From 8edabf647814a012307bbf68628e4656ecf89eff Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Wed, 30 Apr 2014 14:12:28 -0400
Subject: [PATCH] Merge remote-tracking branch 'ispc/master'

---
 interface/web/tools/user_settings.php |   64 +++++++++++++++++--------------
 1 files changed, 35 insertions(+), 29 deletions(-)

diff --git a/interface/web/tools/user_settings.php b/interface/web/tools/user_settings.php
index d663814..95018ac 100644
--- a/interface/web/tools/user_settings.php
+++ b/interface/web/tools/user_settings.php
@@ -38,8 +38,8 @@
 * End Form configuration
 ******************************************/
 
-require_once('../../lib/config.inc.php');
-require_once('../../lib/app.inc.php');
+require_once '../../lib/config.inc.php';
+require_once '../../lib/app.inc.php';
 
 //* Check permissions for module
 $app->auth->check_module_permissions('tools');
@@ -49,46 +49,52 @@
 $app->load('tform_actions');
 
 class page_action extends tform_actions {
-	
+
 	function onLoad() {
-                global $app, $conf, $tform_def_file;
+		global $app, $conf, $tform_def_file;
 
-                // Loading template classes and initialize template
-                if(!is_object($app->tpl)) $app->uses('tpl');
-                if(!is_object($app->tform)) $app->uses('tform');
+		// Loading template classes and initialize template
+		if(!is_object($app->tpl)) $app->uses('tpl');
+		if(!is_object($app->tform)) $app->uses('tform');
 
-                $app->tpl->newTemplate("tabbed_form.tpl.htm");
+		$app->tpl->newTemplate("tabbed_form.tpl.htm");
 
-                // Load table definition from file
-                $app->tform->loadFormDef($tform_def_file);
-				
-				// Importing ID
-                $this->id = $_SESSION['s']['user']['userid'];
-				$_POST['id'] = $_SESSION['s']['user']['userid'];
+		// Load table definition from file
+		$app->tform->loadFormDef($tform_def_file);
 
-                if(count($_POST) > 1) {
-                        $this->dataRecord = $_POST;
-                        $this->onSubmit();
-                } else {
-                        $this->onShow();
-                }
-        }
-	
+		// Importing ID
+		$this->id = $app->functions->intval($_SESSION['s']['user']['userid']);
+		$_POST['id'] = $_SESSION['s']['user']['userid'];
+
+		if(count($_POST) > 1) {
+			$this->dataRecord = $_POST;
+			$this->onSubmit();
+		} else {
+			$this->onShow();
+		}
+	}
+
 	function onInsert() {
 		die('No inserts allowed.');
 	}
-		
+
 	function onBeforeUpdate() {
 		global $app, $conf;
-		
-		if($_POST['passwort'] != $_POST['passwort2']) {
+
+		if($conf['demo_mode'] == true && $this->id <= 3) $app->tform->errorMessage .= 'This function is disabled in demo mode.';
+
+		if($_POST['passwort'] != $_POST['repeat_password']) {
 			$app->tform->errorMessage = $app->tform->lng('password_mismatch');
 		}
-		$_SESSION['s']['user']['language'] = $_POST['language'];
-		$_SESSION['s']['language'] = $_POST['language'];
+		if(preg_match('/[a-z]{2}/',$_POST['language'])) {
+			$_SESSION['s']['user']['language'] = $_POST['language'];
+			$_SESSION['s']['language'] = $_POST['language'];
+		} else {
+			$app->error('Invalid language.');
+		}
 	}
-	
-	
+
+
 }
 
 $page = new page_action;

--
Gitblit v1.9.1