aboutsummaryrefslogtreecommitdiff
path: root/engine/lib
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib')
-rw-r--r--engine/lib/user_settings.php244
-rw-r--r--engine/lib/users.php21
2 files changed, 241 insertions, 24 deletions
diff --git a/engine/lib/user_settings.php b/engine/lib/user_settings.php
index f74c01975..e3688d7f7 100644
--- a/engine/lib/user_settings.php
+++ b/engine/lib/user_settings.php
@@ -8,7 +8,242 @@
*/
/**
- * Set up the page for user settings
+ * Saves user settings.
+ *
+ * @todo this assumes settings are coming in on a GET/POST request
+ *
+ * @note This is a handler for the 'usersettings:save', 'user' plugin hook
+ *
+ * @return void
+ */
+function users_settings_save() {
+ elgg_set_user_language();
+ elgg_set_user_password();
+ elgg_set_user_default_access();
+ elgg_set_user_name();
+ elgg_set_user_email();
+}
+
+/**
+ * Set a user's password
+ *
+ * @return bool
+ * @since 1.8.0
+ */
+function elgg_set_user_password() {
+ $current_password = get_input('current_password');
+ $password = get_input('password');
+ $password2 = get_input('password2');
+ $user_id = get_input('guid');
+
+ if (!$user_id) {
+ $user = elgg_get_logged_in_user_entity();
+ } else {
+ $user = get_entity($user_id);
+ }
+
+ if (($user) && ($password != "")) {
+ // let admin user change anyone's password without knowing it except his own.
+ if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) {
+ $credentials = array(
+ 'username' => $user->username,
+ 'password' => $current_password
+ );
+
+ if (!pam_auth_userpass($credentials)) {
+ register_error(elgg_echo('user:password:fail:incorrect_current_password'));
+ return false;
+ }
+ }
+
+ if (strlen($password) >= 4) {
+ if ($password == $password2) {
+ $user->salt = generate_random_cleartext_password(); // Reset the salt
+ $user->password = generate_user_password($user, $password);
+ if ($user->save()) {
+ system_message(elgg_echo('user:password:success'));
+ return true;
+ } else {
+ register_error(elgg_echo('user:password:fail'));
+ }
+ } else {
+ register_error(elgg_echo('user:password:fail:notsame'));
+ }
+ } else {
+ register_error(elgg_echo('user:password:fail:tooshort'));
+ }
+ } else {
+ // no change
+ return null;
+ }
+ return false;
+}
+
+/**
+ * Set a user's display name
+ *
+ * @return bool
+ * @since 1.8.0
+ */
+function elgg_set_user_name() {
+ $name = strip_tags(get_input('name'));
+ $user_id = get_input('guid');
+
+ if (!$user_id) {
+ $user = elgg_get_logged_in_user_entity();
+ } else {
+ $user = get_entity($user_id);
+ }
+
+ if (elgg_strlen($name) > 50) {
+ register_error(elgg_echo('user:name:fail'));
+ return false;
+ }
+
+ if (($user) && ($user->canEdit()) && ($name)) {
+ if ($name != $user->name) {
+ $user->name = $name;
+ if ($user->save()) {
+ system_message(elgg_echo('user:name:success'));
+ return true;
+ } else {
+ register_error(elgg_echo('user:name:fail'));
+ }
+ } else {
+ // no change
+ return null;
+ }
+ } else {
+ register_error(elgg_echo('user:name:fail'));
+ }
+ return false;
+}
+
+/**
+ * Set a user's language
+ *
+ * @return bool
+ * @since 1.8.0
+ */
+function elgg_set_user_language() {
+ $language = get_input('language');
+ $user_id = get_input('guid');
+
+ if (!$user_id) {
+ $user = elgg_get_logged_in_user_entity();
+ } else {
+ $user = get_entity($user_id);
+ }
+
+ if (($user) && ($language)) {
+ if (strcmp($language, $user->language) != 0) {
+ $user->language = $language;
+ if ($user->save()) {
+ system_message(elgg_echo('user:language:success'));
+ return true;
+ } else {
+ register_error(elgg_echo('user:language:fail'));
+ }
+ } else {
+ // no change
+ return null;
+ }
+ } else {
