forked from science-ation/science-ation
- Turn the personal editor into an ajax save
- Do away with the embed_submit_url, instead, since this could be called from inside /admin, or just /, we'll specifiy the full path to the php file.
This commit is contained in:
parent
d821a6402e
commit
8c79d88b5a
@ -68,31 +68,21 @@
|
|||||||
|
|
||||||
);
|
);
|
||||||
|
|
||||||
|
/* Sort out who we're editting */
|
||||||
|
if($_POST['users_id'])
|
||||||
/* See if there is an edit request */
|
$eid = intval($_POST['users_id']); /* From a save form */
|
||||||
if($_SESSION['embed_edit_id'])
|
else if(array_key_exists('embed_edit_id', $_SESSION))
|
||||||
$eid = $_SESSION['embed_edit_id'];
|
$eid = $_SESSION['embed_edit_id']; /* From the embedded editor */
|
||||||
else
|
else
|
||||||
$eid = intval($_GET['edit']);
|
$eid = $_SESSION['users_id']; /* Regular entry */
|
||||||
|
|
||||||
/* Force them to edit themselves if no eid found */
|
if($eid != $_SESSION['users_id']) {
|
||||||
if($eid == 0) $eid = $_SESSION['users_id'];
|
/* Not editing ourself, we had better be
|
||||||
|
* a committee member */
|
||||||
if($_SESSION['users_id'] != $eid) {
|
|
||||||
/* There is an edit request for someone other than the logged in user,
|
|
||||||
* the user must be:
|
|
||||||
* - on the committee
|
|
||||||
* - with admin access */
|
|
||||||
user_auth_required('committee','admin');
|
user_auth_required('committee','admin');
|
||||||
$ext_editor = true;
|
|
||||||
} else {
|
|
||||||
/* Else, they are just editing themselves */
|
|
||||||
$ext_editor = false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$u = user_load($eid);
|
$u = user_load($eid);
|
||||||
|
|
||||||
|
|
||||||
/* Load the fields the user can edit, and theones that are required */
|
/* Load the fields the user can edit, and theones that are required */
|
||||||
$fields = array();
|
$fields = array();
|
||||||
$required = array();
|
$required = array();
|
||||||
@ -110,8 +100,15 @@
|
|||||||
$fields[] = 'password';
|
$fields[] = 'password';
|
||||||
}
|
}
|
||||||
|
|
||||||
if($_POST['action']=="save")
|
|
||||||
{
|
switch($_GET['action']) {
|
||||||
|
case 'save':
|
||||||
|
$users_id = intval($_POST['users_id']);
|
||||||
|
if($users_id != $_SESSION['users_id']) {
|
||||||
|
user_auth_required('committee','admin');
|
||||||
|
}
|
||||||
|
$u = user_load($users_id);
|
||||||
|
|
||||||
$save = true;
|
$save = true;
|
||||||
/* Set values */
|
/* Set values */
|
||||||
foreach($fields as $f) {
|
foreach($fields as $f) {
|
||||||
@ -140,7 +137,7 @@
|
|||||||
/* Trying to save a committee member eh? Well, we established above
|
/* Trying to save a committee member eh? Well, we established above
|
||||||
* that we're allowed to be here, so go ahead and save it */
|
* that we're allowed to be here, so go ahead and save it */
|
||||||
$u['displayemail'] = ($_POST['displayemail'] == 'yes') ? 'yes' : 'no';
|
$u['displayemail'] = ($_POST['displayemail'] == 'yes') ? 'yes' : 'no';
|
||||||
$u['emailprivate'] = mysql_escape_string(stripslashes($_POST['emailprivate']));
|
$u['emailprivate'] = mysql_real_escape_string(stripslashes($_POST['emailprivate']));
|
||||||
|
|
||||||
if(committee_auth_has_access('super')) {
|
if(committee_auth_has_access('super')) {
|
||||||
/* But only superusers can save these ones */
|
/* But only superusers can save these ones */
|
||||||
@ -155,31 +152,25 @@
|
|||||||
$em = mysql_escape_string(stripslashes($_POST['email']));
|
$em = mysql_escape_string(stripslashes($_POST['email']));
|
||||||
$q=mysql_query("SELECT id FROM users WHERE email='$em' AND uid!='{$u['uid']}' AND deleted='no'");
|
