Index: branches/5.3.x/core/units/users/users_event_handler.php =================================================================== diff -u -N -r15986 -r16111 --- branches/5.3.x/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 15986) +++ branches/5.3.x/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 16111) @@ -1,6 +1,6 @@ Application->isAdmin ) { - $fields = array_merge($fields, Array ('UserType', 'Status', 'EmailVerified', 'IsBanned')); - } - - return $fields; - } - - /** * Builds item (loads if needed) * * Pattern: Prototype Manager @@ -282,8 +262,7 @@ $object = $event->getObject( Array ('form_name' => 'login') ); /* @var $object kDBItem */ - $field_values = $this->getSubmittedFields($event); - $object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values)); + $object->SetFieldsFromHash($this->getSubmittedFields($event)); $username = $object->GetDBField('UserLogin'); $password = $object->GetDBField('UserPassword'); $remember_login = $object->GetDBField('UserRememberLogin') == 1; @@ -318,7 +297,7 @@ $ajax_form_helper = $this->Application->recallObject('AjaxFormHelper'); /* @var $ajax_form_helper AjaxFormHelper */ - $ajax_form_helper->transitEvent($event, 'OnLogin'); //, Array ('do_refresh' => 1)); + $ajax_form_helper->transitEvent($event, 'OnLogin'); } /** @@ -432,7 +411,7 @@ $this->Application->SetVar($event->getPrefixSpecial(true), Array ($object->GetID() => $field_values)); } - $object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values)); + $object->SetFieldsFromHash($field_values); $event->setEventParam('form_data', $field_values); $status = $object->isLoaded() ? $object->Update() : $object->Create(); @@ -656,8 +635,7 @@ $object = $event->getObject( Array ('form_name' => 'recommend') ); /* @var $object kDBItem */ - $field_values = $this->getSubmittedFields($event); - $object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values)); + $object->SetFieldsFromHash($this->getSubmittedFields($event)); if ( !$object->ValidateField('RecommendEmail') ) { $event->status = kEvent::erFAIL; @@ -703,8 +681,10 @@ $object->Load($id); } - $object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values)); $object->setID($id); + $object->SetFieldsFromHash($field_values); + $event->setEventParam('form_data', $field_values); + $object->Validate(); } @@ -726,8 +706,7 @@ $object = $event->getObject( Array ('form_name' => 'subscription') ); /* @var $object UsersItem */ - $field_values = $this->getSubmittedFields($event); - $object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values)); + $object->SetFieldsFromHash($this->getSubmittedFields($event)); if ( !$object->ValidateField('SubscriberEmail') ) { $event->status = kEvent::erFAIL; @@ -867,8 +846,7 @@ $object = $event->getObject( Array ('form_name' => 'forgot_password') ); /* @var $object kDBItem */ - $field_values = $this->getSubmittedFields($event); - $object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values)); + $object->SetFieldsFromHash($this->getSubmittedFields($event)); $user = $this->Application->recallObject('u.tmp', null, Array ('skip_autoload' => true)); /* @var $user UsersItem */ @@ -904,7 +882,7 @@ if ( strlen($email_or_username) ) { $object->SetError('ForgotLogin', $found ? 'reset_denied' : ($is_email ? 'unknown_email' : 'unknown_username')); - } + } if ( !$object->ValidateField('ForgotLogin') ) { $event->status = kEvent::erFAIL; @@ -1109,9 +1087,11 @@ $object = $event->getObject( Array ('skip_autoload' => true) ); /* @var $object kDBItem */ - $object->setID($id); $object->IgnoreValidation = true; - $object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values)); + + $object->setID($id); + $object->SetFieldsFromHash($field_values); + $event->setEventParam('form_data', $field_values); } /** @@ -1175,6 +1155,10 @@ // this way we can have 2+ objects stating with same special, e.g. "u.login-sidebox" and "u.login-main" return USER_GUEST; } + elseif ( preg_match('/^(update|delete)/', $event->Special) ) { + // This way we can have 2+ objects stating with same special, e.g. "u.update-sidebox" and "u.update-profile". + return $this->Application->RecallVar('user_id'); + } return parent::getPassedID($event); } @@ -1220,8 +1204,10 @@ $this->RemoveRequiredFields($object); $object->SetDBField('RootPassword', $this->Application->ConfigValue('RootPass')); - $object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values)); + $object->setID(-1); + $object->SetFieldsFromHash($field_values); + $event->setEventParam('form_data', $field_values); if ( $object->Validate() ) { // validation on, password match too @@ -1237,10 +1223,11 @@ } } else { - $object =& $event->getObject(); - /* @var $object kDBItem */ + /** @var kDBItem $object */ + $object = $event->getObject(); - $object->SetFieldsFromHash($field_values, $this->getRequestProtectedFields($field_values)); + $object->SetFieldsFromHash($field_values); + $event->setEventParam('form_data', $field_values); if ( !$object->Update() ) { $event->status = kEvent::erFAIL;