'; $htmlHeadXtra[] = ''; $htmlHeadXtra[] = ''; //$interbreadcrumb[] = array('url' => '../auth/profile.php', 'name' => get_lang('ModifyProfile')); if (!empty ($_GET['coursePath'])) { $course_url = api_get_path(WEB_COURSE_PATH).htmlentities(strip_tags($_GET['coursePath'])).'/index.php'; $interbreadcrumb[] = array('url' => $course_url, 'name' => Security::remove_XSS($_GET['courseCode'])); } $warning_msg = ''; if (!empty($_GET['fe'])) { $warning_msg .= get_lang('UplUnableToSaveFileFilteredExtension'); $_GET['fe'] = null; } $jquery_ready_content = ''; if (api_get_setting('allow_message_tool') == 'true') { $jquery_ready_content = << 'width: 70%; float: '.($text_dir == 'rtl' ? 'right;' : 'left;'))); /* Make sure this is the first submit on the form, even though it is hidden! * Otherwise, if a user has productions and presses ENTER to submit, he will * attempt to delete the first production in the list. */ //if (is_profile_editable()) { // $form->addElement('style_submit_button', null, get_lang('SaveSettings'), 'class="save"', array('style' => 'visibility:hidden;')); //} // SUBMIT (visible) /*if (is_profile_editable()) { $form->addElement('style_submit_button', 'apply_change', get_lang('SaveSettings'), 'class="save"'); } else { $form->freeze(); }*/ //THEME if (is_profile_editable() && api_get_setting('user_selected_theme') == 'true') { $form->addElement('select_theme', 'theme', get_lang('Theme')); if (api_get_setting('profile', 'theme') !== 'true') $form->freeze('theme'); $form->applyFilter('theme', 'trim'); } if (api_is_western_name_order()) { // FIRST NAME and LAST NAME $form->addElement('text', 'firstname', get_lang('FirstName'), array('size' => 40)); $form->addElement('text', 'lastname', get_lang('LastName'), array('size' => 40)); } else { // LAST NAME and FIRST NAME $form->addElement('text', 'lastname', get_lang('LastName'), array('size' => 40)); $form->addElement('text', 'firstname', get_lang('FirstName'), array('size' => 40)); } if (api_get_setting('profile', 'name') !== 'true') { $form->freeze(array('lastname', 'firstname')); } $form->applyFilter(array('lastname', 'firstname'), 'stripslashes'); $form->applyFilter(array('lastname', 'firstname'), 'trim'); $form->addRule('lastname' , get_lang('ThisFieldIsRequired'), 'required'); $form->addRule('firstname', get_lang('ThisFieldIsRequired'), 'required'); // USERNAME $form->addElement('text', 'username', get_lang('UserName'), array('maxlength' => USERNAME_MAX_LENGTH, 'size' => 40)); if (api_get_setting('profile', 'login') !== 'true') { $form->freeze('username'); } $form->applyFilter('username', 'stripslashes'); $form->applyFilter('username', 'trim'); $form->addRule('username', get_lang('ThisFieldIsRequired'), 'required'); $form->addRule('username', get_lang('UsernameWrong'), 'username'); $form->addRule('username', get_lang('UserTaken'), 'username_available', $user_data['username']); // OFFICIAL CODE if (CONFVAL_ASK_FOR_OFFICIAL_CODE) { $form->addElement('text', 'official_code', get_lang('OfficialCode'), array('size' => 40)); if (api_get_setting('profile', 'officialcode') !== 'true') { $form->freeze('official_code'); } $form->applyFilter('official_code', 'stripslashes'); $form->applyFilter('official_code', 'trim'); if (api_get_setting('registration', 'officialcode') == 'true' && api_get_setting('profile', 'officialcode') == 'true') { $form->addRule('official_code', get_lang('ThisFieldIsRequired'), 'required'); } } // EMAIL $form->addElement('email', 'email', get_lang('Email'), array('size' => 40)); if (api_get_setting('profile', 'email') !== 'true') { $form->freeze('email'); } $form->applyFilter('email', 'stripslashes'); $form->applyFilter('email', 'trim'); if (api_get_setting('registration', 'email') == 'true') { $form->addRule('email', get_lang('ThisFieldIsRequired'), 'required'); } $form->addRule('email', get_lang('EmailWrong'), 'email'); // OPENID URL if (is_profile_editable() && api_get_setting('openid_authentication') == 'true') { $form->addElement('text', 'openid', get_lang('OpenIDURL'), array('size' => 40)); if (api_get_setting('profile', 'openid') !