$q=mysql_query("SELECT id FROM users WHERE email='$em' AND uid!='{$u['uid']}' AND deleted='no'");
|
||||||
if(mysql_num_rows($q) > 0) {
|
if(mysql_num_rows($q) > 0) {
|
||||||
message_push(error(i18n("That email address is in use by another user")));
|
error_("That email address is in use by another user");
|
||||||
$save = false;
|
$save = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if($save == true) {
|
if($save == true) {
|
||||||
user_save($u);
|
user_save($u);
|
||||||
message_push(notice(i18n("%1 %2 successfully updated",array($_POST['firstname'],$_POST['lastname']))));
|
happy_("%1 %2 successfully updated",array($_POST['firstname'],$_POST['lastname']));
|
||||||
|
}
|
||||||
|
exit;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
$type = $_SESSION['users_type'];
|
$type = $_SESSION['users_type'];
|
||||||
//send the header
|
//send the header
|
||||||
if($_SESSION['embed'] == true) {
|
if($_SESSION['embed'] == true) {
|
||||||
echo "<br/>";
|
echo "<br/>";
|
||||||
display_messages();
|
|
||||||
echo "<h3>".i18n("Personal Information")."</h3>";
|
echo "<h3>".i18n("Personal Information")."</h3>";
|
||||||
echo "<br/>";
|
echo "<br/>";
|
||||||
} else if($ext_editor == true) {
|
|
||||||
$m = ($type == 'committee') ? 'Committee' : $user_what[$type];
|
|
||||||
send_header("Personal Information",
|
|
||||||
array("$m Main" => "{$type}_main.php")
|
|
||||||
,"edit_profile"
|
|
||||||
);
|
|
||||||
} else {
|
} else {
|
||||||
send_header("Personal Information for {$u['firstname']} {$u['lastname']}",
|
send_header("Personal Information for {$u['firstname']} {$u['lastname']}",
|
||||||
array($user_what[$type]." Registration" => "{$type}_main.php")
|
array($user_what[$type]." Registration" => "{$type}_main.php")
|
||||||
@ -187,6 +178,18 @@
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
?>
|
||||||
|
<script type="text/javascript">
|
||||||
|
function personal_save()
|
||||||
|
{
|
||||||
|
$("#debug").load("<?=$config['SFIABDIRECTORY']?>/user_personal.php?action=save", $("#personal_form").serializeArray());
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
</script>
|
||||||
|
|
||||||
|
<?
|
||||||
|
|
||||||
|
|
||||||
foreach($errorfields as $f) {
|
foreach($errorfields as $f) {
|
||||||
echo error(i18n('\'%1\' must use the format: %2',
|
echo error(i18n('\'%1\' must use the format: %2',
|
||||||
array(i18n($user_personal_fields[$f]['name']),
|
array(i18n($user_personal_fields[$f]['name']),
|
||||||
@ -247,13 +250,8 @@ function item($user, $fname, $subtext='')
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if($_SESSION['embed'] != true) {
|
echo "<form name=\"personalform\" id=\"personal_form\">\n";
|
||||||
echo "<form name=\"personalform\" method=\"post\" action=\"user_personal.php?edit=$eid\">\n";
|
echo "<input type=\"hidden\" name=\"users_id\" value=\"{$u['id']}\" />";
|
||||||
} else {
|
|
||||||
echo "<form name=\"personalform\" method=\"post\" action=\"{$_SESSION['embed_submit_url']}\">\n";
|
|
||||||
}
|
|
||||||
|
|
||||||
echo "<input type=\"hidden\" name=\"action\" value=\"save\" />\n";
|
|
||||||
echo "<table>\n";
|
echo "<table>\n";
|
||||||
|
|
||||||
echo "<tr>\n";
|
echo "<tr>\n";
|
||||||
@ -356,7 +354,7 @@ if(in_array('committee', $u['types'])) {
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
echo "<input type=\"submit\" value=\"".i18n("Save Personal Information")."\" />\n";
|
echo "<input type=\"submit\" onclick=\"personal_save();return false;\" value=\"".i18n("Save Personal Information")."\" />\n";
|
||||||
echo "</form>";
|
echo "</form>";
|
||||||
|
|
||||||
echo "<br />";
|
echo "<br />";
|
||||||
|
Loading…
Reference in New Issue
Block a user