user_settings.php 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446
  1. <?php
  2. /**
  3. * Elgg user settings functions.
  4. * Functions for adding and manipulating options on the user settings panel.
  5. *
  6. * @package Elgg.Core
  7. * @subpackage Settings.User
  8. */
  9. /**
  10. * Set a user's password
  11. * Returns null if no change is required
  12. * Returns true or false indicating success or failure if change was needed
  13. *
  14. * @return bool|void
  15. * @since 1.8.0
  16. * @access private
  17. */
  18. function _elgg_set_user_password() {
  19. $current_password = get_input('current_password', null, false);
  20. $password = get_input('password', null, false);
  21. $password2 = get_input('password2', null, false);
  22. $user_guid = get_input('guid');
  23. if ($user_guid) {
  24. $user = get_user($user_guid);
  25. } else {
  26. $user = elgg_get_logged_in_user_entity();
  27. }
  28. if ($user && $password) {
  29. // let admin user change anyone's password without knowing it except his own.
  30. if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) {
  31. $credentials = array(
  32. 'username' => $user->username,
  33. 'password' => $current_password
  34. );
  35. try {
  36. pam_auth_userpass($credentials);
  37. } catch (LoginException $e) {
  38. register_error(elgg_echo('LoginException:ChangePasswordFailure'));
  39. return false;
  40. }
  41. }
  42. try {
  43. $result = validate_password($password);
  44. } catch (RegistrationException $e) {
  45. register_error($e->getMessage());
  46. return false;
  47. }
  48. if ($result) {
  49. if ($password == $password2) {
  50. $user->setPassword($password);
  51. _elgg_services()->persistentLogin->handlePasswordChange($user, elgg_get_logged_in_user_entity());
  52. if ($user->save()) {
  53. system_message(elgg_echo('user:password:success'));
  54. return true;
  55. } else {
  56. register_error(elgg_echo('user:password:fail'));
  57. }
  58. } else {
  59. register_error(elgg_echo('user:password:fail:notsame'));
  60. }
  61. } else {
  62. register_error(elgg_echo('user:password:fail:tooshort'));
  63. }
  64. } else {
  65. // no change
  66. return;
  67. }
  68. return false;
  69. }
  70. /**
  71. * Set a user's display name
  72. * Returns null if no change is required or input is not present in the form
  73. * Returns true or false indicating success or failure if change was needed
  74. *
  75. * @return bool|void
  76. * @since 1.8.0
  77. * @access private
  78. */
  79. function _elgg_set_user_name() {
  80. $name = get_input('name');
  81. $user_guid = get_input('guid');
  82. if (!isset($name)) {
  83. return;
  84. }
  85. $name = strip_tags($name);
  86. if ($user_guid) {
  87. $user = get_user($user_guid);
  88. } else {
  89. $user = elgg_get_logged_in_user_entity();
  90. }
  91. if (elgg_strlen($name) > 50) {
  92. register_error(elgg_echo('user:name:fail'));
  93. return false;
  94. }
  95. if ($user && $user->canEdit() && $name) {
  96. if ($name != $user->name) {
  97. $user->name = $name;
  98. if ($user->save()) {
  99. system_message(elgg_echo('user:name:success'));
  100. return true;
  101. } else {
  102. register_error(elgg_echo('user:name:fail'));
  103. }
  104. } else {
  105. // no change
  106. return;
  107. }
  108. } else {
  109. register_error(elgg_echo('user:name:fail'));
  110. }
  111. return false;
  112. }
  113. /**
  114. * Set a user's language
  115. * Returns null if no change is required or input is not present in the form
  116. * Returns true or false indicating success or failure if change was needed
  117. *
  118. * @return bool|void
  119. * @since 1.8.0
  120. * @access private
  121. */
  122. function _elgg_set_user_language() {
  123. $language = get_input('language');
  124. $user_guid = get_input('guid');
  125. if (!isset($language)) {
  126. return;
  127. }
  128. if ($user_guid) {
  129. $user = get_user($user_guid);
  130. } else {
  131. $user = elgg_get_logged_in_user_entity();
  132. }
  133. if ($user && $language) {
  134. if (strcmp($language, $user->language) != 0) {
  135. $user->language = $language;
  136. if ($user->save()) {
  137. system_message(elgg_echo('user:language:success'));
  138. return true;
  139. } else {