== 'true') { $form->freeze('openid'); } $form->applyFilter('openid', 'trim'); //if (api_get_setting('registration', 'openid') == 'true') { // $form->addRule('openid', get_lang('ThisFieldIsRequired'), 'required'); //} } // PHONE $form->addElement('text', 'phone', get_lang('phone'), array('size' => 20)); if (api_get_setting('profile', 'phone') !== 'true') { $form->freeze('phone'); } $form->applyFilter('phone', 'stripslashes'); $form->applyFilter('phone', 'trim'); /*if (api_get_setting('registration', 'phone') == 'true') { $form->addRule('phone', get_lang('ThisFieldIsRequired'), 'required'); } $form->addRule('phone', get_lang('EmailWrong'), 'email');*/ // PICTURE if (is_profile_editable() && api_get_setting('profile', 'picture') == 'true') { $form->addElement('file', 'picture', ($user_data['picture_uri'] != '' ? get_lang('UpdateImage') : get_lang('AddImage'))); $form->add_progress_bar(); if (!empty($user_data['picture_uri'])) { $form->addElement('checkbox', 'remove_picture', null, get_lang('DelImage')); } $allowed_picture_types = array ('jpg', 'jpeg', 'png', 'gif'); $form->addRule('picture', get_lang('OnlyImagesAllowed').' ('.implode(',', $allowed_picture_types).')', 'filetype', $allowed_picture_types); } // LANGUAGE $form->addElement('select_language', 'language', get_lang('Language')); if (api_get_setting('profile', 'language') !== 'true') { $form->freeze('language'); } // EXTENDED PROFILE this make the page very slow! if (api_get_setting('extended_profile') == 'true') { if (!isset($_GET['type']) || (isset($_GET['type']) && $_GET['type'] == 'extended')) { $width_extended_profile = 500; //$form->addElement('html', ' show_extend_profile'); //$form->addElement('static', null, ''.get_lang('OptionalTextFields').''); // MY COMPETENCES $form->add_html_editor('competences', get_lang('MyCompetences'), false, false, array('ToolbarSet' => 'Profile', 'Width' => $width_extended_profile, 'Height' => '130')); // MY DIPLOMAS $form->add_html_editor('diplomas', get_lang('MyDiplomas'), false, false, array('ToolbarSet' => 'Profile', 'Width' => $width_extended_profile, 'Height' => '130')); // WHAT I AM ABLE TO TEACH $form->add_html_editor('teach', get_lang('MyTeach'), false, false, array('ToolbarSet' => 'Profile', 'Width' => $width_extended_profile, 'Height' => '130')); // MY PRODUCTIONS $form->addElement('file', 'production', get_lang('MyProductions')); if ($production_list = UserManager::build_production_list(api_get_user_id(), '', true)) { $form->addElement('static', 'productions_list', null, $production_list); } // MY PERSONAL OPEN AREA $form->add_html_editor('openarea', get_lang('MyPersonalOpenArea'), false, false, array('ToolbarSet' => 'Profile', 'Width' => $width_extended_profile, 'Height' => '350')); $form->applyFilter(array('competences', 'diplomas', 'teach', 'openarea'), 'stripslashes'); $form->applyFilter(array('competences', 'diplomas', 'teach'), 'trim'); // openarea is untrimmed for maximum openness } } // PASSWORD if (is_profile_editable() && api_get_setting('profile', 'password') == 'true') { $form->addElement('password', 'password0', array(get_lang('Pass'), get_lang('Enter2passToChange')), array('size' => 40)); $form->addElement('password', 'password1', get_lang('NewPass'), array('size' => 40)); $form->addElement('password', 'password2', get_lang('Confirmation'), array('size' => 40)); // user must enter identical password twice so we can prevent some user errors $form->addRule(array('password1', 'password2'), get_lang('PassTwo'), 'compare'); if (CHECK_PASS_EASY_TO_FIND) { $form->addRule('password1', get_lang('CurrentPasswordEmptyOrIncorrect'), 'callback', 'api_check_password'); } } // EXTRA FIELDS $extra = UserManager::get_extra_fields(0, 50, 5, 'ASC'); $extra_data = UserManager::get_extra_user_data(api_get_user_id(), true); foreach ($extra as $id => $field_details) { if ($field_details[6] == 0) { continue; } switch ($field_details[2]) { case USER_FIELD_TYPE_TEXT: $form->addElement('text', 'extra_'.$field_details[1], $field_details[3], array('size' => 40)); $form->applyFilter('extra_'.$field_details[1], 'stripslashes'); $form->applyFilter('extra_'.$field_details[1], 'trim'); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); break; case USER_FIELD_TYPE_TEXTAREA: $form->add_html_editor('extra_'.$field_details[1], $field_details[3], false); //$form->addElement('textarea', 'extra_'.$field_details[1], $field_details[3], array('size' => 80)); $form->applyFilter('extra_'.$field_details[1], 'stripslashes'); $form->applyFilter('extra_'.$field_details[1], 'trim'); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); break; case USER_FIELD_TYPE_RADIO: $group = array(); foreach ($field_details[9] as $option_id => $option_details) { $options[$option_details[1]] = $option_details[2]; $group[] =& HTML_QuickForm::createElement('radio', 'extra_'.$field_details[1], $option_details[1], $option_details[2].'
