aboutsummaryrefslogtreecommitdiff
path: root/profile.php
diff options
context:
space:
mode:
authormensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f>2008-11-25 15:57:29 +0000
committermensonge <mensonge@b3834d28-1941-0410-a4f8-b48e95affb8f>2008-11-25 15:57:29 +0000
commit15b91c7e661d928d8b125ec9cfbda1702319c8b4 (patch)
tree092d474c05e414bb04a8c428b8ff6cb9ccab765d /profile.php
parent9aafe7551eb5a73739709e72465031db7a1531b4 (diff)
downloadsemanticscuttle-15b91c7e661d928d8b125ec9cfbda1702319c8b4.tar.gz
semanticscuttle-15b91c7e661d928d8b125ec9cfbda1702319c8b4.tar.bz2
Major refactoring: transform user into object, define parameters used into each file, ...
git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@173 b3834d28-1941-0410-a4f8-b48e95affb8f
Diffstat (limited to 'profile.php')
-rw-r--r--profile.php63
1 files changed, 38 insertions, 25 deletions
diff --git a/profile.php b/profile.php
index 1ad92ba..df5ae7e 100644
--- a/profile.php
+++ b/profile.php
@@ -20,32 +20,45 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
***************************************************************************/
require_once('header.inc.php');
+
+/* Service creation: only useful services are created */
$templateservice =& ServiceFactory::getServiceInstance('TemplateService');
$userservice =& ServiceFactory::getServiceInstance('UserService');
+/* Managing all possible inputs */
+isset($_POST['submitted']) ? define('POST_SUBMITTED', $_POST['submitted']): define('POST_SUBMITTED', '');
+isset($_POST['pPass']) ? define('POST_PASS', $_POST['pPass']): define('POST_PASS', '');
+isset($_POST['pPassConf']) ? define('POST_PASSCONF', $_POST['pPassConf']): define('POST_PASSCONF', '');
+isset($_POST['pName']) ? define('POST_NAME', $_POST['pName']): define('POST_NAME', '');
+isset($_POST['pMail']) ? define('POST_MAIL', $_POST['pMail']): define('POST_MAIL', '');
+isset($_POST['pPage']) ? define('POST_PAGE', $_POST['pPage']): define('POST_PAGE', '');
+isset($_POST['pDesc']) ? define('POST_DESC', $_POST['pDesc']): define('POST_DESC', '');
+
+isset($_POST['token']) ? define('POST_TOKEN', $_POST['token']): define('POST_TOKEN', '');
+isset($_SESSION['token']) ? define('SESSION_TOKEN', $_SESSION['token']): define('SESSION_TOKEN', '');
+isset($_SESSION['token_stamp']) ? define('SESSION_TOKENSTAMP', $_SESSION['token_stamp']): define('SESSION_TOKENSTAMP', '');
+
+
+/* Managing current logged user */
+$currentObjectUser = $userservice->getCurrentObjectUser();
+
+
$tplVars = array();
@list($url, $user) = isset($_SERVER['PATH_INFO']) ? explode('/', $_SERVER['PATH_INFO']) : NULL;
-$loggedon = false;
-if ($userservice->isLoggedOn()) {
- $loggedon = true;
- $currentUser = $userservice->getCurrentUser();
- $currentUserID = $userservice->getCurrentUserId();
- $currentUsername = $currentUser[$userservice->getFieldName('username')];
-}
-
if ($user) {
if (is_int($user)) {
$userid = intval($user);
} else {
$user = urldecode($user);
- if (!($userinfo = $userservice->getUserByUsername($user))) {
+ $userinfo = $userservice->getObjectUserByUsername($user);
+ if ($userinfo == '') {
$tplVars['error'] = sprintf(T_('User with username %s was not found'), $user);
$templateservice->loadTemplate('error.404.tpl', $tplVars);
exit();
} else {
- $userid =& $userinfo['uId'];
+ $userid =& $userinfo->getId();
}
}
} else {
@@ -54,7 +67,7 @@ if ($user) {
exit();
}
-if ($user == $currentUsername) {
+if ($userservice->isLoggedOn() && $user == $currentObjectUser->getUsername()) {
$title = T_('My Profile');
} else {
$title = T_('Profile') .': '. $user;
@@ -65,19 +78,19 @@ $tplVars['subtitle'] = $title;
$tplVars['user'] = $user;
$tplVars['userid'] = $userid;
-if (isset($_POST['submitted']) && $currentUserID == $userid) {
+if (POST_SUBMITTED!='' && $currentObjectUser->getId() == $userid) {
$error = false;
- $detPass = trim($_POST['pPass']);
- $detPassConf = trim($_POST['pPassConf']);
- $detName = trim($_POST['pName']);
- $detMail = trim($_POST['pMail']);
- $detPage = trim($_POST['pPage']);
- $detDesc = filter($_POST['pDesc']);
+ $detPass = trim(POST_PASS);
+ $detPassConf = trim(POST_PASSCONF);
+ $detName = trim(POST_NAME);
+ $detMail = trim(POST_MAIL);
+ $detPage = trim(POST_PAGE);
+ $detDesc = filter(POST_DESC);
- // manage token preventing from CSRF vulnaribilities
- if ( !isset($_SESSION['token'], $_SESSION['token_stamp'])
- || time() - $_SESSION['token_stamp'] > 600 //limit token lifetime, optionnal
- || $_SESSION['token'] != $_POST['token']) {
+ // manage token preventing from CSRF vulnaribilities
+ if ( SESSION_TOKEN == ''
+ || time() - SESSION_TOKENSTAMP > 600 //limit token lifetime, optionnal
+ || SESSION_TOKEN != POST_TOKEN) {
$error = true;
$tplVars['error'] = T_('Invalid Token');
}
@@ -101,10 +114,10 @@ if (isset($_POST['submitted']) && $currentUserID == $userid) {
$tplVars['msg'] = T_('Changes saved.');
}
}
- $userinfo = $userservice->getUserByUsername($user);
+ $userinfo = $userservice->getObjectUserByUsername($user);
}
-if ($currentUserID != $userid) {
+if (!$userservice->isLoggedOn() || $currentObjectUser->getId() != $userid) {
$templatename = 'profile.tpl.php';
} else {
//Token Init
@@ -117,6 +130,6 @@ if ($currentUserID != $userid) {
}
-$tplVars['row'] = $userinfo;
+$tplVars['objectUser'] = $userinfo;
$templateservice->loadTemplate($templatename, $tplVars);
?>