<?php
// include libraries
require_once("../setup.php");
if($logged_in != 1) { //not logged
error_catcher(1);
exit;
}else{
// check input parameters (SESSION LOGIN DATA)
if (!isset($_SESSION["userid"]) OR
!isset($_SESSION["username"]) OR
!isset($_SESSION["active"]) OR
!isset($_SESSION["type"])) {
error_catcher(8);
exit;
}
if(isset($_POST['submitted']) && $_POST['submitted']=="true"){
// check mandatory fields
$mandatory_fields = array("firstname", "lastname", "email", "institute", "preferred_language");
foreach ($mandatory_fields as $field) {
if (!isset($_POST[$field]) OR (isset($_POST[$field]) AND $_POST[$field] === "")) {
@ob_clean();
error_catcher(44);
exit;
}
}
// validate values
if (isset($_POST["pwd"]) AND isset($_POST["pwd1"]) AND ($_POST["pwd"] !== "" OR $_POST["pwd1"] !== "")) {
if ($_POST["pwd"] !== $_POST["pwd1"]) {
@ob_clean();
error_catcher(52);
exit;
} else {
if (strlen($_POST["pwd"]) < 6) {
@ob_clean();
error_catcher(53);
exit;
}
}
}
if (!preg_match("/^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/", $_POST["email"])) {
@ob_clean();
error_catcher(54);
exit;
}
// collect data (form + session data)
$user = collectForm();
$user->id = $_SESSION['userid'];
$user->username = $_SESSION['username'];
$user->active = $_SESSION['active'];
$user->type = $_SESSION['type'];
// empty password for shibboleth users
if($_SESSION['auth_type'] == 'shibboleth'){
$user->pwd = '';
}
// update user
updateuser($user);
// update pwd in the session (only for local authentication, other data will be updated by check_login library)
if ($_SESSION['auth_type'] === 'local' AND $_POST["pwd"] !== "" AND $_POST["pwd1"] !== "") {
// read the encrypted pwd from DB
$pass = getuserpwd($_SESSION['username']);
if($pass === false) {
error_catcher(4);
exit;
}else{
// save password in the session
$_SESSION['pwd'] = (isset($pass)) ? stripslashes($pass) : "";
}
}
// redirect to home
header("Location: ../home/home.php");
}else{
// retrieve user info
$user=userinfo($_SESSION['userid']);
// display update profile form
if(is_string($user)){
if($user=="DBError"){
error_catcher(4);
exit;
}
}else{
?>
<script language="JavaScript">
<?php if($_SESSION['auth_type'] == 'local') { ?>
function validate(){
var password = document.adduser.pwd.value;
var password1 = document.adduser.pwd1.value;
var firstname = document.adduser.firstname.value;
var lastname = document.adduser.lastname.value;
var institute = document.adduser.institute.value;
var email = document.adduser.email.value;
var preferred_language = document.adduser.preferred_language.value;
if(firstname=="" || lastname=="" || institute=="" || email=="" || preferred_language==""){
alert("<?php echo get_string('script', 'ScriptCompleteAllFields'); ?>");
return false;
}
if(!(password == password1)){
alert("<?php echo get_string('script', 'ScriptPasswordNotEquals'); ?>");
return false;
}
if(password!="" && password.length<6){
alert("<?php echo get_string('script', 'ScriptPasswordTooShort'); ?>");
return false;
}
if(!checkEmail(email)){
alert("<?php echo get_string('script', 'ScriptInvalidemail'); ?>");
return false;
}
return true;
}
<?php }else{ ?>
function validate(){
var firstname = document.adduser.firstname.value;
var lastname = document.adduser.lastname.value;
var institute = document.adduser.institute.value;
var email = document.adduser.email.value;
var preferred_language = document.adduser.preferred_language.value;
if(firstname=="" || lastname=="" || institute=="" || email=="" || preferred_language==""){
alert("<?php echo get_string('script', 'ScriptCompleteAllFields'); ?>");
return false;
}
if(!checkEmail(email)){
alert("<?php echo get_string('script', 'ScriptInvalidemail'); ?>");
return false;
}
return true;
}
<?php } ?>
</script>
<div id="content_area">
<p class="pagetitle"><?php echo get_string('home', 'UpdateProfilePageTitle'); ?></p>
<form action="../admin/update_profile_form.php" id="adduser" name="adduser" method="post" class="txt" onSubmit="return validate()">
<?php if($_SESSION['auth_type'] == 'local'){ ?>
<label for="username"><?php echo get_string('home', 'UpdateProfileUsername'); ?></label>
<input class="medium_field" id="username" name="username" autocomplete="off" type="text" size="30" disabled="true" value="<?php echo htmlspecialchars($user->username); ?>" /><br />
<label for="pwd"><?php echo get_string('home', 'UpdateProfilePassword'); ?></label>
<input class="medium_field" id="pwd" name="pwd" type="password" autocomplete="off" size="30" value="" /><br />
<label for="pwd"></label>
<span><?php echo get_string('home', 'UpdateProfilePasswordMessage'); ?></span><br />
<label for="pwd1"><?php echo get_string('home', 'UpdateProfileConfirmPassword'); ?></label>
<input class="medium_field" id="pwd1" name="pwd1" type="password" autocomplete="off" size="30" value="" /><br />
<label for="pwd1"></label>
<span><?php echo get_string('home', 'UpdateProfilePasswordMessage'); ?></span><br />
<?php } ?>
<label for="firstname"><?php echo get_string('home', 'UpdateProfileFirstName'); ?></label>
<input class="medium_field" id="firstname" name="firstname" type="text" value="<?php echo htmlspecialchars($user->firstname); ?>" size="30" /><br />
<label for="lastname"><?php echo get_string('home', 'UpdateProfileLastName'); ?></label>
<input class="medium_field" id="lastname" name="lastname" type="text" value="<?php echo htmlspecialchars($user->lastname); ?>" size="30" /><br />
<label for="institute"><?php echo get_string('home', 'UpdateProfileInsitute'); ?></label>
<input class="medium_field" id="institute" name="institute" type="text" value="<?php echo htmlspecialchars($user->institute); ?>" size="30" /><br />
<label for="email"><?php echo get_string('home', 'UpdateProfileEmail'); ?></label>
<input class="medium_field" id="email" name="email" type="text" value="<?php echo htmlspecialchars($user->email); ?>" size="30" /><br />
<label for="preferred_language"><?php echo get_string('home', 'UpdateProfilePreferredLanguage'); ?></label>
<select id="preferred_language" name="preferred_language" class="medium_field">
<?php
$available_languages = get_available_languages();
if ($available_languages) {
foreach ($available_languages as $key => $value) {
$option = '<option value="%s" %s>%s</option>';
if ($key == $user->preferred_language) {
echo sprintf($option, $key, 'selected', $value);
} else {
echo sprintf($option, $key, '', $value);
}
}
} else {
error_catcher(50);
}
?>
</select><br />
<label for="submit"></label>
<input class="button" id="submit" name="submit" type="submit" value="<?php echo get_string('home', 'UpdateProfileUpdateButton'); ?>" />
<input class="button" id="discard" name="discard" type="button" value="<?php echo get_string('home', 'UpdateProfileDiscardButton'); ?>" onclick="location.href='../home/home.php'" /><br />
<!-- hidden fields start -->
<input class="hidden" id="submitted" name="submitted" type="hidden" value="true" />
<!-- hidden fields end -->
</form>
</div>
<script>setFocus('firstname')</script>
<?php
}
}
}
?>