search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
SOAP API: do not try to unserialize an invalid filter
[mantis.git] / account_prof_update.php
blobdb89fe8ba5800d6094fd9e2f24521f94a9bb29a0
1 <?php
2 # MantisBT - A PHP based bugtracking system
3
4 # MantisBT is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU General Public License as published by
6 # the Free Software Foundation, either version 2 of the License, or
7 # (at your option) any later version.
8 #
9 # MantisBT is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
13 #
14 # You should have received a copy of the GNU General Public License
15 # along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
16
17 /**
18 * This page updates the users profile information then redirects to
19 * account_prof_menu_page.php
20 *
21 * @package MantisBT
22 * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
23 * @copyright Copyright (C) 2002 - 2011 MantisBT Team - mantisbt-dev@lists.sourceforge.net
24 * @link http://www.mantisbt.org
25 *
26 * @uses core.php
27 * @uses access_api.php
28 * @uses authentication_api.php
29 * @uses config_api.php
30 * @uses constant_inc.php
31 * @uses current_user_api.php
32 * @uses form_api.php
33 * @uses gpc_api.php
34 * @uses print_api.php
35 * @uses profile_api.php
36 */
37
38 /**
39 * MantisBT Core API's
40 */
41 require_once( 'core.php' );
42 require_api( 'access_api.php' );
43 require_api( 'authentication_api.php' );
44 require_api( 'config_api.php' );
45 require_api( 'constant_inc.php' );
46 require_api( 'current_user_api.php' );
47 require_api( 'form_api.php' );
48 require_api( 'gpc_api.php' );
49 require_api( 'print_api.php' );
50 require_api( 'profile_api.php' );
51
52 if ( !config_get( 'enable_profiles' ) ) {
53 trigger_error( ERROR_ACCESS_DENIED, ERROR );
54 }
55
56 form_security_validate('profile_update');
57
58 auth_ensure_user_authenticated();
59
60 current_user_ensure_unprotected();
61
62 $f_action = gpc_get_string('action');
63
64 switch ( $f_action ) {
65 case 'edit':
66 $f_profile_id = gpc_get_int( 'profile_id' );
67 form_security_purge('profile_update');
68 print_header_redirect( 'account_prof_edit_page.php?profile_id=' . $f_profile_id );
69 break;
70
71 case 'add':
72 $f_platform = gpc_get_string( 'platform' );
73 $f_os = gpc_get_string( 'os' );
74 $f_os_build = gpc_get_string( 'os_build' );
75 $f_description = gpc_get_string( 'description' );
76
77 $t_user_id = gpc_get_int( 'user_id' );
78 if ( ALL_USERS != $t_user_id ) {
79 $t_user_id = auth_get_current_user_id();
80 }
81
82 if ( ALL_USERS == $t_user_id ) {
83 access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );
84 } else {
85 access_ensure_global_level( config_get( 'add_profile_threshold' ) );
86 }
87
88 profile_create( $t_user_id, $f_platform, $f_os, $f_os_build, $f_description );
89 form_security_purge('profile_update');
90
91 if ( ALL_USERS == $t_user_id ) {
92 print_header_redirect( 'manage_prof_menu_page.php' );
93 } else {
94 print_header_redirect( 'account_prof_menu_page.php' );
95 }
96 break;
97
98 case 'update':
99 $f_profile_id = gpc_get_int( 'profile_id' );
100 $f_platform = gpc_get_string( 'platform' );
101 $f_os = gpc_get_string( 'os' );
102 $f_os_build = gpc_get_string( 'os_build' );
103 $f_description = gpc_get_string( 'description' );
104
105 if ( profile_is_global( $f_profile_id ) ) {
106 access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );
107
108 profile_update( ALL_USERS, $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description );
109 form_security_purge('profile_update');
110 print_header_redirect( 'manage_prof_menu_page.php' );
111 } else {
112 profile_update( auth_get_current_user_id(), $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description );
113 form_security_purge('profile_update');
114 print_header_redirect( 'account_prof_menu_page.php' );
115 }
116 break;
117
118 case 'delete':
119 $f_profile_id = gpc_get_int( 'profile_id' );
120 if ( profile_is_global( $f_profile_id ) ) {
121 access_ensure_global_level( config_get( 'manage_global_profile_threshold' ) );
122
123 profile_delete( ALL_USERS, $f_profile_id );
124 form_security_purge('profile_update');
125 print_header_redirect( 'manage_prof_menu_page.php' );
126 } else {
127 profile_delete( auth_get_current_user_id(), $f_profile_id );
128 form_security_purge('profile_update');
129 print_header_redirect( 'account_prof_menu_page.php' );
130 }
131 break;
132
133 case 'make_default':
134 $f_profile_id = gpc_get_int( 'profile_id' );
135 current_user_set_pref( 'default_profile', $f_profile_id );
136 form_security_purge('profile_update');
137 print_header_redirect( 'account_prof_menu_page.php' );
138 break;
139 }