PageRenderTime 65ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 1ms

/html/AppCode/expressionengine/modules/member/mod.member_settings.php

https://github.com/w3bg/www.hsifin.com
PHP | 2305 lines | 1452 code | 491 blank | 362 comment | 325 complexity | 23ca8e45036cd534ce14202d25cbda85 MD5 | raw file
Possible License(s): AGPL-3.0

Large files files are truncated, but you can click here to view the full file

  1. <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
  2. /**
  3. * ExpressionEngine - by EllisLab
  4. *
  5. * @package ExpressionEngine
  6. * @author ExpressionEngine Dev Team
  7. * @copyright Copyright (c) 2003 - 2010, EllisLab, Inc.
  8. * @license http://expressionengine.com/user_guide/license.html
  9. * @link http://expressionengine.com
  10. * @since Version 2.0
  11. * @filesource
  12. */
  13. // --------------------------------------------------------------------
  14. /**
  15. * Member Management Module
  16. *
  17. * @package ExpressionEngine
  18. * @subpackage Modules
  19. * @category Modules
  20. * @author ExpressionEngine Dev Team
  21. * @link http://expressionengine.com
  22. */
  23. class Member_settings extends Member {
  24. /** ----------------------------------
  25. /** Member_settings Profile Constructor
  26. /** ----------------------------------*/
  27. function Member_settings()
  28. {
  29. }
  30. /** ----------------------------------------
  31. /** Member Profile - Menu
  32. /** ----------------------------------------*/
  33. function profile_menu()
  34. {
  35. $menu = $this->_load_element('menu');
  36. if ($this->EE->config->item('allow_member_localization') == 'n' AND $this->EE->session->userdata('group_id') != 1)
  37. {
  38. $menu = $this->_deny_if('allow_localization', $menu);
  39. }
  40. else
  41. {
  42. $menu = $this->_allow_if('allow_localization', $menu);
  43. }
  44. return $this->_var_swap($menu,
  45. array(
  46. 'path:profile' => $this->_member_path('edit_profile'),
  47. 'path:email' => $this->_member_path('edit_email'),
  48. 'path:username' => $this->_member_path('edit_userpass'),
  49. 'path:localization' => $this->_member_path('edit_localization'),
  50. 'path:subscriptions' => $this->_member_path('edit_subscriptions'),
  51. 'path:ignore_list' => $this->_member_path('edit_ignore_list'),
  52. 'path:notepad' => $this->_member_path('edit_notepad'),
  53. 'include:messages_menu' => $this->pm_menu()
  54. )
  55. );
  56. }
  57. /** ----------------------------------------
  58. /** Member Profile Main Page
  59. /** ----------------------------------------*/
  60. function profile_main()
  61. {
  62. $query = $this->EE->db->query("SELECT email, join_date, last_visit, last_activity, last_entry_date, last_comment_date, total_forum_topics, total_forum_posts, total_entries, total_comments, last_forum_post_date FROM exp_members WHERE member_id = '".$this->EE->session->userdata('member_id')."'");
  63. $time_fmt = ($this->EE->session->userdata['time_format'] != '') ? $this->EE->session->userdata['time_format'] : $this->EE->config->item('time_format');
  64. $datecodes = ($time_fmt == 'us') ? $this->us_datecodes : $this->eu_datecodes;
  65. return $this->_var_swap($this->_load_element('home_page'),
  66. array(
  67. 'email' => $query->row('email') ,
  68. 'join_date' => $this->EE->localize->decode_date($datecodes['long'], $query->row('join_date') ),
  69. 'last_visit_date' => ($query->row('last_activity') == 0) ? '--' : $this->EE->localize->decode_date($datecodes['long'], $query->row('last_activity') ),
  70. 'recent_entry_date' => ($query->row('last_entry_date') == 0) ? '--' : $this->EE->localize->decode_date($datecodes['long'], $query->row('last_entry_date') ),
  71. 'recent_comment_date' => ($query->row('last_comment_date') == 0) ? '--' : $this->EE->localize->decode_date($datecodes['long'], $query->row('last_comment_date') ),
  72. 'recent_forum_post_date' => ($query->row('last_forum_post_date') == 0) ? '--' : $this->EE->localize->decode_date($datecodes['long'], $query->row('last_forum_post_date') ),
  73. 'total_topics' => $query->row('total_forum_topics') ,
  74. 'total_posts' => $query->row('total_forum_posts') + $query->row('total_forum_topics') ,
  75. 'total_replies' => $query->row('total_forum_posts') ,
  76. 'total_entries' => $query->row('total_entries') ,
  77. 'total_comments' => $query->row('total_comments')
  78. )
  79. );
  80. }
  81. /** ----------------------------------------
  82. /** Member Public Profile
  83. /** ----------------------------------------*/
  84. function public_profile()
  85. {
  86. /** ----------------------------------------
  87. /** Can the user view profiles?
  88. /** ----------------------------------------*/
  89. if ($this->EE->session->userdata('can_view_profiles') == 'n')
  90. {
  91. return $this->EE->output->show_user_error('general',
  92. array($this->EE->lang->line('mbr_not_allowed_to_view_profiles')));
  93. }
  94. /** ----------------------------------------
  95. /** Fetch the member data
  96. /** ----------------------------------------*/
  97. $select = 'm.member_id, m.group_id, m.username, m.screen_name, m.email, m.signature,
  98. m.avatar_filename, m.avatar_width, m.avatar_height, m.photo_filename,
  99. m.photo_width, m.photo_height, m.url, m.location, m.occupation, m.interests,
  100. m.icq, m.aol_im, m.yahoo_im, m.msn_im, m.bio, m.join_date, m.last_visit,
  101. m.last_activity, m.last_entry_date, m.last_comment_date, m.last_forum_post_date,
  102. m.total_entries, m.total_comments, m.total_forum_topics,
  103. m.total_forum_posts, m.language, m.timezone, m.daylight_savings,
  104. m.bday_d, m.bday_m, m.bday_y, m.accept_user_email, m.accept_messages,
  105. g.group_title, g.can_send_private_messages';
  106. $this->EE->db->select($select);
  107. $this->EE->db->from(array('members m', 'member_groups g'));
  108. $this->EE->db->where('m.member_id', $this->cur_id, FALSE);
  109. $this->EE->db->where('g.site_id', $this->EE->config->item('site_id'));
  110. $this->EE->db->where('m.group_id', 'g.group_id', FALSE);
  111. if ($this->is_admin == FALSE OR $this->EE->session->userdata('group_id') != 1)
  112. {
  113. $this->EE->db->where('m.group_id !=', 2);
  114. }
  115. $this->EE->db->where('m.group_id !=', 3);
  116. $this->EE->db->where('m.group_id !=', 4);
  117. $query = $this->EE->db->get();
  118. if ($query->num_rows() == 0)
  119. {
  120. return $this->EE->output->show_user_error('general', array($this->EE->lang->line('profile_not_available')));
  121. }
  122. // Fetch the row
  123. $row = $query->row_array();
  124. /** ----------------------------------------
  125. /** Fetch the template
  126. /** ----------------------------------------*/
  127. $content = $this->_load_element('public_profile');
  128. /** ----------------------------------------
  129. /** Is there an avatar?
