('header.php');
129  echo $edituser->getHtmlErrors();
130  include $GLOBALS['xoops']->path('footer.php');
131  } else {
132  redirect_header('userinfo.php?uid=' . $uid, 1, _US_PROFUPDATED);
133  }
134  exit();
135  }
136 }
137 
138 if ($op == 'editprofile') {
139  include_once $GLOBALS['xoops']->path('header.php');
140  include_once $GLOBALS['xoops']->path('include/comment_constants.php');
141  include_once $GLOBALS['xoops']->path('include/xoopscodes.php');
142  echo '<a href="userinfo.php?uid=' . $xoopsUser->getVar('uid') . '" title="">' . _US_PROFILE . '</a>&nbsp;<span class="bold">&raquo;&raquo;</span>&nbsp;' . _US_EDITPROFILE . '<br /><br />';
143  $form = new XoopsThemeForm(_US_EDITPROFILE, 'userinfo', 'edituser.php', 'post', true);
144  $uname_label = new XoopsFormLabel(_US_NICKNAME, $xoopsUser->getVar('uname'));
145  $form->addElement($uname_label);
146  $name_text = new XoopsFormText(_US_REALNAME, 'name', 30, 60, $xoopsUser->getVar('name', 'E'));
147  $form->addElement($name_text);
148  $email_tray = new XoopsFormElementTray(_US_EMAIL, '<br />');
149  if ($xoopsConfigUser['allow_chgmail'] == 1) {
150  $email_text = new XoopsFormText('', 'email', 30, 60, $xoopsUser->getVar('email'));
151  } else {
152  $email_text = new XoopsFormLabel('', $xoopsUser->getVar('email'));
153  }
154  $email_tray->addElement($email_text);
155  $email_cbox_value = $xoopsUser->user_viewemail() ? 1 : 0;
156  $email_cbox = new XoopsFormCheckBox('', 'user_viewemail', $email_cbox_value);
157  $email_cbox->addOption(1, _US_ALLOWVIEWEMAIL);
158  $email_tray->addElement($email_cbox);
159  $form->addElement($email_tray);
160  $url_text = new XoopsFormText(_US_WEBSITE, 'url', 30, 100, $xoopsUser->getVar('url', 'E'));
161  $form->addElement($url_text);
162 
163  $timezone_select = new XoopsFormSelectTimezone(_US_TIMEZONE, 'timezone_offset', $xoopsUser->getVar('timezone_offset'));
164  $icq_text = new XoopsFormText(_US_ICQ, 'user_icq', 15, 15, $xoopsUser->getVar('user_icq', 'E'));
165  $aim_text = new XoopsFormText(_US_AIM, 'user_aim', 18, 18, $xoopsUser->getVar('user_aim', 'E'));
166  $yim_text = new XoopsFormText(_US_YIM, 'user_yim', 25, 25, $xoopsUser->getVar('user_yim', 'E'));
167  $msnm_text = new XoopsFormText(_US_MSNM, 'user_msnm', 30, 100, $xoopsUser->getVar('user_msnm', 'E'));
168  $location_text = new XoopsFormText(_US_LOCATION, 'user_from', 30, 100, $xoopsUser->getVar('user_from', 'E'));
169  $occupation_text = new XoopsFormText(_US_OCCUPATION, 'user_occ', 30, 100, $xoopsUser->getVar('user_occ', 'E'));
170  $interest_text = new XoopsFormText(_US_INTEREST, 'user_intrest', 30, 150, $xoopsUser->getVar('user_intrest', 'E'));
171  $sig_tray = new XoopsFormElementTray(_US_SIGNATURE, '<br />');
172  $sig_tarea = new XoopsFormDhtmlTextArea('', 'user_sig', $xoopsUser->getVar('user_sig', 'E'));
173  $sig_tray->addElement($sig_tarea);
174  $sig_cbox_value = $xoopsUser->getVar('attachsig') ? 1 : 0;
175  $sig_cbox = new XoopsFormCheckBox('', 'attachsig', $sig_cbox_value);
176  $sig_cbox->addOption(1, _US_SHOWSIG);
177  $sig_tray->addElement($sig_cbox);
178  $umode_select = new XoopsFormSelect(_US_CDISPLAYMODE, 'umode', $xoopsUser->getVar('umode'));
179  $umode_select->addOptionArray(array(
180  'nest' => _NESTED ,
181  'flat' => _FLAT ,
182  'thread' => _THREADED));
183  $uorder_select = new XoopsFormSelect(_US_CSORTORDER, 'uorder', $xoopsUser->getVar('uorder'));
184  $uorder_select->addOptionArray(array(
187  // RMV-NOTIFY
188  // TODO: add this to admin user-edit functions...
