diff options
| author | brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-03-03 17:53:05 +0000 |
|---|---|---|
| committer | brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-03-03 17:53:05 +0000 |
| commit | 4766f36a4d74924f21ff329c4318ce4e069ffa04 (patch) | |
| tree | 969b84632f2a8b0db79788a8a6db8e41d63e5cb4 /mod/profile/actions/edit.php | |
| parent | 57a217fd6b708844407486046a1faa23b46cac08 (diff) | |
| download | elgg-4766f36a4d74924f21ff329c4318ce4e069ffa04.tar.gz elgg-4766f36a4d74924f21ff329c4318ce4e069ffa04.tar.bz2 | |
Pulled in the interface changes.
git-svn-id: http://code.elgg.org/elgg/trunk@5257 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'mod/profile/actions/edit.php')
| -rw-r--r-- | mod/profile/actions/edit.php | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/mod/profile/actions/edit.php b/mod/profile/actions/edit.php new file mode 100644 index 000000000..bc14cd6e6 --- /dev/null +++ b/mod/profile/actions/edit.php @@ -0,0 +1,95 @@ +<?php + + /** + * Elgg profile plugin edit action + * + * @package ElggProfile + * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2 + * @author Curverider Ltd <info@elgg.com> + * @copyright Curverider Ltd 2008-2010 + * @link http://elgg.com/ + */ + + // Load configuration + global $CONFIG; + + gatekeeper(); + + // Get profile fields + $input = array(); + $accesslevel = get_input('accesslevel'); + if (!is_array($accesslevel)) $accesslevel = array(); + + foreach($CONFIG->profile as $shortname => $valuetype) { + // the decoding is a stop gag to prevent && showing up in profile fields + // because it is escaped on both input (get_input()) and output (view:output/text). see #561 and #1405. + // must decode in utf8 or string corruption occurs. see #1567. + $value = html_entity_decode(get_input($shortname), ENT_COMPAT, 'UTF-8'); + + // limit to reasonable sizes. + if ($valuetype != 'longtext' && elgg_strlen($value) > 250) { + $error = sprintf(elgg_echo('profile:field_too_long'), elgg_echo("profile:{$shortname}")); + register_error($error); + forward($_SERVER['HTTP_REFERER']); + } + + if ($valuetype == 'tags') { + $value = string_to_tag_array($value); + } + + $input[$shortname] = $value; + } + + // Get the page owner to see if the currently logged in user canEdit() the page owner. + + $user = page_owner_entity(); + if (!$user) { + $user = $_SESSION['user']; + + // @todo this doesn't make sense...??? + set_page_owner($user->getGUID()); + } + if ($user->canEdit()) { + + // Save stuff + if (sizeof($input) > 0) + foreach($input as $shortname => $value) { + //$user->$shortname = $value; + remove_metadata($user->guid, $shortname); + if (isset($accesslevel[$shortname])) { + $access_id = (int) $accesslevel[$shortname]; + } else { + // this should never be executed since the access level should always be set + $access_id = ACCESS_PRIVATE; + } + if (is_array($value)) { + $i = 0; + foreach($value as $interval) { + $i++; + if ($i == 1) { $multiple = false; } else { $multiple = true; } + create_metadata($user->guid, $shortname, $interval, 'text', $user->guid, $access_id, $multiple); + } + } else { + create_metadata($user->guid, $shortname, $value, 'text', $user->guid, $access_id); + } + } + $user->save(); + + // Notify of profile update + trigger_elgg_event('profileupdate',$user->type,$user); + + //add to river + add_to_river('river/user/default/profileupdate','update',$_SESSION['user']->guid,$_SESSION['user']->guid,get_default_access($_SESSION['user'])); + + system_message(elgg_echo("profile:saved")); + + // Forward to the user's profile + forward($user->getUrl()); + + } else { + // If we can't, display an error + + system_message(elgg_echo("profile:noaccess")); + } + +?> |