- Turn the personal editor into an ajax save

- Do away with the embed_submit_url, instead, since this could be called from
  inside /admin, or just /, we'll specifiy the full path to the php file.
This commit is contained in:
dave 2009-09-25 22:46:37 +00:00
parent d821a6402e
commit 8c79d88b5a

View File

@ -68,31 +68,21 @@
);
/* Sort out who we're editting */
if($_POST['users_id'])
$eid = intval($_POST['users_id']); /* From a save form */
else if(array_key_exists('embed_edit_id', $_SESSION))
$eid = $_SESSION['embed_edit_id']; /* From the embedded editor */
else
$eid = $_SESSION['users_id']; /* Regular entry */
if($eid != $_SESSION['users_id']) {
/* Not editing ourself, we had better be
* a committee member */
user_auth_required('committee','admin');
}
/* See if there is an edit request */
if($_SESSION['embed_edit_id'])
$eid = $_SESSION['embed_edit_id'];
else
$eid = intval($_GET['edit']);
/* Force them to edit themselves if no eid found */
if($eid == 0) $eid = $_SESSION['users_id'];
if($_SESSION['users_id'] != $eid) {
/* There is an edit request for someone other than the logged in user,
* the user must be:
* - on the committee
* - with admin access */
user_auth_required('committee', 'admin');
$ext_editor = true;
} else {
/* Else, they are just editing themselves */
$ext_editor = false;
}
$u = user_load($eid);
/* Load the fields the user can edit, and theones that are required */
$fields = array();
$required = array();
@ -110,8 +100,15 @@
$fields[] = 'password';
}
if($_POST['action']=="save")
{
switch($_GET['action']) {
case 'save':
$users_id = intval($_POST['users_id']);
if($users_id != $_SESSION['users_id']) {
user_auth_required('committee','admin');
}
$u = user_load($users_id);
$save = true;
/* Set values */
foreach($fields as $f) {
@ -140,7 +137,7 @@
/* Trying to save a committee member eh? Well, we established above
* that we're allowed to be here, so go ahead and save it */
$u['displayemail'] = ($_POST['displayemail'] == 'yes') ? 'yes' : 'no';
$u['emailprivate'] = mysql_escape_string(stripslashes($_POST['emailprivate']));
$u['emailprivate'] = mysql_real_escape_string(stripslashes($_POST['emailprivate']));
if(committee_auth_has_access('super')) {
/* But only superusers can save these ones */
@ -155,31 +152,25 @@
$em = mysql_escape_string(stripslashes($_POST['email']));
$q=mysql_query("SELECT id FROM users WHERE email='$em' AND uid!='{$u['uid']}' AND deleted='no'");
if(mysql_num_rows($q) > 0) {
message_push(error(i18n("That email address is in use by another user")));
error_("That email address is in use by another user");
$save = false;
}
if($save == true) {
user_save($u);
message_push(notice(i18n("%1 %2 successfully updated",array($_POST['firstname'],$_POST['lastname']))));
happy_("%1 %2 successfully updated",array($_POST['firstname'],$_POST['lastname']));
}
exit;
}
}
$type = $_SESSION['users_type'];
//send the header
if($_SESSION['embed'] == true) {
echo "<br/>";
display_messages();
echo "<h3>".i18n("Personal Information")."</h3>";
echo "<br/>";
} else if($ext_editor == true) {
$m = ($type == 'committee') ? 'Committee' : $user_what[$type];
send_header("Personal Information",
array("$m Main" => "{$type}_main.php")
,"edit_profile"
);
} else {
send_header("Personal Information for {$u['firstname']} {$u['lastname']}",
array($user_what[$type]." Registration" => "{$type}_main.php")
@ -187,6 +178,18 @@
);
}
?>
<script type="text/javascript">
function personal_save()
{
$("#debug").load("<?=$config['SFIABDIRECTORY']?>/user_personal.php?action=save", $("#personal_form").serializeArray());
return false;
}
</script>
<?
foreach($errorfields as $f) {
echo error(i18n('\'%1\' must use the format: %2',
array(i18n($user_personal_fields[$f]['name']),
@ -247,13 +250,8 @@ function item($user, $fname, $subtext='')
}
if($_SESSION['embed'] != true) {
echo "<form name=\"personalform\" method=\"post\" action=\"user_personal.php?edit=$eid\">\n";
} else {
echo "<form name=\"personalform\" method=\"post\" action=\"{$_SESSION['embed_submit_url']}\">\n";
}
echo "<input type=\"hidden\" name=\"action\" value=\"save\" />\n";
echo "<form name=\"personalform\" id=\"personal_form\">\n";
echo "<input type=\"hidden\" name=\"users_id\" value=\"{$u['id']}\" />";
echo "<table>\n";
echo "<tr>\n";
@ -356,7 +354,7 @@ if(in_array('committee', $u['types'])) {
echo "<input type=\"submit\" value=\"".i18n("Save Personal Information")."\" />\n";
echo "<input type=\"submit\" onclick=\"personal_save();return false;\" value=\"".i18n("Save Personal Information")."\" />\n";
echo "</form>";
echo "<br />";