', $option_details[1]); } $form->addGroup($group, 'extra_'.$field_details[1], $field_details[3], ''); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); break; case USER_FIELD_TYPE_SELECT: if (in_array($field_details[1], array('mail_notify_invitation', 'mail_notify_message', 'mail_notify_group_message'))) { $field_details[3] = get_lang($field_details[3]); } $options = array(); foreach ($field_details[9] as $option_id => $option_details) { if (in_array($field_details[1], array('mail_notify_invitation', 'mail_notify_message', 'mail_notify_group_message'))) { $option_details[2] = get_lang($option_details[2]); } $options[$option_details[1]] = $option_details[2]; } $form->addElement('select', 'extra_'.$field_details[1], $field_details[3], $options, array('class'=>'chzn-select', 'id'=>'extra_'.$field_details[1])); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); break; case USER_FIELD_TYPE_SELECT_MULTIPLE: $options = array(); foreach ($field_details[9] as $option_id => $option_details) { $options[$option_details[1]] = $option_details[2]; } $form->addElement('select', 'extra_'.$field_details[1], $field_details[3], $options, array('multiple' => 'multiple')); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); break; case USER_FIELD_TYPE_DATE: $form->addElement('datepickerdate', 'extra_'.$field_details[1], $field_details[3], array('form_name' => 'profile')); $form->_elements[$form->_elementIndex['extra_'.$field_details[1]]]->setLocalOption('minYear', 1900); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); $form->applyFilter('theme', 'trim'); $defaults['extra_'.$field_details[1]] = date('Y-m-d 12:00:00'); $form -> setDefaults($defaults); break; case USER_FIELD_TYPE_DATETIME: $form->addElement('datepicker', 'extra_'.$field_details[1],$field_details[3], array('form_name' => 'profile')); $form->_elements[$form->_elementIndex['extra_'.$field_details[1]]]->setLocalOption('minYear', 1900); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); $form->applyFilter('theme', 'trim'); $defaults['extra_'.$field_details[1]] = date('Y-m-d 12:00:00'); $form -> setDefaults($defaults); break; case USER_FIELD_TYPE_DOUBLE_SELECT: foreach ($field_details[9] as $key => $element) { if ($element[2][0] == '*') { $values['*'][$element[0]] = str_replace('*', '', $element[2]); } else { $values[0][$element[0]] = $element[2]; } } $group = ''; $group[] =& HTML_QuickForm::createElement('select', 'extra_'.$field_details[1], '', $values[0], ''); $group[] =& HTML_QuickForm::createElement('select', 'extra_'.$field_details[1].'*', '', $values['*'], ''); $form->addGroup($group, 'extra_'.$field_details[1], $field_details[3], ' '); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); // recoding the selected values for double : if the user has selected certain values, we have to assign them to the correct select form if (key_exists('extra_'.$field_details[1], $extra_data)) { // exploding all the selected values (of both select forms) $selected_values = explode(';', $extra_data['extra_'.$field_details[1]]); $extra_data['extra_'.$field_details[1]] = array(); // looping through the selected values and assigning the selected values to either the first or second select form foreach ($selected_values as $key=>$selected_value) { if (key_exists($selected_value,$values[0])) { $extra_data['extra_'.$field_details[1]]['extra_'.$field_details[1]] = $selected_value; } else { $extra_data['extra_'.$field_details[1]]['extra_'.$field_details[1].'*'] = $selected_value; } } } break; case USER_FIELD_TYPE_DIVIDER: $form->addElement('static', $field_details[1], '
'.$field_details[3].''); break; case USER_FIELD_TYPE_TAG: //the magic should be here $user_tags = UserManager::get_user_tags(api_get_user_id(),$field_details[0]); $pre_html = '

