Location: PHPKode > projects > DOOR - Digital Open Object Repository > door/admin/update_profile_form.php
<?php
    // include libraries
    require_once("../setup.php");
    
	if($logged_in != 1) { //not logged
		error_catcher(1);
		exit;
	}else{
        // check input parameters (SESSION LOGIN DATA)
        if (!isset($_SESSION["userid"]) OR
            !isset($_SESSION["username"]) OR
            !isset($_SESSION["active"]) OR
            !isset($_SESSION["type"])) {
            error_catcher(8);
            exit;
        }
        
		if(isset($_POST['submitted']) && $_POST['submitted']=="true"){			
			// check mandatory fields
            $mandatory_fields = array("firstname", "lastname", "email", "institute", "preferred_language");    
            foreach ($mandatory_fields as $field) {
                if (!isset($_POST[$field]) OR (isset($_POST[$field]) AND $_POST[$field] === "")) {
                    @ob_clean();
                    error_catcher(44);
                    exit;    
                }
            }
            // validate values
            if (isset($_POST["pwd"]) AND isset($_POST["pwd1"]) AND ($_POST["pwd"] !== "" OR $_POST["pwd1"] !== "")) {
                if ($_POST["pwd"] !== $_POST["pwd1"]) {
                    @ob_clean();
                    error_catcher(52);
                    exit;    
                } else {
                    if (strlen($_POST["pwd"]) < 6) {
                        @ob_clean();
                        error_catcher(53);
                        exit;
                    }
                }    
            }
            if (!preg_match("/^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/", $_POST["email"])) {
                @ob_clean();
                error_catcher(54);
                exit;    
            }
                        
            // collect data (form + session data)
            $user = collectForm();
            $user->id = $_SESSION['userid'];
            $user->username = $_SESSION['username'];
            $user->active = $_SESSION['active'];
            $user->type = $_SESSION['type'];
            
            // empty password for shibboleth users 
			if($_SESSION['auth_type'] == 'shibboleth'){
				$user->pwd = '';
			}
            
            // update user
			updateuser($user);

            // update pwd in the session (only for local authentication, other data will be updated by check_login library)
            if ($_SESSION['auth_type'] === 'local' AND $_POST["pwd"] !== "" AND $_POST["pwd1"] !== "") {           
                // read the encrypted pwd from DB
                $pass = getuserpwd($_SESSION['username']);
                if($pass === false) {
                    error_catcher(4);
                    exit;
                }else{
                    // save password in the session
                    $_SESSION['pwd'] = (isset($pass)) ? stripslashes($pass) : ""; 
                }    
            }   
            
			// redirect to home
			header("Location: ../home/home.php");
		}else{
            // retrieve user info            
			$user=userinfo($_SESSION['userid']);
			
            // display update profile form
            if(is_string($user)){
				if($user=="DBError"){
					error_catcher(4);
					exit;
				}
			}else{
?>
            <script language="JavaScript">
		<?php if($_SESSION['auth_type'] == 'local') { ?>
                function validate(){
					var password = document.adduser.pwd.value;
					var password1 = document.adduser.pwd1.value;
					var firstname = document.adduser.firstname.value;
					var lastname  = document.adduser.lastname.value;
                    var institute = document.adduser.institute.value;
					var email     = document.adduser.email.value;
                    var preferred_language = document.adduser.preferred_language.value;
                    
					if(firstname=="" || lastname=="" || institute=="" || email=="" || preferred_language==""){
                        alert("<?php echo get_string('script', 'ScriptCompleteAllFields'); ?>");
                        return false;
                    }
					if(!(password == password1)){
						alert("<?php echo get_string('script', 'ScriptPasswordNotEquals'); ?>");
						return false;
					}
					if(password!="" && password.length<6){
						alert("<?php echo get_string('script', 'ScriptPasswordTooShort'); ?>");
						return false;
					}
                    if(!checkEmail(email)){
                        alert("<?php echo get_string('script', 'ScriptInvalidemail'); ?>");
                        return false;
                    }
					return true;
				}
			<?php }else{ ?>
                    function validate(){
						var firstname = document.adduser.firstname.value;
						var lastname  = document.adduser.lastname.value;
						var institute = document.adduser.institute.value;
                        var email     = document.adduser.email.value;
                        var preferred_language = document.adduser.preferred_language.value;
						
