[Summary view] [Print] [Text view]

   1  <?php
   2  # MantisBT - A PHP based bugtracking system
   3  
   4  # MantisBT is free software: you can redistribute it and/or modify
   5  # it under the terms of the GNU General Public License as published by
   6  # the Free Software Foundation, either version 2 of the License, or
   7  # (at your option) any later version.
   8  #
   9  # MantisBT is distributed in the hope that it will be useful,
  10  # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  # GNU General Public License for more details.
  13  #
  14  # You should have received a copy of the GNU General Public License
  15  # along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * This page updates the users profile information then redirects to
  19   * account_prof_menu_page.php
  20   *
  21   * @package MantisBT
  22   * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
  23   * @copyright Copyright (C) 2002 - 2011  MantisBT Team - mantisbt-dev@lists.sourceforge.net
  24   * @link http://www.mantisbt.org
  25   *
  26   * @uses core.php
  27   * @uses access_api.php
  28   * @uses authentication_api.php
  29   * @uses config_api.php
  30   * @uses constant_inc.php
  31   * @uses current_user_api.php
  32   * @uses form_api.php
  33   * @uses gpc_api.php
  34   * @uses print_api.php
  35   * @uses profile_api.php
  36   */
  37  
  38  /**
  39   * MantisBT Core API's
  40   */
  41  require_once ( 'core.php' );
  42  require_api( 'access_api.php' );
  43  require_api( 'authentication_api.php' );
  44  require_api( 'config_api.php' );
  45  require_api( 'constant_inc.php' );
  46  require_api( 'current_user_api.php' );
  47  require_api( 'form_api.php' );
  48  require_api( 'gpc_api.php' );
  49  require_api( 'print_api.php' );
  50  require_api( 'profile_api.php' );
  51  
  52  if ( !config_get( 'enable_profiles' ) ) {
  53      trigger_error( ERROR_ACCESS_DENIED, ERROR );
  54  }
  55  
  56  form_security_validate('profile_update');
  57  
  58  auth_ensure_user_authenticated();
  59  
  60  current_user_ensure_unprotected();
  61  
  62  $f_action = gpc_get_string('action');
  63  
  64  switch ( $f_action ) {
  65      case 'edit':
  66          $f_profile_id = gpc_get_int( 'profile_id' );
  67          form_security_purge('profile_update');
  68          print_header_redirect( 'account_prof_edit_page.php?profile_id=' . $f_profile_id );
  69          break;
  70  
  71      case 'add':
  72          $f_platform        = gpc_get_string( 'platform' );
  73          $f_os            = gpc_get_string( 'os' );
  74          $f_os_build        = gpc_get_string( 'os_build' );
  75          $f_description    = gpc_get_string( 'description' );
  76  
  77          $t_user_id        = gpc_get_int( 'user_id' );
  78          if ( ALL_USERS != $t_user_id ) {
  79              $t_user_id = auth_get_current_user_id();
  80          }
  81  
  82          if ( ALL_USERS == $t_user_id ) {
  83              access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );
  84          } else {
  85              access_ensure_global_level( config_get( 'add_profile_threshold' ) );
  86          }
  87  
  88          profile_create( $t_user_id, $f_platform, $f_os, $f_os_build, $f_description );
  89          form_security_purge('profile_update');
  90  
  91          if ( ALL_USERS == $t_user_id ) {
  92              print_header_redirect( 'manage_prof_menu_page.php' );
  93          } else {
  94              print_header_redirect( 'account_prof_menu_page.php' );
  95          }
  96          break;
  97  
  98      case 'update':
  99          $f_profile_id = gpc_get_int( 'profile_id' );
 100          $f_platform = gpc_get_string( 'platform' );
 101          $f_os = gpc_get_string( 'os' );
 102          $f_os_build = gpc_get_string( 'os_build' );
 103          $f_description = gpc_get_string( 'description' );
 104  
 105          if ( profile_is_global( $f_profile_id ) ) {
 106              access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );
 107  
 108              profile_update( ALL_USERS, $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description );
 109              form_security_purge('profile_update');
 110              print_header_redirect( 'manage_prof_menu_page.php' );
 111          } else {
 112              profile_update( auth_get_current_user_id(), $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description );
 113              form_security_purge('profile_update');
 114              print_header_redirect( 'account_prof_menu_page.php' );
 115          }
 116          break;
 117  
 118      case 'delete':
 119          $f_profile_id = gpc_get_int( 'profile_id' );
 120          if ( profile_is_global( $f_profile_id ) ) {
 121              access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );
 122  
 123              profile_delete( ALL_USERS, $f_profile_id );
 124              form_security_purge('profile_update');
 125              print_header_redirect( 'manage_prof_menu_page.php' );
 126          } else {
 127              profile_delete( auth_get_current_user_id(), $f_profile_id );
 128              form_security_purge('profile_update');
 129              print_header_redirect( 'account_prof_menu_page.php' );
 130          }
 131          break;
 132  
 133      case 'make_default':
 134          $f_profile_id = gpc_get_int( 'profile_id' );
 135          current_user_set_pref( 'default_profile', $f_profile_id );
 136          form_security_purge('profile_update');
 137          print_header_redirect( 'account_prof_menu_page.php' );
 138          break;
 139  }