'.$field_details[3].'

'; $post = '

'; $tag_list = ''; if (is_array($user_tags) && count($user_tags)> 0) { foreach ($user_tags as $tag) { $tag_list .= ''; } } $multi_select = ''; $form->addElement('html',$pre_html.$multi_select.$post ); $url = api_get_path(WEB_AJAX_PATH).'user_manager.ajax.php'; $complete_text = get_lang('StartToType'); //if cache is set to true the jquery will be called 1 time $jquery_ready_content.= <<addElement('select', 'extra_'.$field_details[1], $field_details[3], api_get_timezones(), ''); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); break; case USER_FIELD_TYPE_SOCIAL_PROFILE: // get the social network's favicon $icon_path = UserManager::get_favicon_from_url($extra_data['extra_'.$field_details[1]], $field_details[4]); // special hack for hi5 $leftpad = '1.7'; $top = '0.4'; $domain = parse_url($icon_path, PHP_URL_HOST); if ($domain == 'www.hi5.com' or $domain == 'hi5.com') { $leftpad = '3'; $top = '0';} // print the input field $form->addElement('text', 'extra_'.$field_details[1], $field_details[3], array('size' => 60, 'style' => 'background-image: url(\''.$icon_path.'\'); background-repeat: no-repeat; background-position: 0.4em '.$top.'em; padding-left: '.$leftpad.'em; ')); $form->applyFilter('extra_'.$field_details[1], 'stripslashes'); $form->applyFilter('extra_'.$field_details[1], 'trim'); if ($field_details[7] == 0) $form->freeze('extra_'.$field_details[1]); break; } } // the $jquery_ready_content variable collects all functions that will be load in the $(document).ready javascript function $htmlHeadXtra[] =''; if (api_get_setting('profile', 'apikeys') == 'true') { $form->addElement('html', '

'); $form->addElement('text', 'api_key_generate', get_lang('MyApiKey'), array('size' => 40, 'id' => 'id_api_key_generate')); $form->addElement('html', '