  130. /** ----------------------------------------*/
  131. if ($this->EE->config->item('enable_avatars') == 'y' AND $row['avatar_filename'] != '')
  132. {
  133. $avatar_path = $this->EE->config->slash_item('avatar_url').$row['avatar_filename'] ;
  134. $avatar_width = $row['avatar_width'] ;
  135. $avatar_height = $row['avatar_height'] ;
  136. $content = $this->_allow_if('avatar', $content);
  137. }
  138. else
  139. {
  140. $avatar_path = '';
  141. $avatar_width = '';
  142. $avatar_height = '';
  143. $content = $this->_deny_if('avatar', $content);
  144. }
  145. /** ----------------------------------------
  146. /** Is there a member photo?
  147. /** ----------------------------------------*/
  148. if ($this->EE->config->item('enable_photos') == 'y' AND $row['photo_filename'] != '')
  149. {
  150. $photo_path = $this->EE->config->slash_item('photo_url').$row['photo_filename'] ;
  151. $photo_width = $row['photo_width'] ;
  152. $photo_height = $row['photo_height'] ;
  153. $content = $this->_allow_if('photo', $content);
  154. $content = $this->_deny_if('not_photo', $content);
  155. }
  156. else
  157. {
  158. $photo_path = '';
  159. $photo_width = '';
  160. $photo_height = '';
  161. $content = $this->_deny_if('photo', $content);
  162. $content = $this->_allow_if('not_photo', $content);
  163. }
  164. /** ----------------------------------------
  165. /** Forum specific stuff
  166. /** ----------------------------------------*/
  167. $rank_class = 'rankMember';
  168. $rank_title = '';
  169. $rank_stars = '';
  170. $stars = '';
  171. if ($this->in_forum == TRUE)
  172. {
  173. $rank_query = $this->EE->db->query("SELECT rank_title, rank_min_posts, rank_stars FROM exp_forum_ranks ORDER BY rank_min_posts");
  174. $mod_query = $this->EE->db->query("SELECT mod_member_id, mod_group_id FROM exp_forum_moderators");
  175. $total_posts = ($row['total_forum_topics'] + $row['total_forum_posts'] );
  176. /** ----------------------------------------
  177. /** Assign the rank stars
  178. /** ----------------------------------------*/
  179. if (preg_match("/{if\s+rank_stars\}(.+?){\/if\}/i", $content, $matches))
  180. {
  181. $rank_stars = $matches['1'];
  182. $content = str_replace($matches['0'], '{rank_stars}', $content);
  183. }
  184. if ($rank_stars != '' AND $rank_query->num_rows() > 0)
  185. {
  186. $num_stars = NULL;
  187. $rank_title = '';
  188. $i = 1;
  189. foreach ($rank_query->result_array() as $rank)
  190. {
  191. if ($num_stars == NULL)
  192. {
  193. $num_stars = $rank['rank_stars'];
  194. $rank_title = $rank['rank_title'];
  195. }
  196. if ($rank['rank_min_posts'] >= $total_posts)
  197. {
  198. $stars = str_repeat($rank_stars, $num_stars);
  199. break;
  200. }
  201. else
  202. {
  203. $num_stars = $rank['rank_stars'];
  204. $rank_title = $rank['rank_title'];
  205. }
  206. if ($i++ == $rank_query->num_rows)
  207. {
  208. $stars = str_repeat($rank_stars, $num_stars);
  209. break;
  210. }
  211. }
  212. }
  213. /** ----------------------------------------
  214. /** Assign the member rank
  215. /** ----------------------------------------*/
  216. // Is the user an admin?
  217. $admin_query = $this->EE->db->query('SELECT admin_group_id, admin_member_id FROM exp_forum_administrators');
  218. $is_admin = FALSE;
  219. if ($admin_query->num_rows() > 0)
  220. {
  221. foreach ($admin_query->result_array() as $admin)
  222. {
  223. if ($admin['admin_member_id'] != 0)
  224. {
  225. if ($admin['admin_member_id'] == $this->cur_id)
  226. {
  227. $is_admin = TRUE;
  228. break;
  229. }
  230. }
  231. elseif ($admin['admin_group_id'] != 0)
  232. {
  233. if ($admin['admin_group_id'] == $row['group_id'] )
  234. {
  235. $is_admin = TRUE;
  236. break;
  237. }
  238. }
  239. }
  240. }
  241. if ($row['group_id'] == 1 OR $is_admin == TRUE)
  242. {
  243. $rankclass = 'rankAdmin';
  244. $rank_class = 'rankAdmin';
  245. $rank_title = $this->EE->lang->line('administrator');
  246. }
  247. else
  248. {
  249. if ($mod_query->num_rows() > 0)
  250. {
  251. foreach ($mod_query->result_array() as $mod)
  252. {
  253. if ($mod['mod_member_id'] == $this->cur_id OR $mod['mod_group_id'] == $row['group_id'] )
  254. {
  255. $rank_class = 'rankModerator';
  256. $rank_title = $this->EE->lang->line('moderator');
  257. break;
  258. }
  259. }
  260. }
  261. }
  262. }
  263. /** ----------------------------------------
  264. /** Parse variables
  265. /** ----------------------------------------*/
  266. if ($this->in_forum == TRUE)
  267. {
  268. $search_path = $this->forum_path.'member_search/'.$this->cur_id.'/';
  269. }
  270. else
  271. {
  272. $search_path = $this->EE->functions->fetch_site_index(0, 0).QUERY_MARKER.'ACT='.$this->EE->functions->fetch_action_id('Search', 'do_search').'&amp;mbr='.urlencode($row['member_id'] );
  273. }
  274. $ignore_form = array('hidden_fields' => array('toggle[]' => '', 'name' => '', 'daction' => ''),
  275. 'action' => $this->_member_path('update_ignore_list'),
  276. 'id' => 'target'
  277. );
  278. if ( ! in_array($row['member_id'] , $this->EE->session->userdata['ignore_list']))
  279. {
  280. $ignore_button = "<div><a href='".$this->_member_path('edit_ignore_list')."' ".
  281. "onclick='dynamic_action(\"add\");list_addition(\"".$row['screen_name'] ."\");return false;'>".
  282. "{lang:ignore_member}</a></div></form>";
  283. }
  284. else
  285. {
  286. $ignore_button = "<div><a href='".$this->_member_path('edit_ignore_list')."' ".
  287. "onclick='dynamic_action(\"delete\");list_addition(\"".$row['member_id'] ."\", \"toggle[]\");return false;'>".