189  include_once $GLOBALS['xoops']->path('language/' . $xoopsConfig['language'] . '/notification.php');
190  include_once $GLOBALS['xoops']->path('include/notification_constants.php');
191  $notify_method_select = new XoopsFormSelect(_NOT_NOTIFYMETHOD, 'notify_method', $xoopsUser->getVar('notify_method'));
192  $notify_method_select->addOptionArray(array(
196  $notify_mode_select = new XoopsFormSelect(_NOT_NOTIFYMODE, 'notify_mode', $xoopsUser->getVar('notify_mode'));
197  $notify_mode_select->addOptionArray(array(
201  $bio_tarea = new XoopsFormTextArea(_US_EXTRAINFO, 'bio', $xoopsUser->getVar('bio', 'E'));
202  $cookie_radio_value = empty($_COOKIE[$xoopsConfig['usercookie']]) ? 0 : 1;
203  $cookie_radio = new XoopsFormRadioYN(_US_USECOOKIE, 'usecookie', $cookie_radio_value, _YES, _NO);
204  $pwd_text = new XoopsFormPassword('', 'password', 10, 32);
205  $pwd_text2 = new XoopsFormPassword('', 'vpass', 10, 32);
206  $pwd_tray = new XoopsFormElementTray(_US_PASSWORD . '<br />' . _US_TYPEPASSTWICE);
207  $pwd_tray->addElement($pwd_text);
208  $pwd_tray->addElement($pwd_text2);
209  $mailok_radio = new XoopsFormRadioYN(_US_MAILOK, 'user_mailok', $xoopsUser->getVar('user_mailok'));
210  $uid_hidden = new XoopsFormHidden('uid', $xoopsUser->getVar('uid'));
211  $op_hidden = new XoopsFormHidden('op', 'saveuser');
212  $submit_button = new XoopsFormButton('', 'submit', _US_SAVECHANGES, 'submit');
213 
214  $form->addElement($timezone_select);
215  $form->addElement($icq_text);
216  $form->addElement($aim_text);
217  $form->addElement($yim_text);
218  $form->addElement($msnm_text);
219  $form->addElement($location_text);
220  $form->addElement($occupation_text);
221  $form->addElement($interest_text);
222  $form->addElement($sig_tray);
223  $form->addElement($umode_select);
224  $form->addElement($uorder_select);
225  $form->addElement($notify_method_select);
226  $form->addElement($notify_mode_select);
227  $form->addElement($bio_tarea);
228  $form->addElement($pwd_tray);
229  $form->addElement($cookie_radio);
230  $form->addElement($mailok_radio);
231  $form->addElement($uid_hidden);
232  $form->addElement($op_hidden);
233  $form->addElement($token_hidden);
234  $form->addElement($submit_button);
235  if ($xoopsConfigUser['allow_chgmail'] == 1) {
236  $form->setRequired($email_text);
237  }
238  $form->display();
239  include $GLOBALS['xoops']->path('footer.php');
240 }
241 
242 if ($op == 'avatarform') {
243  include $GLOBALS['xoops']->path('header.php');
244  echo '<a href="userinfo.php?uid=' . $xoopsUser->getVar('uid') . '">' . _US_PROFILE . '</a>&nbsp;<span class="bold">&raquo;&raquo;</span>&nbsp;' . _US_UPLOADMYAVATAR . '<br /><br />';
245  $oldavatar = $xoopsUser->getVar('user_avatar');
246  if (!empty($oldavatar) && $oldavatar != 'blank.gif') {
247  echo '<div class="pad10 txtcenter floatcenter0"><h4 class="red bold">' . _US_OLDDELETED . '</h4>';
248  echo '<img src="' . XOOPS_UPLOAD_URL . '/' . $oldavatar . '" alt="" /></div>';
249  }
250  if ($xoopsConfigUser['avatar_allow_upload'] == 1 && $xoopsUser->getVar('posts') >= $xoopsConfigUser['avatar_minposts']) {
251  include_once $GLOBALS['xoops']->path('class/xoopsformloader.php');
252  $form = new XoopsThemeForm(_US_UPLOADMYAVATAR, 'uploadavatar', 'edituser.php', 'post', true);
253  $form->setExtra('enctype="multipart/form-data"');
254  $form->addElement(new XoopsFormLabel(_US_MAXPIXEL, $xoopsConfigUser['avatar_width'] . ' x ' . $xoopsConfigUser['avatar_height']));
255  $form->addElement(new XoopsFormLabel(_US_MAXIMGSZ, $xoopsConfigUser['avatar_maxsize']));
