account_prof_update.php

   1 <?php
   2 # MantisBT - A PHP based bugtracking system
   3
   4 # MantisBT is free software: you can redistribute it and/or modify
   5 # it under the terms of the GNU General Public License as published by
   6 # the Free Software Foundation, either version 2 of the License, or
   7 # (at your option) any later version.
   8 #
   9 # MantisBT is distributed in the hope that it will be useful,
  10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 # GNU General Public License for more details.
  13 #
  14 # You should have received a copy of the GNU General Public License
  15 # along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * This page updates the users profile information then redirects to
  19  * account_prof_menu_page.php
  20  *
  21  * @package MantisBT
  22  * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
  23  * @copyright Copyright (C) 2002 - 2010  MantisBT Team - mantisbt-dev@lists.sourceforge.net
  24  * @link http://www.mantisbt.org
  25  *
  26  * @uses core.php
  27  * @uses access_api.php
  28  * @uses authentication_api.php
  29  * @uses config_api.php
  30  * @uses constant_inc.php
  31  * @uses current_user_api.php
  32  * @uses form_api.php
  33  * @uses gpc_api.php
  34  * @uses print_api.php
  35  * @uses profile_api.php
  36  */
  37
  38 require_once( 'core.php' );
  39 require_api( 'access_api.php' );
  40 require_api( 'authentication_api.php' );
  41 require_api( 'config_api.php' );
  42 require_api( 'constant_inc.php' );
  43 require_api( 'current_user_api.php' );
  44 require_api( 'form_api.php' );
  45 require_api( 'gpc_api.php' );
  46 require_api( 'print_api.php' );
  47 require_api( 'profile_api.php' );
  48
  49 form_security_validate('profile_update');
  50
  51 auth_ensure_user_authenticated();
  52
  53 current_user_ensure_unprotected();
  54
  55 $f_action = gpc_get_string('action');
  56
  57 switch ( $f_action ) {
  58         case 'edit':
  59                 $f_profile_id = gpc_get_int( 'profile_id' );
  60                 form_security_purge('profile_update');
  61                 print_header_redirect( 'account_prof_edit_page.php?profile_id=' . $f_profile_id );
  62                 break;
  63
  64         case 'add':
  65                 $f_platform             = gpc_get_string( 'platform' );
  66                 $f_os                   = gpc_get_string( 'os' );
  67                 $f_os_build             = gpc_get_string( 'os_build' );
  68                 $f_description  = gpc_get_string( 'description' );
  69
  70                 $t_user_id              = gpc_get_int( 'user_id' );
  71                 if ( ALL_USERS != $t_user_id ) {
  72                         $t_user_id = auth_get_current_user_id();
  73                 }
  74
  75                 if ( ALL_USERS == $t_user_id ) {
  76                         access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );
  77                 } else {
  78                         access_ensure_global_level( config_get( 'add_profile_threshold' ) );
  79                 }
  80
  81                 profile_create( $t_user_id, $f_platform, $f_os, $f_os_build, $f_description );
  82                 form_security_purge('profile_update');
  83
  84                 if ( ALL_USERS == $t_user_id ) {
  85                         print_header_redirect( 'manage_prof_menu_page.php' );
  86                 } else {
  87                         print_header_redirect( 'account_prof_menu_page.php' );
  88                 }
  89                 break;
  90
  91         case 'update':
  92                 $f_profile_id = gpc_get_int( 'profile_id' );
  93                 $f_platform = gpc_get_string( 'platform' );
  94                 $f_os = gpc_get_string( 'os' );
  95                 $f_os_build = gpc_get_string( 'os_build' );
  96                 $f_description = gpc_get_string( 'description' );
  97
  98                 if ( profile_is_global( $f_profile_id ) ) {
  99                         access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );
 100
 101                         profile_update( ALL_USERS, $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description );
 102                         form_security_purge('profile_update');
 103                         print_header_redirect( 'manage_prof_menu_page.php' );
 104                 } else {
 105                         profile_update( auth_get_current_user_id(), $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description );
 106                         form_security_purge('profile_update');
 107                         print_header_redirect( 'account_prof_menu_page.php' );
 108                 }
 109                 break;
 110
 111         case 'delete':
 112                 $f_profile_id = gpc_get_int( 'profile_id' );
 113                 if ( profile_is_global( $f_profile_id ) ) {
 114                         access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );
 115
 116                         profile_delete( ALL_USERS, $f_profile_id );
 117                         form_security_purge('profile_update');
 118                         print_header_redirect( 'manage_prof_menu_page.php' );
 119                 } else {
 120                         profile_delete( auth_get_current_user_id(), $f_profile_id );
 121                         form_security_purge('profile_update');
 122                         print_header_redirect( 'account_prof_menu_page.php' );
 123                 }
 124                 break;
 125
 126         case 'make_default':
 127                 $f_profile_id = gpc_get_int( 'profile_id' );
 128                 current_user_set_pref( 'default_profile', $f_profile_id );
 129                 form_security_purge('profile_update');
 130                 print_header_redirect( 'account_prof_menu_page.php' );
 131                 break;
 132 }