  288. "{lang:unignore_member}</a></div></form>";
  289. }
  290. $content = $this->_var_swap($content,
  291. array(
  292. 'aim_console' => "onclick=\"window.open('".$this->_member_path('aim_console/'.$this->cur_id)."', '_blank', 'width=240,height=360,scrollbars=yes,resizable=yes,status=yes,screenx=5,screeny=5');\"",
  293. 'icq_console' => "onclick=\"window.open('".$this->_member_path('icq_console/'.$this->cur_id)."', '_blank', 'width=650,height=580,scrollbars=yes,resizable=yes,status=yes,screenx=5,screeny=5');\"",
  294. 'yahoo_console' => "http://edit.yahoo.com/config/send_webmesg?.target=".$row['yahoo_im'] ."&amp;.src=pg",
  295. 'email_console' => "onclick=\"window.open('".$this->_member_path('email_console/'.$this->cur_id)."', '_blank', 'width=650,height=600,scrollbars=yes,resizable=yes,status=yes,screenx=5,screeny=5');\"",
  296. 'send_private_message' => $this->_member_path('messages/pm/'.$this->cur_id),
  297. 'search_path' => $search_path,
  298. 'path:avatar_url' => $avatar_path,
  299. 'avatar_width' => $avatar_width,
  300. 'avatar_height' => $avatar_height,
  301. 'path:photo_url' => $photo_path,
  302. 'photo_width' => $photo_width,
  303. 'photo_height' => $photo_height,
  304. 'rank_class' => $rank_class,
  305. 'rank_stars' => $stars,
  306. 'rank_title' => $rank_title,
  307. 'ignore_link' => $this->list_js().
  308. $this->EE->functions->form_declaration($ignore_form).
  309. $ignore_button
  310. )
  311. );
  312. $vars = $this->EE->functions->assign_variables($content, '/');
  313. $this->var_single = $vars['var_single'];
  314. $this->var_pair = $vars['var_pair'];
  315. $this->var_cond = $this->EE->functions->assign_conditional_variables($content, '/');
  316. /** ----------------------------------------
  317. /** Parse conditional pairs
  318. /** ----------------------------------------*/
  319. foreach ($this->var_cond as $val)
  320. {
  321. /** ----------------------------------------
  322. /** Conditional statements
  323. /** ----------------------------------------*/
  324. $cond = $this->EE->functions->prep_conditional($val['0']);
  325. $lcond = substr($cond, 0, strpos($cond, ' '));
  326. $rcond = substr($cond, strpos($cond, ' '));
  327. if ( isset($row[$val['3']]))
  328. {
  329. $lcond = str_replace($val['3'], "\$row['".$val['3'] ."']", $lcond);
  330. $cond = $lcond.' '.$rcond;
  331. $cond = str_replace("\|", "|", $cond);
  332. eval("\$result = ".$cond.";");
  333. if ($result)
  334. {
  335. $content = preg_replace("/".LD.$val['0'].RD."(.*?)".LD.'\/if'.RD."/s", "\\1", $content);
  336. }
  337. else
  338. {
  339. $content = preg_replace("/".LD.$val['0'].RD."(.*?)".LD.'\/if'.RD."/s", "", $content);
  340. }
  341. }
  342. /** ----------------------------------------
  343. /** {if accept_email}
  344. /** ----------------------------------------*/
  345. if (preg_match("/^if\s+accept_email.*/i", $val['0']))
  346. {
  347. if ($row['accept_user_email'] == 'n')
  348. {
  349. $content = preg_replace("/".LD.$val['0'].RD."(.+?)".LD.'\/if'.RD."/s", "", $content);
  350. }
  351. else
  352. {
  353. $content = preg_replace("/".LD.$val['0'].RD."(.+?)".LD.'\/if'.RD."/s", "\\1", $content);
  354. }
  355. }
  356. /** ----------------------------------------
  357. /** {if can_private_message}
  358. /** ----------------------------------------*/
  359. if (stristr($val['0'], 'can_private_message'))
  360. {
  361. if ($row['can_send_private_messages'] == 'n' OR $row['accept_messages'] == 'n')
  362. {
  363. $content = preg_replace("/".LD.$val['0'].RD."(.+?)".LD.'\/if'.RD."/s", "", $content);
  364. }
  365. else
  366. {
  367. $content = preg_replace("/".LD.$val['0'].RD."(.+?)".LD.'\/if'.RD."/s", "\\1", $content);
  368. }
  369. }
  370. /** -------------------------------------
  371. /** {if ignore}
  372. /** -------------------------------------*/
  373. if (stristr($val['0'], 'ignore'))
  374. {
  375. if ($row['member_id'] == $this->EE->session->userdata['member_id'])
  376. {
  377. $content = $this->_deny_if('ignore', $content);
  378. }
  379. else
  380. {
  381. $content = $this->_allow_if('ignore', $content);
  382. }
  383. }
  384. }
  385. // END CONDITIONAL PAIRS
  386. $this->EE->load->library('typography');
  387. $this->EE->typography->initialize();
  388. /** ----------------------------------------
  389. /** Parse "single" variables
  390. /** ----------------------------------------*/
  391. foreach ($this->var_single as $key => $val)
  392. {
  393. /** ----------------------------------------
  394. /** Format URLs
  395. /** ----------------------------------------*/
  396. if ($key == 'url')
  397. {
  398. if (strncmp($row['url'], 'http', 4) != 0 && strpos($row['url'], '://') === FALSE)
  399. {
  400. $row['url'] = "http://".$row['url'] ;
  401. }
  402. }
  403. /** ----------------------------------------
  404. /** "last_visit"
  405. /** ----------------------------------------*/
  406. if (strncmp($key, 'last_visit', 10) == 0)
  407. {
  408. $content = $this->_var_swap_single($key, ($row['last_activity'] > 0) ? $this->EE->localize->decode_date($val, $row['last_activity'] ) : '', $content);
  409. }
  410. /** ----------------------------------------
  411. /** "join_date"
  412. /** ----------------------------------------*/
  413. if (strncmp($key, 'join_date', 9) == 0)
  414. {
  415. $content = $this->_var_swap_single($key, ($row['join_date'] > 0) ? $this->EE->localize->decode_date($val, $row['join_date'] ) : '', $content);
  416. }
  417. /** ----------------------------------------
  418. /** "last_entry_date"
  419. /** ----------------------------------------*/
  420. if (strncmp($key, 'last_entry_date', 15) == 0)
  421. {
  422. $content = $this->_var_swap_single($key, ($row['last_entry_date'] > 0) ? $this->EE->localize->decode_date($val, $row['last_entry_date'] ) : '', $content);
  423. }
  424. /** ----------------------------------------
  425. /** "last_forum_post_date"
  426. /** ----------------------------------------*/
  427. if (strncmp($key, 'last_forum_post_date', 20) == 0)
  428. {
  429. $content = $this->_var_swap_single($key, ($row['last_forum_post_date'] > 0) ? $this->EE->localize->decode_date($val, $row['last_forum_post_date'] ) : '', $content);
  430. }
  431. /** ----------------------------------------
  432. /** parse "recent_comment"
  433. /** ----------------------------------------*/
  434. if (strncmp($key, 'last_comment_date', 17) == 0)
  435. {
  436. $content = $this->_var_swap_single($key, ($row['last_comment_date'] > 0) ? $this->EE->localize->decode_date($val, $row['last_comment_date'] ) : '', $content);
  437. }
  438. /** ----------------------
  439. /** {name}
  440. /** ----------------------*/
  441. $name = ( ! $row['screen_name'] ) ? $row['username'] : $row['screen_name'] ;
  442. $name = $this->_convert_special_chars($name);
  443. if ($key == "name")
  444. {
  445. $content = $this->_var_swap_single($val, $name, $content);
  446. }
  447. /** ----------------------
  448. /** {member_group}
  449. /** ----------------------*/
  450. if ($key == "member_group")
  451. {
  452. $content = $this->_var_swap_single($val, $row['group_title'] , $content);
  453. }
  454. /** ----------------------
  455. /** {email}
  456. /** ----------------------*/
  457. if ($key == "email")
  458. {
  459. $content = $this->_var_swap_single($val, $this->EE->typography->encode_email($row['email'] ), $content);
  460. }
  461. /** ----------------------
  462. /** {birthday}
  463. /** ----------------------*/
  464. if ($key == "birthday")
  465. {
  466. $birthday = '';
  467. if ($row['bday_m'] != '' AND $row['bday_m'] != 0)
  468. {
  469. $month = (strlen($row['bday_m'] ) == 1) ? '0'.$row['bday_m'] : $row['bday_m'];
  470. $m = $this->EE->localize->localize_month($month);
  471. $birthday .= $this->EE->lang->line($m['1']);
  472. if ($row['bday_d'] != '' AND $row['bday_d'] != 0)
  473. {
  474. $birthday .= ' '.$row['bday_d'] ;
  475. }
  476. }
  477. if ($row['bday_y'] != '' AND $row['bday_y'] != 0)
  478. {
  479. if ($birthday != '')
  480. {
  481. $birthday .= ', ';
  482. }
  483. $birthday .= $row['bday_y'] ;
  484. }
  485. if ($birthday == '')
  486. {
  487. $birthday = '';
  488. }
  489. $content = $this->_var_swap_single($val, $birthday, $content);
  490. }
  491. /** ----------------------
  492. /** {timezone}
  493. /** ----------------------*/
  494. if ($key == "timezone")
  495. {
  496. $timezone = ($row['timezone'] != '') ? $this->EE->lang->line($row['timezone'] ) : '';
  497. $content = $this->_var_swap_single($val, $timezone, $content);
  498. }
  499. /** ----------------------
  500. /** {local_time}
  501. /** ----------------------*/
  502. if (strncmp($key, 'local_time', 10) == 0)
  503. {
  504. $time = $this->EE->localize->now;
  505. if ($this->EE->session->userdata('member_id') != $this->cur_id)
  506. {
  507. // Default is UTC?
