 |
 |
Community Page
My Groups
| You are not a member of any group. |
Login
Message Box
You are not logged in.
Notification
Members Online
NoneUser Statistics
Registered users : 38790Online : 3829
Guest : 3829
Members : 0
Online members
No members online!
Last 5 users
dienul82
suksesbisnismlm
ariefalbani
dracostar
rendrapratama
registerFunction( 'onBeforeUserUpdate','protectFields', 'getProtectFieldsTab' );
/**
* Protection Tab Class for handling the CB tab api
* @package Community Builder
* @author JoomlaJoe and Beat
*/
class getProtectFieldsTab extends cbTabHandler {
/**
* Constructor
*/
function getProtectFieldsTab() {
$this->cbTabHandler();
}
/**
* gets object with name, title and table corresponding to a field id
* @access private
* @param int fieldId
* @returns mixed : either object, or null if no match
*/
function getFieldInfo($protectFieldId) {
global $database;
if ($protectFieldId == "0") return null;
$query = "SELECT `name`,`table`,`title`,`type` FROM #__comprofiler_fields WHERE published=1 AND fieldid=".$protectFieldId;
$database->setQuery($query);
$protectObj = null;
$database->loadObject($protectObj);
return $protectObj;
}
/**
* Discards all changes the user makes to email field. Admins are allowed to change email addresses.
* Method is called before user data is stored in the database
* @access private
* @param object holds the core mambo user data
* @param object holds the community builder user data
* @param object holds the field information
* @return boolean true check ok no changes, FALSE error raised
*/
function checkMyFieldChanges(&$user,&$cbUser,$protectObj) {
global $database, $my, $_PLUGINS;
if ($protectObj === null) return true;
$params = $this->params;
$alertMsg = htmlspecialchars($params->get('alertMsg', '0'));
$protectFieldName = $protectObj->name;
$protectTable = $protectObj->table;
$protectTitle = $protectObj->title;
//if ($my->gid != 2) { // admins can change their profile unrestricted from the backend
if ($protectTable != "#__comprofiler") {
$query = "SELECT `".$database->getEscaped($protectFieldName)."` FROM #__users WHERE id=".$user->id." LIMIT 1";
$pObject =& $user;
} else {
$query = "SELECT `".$database->getEscaped($protectFieldName)."` FROM #__comprofiler WHERE id=".$user->id." LIMIT 1";
$pObject =& $cbUser;
}
$database->setQuery($query);
$pOriginalField = $database->loadResult(); //The field before the change was attempted
if ($pObject->$protectFieldName != $pOriginalField) {
$_PLUGINS->raiseError(0);
$_PLUGINS->_setErrorMSG(htmlspecialchars(getLangDefinition($protectTitle))." ".$alertMsg);
$pObject->$protectFieldName = $pOriginalField;
return false;
}
//}
return true;
}
/**
* generates javascript code to check and flag at browser end
* @access private
* @param object tab reflecting the tab database entry
* @param object mosUser reflecting the user being displayed
* @param object holds the field information
*/
function getEditTabJScode(&$user,$protectObj) {
if ($protectObj == null) return;
$params = $this->params;
$alertMsg = $params->get('alertMsg', '0');
$protectFieldName = $protectObj->name;
$protectTitle = $protectObj->title;
$protectValue = $user->$protectFieldName;
//Type matters ;)
$protectType = $protectObj->type;
//We need to add square brackets for accessing select, multiselect and mulitcheckbox in JS
$addBrackets = "";
if($protectType == "multiselect" || $protectType == "select" || $protectType == "multicheckbox"){$addBrackets = "[]";}
$this->_addValidationJS( "\t if (getInputValue(me['".htmlspecialchars($protectFieldName).$addBrackets."'])!=getInputDefaultValue(me['".htmlspecialchars($protectFieldName).$addBrackets."'])){\n"
."\t errorMSG += \"".html_entity_decode(getLangDefinition($protectTitle)." ".$alertMsg)."\\n\"\n"
."\t me['".htmlspecialchars($protectFieldName).$addBrackets."'].style.background = \"red\";\n"
."\t setInputValue(me['".htmlspecialchars($protectFieldName).$addBrackets."'],getInputDefaultValue(me['".htmlspecialchars($protectFieldName).$addBrackets."']));\n"
."\t iserror=1;\n"
."\t} else {\n"
."\t me['".htmlspecialchars($protectFieldName).$addBrackets."'].style.background = cbDefaultFieldBackground;\n"
."\t}\n");
// also see event: 'onBeforeUserUpdate' : must also be implemented as above to avoid changes with JS off.