'); $form->addElement('button', 'generate_api_key', get_lang('GenerateApiKey'), array('id' => 'id_generate_api_key', 'onclick' => 'generate_open_id_form()')); //generate_open_id_form() } // SUBMIT if (is_profile_editable()) { $form->addElement('style_submit_button', 'apply_change', get_lang('SaveSettings'), 'class="save"'); } else { $form->freeze(); } $user_data = array_merge($user_data, $extra_data); $form->setDefaults($user_data); /* FUNCTIONS */ /** * Can a user edit his/her profile? * * @return boolean Editability of the profile */ function is_profile_editable() { return $GLOBALS['profileIsEditable']; } /* PRODUCTIONS FUNCTIONS */ /** * Upload a submitted user production. * * @param $user_id User id * @return The filename of the new production or FALSE if the upload has failed */ function upload_user_production($user_id) { $image_path = UserManager::get_user_picture_path_by_id($user_id, 'system', true); $production_repository = $image_path['dir'].$user_id.'/'; if (!file_exists($production_repository)) { @mkdir($production_repository, api_get_permissions_for_new_directories(), true); } $filename = replace_dangerous_char($_FILES['production']['name']); $filename = disable_dangerous_file($filename); if (filter_extension($filename)) { if (@move_uploaded_file($_FILES['production']['tmp_name'], $production_repository.$filename)) { return $filename; } } return false; // this should be returned if anything went wrong with the upload } /** * Check current user's current password * @param char password * @return bool true o false * @uses Gets user ID from global variable */ function check_user_password($password){ global $_user; $user_id = api_get_user_id(); if ($user_id != strval(intval($user_id)) || empty($password)) { return false; } $table_user = Database :: get_main_table(TABLE_MAIN_USER); $password = api_get_encrypted_password($password); $sql_password = "SELECT * FROM $table_user WHERE user_id='".$user_id."' AND password='".$password."'"; $result = Database::query($sql_password); return Database::num_rows($result) != 0; } /** * Check current user's current password * @param char email * @return bool true o false * @uses Gets user ID from global variable */ function check_user_email($email) { $user_id = api_get_user_id(); if ($user_id != strval(intval($user_id)) || empty($email)) { return false; } $table_user = Database :: get_main_table(TABLE_MAIN_USER); $email = Database::escape_string($email); $sql_password = "SELECT * FROM $table_user WHERE user_id='".$user_id."' AND email='".$email."'"; $result = Database::query($sql_password); return Database::num_rows($result) != 0; } /* MAIN CODE */ $filtered_extension = false; $update_success = false; $upload_picture_success = false; $upload_production_success = false; $msg_fail_changue_email = false; $msg_is_not_password = false; if (!empty($_SESSION['change_email'])) { $msg_fail_changue_email= ($_SESSION['change_email'] == 'success'); unset($_SESSION['change_email']); } elseif (!empty($_SESSION['is_not_password'])) { $msg_is_not_password = ($_SESSION['is_not_password'] == 'success'); unset($_SESSION['is_not_password']); } elseif (!empty($_SESSION['profile_update'])) { $update_success = ($_SESSION['profile_update'] == 'success'); unset($_SESSION['profile_update']); } elseif (!empty($_SESSION['image_uploaded'])) { $upload_picture_success = ($_SESSION['image_uploaded'] == 'success'); unset($_SESSION['image_uploaded']); } elseif (!empty($_SESSION['production_uploaded'])) { $upload_production_success = ($_SESSION['production_uploaded'] == 'success'); unset($_SESSION['production_uploaded']); } if ($form->validate()) { $wrong_current_password = false; // $user_data = $form->exportValues(); $user_data = $form->getSubmitValues(); // set password if a new one was provided if (!empty($user_data['password0'])) { if (check_user_password($user_data['password0'])) { if (!empty($user_data['password1'])) { $password = $user_data['password1']; } } else { $wrong_current_password = true; $_SESSION['is_not_password'] = 'success'; } } if (empty($user_data['password0']) && !empty($user_data['password1'])) { $wrong_current_password = true; $_SESSION['is_not_password'] = 'success'; } $allow_users_to_change_email_with_no_password = api_get_setting('allow_users_to_change_email_with_no_password') == 'true' ? true :false; //$allow_users_to_change_email_with_no_password = true; $changeemail = ''; if ($allow_users_to_change_email_with_no_password) { $changeemail = ''; if (!check_user_email($user_data['email'])) { $changeemail = $user_data['email']; //$_SESSION['change_email'] = 'success'; } } else { //Normal behaviour if (!check_user_email($user_data['email']) && !empty($user_data['password0']) && !$wrong_current_password) { $changeemail = $user_data['email']; } if (!check_user_email($user_data['email']) && empty($user_data['password0'])){ $_SESSION['change_email'] = 'success'; } } // Upload picture if a new one is provided if ($_FILES['picture']['size']) { if ($new_picture = UserManager::update_user_picture(api_get_user_id(), $_FILES['picture']['name'], $_FILES['picture']['tmp_name'])) { $user_data['picture_uri'] = $new_picture; $_SESSION['image_uploaded'] = 'success'; } } elseif (!empty($user_data['remove_picture'])) { // remove existing picture if asked UserManager::delete_user_picture(api_get_user_id()); $user_data['picture_uri'] = ''; } //Remove production if (is_array($user_data['remove_production'])) { foreach (array_keys($user_data['remove_production']) as $production) { UserManager::remove_user_production(api_get_user_id(), urldecode($production)); } if ($production_list = UserManager::build_production_list(api_get_user_id(), true, true)) { $form->insertElementBefore($form->createElement('static', null, null, $production_list), 'productions_list'); } $form->removeElement('productions_list'); $file_deleted = true; } // upload production if a new one is provided if ($_FILES['production']['size']) { $res = upload_user_production(api_get_user_id()); if (!