Revision 1463
Added by Dietmar over 13 years ago
| save.php | ||
|---|---|---|
| 21 | 21 |
// Print admin header |
| 22 | 22 |
require('../../config.php');
|
| 23 | 23 |
require_once(WB_PATH.'/framework/class.admin.php'); |
| 24 |
|
|
| 25 | 24 |
// suppress to print the header, so no new FTAN will be set |
| 26 | 25 |
$admin = new admin('Preferences','start', false);
|
| 27 |
// $js_back = "javascript: history.go(-1);"; // Create a javascript back link |
|
| 28 | 26 |
|
| 29 | 27 |
function save_preferences( &$admin, &$database) |
| 30 | 28 |
{
|
| ... | ... | |
| 33 | 31 |
$min_pass_length = 6; |
| 34 | 32 |
// first check form-tan |
| 35 | 33 |
if(!$admin->checkFTAN()){ $err_msg[] = $MESSAGE['GENERIC_SECURITY_ACCESS']; }
|
| 36 |
// After check print the header |
|
| 37 |
$admin->print_header(); |
|
| 38 | 34 |
// Get entered values and validate all |
| 39 | 35 |
// remove any dangerouse chars from display_name |
| 40 | 36 |
$display_name = $admin->add_slashes(strip_tags(trim($admin->get_post('display_name'))));
|
| ... | ... | |
| 67 | 63 |
$time_format = ($time_format == 'system_default' ? '' : $time_format); |
| 68 | 64 |
unset($TIME_FORMATS); |
| 69 | 65 |
// email should be validatet by core |
| 70 |
$email = ( $admin->get_post('email') == null ? '' : $admin->get_post('email') );
|
|
| 66 |
$email = trim( $admin->get_post('email') == null ? '' : $admin->get_post('email') );
|
|
| 71 | 67 |
if( !$admin->validate_email($email) ) |
| 72 | 68 |
{
|
| 73 | 69 |
$email = ''; |
| 74 | 70 |
$err_msg[] = $MESSAGE['USERS']['INVALID_EMAIL']; |
| 75 | 71 |
}else {
|
| 76 |
// check that email is unique in whoole system |
|
| 77 |
$email = $admin->add_slashes($email); |
|
| 78 |
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'users` '; |
|
| 79 |
$sql .= 'WHERE `user_id` <> '.(int)$admin->get_user_id().' AND `email` LIKE "'.$email.'"'; |
|
| 80 |
if( $database->get_one($sql) > 0 ){ $err_msg[] = $MESSAGE['USERS']['EMAIL_TAKEN']; }
|
|
| 72 |
if($email != '') {
|
|
| 73 |
// check that email is unique in whoole system |
|
| 74 |
$email = $admin->add_slashes($email); |
|
| 75 |
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'users` '; |
|
| 76 |
$sql .= 'WHERE `user_id` <> '.(int)$admin->get_user_id().' AND `email` LIKE "'.$email.'"'; |
|
| 77 |
if( $database->get_one($sql) > 0 ){ $err_msg[] = $MESSAGE['USERS']['EMAIL_TAKEN']; }
|
|
| 78 |
} |
|
| 81 | 79 |
} |
| 82 | 80 |
// receive password vars and calculate needed action |
| 83 | 81 |
$current_password = $admin->get_post('current_password');
|
| ... | ... | |
| 130 | 128 |
$sql = 'UPDATE `'.TABLE_PREFIX.'users` '; |
| 131 | 129 |
$sql .= 'SET `display_name` = "'.$display_name.'", '; |
| 132 | 130 |
$sql .= '`password` = "'.$new_password_1.'", '; |
| 133 |
$sql .= '`email` = "'.$email.'", '; |
|
| 131 |
if($email != '') {
|
|
| 132 |
$sql .= '`email` = "'.$email.'", '; |
|
| 133 |
} |
|
| 134 | 134 |
$sql .= '`language` = "'.$language.'", '; |
| 135 | 135 |
$sql .= '`timezone` = "'.$timezone.'", '; |
| 136 | 136 |
$sql .= '`date_format` = "'.$date_format.'", '; |
| ... | ... | |
| 171 | 171 |
} |
| 172 | 172 |
return ( (sizeof($err_msg) > 0) ? implode('<br />', $err_msg) : '' );
|
| 173 | 173 |
} |
| 174 |
// print the header |
|
| 175 |
$admin->print_header(); |
|
| 174 | 176 |
$retval = save_preferences($admin, $database); |
| 175 | 177 |
if( $retval == '') |
| 176 | 178 |
{
|
| ... | ... | |
| 179 | 181 |
}else {
|
| 180 | 182 |
$admin->print_error($retval); |
| 181 | 183 |
} |
| 182 |
|
|
| 183 |
?> |
|
Also available in: Unified diff
fixed Ticket 1050 Bug in include/phpmailer/class.phpmailer.php with Lotus Notes
fixed Ticket 573, 939 Bad formatting of e-mail received from form submissions
fixed Ticket 1009 cannot change user password without changing Email in preference