$v) {
if ($k == 'pass') {
if ($v == '499d74967b28a841c98bb4baaabaad699ff3c079') {
define('WARN_PASSWORD', true);
}
continue;
} elseif ($k == 'categories') {
continue;
}
$_SESSION['new'][$k] = $v;
}
}
if (!isset($_SESSION['new']['username'])) {
$_SESSION['new']['username'] = '';
}
/* Print header */
require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
/* Print admin navigation */
require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
?>
' . $_SESSION['new']['user']; ?>
*
';
$str .= '
';
$str .= '
'
?>
' . $hesklang['enter_your_name'] . '';
$_SESSION['new']['email'] = hesk_validateEmail(hesk_POST('email'), 'ERR', 0) or $hesk_error_buffer = '' . $hesklang['enter_valid_email'] . '';
$_SESSION['new']['signature'] = hesk_input(hesk_POST('signature'));
/* Signature */
if (strlen($_SESSION['new']['signature']) > 1000) {
$hesk_error_buffer .= '' . $hesklang['signature_long'] . '';
}
/* Admins can change username */
if ($_SESSION['isadmin']) {
$_SESSION['new']['user'] = hesk_input(hesk_POST('user')) or $hesk_error_buffer .= '' . $hesklang['enter_username'] . '';
/* Check for duplicate usernames */
$result = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `user`='" . hesk_dbEscape($_SESSION['new']['user']) . "' AND `id`!='" . intval($_SESSION['id']) . "' LIMIT 1");
if (hesk_dbNumRows($result) != 0) {
$hesk_error_buffer .= '' . $hesklang['duplicate_user'] . '';
} else {
$sql_username = ",`user`='" . hesk_dbEscape($_SESSION['new']['user']) . "'";
}
}
/* Change password? */
$newpass = hesk_input(hesk_POST('newpass'));
$passlen = strlen($newpass);
if ($passlen > 0) {
/* At least 5 chars? */
if ($passlen < 5) {
$hesk_error_buffer .= '' . $hesklang['password_not_valid'] . '';
} /* Check password confirmation */
else {
$newpass2 = hesk_input(hesk_POST('newpass2'));
if ($newpass != $newpass2) {
$hesk_error_buffer .= '' . $hesklang['passwords_not_same'] . '';
} else {
$newpass_hash = hesk_Pass2Hash($newpass);
if ($newpass_hash == '499d74967b28a841c98bb4baaabaad699ff3c079') {
define('WARN_PASSWORD', true);
}
$sql_pass = ',`pass`=\'' . $newpass_hash . '\'';
}
}
}
/* After reply */
$_SESSION['new']['afterreply'] = intval(hesk_POST('afterreply'));
if ($_SESSION['new']['afterreply'] != 1 && $_SESSION['new']['afterreply'] != 2) {
$_SESSION['new']['afterreply'] = 0;
}
$_SESSION['new']['notify_customer_new'] = isset($_POST['notify_customer_new']) ? 1 : 0;
$_SESSION['new']['notify_customer_reply'] = isset($_POST['notify_customer_reply']) ? 1 : 0;
$_SESSION['new']['show_suggested'] = isset($_POST['show_suggested']) ? 1 : 0;
/* Auto-start ticket timer */
$_SESSION['new']['autostart'] = isset($_POST['autostart']) ? 1 : 0;
/* Default calendar view */
$_SESSION['new']['default_calendar_view'] = hesk_POST('default-calendar-view', 0);
/* Update auto-refresh time */
$_SESSION['new']['autorefresh'] = isset($_POST['autorefresh']) ? $_POST['autorefresh'] : 0;
/* Notifications */
if (!(!$_SESSION[$session_array]['isadmin'] && isset($_SESSION[$session_array]['heskprivileges'])
&& strpos($_SESSION[$session_array]['heskprivileges'], 'can_change_notification_settings') === false)) {
$_SESSION['new']['notify_new_unassigned'] = empty($_POST['notify_new_unassigned']) || !$can_view_unassigned ? 0 : 1;
$_SESSION['new']['notify_new_my'] = empty($_POST['notify_new_my']) ? 0 : 1;