  140. register_error(elgg_echo('user:language:fail'));
  141. }
  142. } else {
  143. // no change
  144. return;
  145. }
  146. } else {
  147. register_error(elgg_echo('user:language:fail'));
  148. }
  149. return false;
  150. }
  151. /**
  152. * Set a user's email address
  153. * Returns null if no change is required or input is not present in the form
  154. * Returns true or false indicating success or failure if change was needed
  155. *
  156. * @return bool|void
  157. * @since 1.8.0
  158. * @access private
  159. */
  160. function _elgg_set_user_email() {
  161. $email = get_input('email');
  162. $user_guid = get_input('guid');
  163. if (!isset($email)) {
  164. return;
  165. }
  166. if ($user_guid) {
  167. $user = get_user($user_guid);
  168. } else {
  169. $user = elgg_get_logged_in_user_entity();
  170. }
  171. if (!is_email_address($email)) {
  172. register_error(elgg_echo('email:save:fail'));
  173. return false;
  174. }
  175. if ($user) {
  176. if (strcmp($email, $user->email) != 0) {
  177. if (!get_user_by_email($email)) {
  178. if ($user->email != $email) {
  179. $user->email = $email;
  180. if ($user->save()) {
  181. system_message(elgg_echo('email:save:success'));
  182. return true;
  183. } else {
  184. register_error(elgg_echo('email:save:fail'));
  185. }
  186. }
  187. } else {
  188. register_error(elgg_echo('registration:dupeemail'));
  189. }
  190. } else {
  191. // no change
  192. return;
  193. }
  194. } else {
  195. register_error(elgg_echo('email:save:fail'));
  196. }
  197. return false;
  198. }
  199. /**
  200. * Set a user's default access level
  201. * Returns null if no change is required or input is not present in the form
  202. * Returns true or false indicating success or failure if change was needed
  203. *
  204. * @return bool|void
  205. * @since 1.8.0
  206. * @access private
  207. */
  208. function _elgg_set_user_default_access() {
  209. if (!elgg_get_config('allow_user_default_access')) {
  210. return;
  211. }
  212. $default_access = get_input('default_access');
  213. $user_guid = get_input('guid');
  214. if ($user_guid) {
  215. $user = get_user($user_guid);
  216. } else {
  217. $user = elgg_get_logged_in_user_entity();
  218. }
  219. if ($user) {
  220. $current_default_access = $user->getPrivateSetting('elgg_default_access');
  221. if ($default_access !== $current_default_access) {
  222. if ($user->setPrivateSetting('elgg_default_access', $default_access)) {
  223. system_message(elgg_echo('user:default_access:success'));
  224. return true;
  225. } else {
  226. register_error(elgg_echo('user:default_access:failure'));
  227. }
  228. } else {
  229. // no change
  230. return;
  231. }
  232. } else {
  233. register_error(elgg_echo('user:default_access:failure'));
  234. }
  235. return false;
  236. }
  237. /**
  238. * Set up the menu for user settings
  239. *
  240. * @return void
  241. * @access private
  242. */
  243. function _elgg_user_settings_menu_setup() {
  244. $user = elgg_get_page_owner_entity();
  245. if (!$user) {
  246. return;
  247. }
  248. if (!elgg_in_context("settings")) {
  249. return;
  250. }
  251. $params = array(
  252. 'name' => '1_account',
  253. 'text' => elgg_echo('usersettings:user:opt:linktext'),
  254. 'href' => "settings/user/{$user->username}",
  255. 'section' => 'configure',
  256. );
  257. elgg_register_menu_item('page', $params);
  258. $params = array(
  259. 'name' => '1_plugins',
  260. 'text' => elgg_echo('usersettings:plugins:opt:linktext'),
  261. 'href' => '#',
  262. 'section' => 'configure',
  263. );
  264. elgg_register_menu_item('page', $params);
  265. $params = array(
  266. 'name' => '1_statistics',
  267. 'text' => elgg_echo('usersettings:statistics:opt:linktext'),
  268. 'href' => "settings/statistics/{$user->username}",
  269. 'section' => 'configure',
  270. );
  271. elgg_register_menu_item('page', $params);
  272. // register plugin user settings menu items
  273. $active_plugins = elgg_get_plugins();
  274. foreach ($active_plugins as $plugin) {
  275. $plugin_id = $plugin->getID();
  276. if (elgg_view_exists("usersettings/$plugin_id/edit") || elgg_view_exists("plugins/$plugin_id/usersettings")) {
  277. $params = array(
  278. 'name' => $plugin_id,
  279. 'text' => $plugin->getFriendlyName(),
  280. 'href' => "settings/plugins/{$user->username}/$plugin_id",
  281. 'parent_name' => '1_plugins',
  282. 'section' => 'configure',
  283. );
  284. elgg_register_menu_item('page', $params);
  285. }
  286. }
  287. elgg_register_plugin_hook_handler("prepare", "menu:page", "_elgg_user_settings_menu_prepare");
  288. }
  289. /**
  290. * Prepares the page menu to strip out empty plugins menu item for user settings
  291. *
  292. * @param string $hook prepare
  293. * @param string $type menu:page
  294. * @param array $value array of menu items
  295. * @param array $params menu related parameters
  296. *
  297. * @return array
  298. * @access private
  299. */
  300. function _elgg_user_settings_menu_prepare($hook, $type, $value, $params) {
  301. if (empty($value)) {
  302. return $value;
  303. }
  304. if (!elgg_in_context("settings")) {
  305. return $value;
  306. }
  307. $configure = elgg_extract("configure", $value);
  308. if (empty($configure)) {
  309. return $value;
  310. }
  311. foreach ($configure as $index => $menu_item) {
  312. if (!($menu_item instanceof ElggMenuItem)) {
  313. continue;
  314. }
  315. if ($menu_item->getName() == "1_plugins") {
  316. if (!$menu_item->getChildren()) {
  317. // no need for this menu item if it has no children
  318. unset($value["configure"][$index]);
  319. }
  320. }
  321. }
  322. return $value;
  323. }
  324. /**
  325. * Page handler for user settings
  326. *
  327. * @param array $page Pages array
  328. *
  329. * @return bool
  330. * @access private
  331. */
  332. function _elgg_user_settings_page_handler($page) {
  333. global $CONFIG;
  334. if (!isset($page[0])) {
  335. $page[0] = 'user';
  336. }
  337. if (isset($page[1])) {
  338. $user = get_user_by_username($page[1]);
  339. elgg_set_page_owner_guid($user->guid);
  340. } else {
  341. $user = elgg_get_logged_in_user_entity();
  342. elgg_set_page_owner_guid($user->guid);
  343. }
  344. elgg_push_breadcrumb(elgg_echo('settings'), "settings/user/$user->username");
  345. switch ($page[0]) {
  346. case 'statistics':
  347. elgg_push_breadcrumb(elgg_echo('usersettings:statistics:opt:linktext'));
  348. $path = $CONFIG->path . "pages/settings/statistics.php";
  349. break;
  350. case 'plugins':
  351. if (isset($page[2])) {
  352. set_input("plugin_id", $page[2]);
  353. elgg_push_breadcrumb(elgg_echo('usersettings:plugins:opt:linktext'));
  354. $path = $CONFIG->path . "pages/settings/tools.php";
  355. }
  356. break;
  357. case 'user':
  358. $path = $CONFIG->path . "pages/settings/account.php";
  359. break;
  360. }
  361. if (isset($path)) {
  362. require $path;
  363. return true;
  364. }
  365. return false;
  366. }
  367. /**
  368. * Initialize the user settings library
  369. *
  370. * @return void
  371. * @access private
  372. */
  373. function _elgg_user_settings_init() {
  374. elgg_register_page_handler('settings', '_elgg_user_settings_page_handler');
  375. elgg_register_event_handler('pagesetup', 'system', '_elgg_user_settings_menu_setup');
  376. elgg_register_plugin_hook_handler('usersettings:save', 'user', '_elgg_set_user_language');
  377. elgg_register_plugin_hook_handler('usersettings:save', 'user', '_elgg_set_user_password');
  378. elgg_register_plugin_hook_handler('usersettings:save', 'user', '_elgg_set_user_default_access');
  379. elgg_register_plugin_hook_handler('usersettings:save', 'user', '_elgg_set_user_name');
  380. elgg_register_plugin_hook_handler('usersettings:save', 'user', '_elgg_set_user_email');
  381. elgg_register_action("usersettings/save");
  382. // extend the account settings form
  383. elgg_extend_view('forms/account/settings', 'core/settings/account/name', 100);
  384. elgg_extend_view('forms/account/settings', 'core/settings/account/password', 100);
  385. elgg_extend_view('forms/account/settings', 'core/settings/account/email', 100);
  386. elgg_extend_view('forms/account/settings', 'core/settings/account/language', 100);
  387. elgg_extend_view('forms/account/settings', 'core/settings/account/default_access', 100);
  388. }
  389. return function(\Elgg\EventsService $events, \Elgg\HooksRegistrationService $hooks) {
  390. $events->registerHandler('init', 'system', '_elgg_user_settings_init');
  391. };