b2evolution PHP Cross Reference Blogging Systems

Source: /htsrv/profile_update.php - 185 lines - 5594 bytes - Text - Print

Description: This file updates the current user's profile! This file is part of the evoCore framework - {@link http://evocore.net/} See also {@link http://sourceforge.net/projects/evocms/}.

   1  <?php
   2  /**
   3   * This file updates the current user's profile!
   4   *
   5   * This file is part of the evoCore framework - {@link http://evocore.net/}
   6   * See also {@link http://sourceforge.net/projects/evocms/}.
   7   *
   8   * @copyright (c)2003-2014 by Francois Planque - {@link http://fplanque.com/}
   9   * Parts of this file are copyright (c)2004-2006 by Daniel HAHLER - {@link http://thequod.de/contact}.
  10   *
  11   * {@internal License choice
  12   * - If you have received this file as part of a package, please find the license.txt file in
  13   *   the same folder or the closest folder above for complete license terms.
  14   * - If you have received this file individually (e-g: from http://evocms.cvs.sourceforge.net/)
  15   *   then you must choose one of the following licenses before using the file:
  16   *   - GNU General Public License 2 (GPL) - http://www.opensource.org/licenses/gpl-license.php
  17   *   - Mozilla Public License 1.1 (MPL) - http://www.opensource.org/licenses/mozilla1.1.php
  18   * }}
  19   *
  20   * {@internal Open Source relicensing agreement:
  21   * Daniel HAHLER grants Francois PLANQUE the right to license
  22   * Daniel HAHLER's contributions to this file and the b2evolution project
  23   * under any OSI approved OSS license (http://www.opensource.org/licenses/).
  24   * }}
  25   *
  26   * @package htsrv
  27   *
  28   * {@internal Below is a list of authors who have contributed to design/coding of this file: }}
  29   * @author fplanque: Francois PLANQUE
  30   * @author blueyed: Daniel HAHLER
  31   *
  32   *
  33   * @todo integrate it into the skins to avoid ugly die() on error and confusing redirect on success.
  34   *
  35   * @version $Id: profile_update.php 6136 2014-03-08 07:59:48Z manuel $
  36   */
  37  
  38  /**
  39   * Initialize everything:
  40   */
  41  require_once dirname(__FILE__).'/../conf/_config.php';
  42  
  43  require_once $inc_path.'_main.inc.php';
  44  
  45  // Check if the request exceed the post max size. If it does then the function will a call header_redirect.
  46  check_post_max_size_exceeded();
  47  
  48  $action = param_action();
  49  $disp = param( 'user_tab', 'string', '' );
  50  $blog = param( 'blog', 'integer', 0 );
  51  
  52  // Activate the blog locale because all params were introduced with that locale
  53  activate_blog_locale( $blog );
  54  
  55  /**
  56   * Basic security checks:
  57   */
  58  if( ! is_logged_in() )
  59  {    // must be logged in!
  60      bad_request_die( T_( 'You are not logged in.' ) );
  61  }
  62  
  63  if( $demo_mode && ( $current_User->ID <= 3 ) )
  64  {
  65      bad_request_die( 'Demo mode: you can\'t edit the admin and demo users profile!<br />[<a href="javascript:history.go(-1)">'
  66          . T_('Back to profile') . '</a>]' );
  67  }
  68  
  69  // Check that this action request is not a CSRF hacked request:
  70  $Session->assert_received_crumb( 'user' );
  71  
  72  switch( $action )
  73  {
  74      case 'add_field':
  75      case 'update':
  76      case 'subscribe':
  77          $current_User->update_from_request();
  78          break;
  79  
  80      case 'refresh_regional':
  81          // Refresh a regions, sub-regions & cities (when JavaScript is disabled)
  82          $current_User->ctry_ID = param( 'edited_user_ctry_ID', 'integer', 0 );
  83          $current_User->rgn_ID = param( 'edited_user_rgn_ID', 'integer', 0 );