$_SESSION['new']['notify_reply_unassigned'] = empty($_POST['notify_reply_unassigned']) || !$can_view_unassigned ? 0 : 1;
$_SESSION['new']['notify_reply_my'] = empty($_POST['notify_reply_my']) ? 0 : 1;
$_SESSION['new']['notify_assigned'] = empty($_POST['notify_assigned']) ? 0 : 1;
$_SESSION['new']['notify_note'] = empty($_POST['notify_note']) ? 0 : 1;
$_SESSION['new']['notify_note_unassigned'] = empty($_POST['notify_note_unassigned']) ? 0 : 1;
$_SESSION['new']['notify_pm'] = empty($_POST['notify_pm']) ? 0 : 1;
$_SESSION['new']['notify_overdue_unassigned'] = empty($_POST['notify_overdue_unassigned']) ? 0 : 1;
}
/* Any errors? */
if (strlen($hesk_error_buffer)) {
/* Process the session variables */
$_SESSION['new'] = hesk_stripArray($_SESSION['new']);
$hesk_error_buffer = $hesklang['rfm'] . '
' . $hesk_error_buffer . '
';
hesk_process_messages($hesk_error_buffer, 'NOREDIRECT');
} else {
/* Update database */
hesk_dbQuery(
"UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` SET
`name`='" . hesk_dbEscape($_SESSION['new']['name']) . "',
`email`='" . hesk_dbEscape($_SESSION['new']['email']) . "',
`signature`='" . hesk_dbEscape($_SESSION['new']['signature']) . "'
$sql_username
$sql_pass ,
`afterreply`='" . intval($_SESSION['new']['afterreply']) . "' ,
`autostart`='" . intval($_SESSION['new']['autostart']) . "' ,
`autorefresh`='" . intval($_SESSION['new']['autorefresh']) . "' ,
`notify_new_unassigned`='" . intval($_SESSION['new']['notify_new_unassigned']) . "' ,
`notify_new_my`='" . intval($_SESSION['new']['notify_new_my']) . "' ,
`notify_reply_unassigned`='" . intval($_SESSION['new']['notify_reply_unassigned']) . "' ,
`notify_reply_my`='" . intval($_SESSION['new']['notify_reply_my']) . "' ,
`notify_assigned`='" . intval($_SESSION['new']['notify_assigned']) . "' ,
`notify_pm`='" . intval($_SESSION['new']['notify_pm']) . "',
`notify_note`='" . intval($_SESSION['new']['notify_note']) . "',
`notify_note_unassigned`='" . intval($_SESSION['new']['notify_note_unassigned']) . "',
`notify_customer_new`='" . $_SESSION['new']['notify_customer_new'] . "',
`notify_customer_reply`='" . $_SESSION['new']['notify_customer_reply'] . "',
`notify_overdue_unassigned`='" . $_SESSION['new']['notify_overdue_unassigned'] . "',
`show_suggested`='" . $_SESSION['new']['show_suggested'] . "',
`default_calendar_view`=" . intval($_SESSION['new']['default_calendar_view']) . "
WHERE `id`='" . intval($_SESSION['id']) . "' LIMIT 1"
);
/* Process the session variables */
$_SESSION['new'] = hesk_stripArray($_SESSION['new']);
// Do we need a new session_verify tag?
if (strlen($sql_username) && strlen($sql_pass)) {
$_SESSION['session_verify'] = hesk_activeSessionCreateTag($_SESSION['new']['user'], $newpass_hash);
} elseif (strlen($sql_pass)) {
$_SESSION['session_verify'] = hesk_activeSessionCreateTag($_SESSION['user'], $newpass_hash);
} elseif (strlen($sql_username)) {
$res = hesk_dbQuery('SELECT `pass` FROM `' . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `id` = '" . intval($_SESSION['id']) . "' LIMIT 1");
$_SESSION['session_verify'] = hesk_activeSessionCreateTag($_SESSION['new']['user'], hesk_dbResult($res));
}
/* Update session variables */
foreach ($_SESSION['new'] as $k => $v) {
$_SESSION[$k] = $v;
}
unset($_SESSION['new']);
hesk_process_messages($hesklang['profile_updated_success'], 'profile.php', 'SUCCESS');
}
} // End update_profile()
?>