256  $form->addElement(new XoopsFormFile(_US_SELFILE, 'avatarfile', $xoopsConfigUser['avatar_maxsize']), true);
257  $form->addElement(new XoopsFormHidden('op', 'avatarupload'));
258  $form->addElement(new XoopsFormHidden('uid', $xoopsUser->getVar('uid')));
259  $form->addElement(new XoopsFormButton('', 'submit', _SUBMIT, 'submit'));
260  $form->display();
261  }
262  $avatar_handler =& xoops_gethandler('avatar');
263  $form2 = new XoopsThemeForm(_US_CHOOSEAVT, 'uploadavatar', 'edituser.php', 'post', true);
264  $avatar_select = new XoopsFormSelect('', 'user_avatar', $xoopsUser->getVar('user_avatar'));
265  $avatar_list = $avatar_handler->getList('S', true);
266  $avatar_selected = $xoopsUser->getVar("user_avatar", "E");
267  $avatar_selected = in_array($avatar_selected, array_keys($avatar_list)) ? $avatar_selected : "blank.gif";
268  $avatar_select->addOptionArray($avatar_list);
269  $avatar_select->setExtra("onchange='showImgSelected(\"avatar\", \"user_avatar\", \"uploads\", \"\", \"" . XOOPS_URL . "\")'");
270  $avatar_tray = new XoopsFormElementTray(_US_AVATAR, '&nbsp;');
271  $avatar_tray->addElement($avatar_select);
272  $avatar_tray->addElement(new XoopsFormLabel('', "<a href=\"javascript:openWithSelfMain('" . XOOPS_URL . "/misc.php?action=showpopups&amp;type=avatars','avatars',600,400);\">" . _LIST . "</a><br />"));
273  $avatar_tray->addElement(new XoopsFormLabel('', "<br /><img src='" . XOOPS_UPLOAD_URL . "/" . $avatar_selected . "' name='avatar' id='avatar' alt='' />"));
274  $form2->addElement($avatar_tray);
275  $form2->addElement(new XoopsFormHidden('uid', $xoopsUser->getVar('uid')));
276  $form2->addElement(new XoopsFormHidden('op', 'avatarchoose'));
277  $form2->addElement(new XoopsFormButton('', 'submit2', _SUBMIT, 'submit'));
278  $form2->display();
279  include $GLOBALS['xoops']->path('footer.php');
280 }
281 
282 if ($op == 'avatarupload') {
283  if (!$GLOBALS['xoopsSecurity']->check()) {
284  redirect_header('index.php', 3, _US_NOEDITRIGHT . "<br />" . implode('<br />', $GLOBALS['xoopsSecurity']->getErrors()));
285  exit();
286  }
287  $xoops_upload_file = array();
288  $uid = 0;
289  if (!empty($_POST['xoops_upload_file']) && is_array($_POST['xoops_upload_file'])) {
290  $xoops_upload_file = $_POST['xoops_upload_file'];
291  }
292  if (!empty($_POST['uid'])) {
293  $uid = intval($_POST['uid']);
294  }
295  if (empty($uid) || $xoopsUser->getVar('uid') != $uid) {
296  redirect_header('index.php', 3, _US_NOEDITRIGHT);
297  exit();
298  }
299  if ($xoopsConfigUser['avatar_allow_upload'] == 1 && $xoopsUser->getVar('posts') >= $xoopsConfigUser['avatar_minposts']) {
300  include_once $GLOBALS['xoops']->path('class/uploader.php');
301  $uploader = new XoopsMediaUploader( XOOPS_UPLOAD_PATH . '/avatars', array(
302  'image/gif' ,
303  'image/jpeg' ,
304  'image/pjpeg' ,
305  'image/x-png' ,
306  'image/png'), $xoopsConfigUser['avatar_maxsize'], $xoopsConfigUser['avatar_width'], $xoopsConfigUser['avatar_height']);
307  if ($uploader->fetchMedia($_POST['xoops_upload_file'][0])) {
308  $uploader->setPrefix('cavt');
309  if ($uploader->upload()) {
310  $avt_handler = & xoops_gethandler('avatar');
311  $avatar = & $avt_handler->create();
312  $avatar->setVar('avatar_file', 'avatars/' . $uploader->getSavedFileName());
313  $avatar->setVar('avatar_name', $xoopsUser->getVar('uname'));
314  $avatar->setVar('avatar_mimetype', $uploader->getMediaType());
315  $avatar->setVar('avatar_display', 1);
316  $avatar->setVar('avatar_type', 'C');
317  if (!$avt_handler->insert($avatar)) {
