Elgg  Version 2.2
 All Classes Namespaces Files Functions Variables Pages
edit.php
Go to the documentation of this file.
1 <?php
7 elgg_make_sticky_form('profile:edit');
8 
9 $guid = get_input('guid');
11 
12 if (!$owner || !($owner instanceof ElggUser) || !$owner->canEdit()) {
13  register_error(elgg_echo('profile:noaccess'));
15 }
16 
17 // grab the defined profile field names and their load the values from POST.
18 // each field can have its own access, so sort that too.
19 $input = array();
20 $accesslevel = get_input('accesslevel');
21 
22 if (!is_array($accesslevel)) {
23  $accesslevel = array();
24 }
25 
26 $profile_fields = elgg_get_config('profile_fields');
27 foreach ($profile_fields as $shortname => $valuetype) {
28  $value = get_input($shortname);
29 
30  if ($value === null) {
31  // only submitted profile fields should be updated
32  continue;
33  }
34 
35  // the decoding is a stop gap to prevent &amp;&amp; showing up in profile fields
36  // because it is escaped on both input (get_input()) and output (view:output/text). see #561 and #1405.
37  // must decode in utf8 or string corruption occurs. see #1567.
38  if (is_array($value)) {
39  array_walk_recursive($value, function(&$v) {
40  $v = elgg_html_decode($v);
41  });
42  } else {
44  }
45 
46  // convert tags fields to array values
47  if ($valuetype == 'tags') {
49  }
50 
51  // limit to reasonable sizes
52  if ($valuetype != 'longtext') {
53  $check_values = (array) $value;
54 
55  // also check tags/checkboxes/etc
56  array_walk_recursive($check_values, function($v, $index, $short) {
57  if (elgg_strlen($v) > 250) {
58  register_error(elgg_echo('profile:field_too_long', array(elgg_echo("profile:{$short}"))));
60  }
61  }, $shortname);
62  }
63 
64  if ($value && $valuetype == 'url' && !preg_match('~^https?\://~i', $value)) {
65  $value = "http://$value";
66  }
67 
68  if ($valuetype == 'email' && !empty($value) && !is_email_address($value)) {
69  register_error(elgg_echo('profile:invalid_email', array(
70  elgg_echo("profile:{$shortname}")
71  )));
73  }
74 
75  $input[$shortname] = $value;
76 }
77 
78 // display name is handled separately
79 $name = strip_tags(get_input('name'));
80 if ($name) {
81  if (elgg_strlen($name) > 50) {
82  register_error(elgg_echo('user:name:fail'));
83  } elseif ($owner->name != $name) {
84  $owner->name = $name;
85  $owner->save();
86  }
87 }
88 
89 // go through custom fields
90 if (sizeof($input) > 0) {
91 
92  // fetch default access level for the user for use in fallback cases
94 
95  foreach ($input as $shortname => $value) {
96  $options = array(
97  'guid' => $owner->guid,
98  'metadata_name' => $shortname,
99  'limit' => false
100  );
102 
103  if (!is_null($value) && ($value !== '')) {
104  // only create metadata for non empty values (0 is allowed) to prevent metadata records
105  // with empty string values #4858
106 
107  if (isset($accesslevel[$shortname])) {
108  $access_id = (int) $accesslevel[$shortname];
109  } else {
110  // this should never be executed since the access level should always be set
111  $access_id = $user_default_access;
112  }
113  if (is_array($value)) {
114  $i = 0;
115  foreach ($value as $interval) {
116  $i++;
117  $multiple = ($i > 1) ? TRUE : FALSE;
118  create_metadata($owner->guid, $shortname, $interval, 'text', $owner->guid, $access_id, $multiple);
119  }
120  } else {
121  create_metadata($owner->getGUID(), $shortname, $value, 'text', $owner->getGUID(), $access_id);
122  }
123  }
124  }
125 
126  $owner->save();
127 
128  // Notify of profile update
129  elgg_trigger_event('profileupdate', $owner->type, $owner);
130 
131  elgg_clear_sticky_form('profile:edit');
132  system_message(elgg_echo("profile:saved"));
133 }
134 
135 forward($owner->getUrl());
$owner
Definition: edit.php:10
elgg_get_config($name, $site_guid=0)
Get an Elgg configuration value.
elgg_html_decode($string)
Decode HTML markup into a raw text string.
Definition: output.php:515
elgg_echo($message_key, $args=array(), $language="")
Given a message key, returns an appropriately translated full-text string.
Definition: languages.php:21
if(!$owner||!($owner instanceof ElggUser)||!$owner->canEdit()) $input
Definition: edit.php:19
string_to_tag_array($string)
Takes in a comma-separated string and returns an array of tags which have been trimmed.
Definition: tags.php:18
$value
Definition: longtext.php:26
$accesslevel
Definition: edit.php:20
$options
Elgg admin footer.
Definition: footer.php:6
register_error($error)
Display an error on next page load.
Definition: elgglib.php:452
elgg_strlen()
Wrapper function for mb_strlen().
Definition: mb_wrapper.php:72
is_email_address($address)
Validates an email address.
Definition: input.php:88
get_default_access(ElggUser $user=null, array $input_params=array())
Gets the default access permission.
Definition: access.php:118
if(!is_array($accesslevel)) $profile_fields
Definition: edit.php:26
get_input($variable, $default=null, $filter_result=true)
Get some input from variables passed submitted through GET or POST.
Definition: input.php:27
const REFERER
Definition: elgglib.php:2029
create_metadata($entity_guid, $name, $value, $value_type= '', $owner_guid=0, $access_id=ACCESS_PRIVATE, $allow_multiple=false)
Create a new metadata object, or update an existing one.
Definition: metadata.php:65
elgg_make_sticky_form($form_name)
Save form submission data (all GET and POST vars) into a session cache.
Definition: input.php:103
$guid
Definition: edit.php:9
elgg_delete_metadata(array $options)
Deletes metadata based on $options.
Definition: metadata.php:158
forward($location="", $reason= 'system')
Forward to $location.
Definition: elgglib.php:93
$user_default_access
elgg_trigger_event($event, $object_type, $object=null)
Definition: elgglib.php:589
elgg_clear_sticky_form($form_name)
Remove form submission data from the session.
Definition: input.php:119
system_message($message)
Display a system message on next page load.
Definition: elgglib.php:438
foreach($profile_fields as $shortname=> $valuetype) $name
Definition: edit.php:79
get_entity($guid)
Loads and returns an entity object from a guid.
Definition: entities.php:204