  508. $zone = ($row['timezone'] == '') ? 'UTC' : $row['timezone'] ;
  509. $time = $this->EE->localize->set_localized_time($time, $zone, $row['daylight_savings'] );
  510. }
  511. $content = $this->_var_swap_single($key, $this->EE->localize->decode_date($val, $time), $content);
  512. }
  513. /** ----------------------
  514. /** {bio}
  515. /** ----------------------*/
  516. if ($key == 'bio')
  517. {
  518. $bio = $this->EE->typography->parse_type($row[$val],
  519. array(
  520. 'text_format' => 'xhtml',
  521. 'html_format' => 'safe',
  522. 'auto_links' => 'y',
  523. 'allow_img_url' => 'n'
  524. )
  525. );
  526. $content = $this->_var_swap_single($key, $bio, $content);
  527. }
  528. // Special consideration for {total_forum_replies}, and
  529. // {total_forum_posts} whose meanings do not match the
  530. // database field names
  531. if ($key == 'total_forum_replies')
  532. {
  533. $content = $this->_var_swap_single($key, $row['total_forum_posts'] , $content);
  534. }
  535. if ($key == 'total_forum_posts')
  536. {
  537. $total_posts = $row['total_forum_topics'] + $row['total_forum_posts'];
  538. $content = $this->_var_swap_single($key, $total_posts, $content);
  539. }
  540. /** ----------------------------------------
  541. /** parse basic fields (username, screen_name, etc.)
  542. /** ----------------------------------------*/
  543. // array_key_exists instead of isset since some columns may be NULL
  544. if (array_key_exists($val, $row))
  545. {
  546. $content = $this->_var_swap_single($val, strip_tags($row[$val]), $content);
  547. }
  548. }
  549. /** -------------------------------------
  550. /** Do we have custom fields to show?
  551. /** ------------------------------------*/
  552. // Grab the data for the particular member
  553. $sql = "SELECT m_field_id, m_field_name, m_field_label, m_field_description, m_field_fmt FROM exp_member_fields ";
  554. if ($this->EE->session->userdata['group_id'] != 1)
  555. {
  556. $sql .= " WHERE m_field_public = 'y' ";
  557. }
  558. $sql .= " ORDER BY m_field_order";
  559. $query = $this->EE->db->query($sql);
  560. if ($query->num_rows() > 0)
  561. {
  562. $fnames = array();
  563. foreach ($query->result_array() as $row)
  564. {
  565. $fnames[$row['m_field_name']] = $row['m_field_id'];
  566. }
  567. $result = $this->EE->db->query("SELECT * FROM exp_member_data WHERE member_id = '{$this->cur_id}'");
  568. /** ----------------------------------------
  569. /** Parse conditionals for custom fields
  570. /** ----------------------------------------*/
  571. $result_row = $result->row_array();
  572. foreach ($this->var_cond as $val)
  573. {
  574. // Prep the conditional
  575. $cond = $this->EE->functions->prep_conditional($val['0']);
  576. $lcond = substr($cond, 0, strpos($cond, ' '));
  577. $rcond = substr($cond, strpos($cond, ' '));
  578. if (isset($fnames[$val['3']]))
  579. {
  580. $lcond = str_replace($val['3'], "\$result_row['m_field_id_".$fnames[$val['3']]."']", $lcond);
  581. $cond = $lcond.' '.$rcond;
  582. $cond = str_replace("\|", "|", $cond);
  583. eval("\$rez = ".$cond.";");
  584. if ($rez)
  585. {
  586. $content = preg_replace("/".LD.$val['0'].RD."(.*?)".LD.'\/if'.RD."/s", "\\1", $content);
  587. }
  588. else
  589. {
  590. $content = preg_replace("/".LD.$val['0'].RD."(.*?)".LD.'\/if'.RD."/s", "", $content);
  591. }
  592. }
  593. }
  594. // END CONDITIONALS
  595. /** ----------------------------------------
  596. /** Parse single variables
  597. /** ----------------------------------------*/
  598. foreach ($this->var_single as $key => $val)
  599. {
  600. foreach ($query->result_array() as $row)
  601. {
  602. if ($row['m_field_name'] == $key)
  603. {
  604. $field_data = (isset($result_row['m_field_id_'.$row['m_field_id']])) ? $result_row['m_field_id_'.$row['m_field_id']] : '';
  605. if ($field_data != '')
  606. {
  607. $field_data = $this->EE->typography->parse_type($field_data,
  608. array(
  609. 'text_format' => $row['m_field_fmt'],
  610. 'html_format' => 'none',
  611. 'auto_links' => 'n',
  612. 'allow_img_url' => 'n'
  613. )
  614. );
  615. }
  616. $content = $this->_var_swap_single($val, $field_data, $content);
  617. }
  618. }
  619. }
  620. /** ----------------------------------------
  621. /** Parse auto-generated "custom_fields"
  622. /** ----------------------------------------*/
  623. $field_chunk = $this->_load_element('public_custom_profile_fields');
  624. // Is there a chunk to parse?
