<?php
require_once $_SERVER["DOCUMENT_ROOT"]."/".FOLDER."/classes/controller.class.php";
require_once $_SERVER["DOCUMENT_ROOT"]."/".FOLDER."/classes/database.class.php";
require_once $_SERVER["DOCUMENT_ROOT"]."/".FOLDER."/classes/activerecord.class.php";
require_once $_SERVER["DOCUMENT_ROOT"]."/".FOLDER."/classes/authentication.class.php";
require_once $_SERVER["DOCUMENT_ROOT"]."/".FOLDER."/model/user.class.php";
class UserEdit extends Controller {
var $db;
var $auth;
var $current_user;
var $user_id;
function init() {
// database connection
$this->db = new Database(DATABASE_NAME, USER_NAME, PASSWORD);
// authentication
$this->auth = new Authentication($this->db);
if (!$this->auth->isLogged())
$this->redirect("login.php");
// current user
$this->current_user = new User($this->db, $this->auth->getUserId());
// messages
$this->loadMessages("messages/generic", $this->current_user->getLanguage());
$this->loadMessages("messages/user_edit", $this->current_user->getLanguage());
// default parameters
$this->loadParams("user_id");
$this->user_id = $this->getParam("user_id");
}
function onGet() {
if (!util_empty($this->user_id)) {
// edit task
$t = new ActiveRecord($this->db, "user", $this->user_id);
$this->setParam("username", $t->get("username"));
$this->setParam("email", $t->get("email"));
$this->setParam("full_name", $t->get("full_name"));
$this->setParam("receive_notifications", $t->get("receive_notifications"));
$this->setParam("admin", $t->get("admin"));
$this->setParam("description", $t->get("description"));
}
}
function onPost() {
// parameters
$username = $this->getParam("username");
$email = $this->getParam("email");
$full_name = $this->getParam("full_name");
$password = $this->getParam("password");
$re_password = $this->getParam("re_password");
$receive_notifications = $this->getParam("receive_notifications");
$admin = $this->getParam("admin");
$description = $this->getParam("description");
// required fields
if (util_empty($username) || util_empty($full_name) || util_empty($email) || util_empty($description) || (util_empty($this->user_id) && (util_empty($password) || util_empty($re_password)))) {
$this->setError("error", $this->getRawMessage("required_fields"));
return;
}
// wrong name?
if (!preg_match("/^\w*$/", $username)) {
$this->setError("error", $this->getRawMessage("invalid_user_name"));
return;
}
// wrong email?
if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
$this->setError("error", $this->getRawMessage("invalid_email"));
return;
}
// user already exists?
if (util_empty($this->user_id)) {
$sql = "
select
null
from user
where username = ".$this->db->quote($username);
$result = $this->db->getResult($sql);
if ($row = $this->db->getRow($result)) {
$this->setError("error", $this->getRawMessage("duplicated_user"));
return;
}
}
// verify the password
if (!util_empty($password) && ($password != $re_password)) {
$this->setError("error", $this->getRawMessage("reenter_password"));
return;
}
// insert or edit the task
$t = new ActiveRecord($this->db, "user", $this->user_id);
$t->set("username", $username);
$t->set("email", $email);
$t->set("full_name", $full_name);
$t->set("password", util_empty($password)? $t->get("password"): md5($password));
$t->set("receive_notifications", util_empty($receive_notifications)? "no": $receive_notifications);
$t->set("admin", util_empty($admin)? "no": $admin);
$t->set("description", $description);
$t->post();
// go back to task.php
$this->redirect("user.php", array("order" => "updated", "sense" => "desc"));
}
function getLoginName() {
$user_id = $this->auth->getUserId();
$t = new ActiveRecord($this->db, "user", $user_id);
return $t->get("username");
}
function getCurrentUser() {
return $this->current_user;
}
function getTitle() {
if (util_empty($this->user_id))
return $this->getMessage("insert_new_user");
return $this->getMessage("edit_user");
}
}
?>