requireUser(WEB_ROOT . '/login.' . SITE_CONFIG_PAGE_EXTENSION);
/* load user */
$user = UserPeer::loadUserById($Auth->id);
if (!$user)
{
coreFunctions::redirect(WEB_ROOT);
}
/* setup page */
define("PAGE_NAME", t("account_edit_page_name", "Account Details"));
define("PAGE_DESCRIPTION", t("account_edit_meta_description", "Account details"));
define("PAGE_KEYWORDS", t("account_edit_meta_keywords", "details, account, short, url, user"));
/* update user */
if (isset($_REQUEST['submitme']) && (int) $_REQUEST['submitme'])
{
// validation
$title = trim($_REQUEST['title']);
$firstname = trim($_REQUEST['firstname']);
$lastname = trim($_REQUEST['lastname']);
$emailAddress = trim(strtolower($_REQUEST['emailAddress']));
$password = trim($_REQUEST['password']);
$passwordConfirm = trim($_REQUEST['passwordConfirm']);
$languageId = null;
if (isset($_REQUEST['languageId']))
{
$languageId = (int) $_REQUEST['languageId'];
}
$privateFileStatistics = (int) $_REQUEST['privateFileStatistics'];
if (!strlen($title))
{
notification::setError(t("please_enter_your_title", "Please enter your title"));
}
elseif (!strlen($firstname))
{
notification::setError(t("please_enter_your_firstname", "Please enter your firstname"));
}
elseif (!strlen($lastname))
{
notification::setError(t("please_enter_your_lastname", "Please enter your lastname"));
}
elseif (!strlen($emailAddress))
{
notification::setError(t("please_enter_your_email_address", "Please enter your email address"));
}
elseif (!validation::validEmail($emailAddress))
{
notification::setError(t("your_email_address_is_invalid", "Your email address is invalid"));
}
elseif (_CONFIG_DEMO_MODE == true)
{
notification::setError(t("no_changes_in_demo_mode"));
}
else
{
$checkEmail = UserPeer::loadUserByEmailAddress($emailAddress);
if (($checkEmail) && ($checkEmail->id != $Auth->id))
{
// username exists
notification::setError(t("email_address_already_exists", "Email address already exists on another account"));
}
else
{
// check password if one set
if (strlen($password))
{
if ($password != $passwordConfirm)
{
notification::setError(t("your_password_confirmation_does_not_match", "Your password confirmation does not match"));
}
else
{
$passValid = passwordpolicy::validatePassword($password);
if (is_array($passValid))
{
notification::setError(implode('
', $passValid));
}
}
}
}
}
// update the account
if (!notification::isErrors())
{
// if password changed send confirmation notice to user
if (SITE_CONFIG_SECURITY_SEND_USER_EMAIL_ON_PASSWORD_CHANGE == 'yes')
{
if (strlen($password))
{
$subject = t('password_change_email_subject', 'Password changed for account on [[[SITE_NAME]]]', array('SITE_NAME' => SITE_CONFIG_SITE_NAME));
$replacements = array(
'FIRST_NAME' => $Auth->user->firstname,
'SITE_NAME' => SITE_CONFIG_SITE_NAME,
'WEB_ROOT' => WEB_ROOT,
'USERNAME' => $Auth->username,
);
$defaultContent = "Dear [[[FIRST_NAME]]],
";
$defaultContent .= "This is a courtesy email notifying you that your account password on [[[SITE_NAME]]] has been changed.
";
$defaultContent .= "If you didn't change your password, please contact us immediately. Otherwise just ignore this email.
";
$defaultContent .= "Url: [[[WEB_ROOT]]]
";
$defaultContent .= "Username: [[[USERNAME]]]
";
$defaultContent .= "Feel free to contact us if you need any support with your account.
";
$defaultContent .= "Regards,
";
$defaultContent .= "[[[SITE_NAME]]] Admin";
$htmlMsg = t('password_change_email_content', $defaultContent, $replacements);
coreFunctions::sendHtmlEmail($Auth->email, $subject, $htmlMsg, SITE_CONFIG_DEFAULT_EMAIL_ADDRESS_FROM, strip_tags(str_replace("
", "\n", $htmlMsg)));
}
}
// if email changed send confirmation notice to user
if (SITE_CONFIG_SECURITY_SEND_USER_EMAIL_ON_EMAIL_CHANGE == 'yes')
{
if ($emailAddress != $Auth->email)
{
$subject = t('email_change_email_subject', 'Email changed for account on [[[SITE_NAME]]]', array('SITE_NAME' => SITE_CONFIG_SITE_NAME));
$replacements = array(
'FIRST_NAME' => $Auth->user->firstname,
'SITE_NAME' => SITE_CONFIG_SITE_NAME,
'WEB_ROOT' => WEB_ROOT,
'USERNAME' => $Auth->username,
'NEW_EMAIL' => $emailAddress,
);
$defaultContent = "Dear [[[FIRST_NAME]]],
";
$defaultContent .= "This is a courtesy email notifying you that your account email address on [[[SITE_NAME]]] has been changed to [[[NEW_EMAIL]]].
";
$defaultContent .= "If you didn't change your email address, please contact us immediately. Otherwise just ignore this email.
";
$defaultContent .= "Url: [[[WEB_ROOT]]]
";
$defaultContent .= "Username: [[[USERNAME]]]
";
$defaultContent .= "New Email: [[[NEW_EMAIL]]]
";
$defaultContent .= "Feel free to contact us if you need any support with your account.
";
$defaultContent .= "Regards,
";
$defaultContent .= "[[[SITE_NAME]]] Admin";
$htmlMsg = t('email_change_email_content', $defaultContent, $replacements);
coreFunctions::sendHtmlEmail($Auth->email, $subject, $htmlMsg, SITE_CONFIG_DEFAULT_EMAIL_ADDRESS_FROM, strip_tags(str_replace("
", "\n", $htmlMsg)));
}
}
$db = Database::getDatabase(true);
$rs = $db->query('UPDATE users SET title = :title, firstname = :firstname, lastname = :lastname, email = :email, languageId = :languageId, privateFileStatistics = :privateFileStatistics WHERE id = :id', array('title' => $title, 'firstname' => $firstname, 'lastname' => $lastname, 'email' => $emailAddress, 'id' => $Auth->id, 'languageId' => $languageId, 'privateFileStatistics' => $privateFileStatistics));
if ($rs)
{
// do password
if (strlen($password))
{
$rs = $db->query('UPDATE users SET password = :password WHERE id = :id', array('password' => Password::createHash($password), 'id' => $Auth->id));
}
// reset site language if updated
if ($languageId != null)
{
$languageName = $db->getValue("SELECT languageName FROM language WHERE isActive = 1 AND id = " . (int) $languageId . " LIMIT 1");
if ($languageName)
{
$_SESSION['_t'] = $languageName;
}
}
notification::setSuccess(t("account_updated_success_message", "Account details successfully updated"));
}
else
{
notification::setError(t("problem_creating_your_account_try_again_later", "There was a problem creating your account, please try again later"));
}
}
}
else
{
$title = $user->title;
$firstname = $user->firstname;
$lastname = $user->lastname;
$emailAddress = $user->email;
$languageId = $user->languageId;
if ($languageId == null)
{
$languageId = $db->getValue("SELECT id FROM language WHERE isActive = 1 AND languageName = '" . $db->escape(trim($_REQUEST['_t'])) . "' LIMIT 1");
}
$privateFileStatistics = $user->privateFileStatistics;
}
// include header
require_once(SITE_TEMPLATES_PATH . '/partial/_header.inc.php');
?>