public function save($params)
{
$force = false;
if (defined('MW_FORCE_USER_SAVE')) {
$force = MW_FORCE_USER_SAVE;
} elseif ($this->force_save) {
$force = $this->force_save;
} elseif (mw_var('force_save_user')) {
$force = mw_var('force_save_user');
}
if (!$force) {
if (defined('MW_API_CALL') and mw_is_installed() == true) {
if (isset($params['is_admin']) and $this->is_admin() == false and !is_null(User::first())) {
unset($params['is_admin']);
}
}
}
if ($force == false) {
if (isset($params['id']) and $params['id'] != 0) {
$adm = $this->is_admin();
if ($adm == false) {
$is_logged = user_id();
if ($is_logged == false or $is_logged == 0) {
return array('error' => 'You must be logged to save user');
} elseif (intval($is_logged) == intval($params['id']) and intval($params['id']) != 0) {
// the user is editing their own profile
} else {
return array('error' => 'You must be logged to as admin save this user');
}
}
} else {
if (defined('MW_API_CALL') and mw_is_installed() == true) {
$adm = $this->is_admin();
if ($adm == false) {
$params['id'] = $this->id();
$is_logged = user_id();
if (intval($params['id']) != 0 and $is_logged != $params['id']) {
return array('error' => 'You must be logged save your settings');
}
} else {
if (!isset($params['id'])) {
$params['id'] = $this->id();
}
}
}
}
}
$data_to_save = $params;
if (isset($data_to_save['id']) and $data_to_save['id'] != 0 and isset($data_to_save['email']) and $data_to_save['email'] != false) {
$old_user_data = $this->get_by_id($data_to_save['id']);
if (isset($old_user_data['email']) and $old_user_data['email'] != false) {
if ($data_to_save['email'] != $old_user_data['email']) {
if (isset($old_user_data['password_reset_hash']) and $old_user_data['password_reset_hash'] != false) {
$hash_cache_id = md5(serialize($old_user_data)) . uniqid() . rand();
$data_to_save['password_reset_hash'] = $hash_cache_id;
}
}
}
}
if (isset($data_to_save['email']) and isset($data_to_save['id'])) {
$email = trim($data_to_save['email']);
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
$check_existing = array();
$check_existing['email'] = $email;
$check_existing['single'] = 1;
$check_existing = $this->get_all($check_existing);
if (isset($check_existing['id']) and $check_existing['id'] != $data_to_save['id']) {
return array('error' => 'User with this email already exists! Try different email address!');
}
}
}
if (isset($params['id']) and intval($params['id']) != 0) {
$user = User::find($params['id']);
} else {
$user = new User();
}
$id_to_return = false;
$data_to_save = $this->app->format->clean_xss($data_to_save);
if ($user->validateAndFill($data_to_save)) {
$save = $user->save();
if (isset($user->id)) {
$data_to_save['id'] = $params['id'] = $user->id;
}
if (isset($data_to_save['username']) and $data_to_save['username'] != false and isset($data_to_save['id']) and $data_to_save['id'] != false) {
$check_existing = array();
$check_existing['username'] = $data_to_save['username'];
$check_existing['single'] = 1;
$check_existing = $this->get_all($check_existing);
if (isset($check_existing['id']) and $check_existing['id'] != $data_to_save['id']) {
return array('error' => 'User with this username already exists! Try different username!');
}
}
if (isset($params['attributes']) or isset($params['data_fields'])) {
$params['extended_save'] = true;
}
if (isset($params['extended_save'])) {
if (isset($data_to_save['password'])) {
unset($data_to_save['password']);
}
if (isset($data_to_save['id'])) {
$data_to_save['table'] = 'users';
$this->app->database_manager->extended_save($data_to_save);
}
}
if (isset($params['id']) and intval($params['id']) != 0) {
$id_to_return = intval($params['id']);
} else {
$id_to_return = DB::getPdo()->lastInsertId();
}
$params['id'] = $id_to_return;
$this->app->event_manager->trigger('mw.user.save', $params);
} else {
return array('error' => 'Error saving the user!');
}
$this->app->cache_manager->delete('users' . DIRECTORY_SEPARATOR . 'global');
$this->app->cache_manager->delete('users' . DIRECTORY_SEPARATOR . '0');
$this->app->cache_manager->delete('users' . DIRECTORY_SEPARATOR . $id_to_return);
return $id_to_return;
}