  84          $current_User->subrg_ID = param( 'edited_user_subrg_ID', 'integer', 0 );
  85          break;
  86  
  87      case 'update_avatar':
  88          $file_ID = param( 'file_ID', 'integer', NULL );
  89          $current_User->update_avatar( $file_ID );
  90          break;
  91  
  92      case 'rotate_avatar_90_left':
  93          $file_ID = param( 'file_ID', 'integer', NULL );
  94          $current_User->rotate_avatar( $file_ID, 90 );
  95          break;
  96  
  97      case 'rotate_avatar_180':
  98          $file_ID = param( 'file_ID', 'integer', NULL );
  99          $current_User->rotate_avatar( $file_ID, 180 );
 100          break;
 101  
 102      case 'rotate_avatar_90_right':
 103          $file_ID = param( 'file_ID', 'integer', NULL );
 104          $current_User->rotate_avatar( $file_ID, 270 );
 105          break;
 106  
 107      case 'remove_avatar':
 108          $current_User->remove_avatar();
 109          break;
 110  
 111      case 'delete_avatar':
 112          $file_ID = param( 'file_ID', 'integer', NULL );
 113          $current_User->delete_avatar( $file_ID );
 114          break;
 115  
 116      case 'upload_avatar':
 117          $current_User->update_avatar_from_upload();
 118          break;
 119  }
 120  
 121  $Blog = NULL;
 122  if( $blog > 0 )
 123  {    // Get Blog
 124      $BlogCache = & get_BlogCache();
 125      $Blog = $BlogCache->get_by_ID( $blog, false, false );
 126  }
 127  
 128  if( empty( $Blog ) )
 129  {    // This case should not happen, $blog must be set
 130      $Messages->add( T_( 'Unable to find the selected blog' ), 'error' );
 131      header_redirect( $baseurl );
 132  }
 133  
 134  if( param_errors_detected() || $action == 'refresh_regional' )
 135  {    // unable to update, store unsaved user into session
 136      $Session->set( 'core.unsaved_User', $current_User );
 137  }
 138  elseif( ! param_errors_detected() )
 139  {    // update was successful on user profile
 140      switch( $action )
 141      {
 142          case 'update':
 143              if( $current_User->has_avatar() )
 144              {    // Redirect to display user page
 145                  $redirect_to = url_add_param( $Blog->gen_blogurl(), 'disp=user', '&' );
 146              }
 147              else
 148              {    // Redirect to upload avatar
 149                  $redirect_to = get_user_avatar_url();
 150              }
 151              break;
 152          case 'upload_avatar':
 153              // Redirect to display user profile form
 154              $redirect_to = url_add_param( $Blog->gen_blogurl(), 'disp=profile', '&' );
 155              break;
 156      }
 157      if( !empty( $redirect_to ) )
 158      {
 159          header_redirect( $redirect_to );
 160      }
 161  }
 162  
 163  
 164  if( ! param_errors_detected() || ! isset( $disp ) )
 165  {    // User data is updated without errors
 166      // redirect will save $Messages into Session:
 167      $redirect_to = NULL;
 168      if( isset( $disp ) )
 169      {
 170          $redirect_to = url_add_param( $Blog->gen_blogurl(), 'disp='.$disp, '&' );
 171      }
 172      // redirect to the corresponding display form
 173      header_redirect( $redirect_to );
 174      // EXITED
 175  }
 176  else
 177  {    // Errors exist; Don't redirect; Display a template to save a received data from request
 178      $SkinCache = & get_SkinCache();
 179      $Skin = & $SkinCache->get_by_ID( $Blog->get_skin_ID() );
 180      $skin = $Skin->folder;
 181      $ads_current_skin_path = $skins_path.$skin.'/';
 182      require $ads_current_skin_path.'index.main.php';
 183  }
 184  
 185  ?>

title

Description

title

Description

title

Description

title

title

Body