  625. if ($query->num_rows() == 0)
  626. {
  627. $content = str_replace("/{custom_profile_fields}/s", '', $content);
  628. }
  629. else
  630. {
  631. $this->EE->load->library('typography');
  632. $this->EE->typography->initialize();
  633. $str = '';
  634. foreach ($query->result_array() as $row)
  635. {
  636. $temp = $field_chunk;
  637. $field_data = (isset($result_row['m_field_id_'.$row['m_field_id']])) ? $result_row['m_field_id_'.$row['m_field_id']] : '';
  638. if ($field_data != '')
  639. {
  640. $field_data = $this->EE->typography->parse_type($field_data,
  641. array(
  642. 'text_format' => $row['m_field_fmt'],
  643. 'html_format' => 'safe',
  644. 'auto_links' => 'y',
  645. 'allow_img_url' => 'n'
  646. )
  647. );
  648. }
  649. $temp = str_replace('{field_name}', $row['m_field_label'], $temp);
  650. $temp = str_replace('{field_description}', $row['m_field_description'], $temp);
  651. $temp = str_replace('{field_data}', $field_data, $temp);
  652. $str .= $temp;
  653. }
  654. $content = str_replace("{custom_profile_fields}", $str, $content);
  655. }
  656. }
  657. // END if ($quey->num_rows() > 0)
  658. /** ----------------------------------------
  659. /** Clean up left over variables
  660. /** ----------------------------------------*/
  661. $content = str_replace(LD.'custom_profile_fields'.RD, '', $content);
  662. return $content;
  663. }
  664. /** ----------------------------------------
  665. /** Member Profile Edit Page
  666. /** ----------------------------------------*/
  667. function edit_profile()
  668. {
  669. // Load the form helper
  670. $this->EE->load->helper('form');
  671. /** ----------------------------------------
  672. /** Build the custom profile fields
  673. /** ----------------------------------------*/
  674. $tmpl = $this->_load_element('custom_profile_fields');
  675. /** ----------------------------------------
  676. /** Fetch the data
  677. /** ----------------------------------------*/
  678. $sql = "SELECT * FROM exp_member_data WHERE member_id = '".$this->EE->session->userdata('member_id')."'";
  679. $result = $this->EE->db->query($sql);
  680. if ($result->num_rows() > 0)
  681. {
  682. foreach ($result->row_array() as $key => $val)
  683. {
  684. $$key = $val;
  685. }
  686. }
  687. /** ----------------------------------------
  688. /** Fetch the field definitions
  689. /** ----------------------------------------*/
  690. $r = '';
  691. $sql = "SELECT * FROM exp_member_fields ";
  692. if ($this->EE->session->userdata['group_id'] != 1)
  693. {
  694. $sql .= " WHERE m_field_public = 'y' ";
  695. }
  696. $sql .= " ORDER BY m_field_order";
  697. $query = $this->EE->db->query($sql);
  698. $result_row = $result->row_array();
  699. if ($query->num_rows() > 0)
  700. {
  701. foreach ($query->result_array() as $row)
  702. {
  703. $temp = $tmpl;
  704. /** ----------------------------------------
  705. /** Assign the data to the field
  706. /** ----------------------------------------*/
  707. $temp = str_replace('{field_id}', $row['m_field_id'], $temp);
  708. $field_data = (isset($result_row['m_field_id_'.$row['m_field_id']])) ? $result_row['m_field_id_'.$row['m_field_id']] : '';
  709. $required = ($row['m_field_required'] == 'n') ? '' : "<span class='alert'>*</span>&nbsp;";
  710. if ($row['m_field_width'] == '')
  711. {
  712. $row['m_field_width'] == '100%';
  713. }
  714. $width = ( ! stristr($row['m_field_width'], 'px') AND ! stristr($row['m_field_width'], '%')) ? $row['m_field_width'].'px' : $row['m_field_width'];
  715. /** ----------------------------------------
  716. /** Render textarea fields
  717. /** ----------------------------------------*/
  718. if ($row['m_field_type'] == 'textarea')
  719. {
  720. $rows = ( ! isset($row['m_field_ta_rows'])) ? '10' : $row['m_field_ta_rows'];
  721. $tarea = "<textarea name='".'m_field_id_'.$row['m_field_id']."' id='".'m_field_id_'.$row['m_field_id']."' style='width:".$width.";' class='textarea' cols='90' rows='{$rows}'>".form_prep($field_data)."</textarea>";
  722. $temp = str_replace('<td ', "<td valign='top' ", $temp);
  723. $temp = str_replace('{lang:profile_field}', $required.$row['m_field_label'], $temp);
  724. $temp = str_replace('{lang:profile_field_description}', $row['m_field_description'], $temp);
  725. $temp = str_replace('{form:custom_profile_field}', $tarea, $temp);
  726. }
  727. elseif ($row['m_field_type'] == 'text')
  728. {
  729. /** ----------------------------------------
  730. /** Render text fields
  731. /** ----------------------------------------*/
  732. $input = "<input type='text' name='".'m_field_id_'.$row['m_field_id']."' id='".'m_field_id_'.$row['m_field_id']."' style='width:".$width.";' value='".form_prep($field_data)."' maxlength='".$row['m_field_maxl']."' class='input' />";
  733. $temp = str_replace('{lang:profile_field}', $required.$row['m_field_label'], $temp);
  734. $temp = str_replace('{lang:profile_field_description}', $row['m_field_description'], $temp);
  735. $temp = str_replace('{form:custom_profile_field}', $input, $temp);
  736. }
  737. elseif ($row['m_field_type'] == 'select')
  738. {
  739. /** ----------------------------------------
  740. /** Render pull-down menues
  741. /** ----------------------------------------*/
  742. $menu = "<select name='m_field_id_".$row['m_field_id']."' id='m_field_id_".$row['m_field_id']."' class='select'>\n";
  743. foreach (explode("\n", trim($row['m_field_list_items'])) as $v)
  744. {
  745. $v = trim($v);
  746. $selected = ($field_data == $v) ? " selected='selected'" : '';
  747. $menu .= "<option value='{$v}'{$selected}>".$v."</option>\n";
  748. }
  749. $menu .= "</select>\n";
  750. $temp = str_replace('{lang:profile_field}', $required.$row['m_field_label'], $temp);
  751. $temp = str_replace('{lang:profile_field_description}', $row['m_field_description'], $temp);
  752. $temp = str_replace('{form:custom_profile_field}', $menu, $temp);
  753. }
  754. $r .= $temp;
  755. }
  756. }
  757. /** ----------------------------------------
  758. /** Build the output data
  759. /** ----------------------------------------*/
  760. $query = $this->EE->db->query("SELECT bday_y, bday_m, bday_d, url, location, occupation, interests, aol_im, icq, yahoo_im, msn_im, bio FROM exp_members WHERE member_id = '".$this->EE->session->userdata('member_id')."'");
  761. return $this->_var_swap($this->_load_element('edit_profile_form'),
  762. array(
  763. 'path:update_profile' => $this->_member_path('update_profile'),
  764. 'form:birthday_year' => $this->_birthday_year($query->row('bday_y') ),
  765. 'form:birthday_month' => $this->_birthday_month($query->row('bday_m') ),
  766. 'form:birthday_day' => $this->_birthday_day($query->row('bday_d') ),
  767. 'url' => ($query->row('url') == '') ? 'http://' : $query->row('url') ,
  768. 'location' => form_prep($query->row('location') ),
  769. 'occupation' => form_prep($query->row('occupation') ),
  770. 'interests' => form_prep($query->row('interests') ),
  771. 'aol_im' => form_prep($query->row('aol_im') ),
  772. 'icq' => form_prep($query->row('icq') ),
  773. 'icq_im' => form_prep($query->row('icq') ),
  774. 'yahoo_im' => form_prep($query->row('yahoo_im') ),
  775. 'msn_im' => form_prep($query->row('msn_im') ),
  776. 'bio' => form_prep($query->row('bio') ),
  777. 'custom_profile_fields' => $r
  778. )
  779. );
  780. }
  781. /** ----------------------------------------
  782. /** Profile Update
  783. /** ----------------------------------------*/
  784. function update_profile()
  785. {
  786. $this->EE->load->model('member_model');
  787. /** -------------------------------------
  788. /** Safety....