						if(firstname=="" || lastname=="" || institute=="" || email=="" || preferred_language==""){
							alert("<?php echo get_string('script', 'ScriptCompleteAllFields'); ?>");
							return false;
						}
                        if(!checkEmail(email)){
                            alert("<?php echo get_string('script', 'ScriptInvalidemail'); ?>");
                            return false;
                        }
						return true;
					}
			<?php } ?>
            </script>
			<div id="content_area">
				<p class="pagetitle"><?php echo get_string('home', 'UpdateProfilePageTitle'); ?></p>
				<form action="../admin/update_profile_form.php" id="adduser" name="adduser" method="post" class="txt" onSubmit="return validate()">
				    <?php if($_SESSION['auth_type'] == 'local'){ ?>
                        <label for="username"><?php echo get_string('home', 'UpdateProfileUsername'); ?></label>
                        <input class="medium_field" id="username" name="username" autocomplete="off" type="text" size="30" disabled="true" value="<?php echo htmlspecialchars($user->username); ?>" /><br />
                        
                        <label for="pwd"><?php echo get_string('home', 'UpdateProfilePassword'); ?></label>
                        <input class="medium_field" id="pwd" name="pwd" type="password" autocomplete="off" size="30" value="" /><br />
                        <label for="pwd"></label>
                        <span><?php echo get_string('home', 'UpdateProfilePasswordMessage'); ?></span><br />
                        
                        <label for="pwd1"><?php echo get_string('home', 'UpdateProfileConfirmPassword'); ?></label>
                        <input class="medium_field" id="pwd1" name="pwd1" type="password" autocomplete="off" size="30" value="" /><br />
                        <label for="pwd1"></label>
                        <span><?php echo get_string('home', 'UpdateProfilePasswordMessage'); ?></span><br />
                    <?php } ?>
                    
                    <label for="firstname"><?php echo get_string('home', 'UpdateProfileFirstName'); ?></label>
                    <input class="medium_field" id="firstname" name="firstname" type="text" value="<?php echo htmlspecialchars($user->firstname); ?>" size="30" /><br />
                    
                    <label for="lastname"><?php echo get_string('home', 'UpdateProfileLastName'); ?></label>
                    <input class="medium_field" id="lastname" name="lastname" type="text" value="<?php echo htmlspecialchars($user->lastname); ?>" size="30" /><br />
                    
                    <label for="institute"><?php echo get_string('home', 'UpdateProfileInsitute'); ?></label>
                    <input class="medium_field" id="institute" name="institute" type="text" value="<?php echo htmlspecialchars($user->institute); ?>" size="30" /><br />
                    
                    <label for="email"><?php echo get_string('home', 'UpdateProfileEmail'); ?></label>
                    <input class="medium_field" id="email" name="email" type="text" value="<?php echo htmlspecialchars($user->email); ?>" size="30" /><br />
                    
                    <label for="preferred_language"><?php echo get_string('home', 'UpdateProfilePreferredLanguage'); ?></label>
                    <select id="preferred_language" name="preferred_language" class="medium_field">
                        <?php 
                            $available_languages = get_available_languages();
                            if ($available_languages) {
                                foreach ($available_languages as $key => $value) {
                                    $option = '<option value="%s" %s>%s</option>';
                                    if ($key == $user->preferred_language) {
                                        echo sprintf($option, $key, 'selected', $value);
                                    } else {
                                        echo sprintf($option, $key, '', $value);
                                    }
                                }
                            } else {
                                error_catcher(50);
                            }
                        ?>
                    </select><br />
                    
                    <label for="submit"></label>
                    <input class="button" id="submit" name="submit" type="submit" value="<?php echo get_string('home', 'UpdateProfileUpdateButton'); ?>" />
                    <input class="button" id="discard" name="discard" type="button" value="<?php echo get_string('home', 'UpdateProfileDiscardButton'); ?>" onclick="location.href='../home/home.php'" /><br />
                    
                    <!-- hidden fields start -->
                    <input class="hidden" id="submitted" name="submitted" type="hidden" value="true" />
					<!-- hidden fields end -->
				</form>
			</div>
            <script>setFocus('firstname')</script>
<?php 
			}
		}
	}
?>
Return current item: DOOR - Digital Open Object Repository