$res) { //it's a bit excessive to assume the extension is the reason why upload_user_production() returned false, but it's true in most cases $filtered_extension = true; } else { $_SESSION['production_uploaded'] = 'success'; } } // remove values that shouldn't go in the database unset($user_data['password0'],$user_data['password1'], $user_data['password2'], $user_data['MAX_FILE_SIZE'], $user_data['remove_picture'], $user_data['apply_change'],$user_data['email'] ); // Following RFC2396 (http://www.faqs.org/rfcs/rfc2396.html), a URI uses ':' as a reserved character // we can thus ensure the URL doesn't contain any scheme name by searching for ':' in the string $my_user_openid = isset($user_data['openid']) ? $user_data['openid'] : ''; if (!preg_match('/^[^:]*:\/\/.*$/', $my_user_openid)) { //ensure there is at least a http:// scheme in the URI provided $user_data['openid'] = 'http://'.$my_user_openid; } $extras = array(); //Checking the user language $languages = api_get_languages(); if (!in_array($user_data['language'], $languages['folder'])) { $user_data['language'] = api_get_setting('platformLanguage'); } //Only update values that are request by the "profile" setting $profile_list = api_get_setting('profile'); //Adding missing variables $available_values_to_modify = array(); foreach($profile_list as $key => $status) { if ($status == 'true') { switch($key) { case 'login': $available_values_to_modify[] = 'username'; break; case 'name': $available_values_to_modify[] = 'firstname'; $available_values_to_modify[] = 'lastname'; break; case 'picture': $available_values_to_modify[] = 'picture_uri'; break; default: $available_values_to_modify[] = $key; break; } } } //Fixing missing variables $available_values_to_modify = array_merge($available_values_to_modify, array('competences', 'diplomas', 'openarea', 'teach', 'openid')); // build SQL query $sql = "UPDATE $table_user SET"; unset($user_data['api_key_generate']); foreach ($user_data as $key => $value) { if (substr($key, 0, 6) == 'extra_') { //an extra field $new_key = substr($key, 6); // format array date to 'Y-m-d' or date time to 'Y-m-d H:i:s' if (is_array($value) && isset($value['Y']) && isset($value['F']) && isset($value['d'])) { if (isset($value['H']) && isset($value['i'])) { // extra field date time $time = mktime($value['H'],$value['i'],0,$value['F'],$value['d'],$value['Y']); $extras[$new_key] = date('Y-m-d H:i:s',$time); } else { // extra field date $time = mktime(0,0,0,$value['F'],$value['d'],$value['Y']); $extras[$new_key] = date('Y-m-d',$time); } } else { $extras[$new_key] = $value; } } else { if (in_array($key, $available_values_to_modify)) { $sql .= " $key = '".Database::escape_string($value)."',"; } } } //change email if ($allow_users_to_change_email_with_no_password) { if (!empty($changeemail) && in_array('email', $available_values_to_modify)) { $sql .= " email = '".Database::escape_string($changeemail)."',"; } if (isset($password) && in_array('password', $available_values_to_modify)) { $password = api_get_encrypted_password($password); $sql .= " password = '".Database::escape_string($password)."'"; } else { // remove trailing , from the query we have so far $sql = rtrim($sql, ','); } } else { //normal behaviour if (!empty($changeemail) && !isset($password) && in_array('email', $available_values_to_modify)) { $sql .= " email = '".Database::escape_string($changeemail)."'"; } elseif (isset($password) && isset($changeemail) && in_array('email', $available_values_to_modify) && in_array('password', $available_values_to_modify)) { $sql .= " email = '".Database::escape_string($changeemail)."',"; $password = api_get_encrypted_password($password); $sql .= " password = '".Database::escape_string($password)."'"; } elseif (isset($password) && in_array('password', $available_values_to_modify)) { $password = api_get_encrypted_password($password); $sql .= " password = '".Database::escape_string($password)."'"; } else { // remove trailing , from the query we have so far $sql = rtrim($sql, ','); } } $sql .= " WHERE user_id = '".api_get_user_id()."'"; Database::query($sql); // User tag process //1. Deleting all user tags $list_extra_field_type_tag = UserManager::get_all_extra_field_by_type(USER_FIELD_TYPE_TAG); if (is_array($list_extra_field_type_tag) && count($list_extra_field_type_tag)>0) { foreach ($list_extra_field_type_tag as $id) { UserManager::delete_user_tags(api_get_user_id(), $id); } } //2. Update the extra fields and user tags if available if (is_array($extras) && count($extras)> 0) { foreach ($extras as $key => $value) { //3. Tags are process in the UserManager::update_extra_field_value by the UserManager::process_tags function $myres = UserManager::update_extra_field_value(api_get_user_id(), $key, $value); } } // re-init the system to take new settings into account $_SESSION['_user']['uidReset'] = true; $_SESSION['noredirection'] = true; $_SESSION['profile_update'] = 'success'; $url = api_get_self()."?{$_SERVER['QUERY_STRING']}".($filtered_extension && strpos($_SERVER['QUERY_STRING'], '&fe=1') === false ? '&fe=1' : ''); header("Location: ".$url); exit; } /* MAIN DISPLAY SECTION */ // the header Display::display_header(get_lang('ModifyProfile')); if (api_get_setting('allow_social_tool') != 'true') { if (api_get_setting('extended_profile') == 'true') { echo '

