Created
August 27, 2012 23:36
-
-
Save mike-marcacci/3493402 to your computer and use it in GitHub Desktop.
Hacked /system/expressionengine/modules/member/mod.member_settings.php allows Socialee users to change their screen names. Changes are noted by comments.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// ------ Line 1365 --------- | |
/** | |
* Username/Password Update | |
*/ | |
function update_userpass() | |
{ | |
$this->EE->load->library('auth'); | |
// BEGIN HACK to get Socialee working! | |
$socialee_group_id = $this->EE->db->query("SELECT preference_value FROM exp_socialee_preferences WHERE preference_name = 'group_id' LIMIT 1"); | |
$socialee_group_id = $socialee_group_id->result_array(); | |
$socialee_group_id = $socialee_group_id[0]['preference_value']; | |
$uses_socialee = ($socialee_group_id == $this->EE->session->userdata('group_id')); | |
if($uses_socialee) $_POST['current_password'] = " "; | |
// END HACK | |
// Safety. Prevents accessing this function unless | |
// the request came from the form submission | |
if ( ! $this->EE->input->post('current_password')) | |
{ | |
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('current_password_required'))); | |
} | |
$query = $this->EE->db->select('username, screen_name, password') | |
->get_where('members', array( | |
'member_id' => (int) $this->EE->session->userdata('member_id') | |
)); | |
if ( ! $query->num_rows()) | |
{ | |
return FALSE; | |
} | |
if ($this->EE->config->item('allow_username_change') != 'y') | |
{ | |
$_POST['username'] = $query->row('username'); | |
} | |
// If the screen name field is empty, we'll assign it | |
// from the username field. | |
if ($_POST['screen_name'] == '') | |
{ | |
$_POST['screen_name'] = $_POST['username']; | |
} | |
if ( ! isset($_POST['username'])) | |
{ | |
$_POST['username'] = ''; | |
} | |
// Validate submitted data | |
if ( ! class_exists('EE_Validate')) | |
{ | |
require APPPATH.'libraries/Validate.php'; | |
} | |
$VAL = new EE_Validate( | |
array( | |
'member_id' => $this->EE->session->userdata('member_id'), | |
'val_type' => 'update', // new or update | |
'fetch_lang' => TRUE, | |
//'require_cpw' => TRUE, // original | |
'require_cpw' => !$uses_socialee, // HACK for Socialee | |
'enable_log' => FALSE, | |
'username' => $_POST['username'], | |
'cur_username' => $query->row('username') , | |
'screen_name' => $_POST['screen_name'], | |
'cur_screen_name' => $query->row('screen_name') , | |
'password' => $_POST['password'], | |
'password_confirm' => $_POST['password_confirm'], | |
'cur_password' => $_POST['current_password'] | |
) | |
); | |
$VAL->validate_screen_name(); | |
if ($this->EE->config->item('allow_username_change') == 'y') | |
{ | |
$VAL->validate_username(); | |
} | |
if ($_POST['password'] != '') | |
{ | |
$VAL->validate_password(); | |
} | |
// Display validation errors if there are any | |
if (count($VAL->errors) > 0) | |
{ | |
return $this->EE->output->show_user_error('submission', $VAL->errors); | |
} | |
// Finally, and most important of all, was their | |
// current password submitted correctly? | |
if (!$uses_socialee) // HACK for Socialee | |
if (! $this->EE->auth->authenticate_id( | |
(int) $this->EE->session->userdata('member_id'), | |
$this->EE->input->post('current_password'))) | |
{ | |
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('current_password_incorrect'))); | |
} | |
/** ------------------------------------- | |
/** Update "last post" forum info if needed | |
/** -------------------------------------*/ | |
if ($query->row('screen_name') != $_POST['screen_name'] AND $this->EE->config->item('forum_is_installed') == "y" ) | |
{ | |
$this->EE->db->query("UPDATE exp_forums SET forum_last_post_author = '".$this->EE->db->escape_str($_POST['screen_name'])."' WHERE forum_last_post_author_id = '".$this->EE->session->userdata('member_id')."'"); | |
$this->EE->db->query("UPDATE exp_forum_moderators SET mod_member_name = '".$this->EE->db->escape_str($_POST['screen_name'])."' WHERE mod_member_id = '".$this->EE->session->userdata('member_id')."'"); | |
} | |
/** ------------------------------------- | |
/** Assign the query data | |
/** -------------------------------------*/ | |
$data['screen_name'] = $_POST['screen_name']; | |
if ($this->EE->config->item('allow_username_change') == 'y') | |
{ | |
$data['username'] = $_POST['username']; | |
} | |
// Was a password submitted? | |
$pw_change = ''; | |
if ($_POST['password'] != '') | |
{ | |
$this->EE->auth->update_password($this->EE->session->userdata('member_id'), | |
$this->EE->input->post('password')); | |
$pw_change = $this->_var_swap($this->_load_element('password_change_warning'), | |
array('lang:password_change_warning' => $this->EE->lang->line('password_change_warning')) | |
); | |
} | |
$this->EE->db->query($this->EE->db->update_string('exp_members', $data, "member_id = '".$this->EE->session->userdata('member_id')."'")); | |
/** ------------------------------------- | |
/** Update comments if screen name has changed | |
/** -------------------------------------*/ | |
if ($query->row('screen_name') != $_POST['screen_name']) | |
{ | |
$this->EE->db->query($this->EE->db->update_string('exp_comments', array('name' => $_POST['screen_name']), "author_id = '".$this->EE->session->userdata('member_id')."'")); | |
$this->EE->session->userdata['screen_name'] = stripslashes($_POST['screen_name']); | |
} | |
/** ------------------------------------- | |
/** Success message | |
/** -------------------------------------*/ | |
return $this->_var_swap($this->_load_element('success'), | |
array( | |
'lang:heading' => $this->EE->lang->line('username_and_password'), | |
'lang:message' => $this->EE->lang->line('mbr_settings_updated').$pw_change | |
) | |
); | |
} | |
// ------ many more lines below this --------- | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment