- Timestamp:
- Oct 28, 2013, 6:20:34 PM (10 years ago)
- Location:
- trunk
- Files:
-
- 2 edited
-
include/ws_functions.inc.php (modified) (6 diffs)
-
ws.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/ws_functions.inc.php
r25118 r25195 3311 3311 } 3312 3312 3313 if ( $params['is_default'] !== null)3313 if (!empty($params['is_default']) or @$params['is_default']===false) 3314 3314 { 3315 3315 $updates['is_default'] = boolean_to_string($params['is_default']); … … 3529 3529 3530 3530 // protect some users 3531 $params['user_id'] = array_diff($params['user_id'], array($user['id'], 3532 $conf['guest_id'], 3533 $conf['default_user_id'], 3534 $conf['webmaster_id'])); 3531 $params['user_id'] = array_diff( 3532 $params['user_id'], 3533 array( 3534 $user['id'], 3535 $conf['guest_id'], 3536 $conf['default_user_id'], 3537 $conf['webmaster_id'], 3538 ) 3539 ); 3535 3540 3536 3541 foreach ($params['user_id'] as $user_id) … … 3548 3553 * API method 3549 3554 * @param mixed[] $params 3550 * @option int user_id3555 * @option int[] user_id 3551 3556 * @option string username (optional) 3552 3557 * @option string password (optional) 3553 3558 * @option string email (optional) 3559 * @option string status (optional) 3560 * @option int level (optional) 3561 * @option string language (optional) 3562 * @option string theme (optional) 3563 * @option int nb_image_page (optional) 3564 * @option int recent_period (optional) 3565 * @option bool expand (optional) 3566 * @option bool show_nb_comments (optional) 3567 * @option bool show_nb_hits (optional) 3568 * @option bool enabled_high (optional) 3554 3569 */ 3555 3570 function ws_users_setInfo($params, &$service) … … 3559 3574 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); 3560 3575 3561 if (get_username($params['user_id']) === false)3562 {3563 return new PwgError(WS_ERR_INVALID_PARAM, 'This user does not exist.');3564 }3565 3566 3576 $updates = $updates_infos = array(); 3567 $params = array_map('trim', $params); 3568 3569 if (!empty($params['username'])) 3570 { 3571 $user_id = get_userid($params['username']); 3572 if ($user_id and $user_id != $params['user_id']) 3573 { 3574 return new PwgError(WS_ERR_INVALID_PARAM, l10n('this login is already used')); 3575 } 3576 if ($params['username'] != strip_tags($params['username'])) 3577 { 3578 return new PwgError(WS_ERR_INVALID_PARAM, l10n('html tags are not allowed in login')); 3579 } 3580 $updates[ $conf['user_fields']['username'] ] = $params['username']; 3581 } 3582 3583 if (!empty($params['email'])) 3584 { 3585 if ( ($error = validate_mail_address($params['user_id'], $params['email'])) != '') 3586 { 3587 return new PwgError(WS_ERR_INVALID_PARAM, $error); 3588 } 3589 $updates[ $conf['user_fields']['email'] ] = $params['email']; 3590 } 3591 3592 if (!empty($params['password'])) 3593 { 3594 $updates[ $conf['user_fields']['password'] ] = $conf['password_hash']($params['password']); 3577 $update_status = null; 3578 3579 if (count($params['user_id']) == 1) 3580 { 3581 if (get_username($params['user_id'][0]) === false) 3582 { 3583 return new PwgError(WS_ERR_INVALID_PARAM, 'This user does not exist.'); 3584 } 3585 3586 if (!empty($params['username'])) 3587 { 3588 $user_id = get_userid($params['username']); 3589 if ($user_id and $user_id != $params['user_id'][0]) 3590 { 3591 return new PwgError(WS_ERR_INVALID_PARAM, l10n('this login is already used')); 3592 } 3593 if ($params['username'] != strip_tags($params['username'])) 3594 { 3595 return new PwgError(WS_ERR_INVALID_PARAM, l10n('html tags are not allowed in login')); 3596 } 3597 $updates[ $conf['user_fields']['username'] ] = $params['username']; 3598 } 3599 3600 if (!empty($params['email'])) 3601 { 3602 if ( ($error = validate_mail_address($params['user_id'][0], $params['email'])) != '') 3603 { 3604 return new PwgError(WS_ERR_INVALID_PARAM, $error); 3605 } 3606 $updates[ $conf['user_fields']['email'] ] = $params['email']; 3607 } 3608 3609 if (!empty($params['password'])) 3610 { 3611 $updates[ $conf['user_fields']['password'] ] = $conf['password_hash']($params['password']); 3612 } 3595 3613 } 3596 3614 … … 3601 3619 return new PwgError(403, 'Only webmasters can grant "webmaster" status'); 3602 3620 } 3603 if ( $user['id'] == $params['user_id'] ) 3604 { 3605 $params['status'] = $user['status']; 3606 } 3607 if ( $conf['guest_id'] == $params['user_id'] ) 3608 { 3609 $params['status'] = 'guest'; 3610 } 3611 $updates_infos['status'] = $params['status']; 3612 } 3613 3614 if ($params['level'] !== null) 3621 if ( !in_array($params['status'], array('generic','normal','admin','webmaster')) ) 3622 { 3623 return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid status'); 3624 } 3625 3626 /* 3627 * status update query is separated from the rest as not applying to the same 3628 * set of users (current, guest and webmaster can't be changed) 3629 */ 3630 $params['user_id_for_status'] = array_diff( 3631 $params['user_id'], 3632 array( 3633 $user['id'], 3634 $conf['guest_id'], 3635 $conf['webmaster_id'], 3636 ) 3637 ); 3638 3639 $update_status = $params['status']; 3640 } 3641 3642 if (!empty($params['level']) or @$params['level']===0) 3615 3643 { 3616 3644 if ( !in_array($params['level'], $conf['available_permission_levels']) ) … … 3621 3649 } 3622 3650 3651 if (!empty($params['language'])) 3652 { 3653 if ( !in_array($params['language'], array_keys(get_languages())) ) 3654 { 3655 return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid language'); 3656 } 3657 $updates_infos['language'] = $params['language']; 3658 } 3659 3660 if (!empty($params['theme'])) 3661 { 3662 if ( !in_array($params['theme'], array_keys(get_pwg_themes())) ) 3663 { 3664 return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid theme'); 3665 } 3666 $updates_infos['theme'] = $params['theme']; 3667 } 3668 3669 if (!empty($params['nb_image_page'])) 3670 { 3671 $updates_infos['nb_image_page'] = $params['nb_image_page']; 3672 } 3673 3674 if (!empty($params['recent_period']) or @$params['recent_period']===0) 3675 { 3676 $updates_infos['recent_period'] = $params['recent_period']; 3677 } 3678 3679 if (!empty($params['expand']) or @$params['expand']===false) 3680 { 3681 $updates_infos['expand'] = boolean_to_string($params['expand']); 3682 } 3683 3684 if (!empty($params['show_nb_comments']) or @$params['show_nb_comments']===false) 3685 { 3686 $updates_infos['show_nb_comments'] = boolean_to_string($params['show_nb_comments']); 3687 } 3688 3689 if (!empty($params['show_nb_hits']) or @$params['show_nb_hits']===false) 3690 { 3691 $updates_infos['show_nb_hits'] = boolean_to_string($params['show_nb_hits']); 3692 } 3693 3694 if (!empty($params['enabled_high']) or @$params['enabled_high']===false) 3695 { 3696 $updates_infos['enabled_high'] = boolean_to_string($params['enabled_high']); 3697 } 3698 3699 // perform updates 3623 3700 single_update( 3624 3701 USERS_TABLE, 3625 3702 $updates, 3626 array($conf['user_fields']['id'] => $params['user_id'] )3703 array($conf['user_fields']['id'] => $params['user_id'][0]) 3627 3704 ); 3628 3705 3629 single_update( 3630 USER_INFOS_TABLE, 3631 $updates_infos, 3632 array('user_id' => $params['user_id']) 3633 ); 3706 if (isset($update_status) and count($params['user_id_for_status']) > 0) 3707 { 3708 $query = ' 3709 UPDATE '. USER_INFOS_TABLE .' SET 3710 status = "'. $update_status .'" 3711 WHERE user_id IN('. implode(',', $params['user_id_for_status']) .') 3712 ;'; 3713 pwg_query($query); 3714 } 3715 3716 if (count($updates_infos) > 0) 3717 { 3718 $query = ' 3719 UPDATE '. USER_INFOS_TABLE .' SET '; 3720 3721 $first = true; 3722 foreach ($updates_infos as $field => $value) 3723 { 3724 if (!$first) $query.= ', '; 3725 else $first = false; 3726 $query.= $field .' = "'. $value .'"'; 3727 } 3728 3729 $query.= ' 3730 WHERE user_id IN('. implode(',', $params['user_id']) .') 3731 ;'; 3732 pwg_query($query); 3733 } 3634 3734 3635 3735 return $service->invoke('pwg.users.getList', array('user_id' => $params['user_id'])); -
trunk/ws.php
r25118 r25195 847 847 'ws_users_setInfo', 848 848 array( 849 'user_id' => array('type'=>WS_TYPE_ID), 850 'username' => array('flags'=>WS_PARAM_OPTIONAL), 851 'password' => array('flags'=>WS_PARAM_OPTIONAL), 852 'email' => array('flags'=>WS_PARAM_OPTIONAL), 853 'status' => array('flags'=>WS_PARAM_OPTIONAL, 854 'info'=>'generic,normal,admin'), 855 'level'=> array('flags'=>WS_PARAM_OPTIONAL, 856 'maxValue'=>max($conf['available_permission_levels']), 857 'type'=>WS_TYPE_INT|WS_TYPE_POSITIVE), 858 ), 859 '<b>Admin & POST only.</b> Updates a user. Leave a field blank to keep the current value.', 849 'user_id' => array('flags'=>WS_PARAM_FORCE_ARRAY, 850 'type'=>WS_TYPE_ID), 851 'username' => array('flags'=>WS_PARAM_OPTIONAL), 852 'password' => array('flags'=>WS_PARAM_OPTIONAL), 853 'email' => array('flags'=>WS_PARAM_OPTIONAL), 854 'status' => array('flags'=>WS_PARAM_OPTIONAL, 855 'info'=>'generic,normal,admin'), 856 'level'=> array('flags'=>WS_PARAM_OPTIONAL, 857 'maxValue'=>max($conf['available_permission_levels']), 858 'type'=>WS_TYPE_INT|WS_TYPE_POSITIVE), 859 'language' => array('flags'=>WS_PARAM_OPTIONAL), 860 'theme' => array('flags'=>WS_PARAM_OPTIONAL), 861 // bellow are parameters removed in a future version 862 'nb_image_page' => array('flags'=>WS_PARAM_OPTIONAL, 863 'type'=>WS_TYPE_INT|WS_TYPE_POSITIVE|WS_TYPE_NOTNULL), 864 'recent_period' => array('flags'=>WS_PARAM_OPTIONAL, 865 'type'=>WS_TYPE_INT|WS_TYPE_POSITIVE), 866 'expand' => array('flags'=>WS_PARAM_OPTIONAL, 867 'type'=>WS_TYPE_BOOL), 868 'show_nb_comments' => array('flags'=>WS_PARAM_OPTIONAL, 869 'type'=>WS_TYPE_BOOL), 870 'show_nb_hits' => array('flags'=>WS_PARAM_OPTIONAL, 871 'type'=>WS_TYPE_BOOL), 872 'enabled_high' => array('flags'=>WS_PARAM_OPTIONAL, 873 'type'=>WS_TYPE_BOOL), 874 ), 875 '<b>Admin & POST only.</b> Updates a user. Leave a field blank to keep the current value. 876 <br>"username", "password" and "email" are ignored if "user_id" is an array.', 860 877 null, 861 878 array('admin_only'=>true, 'post_only'=>true)
Note: See TracChangeset
for help on using the changeset viewer.