'; if (api_get_setting('allow_social_tool') == 'true' && api_get_setting('allow_message_tool') == 'true') { echo ''.Display::return_icon('shared_profile.png', get_lang('ViewSharedProfile')).''; } if (api_get_setting('allow_message_tool') == 'true') { echo ''.Display::return_icon('inbox.png', get_lang('Messages')).''; } $show = isset($_GET['show']) ? '&show='.Security::remove_XSS($_GET['show']) : ''; if (isset($_GET['type']) && $_GET['type'] == 'extended') { echo ''.Display::return_icon('edit.png', get_lang('EditNormalProfile'),'',16).''; } else { echo ''.Display::return_icon('edit.png', get_lang('EditExtendProfile'),'',16).''; } echo '

'; } } if (!empty($file_deleted)) { Display :: display_confirmation_message(get_lang('FileDeleted'), false); } elseif (!empty($update_success)) { $message = get_lang('ProfileReg'); if ($upload_picture_success) { $message .= '
'.get_lang('PictureUploaded'); } if ($upload_production_success) { $message.='
'.get_lang('ProductionUploaded'); } Display :: display_confirmation_message($message, false); } if (!empty($msg_fail_changue_email)){ $errormail=get_lang('ToChangeYourEmailMustTypeYourPassword'); Display :: display_error_message($errormail, false); } if (!empty($msg_is_not_password)){ $warning_msg = get_lang('CurrentPasswordEmptyOrIncorrect'); Display :: display_warning_message($warning_msg, false); } //User picture size is calculated from SYSTEM path $image_syspath = UserManager::get_user_picture_path_by_id(api_get_user_id(), 'system', false, true); $image_syspath['dir'].$image_syspath['file']; //$image_size = api_getimagesize($image_syspath['dir'].$image_syspath['file']); //Web path $image_path = UserManager::get_user_picture_path_by_id(api_get_user_id(), 'web', false, true); $image_dir = $image_path['dir']; $image = $image_path['file']; $image_file = $image_dir.$image; $img_attributes = 'src="'.$image_file.'?rand='.time().'" ' .'alt="'.api_get_person_name($user_data['firstname'], $user_data['lastname']).'" ' .'style="float:'.($text_dir == 'rtl' ? 'left' : 'right').'; margin-top:0px;padding:5px;" '; if ($image_size['width'] > 300) { //limit display width to 300px $img_attributes .= 'width="300" '; } // get the path,width and height from original picture $big_image = $image_dir.'big_'.$image; $big_image_size = api_getimagesize($big_image); $big_image_width = $big_image_size['width']; $big_image_height = $big_image_size['height']; $url_big_image = $big_image.'?rnd='.time(); if (api_get_setting('allow_social_tool') == 'true') { echo '

'; echo '

'; echo SocialManager::show_social_menu('home', null, api_get_user_id(), false); echo '

'; echo '

'; $form->display(); echo '

'; } else { // Style position:absolute has been removed for Opera-compatibility. //echo '

'; echo '

'; if ($image == 'unknown.jpg') { echo ''; } else { echo ''; } echo '

'; $form->display(); } Display :: display_footer();