| [ Index ] |
PHP Cross Reference of MantisBT |
[Summary view] [Print] [Text view]
1 <?php 2 # MantisBT - A PHP based bugtracking system 3 4 # MantisBT is free software: you can redistribute it and/or modify 5 # it under the terms of the GNU General Public License as published by 6 # the Free Software Foundation, either version 2 of the License, or 7 # (at your option) any later version. 8 # 9 # MantisBT is distributed in the hope that it will be useful, 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 # GNU General Public License for more details. 13 # 14 # You should have received a copy of the GNU General Public License 15 # along with MantisBT. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * This page updates a user's information 19 * If an account is protected then changes are forbidden 20 * The page gets redirected back to account_page.php 21 * 22 * @package MantisBT 23 * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org 24 * @copyright Copyright (C) 2002 - 2011 MantisBT Team - mantisbt-dev@lists.sourceforge.net 25 * @link http://www.mantisbt.org 26 * 27 * @uses core.php 28 * @uses authentication_api.php 29 * @uses config_api.php 30 * @uses constant_inc.php 31 * @uses current_user_api.php 32 * @uses email_api.php 33 * @uses form_api.php 34 * @uses gpc_api.php 35 * @uses html_api.php 36 * @uses lang_api.php 37 * @uses print_api.php 38 * @uses string_api.php 39 * @uses user_api.php 40 * @uses utility_api.php 41 */ 42 43 /** 44 * MantisBT Core API's 45 */ 46 require_once ( 'core.php' ); 47 require_api( 'authentication_api.php' ); 48 require_api( 'config_api.php' ); 49 require_api( 'constant_inc.php' ); 50 require_api( 'current_user_api.php' ); 51 require_api( 'email_api.php' ); 52 require_api( 'form_api.php' ); 53 require_api( 'gpc_api.php' ); 54 require_api( 'html_api.php' ); 55 require_api( 'lang_api.php' ); 56 require_api( 'print_api.php' ); 57 require_api( 'string_api.php' ); 58 require_api( 'user_api.php' ); 59 require_api( 'utility_api.php' ); 60 61 form_security_validate('account_update'); 62 63 auth_ensure_user_authenticated(); 64 65 current_user_ensure_unprotected(); 66 67 $f_email = gpc_get_string( 'email', '' ); 68 $f_realname = gpc_get_string( 'realname', '' ); 69 $f_password = gpc_get_string( 'password', '' ); 70 $f_password_confirm = gpc_get_string( 'password_confirm', '' ); 71 72 // get the user id once, so that if we decide in the future to enable this for 73 // admins / managers to change details of other users. 74 $t_user_id = auth_get_current_user_id(); 75 76 $t_redirect = 'account_page.php'; 77 78 /** @todo Listing what fields were updated is not standard behaviour of MantisBT - it also complicates the code. */ 79 $t_email_updated = false; 80 $t_password_updated = false; 81 $t_realname_updated = false; 82 83 $t_ldap = ( LDAP == config_get( 'login_method' ) ); 84 85 # Update email (but only if LDAP isn't being used) 86 if ( !( $t_ldap && config_get( 'use_ldap_email' ) ) ) { 87 $f_email = email_append_domain( $f_email ); 88 email_ensure_valid( $f_email ); 89 email_ensure_not_disposable( $f_email ); 90 91 if ( $f_email != user_get_email( $t_user_id ) ) { 92 user_set_email( $t_user_id, $f_email ); 93 $t_email_updated = true; 94 } 95 } 96 97 # Update real name (but only if LDAP isn't being used) 98 if ( !( $t_ldap && config_get( 'use_ldap_realname' ) ) ) { 99 # strip extra spaces from real name 100 $t_realname = string_normalize( $f_realname ); 101 if ( $t_realname != user_get_field( $t_user_id, 'realname' ) ) { 102 # checks for problems with realnames 103 $t_username = user_get_field( $t_user_id, 'username' ); 104 user_ensure_realname_unique( $t_username, $t_realname ); 105 user_set_realname( $t_user_id, $t_realname ); 106 $t_realname_updated = true; 107 } 108 } 109 110 # Update password if the two match and are not empty 111 if ( !is_blank( $f_password ) ) { 112 if ( $f_password != $f_password_confirm ) { 113 trigger_error( ERROR_USER_CREATE_PASSWORD_MISMATCH, ERROR ); 114 } else { 115 if ( !auth_does_password_match( $t_user_id, $f_password ) ) { 116 user_set_password( $t_user_id, $f_password ); 117 $t_password_updated = true; 118 } 119 } 120 } 121 122 form_security_purge('account_update'); 123 124 html_page_top( null, $t_redirect ); 125 126 echo '<br /><div>'; 127 128 if ( $t_email_updated ) { 129 echo lang_get( 'email_updated' ) . '<br />'; 130 } 131 132 if ( $t_password_updated ) { 133 echo lang_get( 'password_updated' ) . '<br />'; 134 } 135 136 if ( $t_realname_updated ) { 137 echo lang_get( 'realname_updated' ) . '<br />'; 138 } 139 140 echo lang_get( 'operation_successful' ) . '<br />'; 141 print_bracket_link( $t_redirect, lang_get( 'proceed' ) ); 142 echo '</div>'; 143 html_page_bottom();
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Jul 28 15:48:31 2011 | Cross-referenced by PHPXref 0.7 |