}
/**
* Discards all changes the user makes to email field. Admins are allowed to change email addresses.
* Method is called before user data is stored in the database
* @param array holds the core mambo user data
* @param array holds the community builder user data
*/
function protectFields(&$user,&$cbUser) {
$params = $this->params;
$protectFieldId = $params->get('protect1', '0');
$result1 = $this->checkMyFieldChanges($user, $cbUser, $this->getFieldInfo($protectFieldId));
$protectFieldId = $params->get('protect2', '0');
$result2 = $this->checkMyFieldChanges($user, $cbUser, $this->getFieldInfo($protectFieldId));
$protectFieldId = $params->get('protect3', '0');
$result3 = $this->checkMyFieldChanges($user, $cbUser, $this->getFieldInfo($protectFieldId));
$protectFieldId = $params->get('protect4', '0');
$result4 = $this->checkMyFieldChanges($user, $cbUser, $this->getFieldInfo($protectFieldId));
return result1 && result2 && restult3 && result4;
}
/**
* Generates the HTML to display the user edit tab
* @param object tab reflecting the tab database entry
* @param object mosUser reflecting the user being displayed
* @param int 1 for front-end, 2 for back-end
* @returns mixed : either string HTML for tab content, or false if ErrorMSG generated
*/
function getEditTab($tab,$user,$ui) {
if ($ui == 2) return ""; // don't protect backend user edits.
$params = $this->params;
//Functions used in every check. So let's include them here only once.
$this->_addValidationJS( "\t // ===================================================================\n"
."\t //JavaScript functions\n"
."\t // Author: Matt Kruse \n"
."\t // WWW: http://www.mattkruse.com/\n"
."\t // ===================================================================\n"
."\t //-------------------------------------------------------------------\n"
."\t // isArray(obj)\n"
."\t // Returns true if the object is an array, else false\n"
."\t //-------------------------------------------------------------------\n"
."\t function isArray(obj){return(typeof(obj.length)==\"undefined\")?false:true;}\n"
."\t //-------------------------------------------------------------------\n"
."\t // getInputValue(input_object[,delimiter])\n"
."\t // Get the value of any form input field\n"
."\t // Multiple-select fields are returned as comma-separated values, or\n"
."\t // delmited by the optional second argument\n"
."\t // (Doesn't support input types: button,file,reset,submit)\n"
."\t //-------------------------------------------------------------------\n"
."\t function getInputValue(obj,delimiter) {\n"
."\t var use_default=(arguments.length>2)?arguments[2]:false;\n"
."\t if (isArray(obj) && (typeof(obj.type)==\"undefined\")) {\n"
."\t var values=new Array();\n"
."\t for(var i=0;i0)?obj.options[obj.selectedIndex].value:null;\n"
."\t case 'select-multiple': \n"
."\t if (obj.options==null) { return null; }\n"
."\t var values=new Array();\n"
."\t for(var i=0;i1)?arguments[1]:false;\n"
."\t if(isArray(obj)&&(typeof(obj.type)==\"undefined\")){\n"
."\t for(var i=0;iget('protect1', '0');
$this->getEditTabJScode($user, $this->getFieldInfo($protectFieldId));
$protectFieldId = $params->get('protect2', '0');
$this->getEditTabJScode($user, $this->getFieldInfo($protectFieldId));
$protectFieldId = $params->get('protect3', '0');
$this->getEditTabJScode($user, $this->getFieldInfo($protectFieldId));
$protectFieldId = $params->get('protect4', '0');
$this->getEditTabJScode($user, $this->getFieldInfo($protectFieldId));
return "";
}
} // end class getProtectFieldsTab.
?>
