[Summary view] [Print] [Text view]

   1  <?php
   2  # MantisBT - A PHP based bugtracking system
   3  
   4  # MantisBT is free software: you can redistribute it and/or modify
   5  # it under the terms of the GNU General Public License as published by
   6  # the Free Software Foundation, either version 2 of the License, or
   7  # (at your option) any later version.
   8  #
   9  # MantisBT is distributed in the hope that it will be useful,
  10  # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  # GNU General Public License for more details.
  13  #
  14  # You should have received a copy of the GNU General Public License
  15  # along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * This page updates the users profile information then redirects to
  19   * account_prof_menu_page.php
  20   *
  21   * @package MantisBT
  22   * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
  23   * @copyright Copyright (C) 2002 - 2010  MantisBT Team - mantisbt-dev@lists.sourceforge.net
  24   * @link http://www.mantisbt.org
  25   *
  26   * @uses core.php
  27   * @uses access_api.php
  28   * @uses authentication_api.php
  29   * @uses config_api.php
  30   * @uses constant_inc.php
  31   * @uses current_user_api.php
  32   * @uses form_api.php
  33   * @uses gpc_api.php
  34   * @uses print_api.php
  35   * @uses profile_api.php
  36   */
  37  
  38  require_once ( 'core.php' );
  39  require_api( 'access_api.php' );
  40  require_api( 'authentication_api.php' );
  41  require_api( 'config_api.php' );
  42  require_api( 'constant_inc.php' );
  43  require_api( 'current_user_api.php' );
  44  require_api( 'form_api.php' );
  45  require_api( 'gpc_api.php' );
  46  require_api( 'print_api.php' );
  47  require_api( 'profile_api.php' );
  48  
  49  if ( !config_get( 'enable_profiles' ) ) {
  50      trigger_error( ERROR_ACCESS_DENIED, ERROR );
  51  }
  52  
  53  form_security_validate('profile_update');
  54  
  55  auth_ensure_user_authenticated();
  56  
  57  current_user_ensure_unprotected();
  58  
  59  $f_action = gpc_get_string('action');
  60  
  61  switch ( $f_action ) {
  62      case 'edit':
  63          $f_profile_id = gpc_get_int( 'profile_id' );
  64          form_security_purge('profile_update');
  65          print_header_redirect( 'account_prof_edit_page.php?profile_id=' . $f_profile_id );
  66          break;
  67  
  68      case 'add':
  69          $f_platform        = gpc_get_string( 'platform' );
  70          $f_os            = gpc_get_string( 'os' );
  71          $f_os_build        = gpc_get_string( 'os_build' );
  72          $f_description    = gpc_get_string( 'description' );
  73  
  74          $t_user_id        = gpc_get_int( 'user_id' );
  75          if ( ALL_USERS != $t_user_id ) {
  76              $t_user_id = auth_get_current_user_id();
  77          }
  78  
  79          if ( ALL_USERS == $t_user_id ) {
  80              access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );
  81          } else {
  82              access_ensure_global_level( config_get( 'add_profile_threshold' ) );
  83          }
  84  
  85          profile_create( $t_user_id, $f_platform, $f_os, $f_os_build, $f_description );
  86          form_security_purge('profile_update');
  87  
  88          if ( ALL_USERS == $t_user_id ) {
  89              print_header_redirect( 'manage_prof_menu_page.php' );
  90          } else {
  91              print_header_redirect( 'account_prof_menu_page.php' );
  92          }
  93          break;
  94  
  95      case 'update':
  96          $f_profile_id = gpc_get_int( 'profile_id' );
  97          $f_platform = gpc_get_string( 'platform' );
  98          $f_os = gpc_get_string( 'os' );
  99          $f_os_build = gpc_get_string( 'os_build' );
 100          $f_description = gpc_get_string( 'description' );
 101  
 102          if ( profile_is_global( $f_profile_id ) ) {
 103              access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );
 104  
 105              profile_update( ALL_USERS, $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description );
 106              form_security_purge('profile_update');
 107              print_header_redirect( 'manage_prof_menu_page.php' );
 108          } else {
 109              profile_update( auth_get_current_user_id(), $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description );
 110              form_security_purge('profile_update');
 111              print_header_redirect( 'account_prof_menu_page.php' );
 112          }
 113          break;
 114  
 115      case 'delete':
 116          $f_profile_id = gpc_get_int( 'profile_id' );
 117          if ( profile_is_global( $f_profile_id ) ) {
 118              access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );
 119  
 120              profile_delete( ALL_USERS, $f_profile_id );
 121              form_security_purge('profile_update');
 122              print_header_redirect( 'manage_prof_menu_page.php' );
 123          } else {
 124              profile_delete( auth_get_current_user_id(), $f_profile_id );
 125              form_security_purge('profile_update');
 126              print_header_redirect( 'account_prof_menu_page.php' );
 127          }
 128          break;
 129  
 130      case 'make_default':
 131          $f_profile_id = gpc_get_int( 'profile_id' );
 132          current_user_set_pref( 'default_profile', $f_profile_id );
 133          form_security_purge('profile_update');
 134          print_header_redirect( 'account_prof_menu_page.php' );
 135          break;
 136  }