318  @unlink($uploader->getSavedDestination());
319  } else {
320  $oldavatar = $xoopsUser->getVar('user_avatar');
321  if (! empty($oldavatar) && false !== strpos(strtolower($oldavatar), "cavt")) {
322  $avatars = $avt_handler->getObjects(new Criteria('avatar_file', $oldavatar));
323  if (! empty($avatars) && count($avatars) == 1 && is_object($avatars[0])) {
324  $avt_handler->delete($avatars[0]);
325  $oldavatar_path = realpath(XOOPS_UPLOAD_PATH . '/' . $oldavatar);
326  if (0 === strpos($oldavatar_path, XOOPS_UPLOAD_PATH) && is_file($oldavatar_path)) {
327  unlink($oldavatar_path);
328  }
329  }
330  }
331  $sql = sprintf("UPDATE %s SET user_avatar = %s WHERE uid = %u", $xoopsDB->prefix('users'), $xoopsDB->quoteString( 'avatars/' . $uploader->getSavedFileName()), $xoopsUser->getVar('uid'));
332  $xoopsDB->query($sql);
333  $avt_handler->addUser($avatar->getVar('avatar_id'), $xoopsUser->getVar('uid'));
334  redirect_header('userinfo.php?t=' . time() . '&amp;uid=' . $xoopsUser->getVar('uid'), 3, _US_PROFUPDATED);
335  }
336  }
337  }
338  redirect_header("edituser.php?op=avatarform", 3, $uploader->getErrors());
339  }
340 }
341 
342 if ($op == 'avatarchoose') {
343  if (!$GLOBALS['xoopsSecurity']->check()) {
344  redirect_header('index.php', 3, _US_NOEDITRIGHT . "<br />" . implode('<br />', $GLOBALS['xoopsSecurity']->getErrors()));
345  exit();
346  }
347  $uid = 0;
348  if (!empty($_POST['uid'])) {
349  $uid = intval($_POST['uid']);
350  }
351  if (empty($uid) || $xoopsUser->getVar('uid') != $uid) {
352  redirect_header('index.php', 3, _US_NOEDITRIGHT);
353  exit();
354  }
355  $user_avatar = '';
356  $avt_handler =& xoops_gethandler('avatar');
357  if (!empty($_POST['user_avatar'])) {
358  $user_avatar = $myts->addSlashes(trim($_POST['user_avatar']));
359  $criteria_avatar = new CriteriaCompo(new Criteria('avatar_file', $user_avatar));
360  $criteria_avatar->add(new Criteria('avatar_type', "S"));
361  $avatars = $avt_handler->getObjects($criteria_avatar);
362  if (!is_array($avatars) || ! count($avatars)) {
363  $user_avatar = 'avatars/blank.gif';
364  }
365  unset($avatars, $criteria_avatar);
366  }
367  $user_avatarpath = realpath(XOOPS_UPLOAD_PATH . '/' . $user_avatar);
368  if (0 === strpos($user_avatarpath, realpath(XOOPS_UPLOAD_PATH)) && is_file($user_avatarpath)) {
369  $oldavatar = $xoopsUser->getVar('user_avatar');
370  $xoopsUser->setVar('user_avatar', $user_avatar);
371  $member_handler =& xoops_gethandler('member');
372  if (!$member_handler->insertUser($xoopsUser)) {
373  include $GLOBALS['xoops']->path('header.php');
374  echo $xoopsUser->getHtmlErrors();
375  include $GLOBALS['xoops']->path('footer.php');
376  exit();
377  }
378  if ($oldavatar && preg_match("/^cavt/", strtolower(substr($oldavatar,8)))) {
379  $avatars = $avt_handler->getObjects(new Criteria('avatar_file', $oldavatar));
380  if (!empty($avatars) && count($avatars) == 1 && is_object($avatars[0])) {
381  $avt_handler->delete($avatars[0]);
382  $oldavatar_path = realpath(XOOPS_UPLOAD_PATH . '/' . $oldavatar);
383  if (0 === strpos($oldavatar_path, realpath(XOOPS_UPLOAD_PATH)) && is_file($oldavatar_path)) {
384  unlink($oldavatar_path);
385  }
386  }
387  }
388  if ($user_avatar != 'avatars/blank.gif') {
389  $avatars = $avt_handler->getObjects(new Criteria('avatar_file', $user_avatar));
390  if (is_object($avatars[0])) {
391  $avt_handler->addUser($avatars[0]->getVar('avatar_id'), $xoopsUser->getVar('uid'));
392  }
393  }
394  }
395  redirect_header('userinfo.php?uid=' . $uid, 0, _US_PROFUPDATED);
396 }
397 ?>