  789. /** -------------------------------------*/
  790. if (count($_POST) == 0)
  791. {
  792. return $this->EE->output->show_user_error('general', array($this->EE->lang->line('invalid_action')));
  793. }
  794. // Are any required custom fields empty?
  795. $this->EE->db->select('m_field_id, m_field_label');
  796. $this->EE->db->where('m_field_required = "y"');
  797. $query = $this->EE->db->get('member_fields');
  798. $errors = array();
  799. if ($query->num_rows() > 0)
  800. {
  801. foreach ($query->result_array() as $row)
  802. {
  803. if (isset($_POST['m_field_id_'.$row['m_field_id']]) AND $_POST['m_field_id_'.$row['m_field_id']] == '')
  804. {
  805. $errors[] = $this->EE->lang->line('mbr_custom_field_empty').'&nbsp;'.$row['m_field_label'];
  806. }
  807. }
  808. }
  809. /** ----------------------------------------
  810. /** Blacklist/Whitelist Check
  811. /** ----------------------------------------*/
  812. if ($this->EE->blacklist->blacklisted == 'y' && $this->EE->blacklist->whitelisted == 'n')
  813. {
  814. return $this->EE->output->show_user_error('general', array($this->EE->lang->line('not_authorized')));
  815. }
  816. /** -------------------------------------
  817. /** Show errors
  818. /** -------------------------------------*/
  819. if (count($errors) > 0)
  820. {
  821. return $this->EE->output->show_user_error('submission', $errors);
  822. }
  823. /** -------------------------------------
  824. /** Build query
  825. /** -------------------------------------*/
  826. if (isset($_POST['url']) AND $_POST['url'] == 'http://')
  827. {
  828. $_POST['url'] = '';
  829. }
  830. $fields = array( 'bday_y',
  831. 'bday_m',
  832. 'bday_d',
  833. 'url',
  834. 'location',
  835. 'occupation',
  836. 'interests',
  837. 'aol_im',
  838. 'icq',
  839. 'yahoo_im',
  840. 'msn_im',
  841. 'bio'
  842. );
  843. $data = array();
  844. foreach ($fields as $val)
  845. {
  846. $data[$val] = (isset($_POST[$val])) ? $this->EE->security->xss_clean($_POST[$val]) : '';
  847. unset($_POST[$val]);
  848. }
  849. if (is_numeric($data['bday_d']) AND is_numeric($data['bday_m']))
  850. {
  851. $year = ($data['bday_y'] != '') ? $data['bday_y'] : date('Y');
  852. $mdays = $this->EE->localize->fetch_days_in_month($data['bday_m'], $year);
  853. if ($data['bday_d'] > $mdays)
  854. {
  855. $data['bday_d'] = $mdays;
  856. }
  857. }
  858. unset($_POST['HTTP_REFERER']);
  859. if (count($data) > 0)
  860. {
  861. $this->EE->member_model->update_member($this->EE->session->userdata('member_id'), $data);
  862. }
  863. /** -------------------------------------
  864. /** Update the custom fields
  865. /** -------------------------------------*/
  866. $m_data = array();
  867. if (count($_POST) > 0)
  868. {
  869. foreach ($_POST as $key => $val)
  870. {
  871. if (strncmp($key, 'm_field_id_', 11) == 0)
  872. {
  873. $m_data[$key] = $this->EE->security->xss_clean($val);
  874. }
  875. }
  876. if (count($m_data) > 0)
  877. {
  878. $this->EE->member_model->update_member_data($this->EE->session->userdata('member_id'), $m_data);
  879. }
  880. }
  881. /** -------------------------------------
  882. /** Update comments
  883. /** -------------------------------------*/
  884. if ($data['location'] != "" OR $data['url'] != "")
  885. {
  886. if ($this->EE->db->table_exists('comments'))
  887. {
  888. $d = array(
  889. 'location' => $data['location'],
  890. 'url' => $data['url']
  891. );
  892. $this->EE->db->where('author_id', $this->EE->session->userdata('member_id'));
  893. $this->EE->db->update('comments', $d);
  894. }
  895. }
  896. /** -------------------------------------
  897. /** Success message
  898. /** -------------------------------------*/
  899. return $this->_var_swap($this->_load_element('success'),
  900. array(
  901. 'lang:heading' => $this->EE->lang->line('profile_updated'),
  902. 'lang:message' => $this->EE->lang->line('mbr_profile_has_been_updated')
  903. )
  904. );
  905. }
  906. /** ----------------------------------------
  907. /** Forum Preferences
  908. /** ----------------------------------------*/
  909. function edit_preferences()
  910. {
  911. $query = $this->EE->db->query("SELECT display_avatars, display_signatures, smart_notifications, accept_messages, parse_smileys FROM exp_members WHERE member_id = '".$this->EE->session->userdata('member_id')."'");
  912. $element = $this->_load_element('edit_preferences');
  913. // -------------------------------------------
  914. // 'member_edit_preferences' hook.
  915. // - Allows adding of preferences to user side preferences form
  916. //
  917. if ($this->EE->extensions->active_hook('member_edit_preferences') === TRUE)
  918. {
  919. $element = $this->EE->extensions->call('member_edit_preferences', $element);
  920. }
  921. //
  922. // -------------------------------------------
  923. return $this->_var_swap($element,
  924. array(
  925. 'path:update_edit_preferences' => $this->_member_path('update_preferences'),
  926. 'state:display_avatars' => ($query->row('display_avatars') == 'y') ? " checked='checked'" : '',
  927. 'state:accept_messages' => ($query->row('accept_messages') == 'y') ? " checked='checked'" : '',
  928. 'state:display_signatures' => ($query->row('display_signatures') == 'y') ? " checked='checked'" : '',
  929. 'state:parse_smileys' => ($query->row('parse_smileys') == 'y') ? " checked='checked'" : ''
  930. )
  931. );
  932. }
  933. /** ----------------------------------------
  934. /** Update Preferences
  935. /** ----------------------------------------*/
  936. function update_preferences()
  937. {
  938. /** -------------------------------------
  939. /** Assign the query data
  940. /** -------------------------------------*/
  941. $data = array(
  942. 'accept_messages' => (isset($_POST['accept_messages'])) ? 'y' : 'n',
  943. 'display_avatars' => (isset($_POST['display_avatars'])) ? 'y' : 'n',
  944. 'display_signatures' => (isset($_POST['display_signatures'])) ? 'y' : 'n',
  945. 'parse_smileys' => (isset($_POST['parse_smileys'])) ? 'y' : 'n'
  946. );
  947. $this->EE->db->query($this->EE->db->update_string('exp_members', $data, "member_id = '".$this->EE->session->userdata('member_id')."'"));
  948. // -------------------------------------------
  949. // 'member_update_preferences' hook.