+ register_error(elgg_echo('user:language:fail'));
+ }
+ return false;
+}
+
+/**
+ * Set a user's email address
+ *
+ * @return bool
+ * @since 1.8.0
+ */
+function elgg_set_user_email() {
+ $email = get_input('email');
+ $user_id = get_input('guid');
+
+ if (!$user_id) {
+ $user = elgg_get_logged_in_user_entity();
+ } else {
+ $user = get_entity($user_id);
+ }
+
+ if (!is_email_address($email)) {
+ register_error(elgg_echo('email:save:fail'));
+ return false;
+ }
+
+ if ($user) {
+ if (strcmp($email, $user->email) != 0) {
+ if (!get_user_by_email($email)) {
+ if ($user->email != $email) {
+
+ $user->email = $email;
+ if ($user->save()) {
+ system_message(elgg_echo('email:save:success'));
+ return true;
+ } else {
+ register_error(elgg_echo('email:save:fail'));
+ }
+ }
+ } else {
+ register_error(elgg_echo('registration:dupeemail'));
+ }
+ } else {
+ // no change
+ return null;
+ }
+ } else {
+ register_error(elgg_echo('email:save:fail'));
+ }
+ return false;
+}
+
+/**
+ * Set a user's default access level
+ *
+ * @return bool
+ * @since 1.8.0
+ */
+function elgg_set_user_default_access() {
+
+ if (!elgg_get_config('allow_user_default_access')) {
+ return false;
+ }
+
+ $default_access = get_input('default_access');
+ $user_id = get_input('guid');
+
+ if (!$user_id) {
+ $user = elgg_get_logged_in_user_entity();
+ } else {
+ $user = get_entity($user_id);
+ }
+
+ if ($user) {
+ $current_default_access = $user->getPrivateSetting('elgg_default_access');
+ if ($default_access !== $current_default_access) {
+ if ($user->setPrivateSetting('elgg_default_access', $default_access)) {
+ system_message(elgg_echo('user:default_access:success'));
+ return true;
+ } else {
+ register_error(elgg_echo('user:default_access:fail'));
+ }
+ } else {
+ // no change
+ return null;
+ }
+ } else {
+ register_error(elgg_echo('user:default_access:fail'));
+ }
+
+ return false;
+}
+
+/**
+ * Set up the menu for user settings
*
* @return void
*/
@@ -75,13 +310,16 @@ function usersettings_page_handler($page) {
}
/**
- * Initialise the admin page.
+ * Initialize the user settings library
*
* @return void
*/
function usersettings_init() {
- // Page handler
register_page_handler('settings', 'usersettings_page_handler');
+
+ elgg_register_plugin_hook_handler('usersettings:save', 'user', 'users_settings_save');
+
+ elgg_register_action("usersettings/save");
}
/// Register init function
diff --git a/engine/lib/users.php b/engine/lib/users.php
index 2f5d37551..8d8c7fb64 100644
--- a/engine/lib/users.php
+++ b/engine/lib/users.php
@@ -1536,8 +1536,6 @@ function users_init() {
elgg_register_plugin_hook_handler('entity:icon:url', 'user', 'user_avatar_hook');
- elgg_register_action("usersettings/save");
-
elgg_register_action("user/passwordreset", '', 'public');
elgg_register_action("user/requestnewpassword", '', 'public');
@@ -1553,29 +1551,10 @@ function users_init() {
// Register the user type
register_entity_type('user', '');
- elgg_register_plugin_hook_handler('usersettings:save', 'user', 'users_settings_save');
-
elgg_register_event_handler('create', 'user', 'user_create_hook_add_site_relationship');
}
/**
- * Saves user settings by directly including actions.
- *
- * @todo this is dirty.
- *
- * @return void
- */
-function users_settings_save() {
- global $CONFIG;
- //@todo Wha??
- include($CONFIG->path . "actions/user/name.php");
- include($CONFIG->path . "actions/user/password.php");
- include($CONFIG->path . "actions/email/save.php");
- include($CONFIG->path . "actions/user/language.php");
- include($CONFIG->path . "actions/user/default_access.php");
-}
-
-/**
* Runs unit tests for ElggObject
*
* @param sting $hook unit_test