private function validateForm()
{
// is the form submitted?
if ($this->frm->isSubmitted()) {
// cleanup the submitted fields, ignore fields that were added by hackers
$this->frm->cleanupFields();
// get fields
$chkNewEmail = $this->frm->getField('new_email');
$txtEmail = $this->frm->getField('email');
$txtDisplayName = $this->frm->getField('display_name');
$chkNewPassword = $this->frm->getField('new_password');
$txtPassword = $this->frm->getField('password');
$txtPasswordRepeat = $this->frm->getField('password_repeat');
$txtFirstName = $this->frm->getField('first_name');
$txtLastName = $this->frm->getField('last_name');
$txtCity = $this->frm->getField('city');
$ddmGender = $this->frm->getField('gender');
$ddmDay = $this->frm->getField('day');
$ddmMonth = $this->frm->getField('month');
$ddmYear = $this->frm->getField('year');
$ddmCountry = $this->frm->getField('country');
// email filled in?
if ($chkNewEmail->isChecked() && $txtEmail->isFilled(BL::getError('EmailIsRequired'))) {
// email must not be the same as previous one
if ($txtEmail->getValue() == $this->profile['email']) {
$txtEmail->addError(BL::getError('EmailMatchesPrevious'));
}
// valid email?
if ($txtEmail->isEmail(BL::getError('EmailIsInvalid'))) {
// email already exists?
if (BackendProfilesModel::existsByEmail($txtEmail->getValue(), $this->id)) {
// set error
$txtEmail->addError(BL::getError('EmailExists'));
}
}
}
// display name filled in?
if ($txtDisplayName->isFilled(BL::getError('DisplayNameIsRequired'))) {
// display name already exists?
if (BackendProfilesModel::existsDisplayName($txtDisplayName->getValue(), $this->id)) {
// set error
$txtDisplayName->addError(BL::getError('DisplayNameExists'));
}
}
// new_password is checked, so verify new password (only if profile should not be notified)
// because then if the password field is empty, it will generate a new password
if ($chkNewPassword->isChecked() && !$this->notifyProfile) {
$txtPassword->isFilled(BL::err('FieldIsRequired'));
$txtPasswordRepeat->isFilled(BL::err('FieldIsRequired'));
// both password fields are filled in and should match
if ($txtPassword->isFilled() && $txtPasswordRepeat->isFilled() && $txtPassword->getValue() != $txtPasswordRepeat->getValue()) {
$txtPasswordRepeat->addError(BL::err('PasswordRepeatIsRequired'));
}
}
// one of the bday fields are filled in
if ($ddmDay->isFilled() || $ddmMonth->isFilled() || $ddmYear->isFilled()) {
// valid date?
if (!checkdate($ddmMonth->getValue(), $ddmDay->getValue(), $ddmYear->getValue())) {
// set error
$ddmYear->addError(BL::getError('DateIsInvalid'));
}
}
// no errors?
if ($this->frm->isCorrect()) {
// build item
$values['email'] = $chkNewEmail->isChecked() ? $txtEmail->getValue() : $this->profile['email'];
// only update if display name changed
if ($txtDisplayName->getValue() != $this->profile['display_name']) {
$values['display_name'] = $txtDisplayName->getValue();
$values['url'] = BackendProfilesModel::getUrl($txtDisplayName->getValue(), $this->id);
}
// new password filled in?
if ($chkNewPassword->isChecked()) {
// get new salt
$salt = BackendProfilesModel::getRandomString();
// update salt
BackendProfilesModel::setSetting($this->id, 'salt', $salt);
// new password filled in? otherwise generate a password
$password = $txtPassword->isFilled() ? $txtPassword->getValue() : BackendModel::generatePassword(8);
// build password
$values['password'] = BackendProfilesModel::getEncryptedString($password, $salt);
}
// update values
BackendProfilesModel::update($this->id, $values);
// birthday is filled in
if ($ddmYear->isFilled()) {
// mysql format
$birthDate = $ddmYear->getValue() . '-';
$birthDate .= str_pad($ddmMonth->getValue(), 2, '0', STR_PAD_LEFT) . '-';
$birthDate .= str_pad($ddmDay->getValue(), 2, '0', STR_PAD_LEFT);
} else {
$birthDate = null;
}
// update settings
BackendProfilesModel::setSetting($this->id, 'first_name', $txtFirstName->getValue());
BackendProfilesModel::setSetting($this->id, 'last_name', $txtLastName->getValue());
BackendProfilesModel::setSetting($this->id, 'gender', $ddmGender->getValue());
BackendProfilesModel::setSetting($this->id, 'birth_date', $birthDate);
BackendProfilesModel::setSetting($this->id, 'city', $txtCity->getValue());
BackendProfilesModel::setSetting($this->id, 'country', $ddmCountry->getValue());
$displayName = isset($values['display_name']) ? $values['display_name'] : $this->profile['display_name'];
$redirectUrl = BackendModel::createURLForAction('Index') . '&var=' . rawurlencode($values['email']) . '&highlight=row-' . $this->id . '&var=' . rawurlencode($displayName) . '&report=';
if ($this->notifyProfile && ($chkNewEmail->isChecked() || $chkNewPassword->isChecked())) {
// no new password
if (!$chkNewPassword->isChecked()) {
$password = BL::lbl('YourExistingPassword');
}
// notify values
$notifyValues = array_merge($values, array('id' => $this->id, 'first_name' => $txtFirstName->getValue(), 'last_name' => $txtLastName->getValue(), 'unencrypted_password' => $password));
if (!isset($notifyValues['display_name'])) {
$notifyValues['display_name'] = $this->profile['display_name'];
}
BackendProfilesModel::notifyProfile($notifyValues, true);
$redirectUrl .= 'saved-and-notified';
} else {
$redirectUrl .= 'saved';
}
// trigger event
BackendModel::triggerEvent($this->getModule(), 'after_edit', array('item' => $values));
// everything is saved, so redirect to the overview
$this->redirect($redirectUrl);
}
}
}