  950. // - Allows updating of added preferences via user side preferences form
  951. //
  952. $edata = $this->EE->extensions->call('member_update_preferences', $data);
  953. if ($this->EE->extensions->end_script === TRUE) return;
  954. //
  955. // -------------------------------------------
  956. /** -------------------------------------
  957. /** Success message
  958. /** -------------------------------------*/
  959. return $this->_var_swap($this->_load_element('success'),
  960. array(
  961. 'lang:heading' => $this->EE->lang->line('mbr_preferences_updated'),
  962. 'lang:message' => $this->EE->lang->line('mbr_prefereces_have_been_updated')
  963. )
  964. );
  965. }
  966. /** ----------------------------------------
  967. /** Email Settings
  968. /** ----------------------------------------*/
  969. function edit_email()
  970. {
  971. $query = $this->EE->db->query("SELECT email, accept_admin_email, accept_user_email, notify_by_default, notify_of_pm, smart_notifications FROM exp_members WHERE member_id = '".$this->EE->session->userdata('member_id')."'");
  972. return $this->_var_swap($this->_load_element('email_prefs_form'),
  973. array(
  974. 'path:update_email_settings' => $this->_member_path('update_email'),
  975. 'email' => $query->row('email') ,
  976. 'state:accept_admin_email' => ($query->row('accept_admin_email') == 'y') ? " checked='checked'" : '',
  977. 'state:accept_user_email' => ($query->row('accept_user_email') == 'y') ? " checked='checked'" : '',
  978. 'state:notify_by_default' => ($query->row('notify_by_default') == 'y') ? " checked='checked'" : '',
  979. 'state:notify_of_pm' => ($query->row('notify_of_pm') == 'y') ? " checked='checked'" : '',
  980. 'state:smart_notifications' => ($query->row('smart_notifications') == 'y') ? " checked='checked'" : ''
  981. )
  982. );
  983. }
  984. /** ----------------------------------------
  985. /** Email Update
  986. /** ----------------------------------------*/
  987. function update_email()
  988. {
  989. // Safety.
  990. if ( ! isset($_POST['email']))
  991. {
  992. return $this->EE->output->show_user_error('general', array($this->EE->lang->line('invalid_action')));
  993. }
  994. /** ----------------------------------------
  995. /** Blacklist/Whitelist Check
  996. /** ----------------------------------------*/
  997. if ($this->EE->blacklist->blacklisted == 'y' && $this->EE->blacklist->whitelisted == 'n')
  998. {
  999. return $this->EE->output->show_user_error('general', array($this->EE->lang->line('not_authorized')));
  1000. }
  1001. /** -------------------------------------
  1002. /** Validate submitted data
  1003. /** -------------------------------------*/
  1004. if ( ! class_exists('EE_Validate'))
  1005. {
  1006. require APPPATH.'libraries/Validate'.EXT;
  1007. }
  1008. $query = $this->EE->db->query("SELECT email, password FROM exp_members WHERE member_id = '".$this->EE->session->userdata('member_id')."'");
  1009. $VAL = new EE_Validate(
  1010. array(
  1011. 'member_id' => $this->EE->session->userdata('member_id'),
  1012. 'val_type' => 'update', // new or update
  1013. 'fetch_lang' => TRUE,
  1014. 'require_cpw' => FALSE,
  1015. 'enable_log' => FALSE,
  1016. 'email' => $_POST['email'],
  1017. 'cur_email' => $query->row('email')
  1018. )
  1019. );
  1020. $VAL->validate_email();
  1021. if ($_POST['email'] != $query->row('email') )
  1022. {
  1023. if ($this->EE->session->userdata['group_id'] != 1)
  1024. {
  1025. if ($_POST['password'] == '')
  1026. {
  1027. $VAL->errors[] = $this->EE->lang->line('missing_current_password');
  1028. }
  1029. elseif ($this->EE->functions->hash(stripslashes($_POST['password'])) != $query->row('password') )
  1030. {
  1031. $VAL->errors[] = $this->EE->lang->line('invalid_password');
  1032. }
  1033. }
  1034. }
  1035. if (count($VAL->errors) > 0)
  1036. {
  1037. return $this->EE->output->show_user_error('submission', $VAL->errors);
  1038. }
  1039. /** -------------------------------------
  1040. /** Assign the query data
  1041. /** -------------------------------------*/
  1042. $data = array(
  1043. 'email' => $_POST['email'],
  1044. 'accept_admin_email' => (isset($_POST['accept_admin_email'])) ? 'y' : 'n',
  1045. 'accept_user_email' => (isset($_POST['accept_user_email'])) ? 'y' : 'n',
  1046. 'notify_by_default' => (isset($_POST['notify_by_default'])) ? 'y' : 'n',
  1047. 'notify_of_pm' => (isset($_POST['notify_of_pm'])) ? 'y' : 'n',
  1048. 'smart_notifications' => (isset($_POST['smart_notifications'])) ? 'y' : 'n'
  1049. );
  1050. $this->EE->db->query($this->EE->db->update_string('exp_members', $data, "member_id = '".$this->EE->session->userdata('member_id')."'"));
  1051. /** -------------------------------------
  1052. /** Update comments and log email change
  1053. /** -------------------------------------*/
  1054. if ($query->row('email') != $_POST['email'])
  1055. {
  1056. $this->EE->db->query($this->EE->db->update_string('exp_comments', array('email' => $_POST['email']), "author_id = '".$this->EE->session->userdata('member_id')."'"));
  1057. // We need to update the gallery comments
  1058. // But! Only if the table exists
  1059. if ($this->EE->db->table_exists('exp_gallery_comments'))
  1060. {
  1061. $this->EE->db->query($this->EE->db->update_string('exp_gallery_comments', array('email' => $_POST['email']), "author_id = '".$this->EE->session->userdata('member_id')."'"));
  1062. }
  1063. }
  1064. /** -------------------------------------
  1065. /** Success message
  1066. /** -------------------------------------*/
  1067. return $this->_var_swap($this->_load_element('success'),
  1068. array(
  1069. 'lang:heading' => $this->EE->lang->line('mbr_email_updated'),
  1070. 'lang:message' => $this->EE->lang->line('mbr_email_has_been_updated')
  1071. )
  1072. );
  1073. }
  1074. /** ----------------------------------------
  1075. /** Username/Password Preferences
  1076. /** ----------------------------------------*/
  1077. function edit_userpass()
  1078. {
  1079. $query = $this->EE->db->query("SELECT username, screen_name FROM exp_members WHERE member_id = '".$this->EE->session->userdata('member_id')."'");
  1080. return $this->_var_swap($this->_load_element('username_password_form'),
  1081. array(
  1082. 'row:username_form' => ($this->EE->session->userdata['group_id'] == 1 OR $this->EE->config->item('allow_username_change') == 'y') ? $this->_load_element('username_row') : $this->_load_element('username_change_disallowed'),
  1083. 'path:update_username_password' => $this->_member_path('update_userpass'),
  1084. 'username' => $query->row('username') ,
  1085. 'screen_name' => $this->_convert_special_chars($query->row('screen_name') )
  1086. )
  1087. );
  1088. }
  1089. /** ----------------------------------------
  1090. /** Username/Password Update
  1091. /** ----------------------------------------*/
  1092. function update_userpass()
  1093. {
  1094. // Safety. Prevents accessing this function unless
  1095. // the requrest came from the form submission
  1096. if ( ! isset($_POST['current_password']))
  1097. {
  1098. return $this->EE->output->show_user_error('general', array($this->EE->lang->line('invalid_action')));
  1099. }
  1100. $query = $this->EE->db->query("SELECT username, screen_name FROM exp_members WHERE member_id = '".$this->EE->db->escape_str($this->EE->session->userdata('member_id'))."'");
  1101. if ($query->num_rows() == 0)
  1102. {
  1103. return FALSE;
  1104. }
  1105. if ($this->EE->config->item('allow_username_change') != 'y')
  1106. {
  1107. $_POST['username'] = $query->row('username');
  1108. }
  1109. // If the screen name field is empty, we'll assign is
  1110. // from the username field.
  1111. if ($_POST['screen_name'] == '')
  1112. $_POST['screen_name'] = $_POST['username'];
  1113. if ( ! isset($_POST['username']))
  1114. $_POST['username'] = '';
  1115. /** -------------------------------------
  1116. /** Validate submitted data
  1117. /** -------------------------------------*/
  1118. if ( ! class_exists('EE_Validate'))
  1119. {
  1120. require APPPATH.'libraries/Validate'.EXT;
  1121. }
  1122. $VAL = new EE_Validate(
  1123. array(
  1124. 'member_id' => $this->EE->session->userdata('member_id'),
  1125. 'val_type' => 'update', // new or update
  1126. 'fetch_lang' => TRUE,
  1127. 'require_cpw' => TRUE,
  1128. 'enable_log' => FALSE,
  1129. 'username' => $_POST['username'],
  1130. 'cur_username' => $query->row('username') ,
  1131. 'screen_name' => $_POST['screen_name'],
  1132. 'cur_screen_name' => $query->row('screen_name') ,
  1133. 'password' => $_POST['password'],
  1134. 'password_confirm' => $_POST['password_confirm'],
  1135. 'cur_password' => $_POST['current_password']
  1136. )
  1137. );
  1138. $VAL->validate_screen_name();
  1139. if ($this->EE->config->item('allow_username_change') == 'y')
  1140. {
  1141. $VAL->validate_username();
  1142. }
  1143. if ($_POST['password'] != '')
  1144. {
  1145. $VAL->validate_password();
  1146. }
  1147. /** -------------------------------------
  1148. /** Display error is there are any
  1149. /** -------------------------------------*/
  1150. if (count($VAL->errors) > 0)
  1151. {
  1152. return $this->EE->output->show_user_error('submission', $VAL->errors);
  1153. }
  1154. /** -------------------------------------
  1155. /** Update "last post" forum info if needed
  1156. /** -------------------------------------*/
  1157. if ($query->row('screen_name') != $_POST['screen_name'] AND $this->EE->config->item('forum_is_installed') == "y" )
  1158. {
  1159. $this->EE->db->query("UPDATE exp_forums SET forum_last_post_author = '".$this->EE->db->escape_str($_POST['screen_name'])."' WHERE forum_last_post_author_id = '".$this->EE->session->userdata('member_id')."'");
  1160. $this->EE->db->query("UPDATE exp_forum_moderators SET mod_member_name = '".$this->EE->db->escape_str($_POST['screen_name'])."' WHERE mod_member_id = '".$this->EE->session->userdata('member_id')."'");
  1161. }
  1162. /** -------------------------------------
  1163. /** Assign the query data
  1164. /** -------------------------------------*/
  1165. $data['screen_name'] = $_POST['screen_name'];
  1166. if ($this->EE->config->item('allow_username_change') == 'y')
  1167. {
  1168. $data['username'] = $_POST['username'];
  1169. }
  1170. // Was a password submitted?
  1171. $pw_change = '';
  1172. if ($_POST['password'] != '')
  1173. {
  1174. $data['password'] = $this->EE->functions->hash(stripslashes($_POST['password']));
  1175. $pw_change = $this->_var_swap($this->_load_element('password_change_warning'),
  1176. array('lang:password_change_warning' => $this->EE->lang->line('password_change_warning'))
  1177. );
  1178. }
  1179. $this->EE->db->query($this->EE->db->update_string('exp_members', $data, "member_id = '".$this->EE->session->userdata('member_id')."'"));
  1180. /** -------------------------------------
  1181. /** Update comments if screen name has changed
  1182. /** -------------------------------------*/
  1183. if ($query->row('screen_name') != $_POST['screen_name'])
  1184. {
  1185. $this->EE->db->query($this->EE->db->update_string('exp_comments', array('name' => $_POST['screen_name']), "author_id = '".$this->EE->session->userdata('member_id')."'"));
  1186. // We need to update the gallery comments
  1187. // But! Only if the table exists
  1188. if ($this->EE->db->table_exists('exp_gallery_comments'))
  1189. {
  1190. $this->EE->db->query($this->EE->db->update_string('exp_gallery_comments', array('name' => $_POST['screen_name']), "author_id = '".$this->EE->session->userdata('member_id')."'"));
  1191. }
  1192. $this->EE->session->userdata['screen_name'] = stripslashes($_POST['screen_name']);
  1193. }
  1194. /** -------------------------------------
  1195. /** Success message
  1196. /** -------------------------------------*/
  1197. return $this->_var_swap($this->_load_element('success'),
  1198. array(
  1199. 'lang:heading' => $this->EE->lang->line('username_and_password'),
  1200. 'lang:message' => $this->EE->lang->line('mbr_settings_updated').$pw_change
  1201. )
  1202. );
  1203. }
  1204. /** ----------------------------------------
  1205. /** Localization Edit Form
  1206. /** ----------------------------------------*/
  1207. function edit_localization()
  1208. {
  1209. // Are localizations enabled?
  1210. if ($this->EE->config->item('allow_member_localization') == 'n' AND $this->EE->session->userdata('group_id') != 1)
  1211. {
  1212. return $this->EE->output->show_user_error('general', array($this->EE->lang->line('localization_disallowed')));
  1213. }
  1214. // Time format selection menu
  1215. $tf = "<select name='time_format' class='select'>\n";
  1216. $selected = ($this->EE->session->userdata['time_format'] == 'us') ? " selected='selected'" : '';
  1217. $tf .= "<option value='us'{$selected}>".$this->EE->lang->line('united_states')."</option>\n";
  1218. $selected = ($this->EE->session->userdata['time_format'] == 'eu') ? " selected='selected'" : '';
  1219. $tf .= "<option value='eu'{$selected}>".$this->EE->lang->line('european')."</option>\n";
  1220. $tf .= "</select>…

Large files files are truncated, but you can click here to view the full file